The General Data Protection Regulation (GDPR) is a comprehensive update to existing European Union laws that goes into effect on May 25, 2018.
It aims primarily to give control to citizens and residents over their personal data and to reshape the way organisations across the region approach data privacy.
The privacy notice will provide you with all the information, but in summary:
We hold your contact details in order to perform a contract (to supply you with travel products and services). We think it’s expected and justified that we would send you travel updates, travel news and travel related information by mail or email. However, should you disagree with this, just let us know and we will not provide this service.
If we make bookings for you we do have to pass your details to 3rd party companies. To help organise your travel, we pass your name and any mandatory data for travel to travel suppliers, which could include but are not limited to airlines, hotels, car rental companies and train operating companies. To help us keep you up-to-date with news, updates and travel related information by email, we use a 3rd party company called Campaign Monitor to organise e-shots and PR Fulfilment to organise mailings.
For our current customers and potential customers, we will offer a clear opt out option on every communication we send in the post and email, and on any forms you fill out on our website.
If you would like to find more about the GDPR please see the Information Commissioners website www.ico.org.uk.
If you have any questions or queries, Mark Firth is the data protection officer at TravelWise and can be contacted on 01924 268570 or email firstname.lastname@example.org.
FACTS YOU NEED TO KNOW ABOUT GDPR
- The General Data Protection Regulation(GDPR) replaces the Data Protection Directive and was designed to harmonise data privacy laws across Europe, to protect and empower all EU citizens data privacy and to reshape the way organisations across the region approach data privacy. It will become effective on May 25, 2018.
- The GDPR applies not only to organisations who process data in the EU, but also any organisation that offers goods or services to, or monitors the behaviour of people inside the EU. GDPR applies even if the processing takes place outside of the EU.
- The GDPR applies to information that directly or indirectly could identify an individual. This includes information, such as names, addresses, phone numbers, date of birth, as well as IP addresses, cookie identifiers, device information, advertising identifiers, financial information, geo-location information, social media information, consumer preferences, etc.
- "personal data" shall mean any information relating to an identified or identifiable natural person ('DataSubject'); an identifiable person is one who can be identified, directly or indirectly.