The policy sets out the different areas where user privacy is concerned and outlines the obligations & requirements of the users, the website and website owners. Furthermore the way this website processes, stores and protects user data and information will also be detailed within this policy.
Why you should read this policy
For the purposes of the General Data Protection Regulation and all other relevant legislation, Star Tours UK Limited (‘we’ or ‘us’) is the ‘data controller’ (ie the company who is responsible for, and controls the processing of, your personal data).
Personal data we may collect about you / Information that you provide
Personal information about you (such as your name, email address, phone number) will be obtained, whenever you complete forms on the Website, by email, or in person.
We will also obtain personal information you provide when you send feedback, post material, contact us for any reason and by any medium, sign up to a service, make purchases through the website, share information via the Website’s social media functions, enter a competition, complete a survey or report a problem with the Website.
We may ask you to provide sensitive personal data from time to time. If such data is requested, you will be given additional information as to why the sensitive personal data is being requested and how it will be used.
We may retain a record of any contact you make with us.
Personal Information about other individuals
If you give us information on behalf of someone else, you confirm that the other person has appointed you to act on his/her behalf and has agreed that you can:
give consent on his/her behalf to the processing of his/her data;
receive on his/her behalf and data protection notices;
give consent to any transfer of his/her data;
Information from third parties
Occasionally we may receive information about you from other sources (such as Banking institutions), which will be added to the information already held about you in order for us to help supply our services and products to you.
Information that will be collected automatically
Device information: We may also collect information about your device each time you use the Website.
Location data: We may also collect information to determine your location using GPS technology or such other location tracking software we may use from time to time. Some of the features of the Website may require access to such location data to work. If you would like to use any such feature, you will be asked to consent to provide such location information. You can withdraw your consent to providing this information at any time by emailing us.
How your personal data will be used
We will use your personal data for the following purposes:
- to help identify you and any accounts you hold with Star Tours;
- research, statistical analysis and behavioural analysis;
- customer profiling and analysing your purchasing preferences;
- marketing—see 'Marketing and opting out', below;
- fraud prevention and detection;
- billing and order fulfilment for purchases made through the Website;
- credit scoring and credit checking—see 'Credit checking', below;
- customising the Website and its content to your particular preferences;
- to notify you of any changes to the Website or to our services or products that may affect you;
- improving our services and products.
What is our lawful basis or ground for using your personal data?
Under laws that are designed to protect your personal data, we need to have what is called a lawful basis or ground each time we use, share or otherwise process your personal data.
We may also need to process your personal data to comply with any legal obligations which may be applicable. Likewise, we may process your personal data where this is in the public interest or it is to protect your vital interests, but this will only be in rare circumstances.
In most cases, our processing of your personal data is necessary for the performance of our services to you.
Certain uses of your personal data, or other processing activities, may not be strictly necessary to perform our services to you, however, they may be necessary for the purposes of our legitimate interests or the legitimate interests of a third party. They may also be in your interests.
When we say "legitimate interests", we mean our (or a third party's) interests in enabling us to provide our services to you as efficiently and securely as possible. For example, we may choose to use a third party to store your personal data; we may do this in part because our use of that service means that your personal data is more secure.
Marketing and opting out
If you have provided your consent to receive news, special offers or promotions from us, we may contact you by mail, telephone, sms, text/picture/video message, email, about products, services, promotions, special offers and charitable causes that may be of interest to you.
We may share your personal data with organisations who are our business partners and we or they may contact you (unless you have asked us or them not to do so) by mail, telephone, sms, text/picture/video message, email, about products, services, promotions, special offers and charitable causes that may be of interest to you. If you prefer not to receive any further direct marketing communications from us or our business partners, you can opt out at any time. See further 'Your rights', below.
Disclosure of your personal data
We may disclose your personal data to:
other companies that become partners or part of a group with Star Tours UK Limited;
a third party who acquires Star Tours UK Limited or acquires substantially all of its assets, in which case the personal data shall be one of the acquired assets;
our agents and service providers;
law enforcement and regulatory agencies in connection with any investigation to help prevent unlawful activity or as otherwise required by applicable law;
business partners in accordance with the 'Marketing and opting out' section above
Keeping your data secure
We will use technical and organisational measures to safeguard your personal data, for example:
where you create an account on the website, this will be controlled by a password and username that are unique to you;
We will store your personal data on secure servers;
payment details are encrypted using SSL technology.
While we will use all reasonable efforts to safeguard your personal data, you acknowledge that the use of the internet is not entirely secure and for this reason we cannot guarantee the security or integrity of any personal data that are transferred from you or to you via the internet.
Transfers of data out of the EEA
We will make reasonable efforts to ensure that your data is not transferred outside the European Economic Area (EEA). Where we use data servers that may transfer data out of the EEA we will take steps to ensure adequate protections are in place to ensure the security of your information and give you remedies in the unlikely event of a security breach.
All information you provide to us is stored with secure data processors for the purposes of storing your data, accounting purposes and social media purposes for example. A copy of your information is also stored securely on our internal server and computers where access is restricted.
Please note that we review all processors we utilise and ensure that there are adequate safeguards in place to protect your personal data, such as adherence to binding corporate rules or compliance with the EU-US Privacy Shield Framework, which is a mechanism that ensures compliance with EU data protection requirements when transferring personal data from the European Union to the United States. You can learn more about Privacy Shield here: https://www.privacyshield.gov/welcome
While we will use all reasonable efforts to safeguard your personal data, you acknowledge that the use of the internet is not entirely secure and for this reason we cannot guarantee the security or integrity of any personal data that are transferred from you or to you via the internet. If you have any particular concerns about your information, please contact us using our contact details at the bottom of this policy.
What you can do to keep your information safe
If you want detailed information from Get Safe Online on how to protect your information and your computers and devices against fraud, identity theft, viruses and many other online problems, please visit www.getsafeonline.org. Get Safe Online is supported by HM Government and leading businesses.
We may monitor and record communications with you (such as telephone conversations and emails) for the purpose of quality assurance, training, fraud prevention and compliance.
Your Consent and Rights of Access
You can change your mind or remove or add your consent at any time.
You have the right of access to your personal records or other information that we hold about you. There is no administrative charge for this service.
You have the right to rectify any errors in the data we hold about you. If any data or information we hold about you is inaccurate, or out of date, please contact us and we will correct this immediately.
You have the right to have the data we hold about you erased.
If you wish us to continue to store your information but wish us to keep your data separate and not process it in any way, please let us know. You have the right to ask us to stop processing your personal data for direct marketing purposes. You may also specify that you object to direct marketing by particular channels such as by email of telephone. If this is the case, please specify the channels you are objecting to in your communications with us.
You have the right to data portability. If you wish to obtain your data for your own purposes across different services, we will provide this information to you in a CSV file. There is no administrative charge for this service.
You have the right to object to any direct marketing.
To revise your consent, access, amend or remove your records or assert any of your rights set out above, you should send your request in writing to us at [email protected], detailing you full name, Address, Telephone Number and email address.
You will need to provide proof of identity and address (eg a copy of your driving licence or passport, and a recent utility or credit card bill); and specify the personal data you want access to, amended or removed.
How long we will store your data
We will store your data for as long as necessary for the purpose of processing. The data may be deleted in the following circumstances:
You have withdrawn your consent to data processing
The original purpose for processing the data is no longer relevant or cannot be performed any more.
The data is no longer up to date or accurate.
This website and it's owners take a proactive approach to user privacy and ensure the necessary steps are taken to protect the privacy of its users throughout their visiting experience. This website comply's to all UK national laws and requirements for user privacy.
Cookies are small files saved to the users computers hard drive that track, save and store information about the users interactions and usage of the website. This allows the website, through it's server to provide the users with a tailored experience within this website.
Users are advised that if they wish to deny the use and saving of cookies from this website on to their computers hard drive they should take necessary steps within their web browsers security settings to block all cookies from this website and it's external serving vendors.
Other cookies may be stored to your computers hard drive by external vendors when this website uses referral programs, sponsored links or adverts. Such cookies are used for conversion and referral tracking and typically expire after 30 days, though some may take longer. No personal information is stored, saved or collected.
Contact & Communication
Users contacting this website and/or it's owners do so at their own discretion and provide any such personal details requested at their own risk. Your personal information is kept private and stored securely until a time it is no longer required or has no use, as detailed in the Data Protection Act 1998. Every effort has been made to ensure a safe and secure form to email submission process but advise users using such form to email processes that they do so at their own risk.
This website and it's owners use any information submitted to provide you with further information about the products / services they offer or to assist you in answering any questions or queries you may have submitted. This includes using your details to subscribe you to any email newsletter program the website operates but only if this was made clear to you and your express permission was granted when submitting any form to email process. Or whereby you the consumer have previously purchased from or enquired about purchasing from the company a product or service that the email newsletter relates to. This is by no means an entire list of your user rights in regard to receiving email marketing material. Your details are not passed on to any third parties.
This website operates an email newsletter program, used to inform subscribers about products and services supplied by this website. Users can subscribe through an online automated process should they wish to do so but do so at their own discretion. Some subscriptions may be manually processed through prior written agreement with the user.
Subscriptions are taken in compliance with UK Spam Laws detailed in the Privacy and Electronic Communications Regulations 2003. All personal details relating to subscriptions are held securely and in accordance with the Data Protection Act 1998. No personal details are passed on to third parties nor shared with companies / people outside of the company that operates this website. Under the Data Protection Act 1998 you may request a copy of personal information held about you by this website's email newsletter program. A small fee will be payable. If you would like a copy of the information held on you please write to the business address at the bottom of this policy.
Email marketing campaigns published by this website or it's owners may contain tracking facilities within the actual email. Subscriber activity is tracked and stored in a database for future analysis and evaluation. Such tracked activity may include; the opening of emails, forwarding of emails, the clicking of links within the email content, times, dates and frequency of activity [this is by no far a comprehensive list].
This information is used to refine future email campaigns and supply the user with more relevant content based around their activity.
In compliance with UK Spam Laws and the Privacy and Electronic Communications Regulations 2003 subscribers are given the opportunity to un-subscribe at any time through an automated system. This process is detailed at the footer of each email campaign. If an automated un-subscription system is unavailable clear instructions on how to un-subscribe will by detailed instead.
Although this website only looks to include quality, safe and relevant external links users should always adopt a policy of caution before clicking any external web links mentioned throughout this website.
The owners of this website cannot guarantee or verify the contents of any externally linked website despite their best efforts. Users should therefore note they click on external links at their own risk and this website and it's owners cannot be held liable for any damages or implications caused by visiting any external links mentioned.
Adverts and Sponsored Links
This website may contain sponsored links and adverts. These will typically be served through our advertising partners, to whom may have detailed privacy policies relating directly to the adverts they serve.
Social Media Platforms
Communication, engagement and actions taken through external social media platforms that this website and it's owners participate on are custom to the terms and conditions as well as the privacy policies held with each social media platform respectively.
Users are advised to use social media platforms wisely and communicate / engage upon them with due care and caution in regard to their own privacy and personal details. This website nor it's owners will ever ask for personal or sensitive information through social media platforms and encourage users wishing to discuss sensitive details to contact them through primary communication channels such as by telephone or email.
This website may use social sharing buttons which help share web content directly from web pages to the social media platform in question. Users are advised before using such social sharing buttons that they do so at their own discretion and note that the social media platform may track and save your request to share a web page respectively through your social media platform account.
Shortened Links in Social Media
This website and it's owners through their social media platform accounts may share web links to relevant web pages. By default some social media platforms shorten lengthy url's [web addresses] (this is an example: http://bit.ly/zyVUBo).
Users are advised to take caution and good judgement before clicking any shortened url's published on social media platforms by this website and it's owners. Despite the best efforts to ensure only genuine url's are published many social media platforms are prone to spam and hacking and therefore this website and it's owners cannot be held liable for any damages or implications caused by visiting any shortened links.
Resources & Further Information
Edited & customised by: Star Tours Ltd, 312 Harrow Road, Wembley, UK, HA9 6LL