- First, some legal statements
By continuing to use this website, you warrant to us that you are over the age of 13 years (or that you are the age of majority in your country or province of residence), and you have given us your consent to allow any of your minor dependents to use this site.
Please help us to keep our records up to date by letting us know if your personal information changes – please email any updates to us at firstname.lastname@example.org.
- Who are we?
Full name of legal entity: Thomas Benjamin, trading as “Go Cotswolds”
Email address: email@example.com
Postal address: 26 Roman Way, Alcester, Warwickshire B49 5HB, UK
Telephone number: 07786920166
- What do we mean by “personal data”?
“Personal data” means any information that can be used to identify an individual person. Examples include your name, address, email address, telephone number, demographic information and other personal information. It does not include anonymised data.
- How do we collect/receive your personal data?
We may receive personal data in cases where enquiries, bookings or reservations are made using a service other than the Go Cotswolds website, e.g. by telephone, email, a tourist information centre, referral from other companies or agents, or via approved ticket resellers such as TripAdvisor Experiences/Viator.
We may also receive data from third parties such as analytics providers such as Google based outside of the EU; advertising networks such as Facebook based outside of the EU; search information providers such as Google based outside of the EU; and providers of technical, communication and payment services, such as data brokers or aggregators.
We may also receive data from publicly availably sources such as Companies House and the Electoral Register based inside the EU.
- Why and how do we process your personal data?
For communication purposes
When you contact us, for example by sending us an email, submitting a message via the contact form on our website, telephoning us, sending a message via social media, or using SMS or a messenger service, we process data such as your name, address, email address and telephone number so that we can communicate with you, keep records about your enquiry or booking, and so that we are able to pursue or defend any legal claims.
For contractual purposes
When you make a reservation or purchase through the Go Cotswolds website, we process customer data including your name, title, billing address, email address, phone number, contact details, purchase details and your card details, which are necessary for us to receive and validate your payment, to enter into a service contract with you, and to keep records of such contracts.
For administration purposes
We process user data about how you use our website or other online services that connect to our website (for example social media services). We do this so that we can properly administrate our website and online services, ensure that our website is kept secure, and to maintain back-ups of our website and/or databases in the event of website failure so that we can continue to operate our business effectively.
For technical purposes
Through our use of analytical services we process technical data that provide us with information about how you use our website and online services. These data include things like your IP address, which Internet browser you are using, how long you spend on each page of our website, which pages you visit, the order in which you navigate through the pages of our website, how many times you visit our site, which time zone you are on, and which devices you use to access our site. We process this data to administer and safeguard our website and business, and to analyse the ways in which visitors use our site and services so that we can deliver relevant content, implement changes that improve the user experience and develop our marketing strategy.
For marketing purposes
We process data about your marketing preferences, including your subscription to newsletters and promotional information, and ‘follows’ and ‘likes’ on social media profiles. We do this so that we can send or share with you relevant promotional or informational materials where you have consented to receive this, to enable you to take part in competitions and promotions, to deliver relevant website content and advertisements, and to assess the impact of this advertising, so that we can deliver an effective marketing strategy to develop and grow our business.
Where permitted by law, some of the data described above may be processed without your knowledge or consent.
- Sensitive data
“Sensitive data” includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation or gender identity, political views, trade union membership, health status or conditions, genetic or biometric data, criminal convictions and offences. We do not and have no need to collect, process or use such sensitive data.
- How do we use your personal data?
In line with the data processing information outlined in section 5, we will only use your personal data for the purpose for which it was collected, or for or a reasonably compatible purpose if necessary.
7.1 Marketing communications
To help grow our business, deliver effective services to our customers, and in line with Privacy and Electronic Communications Regulations, we may send marketing communications to you if you made a purchase or have asked us for information about our goods and services and you have expressly given your consent to receive such communications. You may opt-out of these marketing communications at any time by using the unsubscribe link provided in the email, or by making a request in writing to firstname.lastname@example.org.
Under these regulations, if you are a limited company we may send you marketing emails without your consent, but you remain free to opt-out at any time as described above.
We will always obtain your express consent to share your personal data with third parties for their own marketing purposes, and you can always opt out of these third party communications at any time by contacting us or the third party concerned.
Opting out of receiving marketing communications does not apply to personal data provided as a result of other transactions, such as purchases, warranty registrations etc.
- Disclosures of your personal data
We never sell the personal data you voluntarily provide to us. We may share your personal data for specified purposes and in accordance with our instructions with:
- IT and administration services or payment processing services such as Stripe or PayPal
- Professional advisers including lawyers, bankers, auditors and insurers
- Government bodies that require us to report processing activities.
- Third parties to whom we sell, transfer, or merge parts of our business or our assets.
Where personal data is shared with third parties, we insist that the third party protects and respects the security of your personal data and treats it in accordance with the law.
- International transfer of data
Unless meeting certain criteria, European law prohibits the transfer of data collected and processed within the European Economic Area (EEA) to countries outside of the EEA who might not offer the same levels of protection to your personal data.
Some of our third party service providers are based outside of the EEA so their processing of your personal data will involve a transfer of data outside the EEA.
Whenever personal data is transferred out of the EEA, we do our best to ensure a similar degree of data security by ensuring at least one of the following safeguards:
- Personal data is transferred only to countries approved by the European Commission
- Personal data is transferred only to service providers with whom we have a specific contract or code of conduct in place to afford your personal data the same protections it has in Europe
- Personal data is transferred to US-based service providers that are part of EU-US Privacy Shield, which affords your data the equivalent protections it has in Europe.
In the rare event that none of the above safeguards is available, we may request your explicit consent to the specific transfer. You have the right to withdraw this consent at any time.
- Data security
We have established security measures against the accidental loss, use, alteration, disclosure or unauthorised access of your personal data. Only employees and partners with a business need-to-know such data have access to it and are obliged to keep it confidential.
- Data retention
We only retain your personal data for as long as is necessary to fulfil the purposes for which we collected it in the first place, including for the purposes of satisfying any legal, accounting, or reporting requirements.
For tax purposes, the law requires us to keep basic customer information for six years after they cease to become customers.
We may continue to use personal data indefinitely and without further notice to you so long as it is in an anonymised form for research or statistical purposes.
- Your legal rights
Data protection laws state that you have rights to your personal data including the right to request access to it; its correction, erasure, restriction or transfer; to object to the processing or portability of your data and, where consent is required, to withdraw consent. Please see https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/individual-rights/ for more information about your rights and contact us at email@example.com if you wish to exercise any of these rights.
There is no fee to access your personal data (or to exercise any of the other rights), but we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. We may also refuse to comply with your request in these circumstances.
To confirm your right to request access to your personal data, or to exercise any of your other rights in this regard, we may request specific information from you as a security measure to confirm your identity. We may also contact you to ask you for further information in relation to your request to speed up our response.
We try to respond to all legitimate requests within one calendar month, though if your request is complex or you have made several requests this may take longer and we will notify you.
You have the right to complain to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues (www.ico.org.uk) if you are not happy with how we collect and use your data. However, please contact us before you contact the ICO to give us the opportunity to resolve your issue directly.
- Third-party links
This website includes links to third party websites, plug-ins and applications over which we have no control in terms of privacy and data sharing. Clicking these links or using these applications may allow third parties to collect or share data about you. Please read the privacy statements made by each of these third parties when using their services.