Your privacy is very important to us and this Privacy Notice will advise you on how we collect, use, process and store the personal information we collect about you.
In this Notice, the use of “we”, “us” and “our” refers to Barnes Marine Units Ltd is the controller of your personal information and is registered as a Data Controller with the Information Commissioner’s Office. Our registration number is 1321482
Please read this notice in conjunction with our Terms and Conditions of Booking; these are available here https://www.barnesbrinkcraft.co.uk/media/docs/BB2015-16TCsv2.pdf
You can access this Privacy Notice from the ‘privacy’ link at the bottom of every page on our website.
1. Collection and Use of Information
1.1 How we collect information
We collect information about you via a number of different methods, including:When you book, or enquire about booking a holiday directly with us
When you book a holiday through one of our Booking Agents
When you hire any of our day boats or other day hire craft
When you complete a form on our website or send us an email
When you request a brochure or other information from us
From third parties, we may ask for information about you from third parties, for example when we get authorisation for a payment you make using a credit or debit card
1.2. Booking a holiday
When booking a holiday directly with us, we collect the following personal information to enable us to administer and provide your holiday:
Your name, address, telephone number, date of birth, gender and email address
The name, address, date of birth and gender of your party members
We will also record your consent for receiving marketing information
We collect the date of birth and gender of you and your party members so that we can ascertain the composition of your party for insurance and administrative reasons.
1.3 Phone calls
We may record telephone calls for security, training and quality purposes. Calls to our 24-hour support number are sometimes recorded.
1.4 Booking a holiday via a Booking Agent
If you book a holiday via a Booking Agent, the Agent will request all of the information detailed in ‘1.2 Booking a holiday’. The Booking Agent may also request additional personal information. Please also review the Privacy Notice of the Booking Agent.
Our list of Booking Agents is provided below:
Gordon Tours – www.gordontours.com
Hoseasons – https://www.hoseasons.co.uk
Waterways Holidays – www.waterwaysholidays.com
1.5 Day hire craft
When you book day hire craft from us, we will collect and store the following information:
Your name, address, contact telephone number and email address
We will also record your consent for receiving marketing information
2. How do we use your Personal Information
The information that you provide to us will be used:
To process your booking and to provide you with information about your holiday
To identify your eligibility for, and to provide you with any offers or discounts, based upon your previous booking history
At your request, to provide you with brochures and other marketing materials.
For statistical purposes when we evaluate our services
To manage customer service requests
To provide any other information that you may have requested
We will not send you any marketing information unless you explicitly opt into receiving this information.
You can opt-in to receiving marketing information at the time of booking your holiday, or by informing our Booking Office of your request.
You can opt-out of receiving marketing information by contacting us, or by clicking the ‘unsubscribe’ link in any email that you receive, or visiting www.barnesbrinkcraft.co.uk/unsubsribe
3. How do we store your information
Your personal information is stored within a booking system provided by Paston Chase Limited who act as a Data Processor. Paston Chase Limited can only process your Personal Information in accordance with the specific instructions given by us Paston Chase Limited are also required to implement appropriate technical and organisational measures to protect your information from unauthorised or unlawful processing and against accidental loss, destruction, damage, alteration or disclosure.
Your personal information is also stored by us in paper form and electronically on our internal computers and servers.
In the event of you cancelling your holiday with us, we may request and process sensitive personal information about you or the affected party member(s). This information is only retained for as long as necessary to process the cancellation and this information is then disposed of in a secure manner.
All telephone call recordings are handled by our phone system which is provided by Gamma Networks. Telephone recordings are stored within UK based data centres and a copy of call recordings may be stored on our internal servers.
We do not store any payment card information. When booking online, our customer are redirected to WorldPay – our payment provider – and they process online payments on our behalf. We only retain a reference of the transaction and the last 4 digits of the payment card used. Payments made via telephone are entered directly into our payment provider’s system for immediate approval.
4. How do we protect your information
We take all reasonable steps to protect and secure the personal information that we hold.
All staff members who handle personal information are required to undertake Data Protection and Information Security awareness training during their induction and then at yearly intervals.
All communications with our website and booking system are encrypted using Transport Layer Security (TLS). TLS is used to protect and encrypt the connection between your web browser and our website.
5. Who we share your personal information with
We may share your information if we are required by law or to help provide our services to you. This may include sharing certain information with:
Our group of companies
Other third parties where you have given your consent to the disclosure
Our insurance companies in cases of accident, injury or other claims.
The emergency services and the Broads Authority
Other law enforcement and Government agencies
5.1 Third Party Service Providers
We use a number of third party service providers which enable us to offer our services to you.
These providers will maintain their own connection logs, which will include the IP address of the connecting device, along with the date and time. The third party services may also process and store personal information on their servers.
These third party services providers may store and process information in countries outside of the European Economic Area.
6. Cookies and tracking
Cookies are text files placed onto your computer that are used to collect and retain information about how you interact with our websites, communications and services.
Tracking visitor use of the website and to compile statistical reports on website
The use of session cookies which enable us to provide the online checkout and My Booking services to customers
To show relevant ads to you when you have visited our website
We also use ‘web beacons’ (also known as tracking pixels) and code snippets to track user interaction with our website. We would use these in cases where a user has clicked on an advert and we wanted to track whether that ‘click’ converted into a confirmed booking or potential lead.
The Information Commissioner’s Office provides further information about cookies, including advice on how to block cookies: https://ico.org.uk/for-the-public/online/cookies
7. How long we keep your information
We will not keep your personal information for longer than necessary for our business purposes.
If you have signed up to receive our newsletters we will keep your information until you unsubscribe. You can unsubscribe at anytime by clicking here, clicking the link at the bottom of our newsletters or by contacting us on 01603 782625 email@example.com
As a customer you are entitled to loyalty discount if you book another holiday directly with us within 4 years of the last holiday. For this reason, we will retain your personal information and may contact you about our services during this time, if you have not opted out of receiving marketing communications.
For accounting reasons, your booking history will be held in paper form for a period of 6 years from the end of the financial year following the date that your holiday commenced. After this period the information will be securely destroyed by an accredited shredding provider before being recycled.
Our financial year runs from the 1st March until 28th February.
8. Access to your Personal Information
You have a right to request access to any personal information that we hold about you. This type of request is known as a ‘Subject Access Request’. If you would like a copy of some or all of your personal information that we hold about you, please email or write to us using the contact details provided at the bottom of this Notice. Unless the request is unfounded and excessive, there will be no charge for this service and we will respond to your request within 30 days.
We want to ensure that your personal information is up to date. If you feel that any of the personal information that we hold about you may be incorrect or inaccurate, please contact us to allow us to rectify this issue.
9. Links to third party websites
This Privacy Notice does not apply to any third party websites that this website links to. You are advised to read any privacy policies that may be applicable to third party websites.
10. Changes to this Privacy Notice
We keep our Privacy Notice under regular review and we will place any updates on this page. We will endeavour to make any changes or additions clearly distinguishable, along with showing the date that any changes come into force.
This Privacy Notice was last updated: 30th Nov 2018.
11. How to contact us
Please contact us if you have any questions about our Privacy Notice or the information that we hold about you:
Email us at firstname.lastname@example.org
Write to us at: Data Protection Officer, Barnes Brinkcraft, Riverside Road, Wroxham, Norwich, Norfolk NR128UD
If you wish to register a complaint about how we handle your Personal Information, you can contact the Information Commissioners Office who are the Supervisory Authority for Data Protection in the United Kingdom.
Contact details for the Information Commissioners Office are located on their website: https://ico.org.uk/concerns/