Privacy Policy

PRIVACY & COOKIES POLICY

Great Escapes Diving Holidays Limited is committed to protecting and respecting your privacy.

This policy sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed by us. Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it.

Categories of data: Personal data and special categories of personal data

Personal data – The GDPR applies to ‘personal data’ meaning any information relating to an identifiable person who can be directly or indirectly identified in particular by reference to an identifier (as explained in Article 6 of GDPR). For example name, passport number, home address or private email address. Online identifiers include IP addresses and cookies.

Special categories personal data – The GDPR refers to sensitive personal data as ‘special categories of personal data’ (as explained in Article 9 of GDPR). The special categories specifically include genetic data, and biometric data where processed to uniquely identify an individual.

Processing – means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

Who are we?
Great Escapes Diving Holidays is the data controller. This means we decide how your personal data is processed and for what purposes. Our contact details are: Great Escapes Diving Holidays, Westerfield Business Centre, Main Road, Westerfield, Suffolk IP6 9AB. For all data matters contact our Data Representatives; Mr Chris Bell on chris@greatescapesdiving.com or Mr Graham Tyte on graham@greatescapesdiving.com or phone +44 1473921888.

The purpose(s) of collecting your personal data

We collect your personal data for the following purposes:

1. To identify you.
2. To communicate with you once you have enquired or booked a holiday and to advise of special offers and exclusive trips (if consent is granted).
3. To process bookings with our travel partners such as airlines and suppliers that require your data in order to confirm the booking.
4. To take payments for products and services.

With your consent, we will use, store and transfer relevant data that is essential to the booking process.

The categories of personal data concerned
With reference to the categories of personal data described in the definitions section, we process the following categories of your data:

Personal data – Full name, address, phone number, email address, date(s) of birth, passport information, dive qualifications, number of dives, date of last dive, payment information (destroyed after use), emergency contact information and dive/travel insurance.

Special categories of data – Health data (if necessary to particular diving holidays)

What is our legal basis for processing your personal data?
To enter into a contract with us to comply with our legal obligation with suppliers. To keep our records updated and recover debts owed to us if necessary.

More information on lawful processing can be found on the ICO website. 

Sharing your personal data
Your personal data will be treated as strictly confidential, and will be shared only with the relevant suppliers that we book as part of your holiday package. If you enter a competition that we are running through one of our suppliers then they will keep the information you have provided on the entry form and you will be emailed newsletters and special offers which you can opt out of.

Handling payment details
We will collect payments either over the phone or by bank transfer from you and we will responsibly dispose of card payment details taken once the payment has been made. We take payments in-house and do not provide our travel partners with your payment details.

Cookies
Our website uses cookies to distinguish you from other users of our website. This helps us to provide you with a good experience when you browse our website and also allows us to improve our site. By continuing to browse the site, you are agreeing to our use of cookies.

We use the following cookies:

Analytical/performance cookies – They allow us to recognise and count the number of visitors and to see how visitors move around our website when they are using it. This helps us to improve the way our website works, for example, by ensuring that users are finding what they are looking for easily.

We do not collect any personal data through cookies other than the information required on the Enquiry form.

How long do we keep your personal data for
We will store personal data for as long as it is necessary to fulfil a booking as well as comply with legal obligations. When a client has booked a holiday it is necessary to keep basic booking information for tax and accounting purposes for a total of 7 years.

Your rights and your personal data
Unless subject to an exemption under the GDPR, you have the following rights with respect to your personal data:

• The right to request a copy of the personal data which we hold about you;
• The right to request that we correct any personal data if it is found to be inaccurate or out of date;
• The right to request your personal data is erased where it is no longer necessary to retain such data;
• The right to request that we provide you with your personal data and where possible, to transmit that data directly to another data controller, (known as the right to data portability), (where applicable i.e. where the processing is based on consent or is necessary for the performance of a contract with the data subject and where the data controller processes the data by automated means);
• The right, where there is a dispute in relation to the accuracy or processing of your personal data, to request a restriction is placed on further processing;
• The right to object to the processing of personal data, (where applicable i.e. where processing is based on legitimate interests (or the performance of a task in the public interest/exercise of official authority); direct marketing and processing for the purposes of scientific/historical research and statistics).

Transfer of Data Abroad
The majority of our suppliers are based outside of the European Economic Area (EEA), so the processing of your data will be conducted overseas when they are used as suppliers for your holiday booking. We will provide those suppliers with the information they require to legally fulfil a booking on your behalf. You acknowledge that when your personal data is required to be given to suppliers outside of the EEA that you give us permission to do so. You also acknowledge that where your personal data is transferred outside of the EEA that controls on data protection may not be as wide ranging as the legal requirements within the EEA. 

Automated Decision Making
We do not use any form of automated decision making in our business.

Further processing
If we wish to use your personal data for a new purpose, not covered by this Data Privacy Notice, then we will provide you with a new notice explaining this new use prior to commencing the processing and setting out the relevant purposes and processing conditions.

Changes to our privacy policy
Any changes we may make to our privacy policy in the future will be posted on this page and, where appropriate, notified to you by e-mail. Please check back frequently to see any updates or changes to our privacy policy.