Privacy - The Destination Lounge

Privacy Notice

Big Blue Marble Limited (trading as ‘The Destination Lounge’)

We understand and respect the importance of your privacy. This Privacy Notice sets out the basis on which any personal data we collect from you, or you provide to us, will be processed by us. Please read the following information carefully.

It is particularly relevant with the introduction of GDPR (the General Data Protection Regulation) and can come across as complicated, however we have written the following notice to try to show, in as simple a way as possible, what data we collect, how it is handled and how you can access that information.

Why is this important?

It doesn’t take much time to make a very long list of all the places our personal data is used every day. The continuing growth and ease of transmission of data is the main reason for the strengthening of of data protection laws – ‘Hello’ to GDPR.

As a business there are various things we have to set up to make sure we’re doing things right and the first is to designate a ‘data controller’ – the person who handles data enquiries and procedures.

Big Blue Marble’s data controller : Mr. Ian Goodenough, Director

Our data controller is also registered with the ICO (Information Commissioner’s Office - www.ico.org.uk)

And why should we take it so seriously? Well, predominantly we want to make sure we’re operating our company in the best way we can for our clients.

But as not all companies have the same priorities, very heavy fines have been set (from 25th May 2018) as an extra incentive!

What is personal information?

Personal information we collect from you is anything that identifies you – such as your name, your address, email address, phone number etc.

GDPR categorises the use of your information in 6 different ways. The information we keep falls under three of those:

  • ‘Contract’ – this is information that we need to do our job for you (for example, we couldn’t book your holiday without it)
  • ‘Consent’ – this is information that we will ask your permission to use (often this is for marketing purposes, but may cover other uses)
  • ‘Legitimate Interest’ – this would apply if we want to send you information or materials that match your previous interests (for example we may send you details of tours available for when you’re on holiday, or holiday offers we feel fit you)

Naturally it is important that we collect certain information so we can process your travel needs, but it may also be used for marketing purposes. What follows is a list of the places in which we capture your information and how it is used…

Where do we use your information?

Information Location

What is it used for?

How is my information secured?

Our Back Office System

This is where we load all the details about your bookings and enquiries with us, including any payments you make through us.

This is a vital part of our relationship with you as a client and falls under the ‘Contract’ category of information.

Our computers access this system remotely, which means none of this data is kept in their hard drives. The remote computer is managed to a high security standard by SABS Travel Technology (http://www.sabstt.com), who operate a similarly robust data protection policy.

Access to this system requires several unique passwords.

Our Destinations Club database

We use a separate database to manage our ‘Destinations Club’ loyalty scheme.

This is also a ‘Contract’ type of information, without which we would be unable to manage the Club that you have signed up to.

However, any emails we send you also hold an obvious ‘unsubscribe’ link that wont remove you from the club, but will stop any further emails (from the club).

We use two systems:

The main database is provided online by a well known company (Zoho – https://www.zoho.eu) who operate a strict privacy and data security policy.

Any emails sent to club members are managed through MailChimp (https://mailchimp.com), a widely used platform with a very robust data policy (including the use of ‘opt-out’ links).

Marketing Database

Any direct marketing we undertake is managed by Advantage Travel Partnership – including e-newsletters and physical mail.

This is a ‘Consent’ category of information. We will specifically ask if you are happy to receive marketing information from us.

Advantage use a third party company to process marketing messages and data storage that is very strictly handled for data security and compliance.

You can ‘unsubscribe’ from this database by using the link on marketing email you receive from us, or by speaking to one of the team (you may need to supply your email address for reference)

Social Media

We don’t actually store any of your social media information (eg. Facebook, Twitter etc.) and any interactions with us via these channels are managed through the specific platform’s privacy and data policy.

We tend to only use the main social media platforms for our marketing and messaging – ie. Facebook, Twitter and Instagram (others may be added over time). Each platform has its own detailed privacy and data management policy you should refer to.

Paper Files

We store certain important hard-copies relating to your bookings with us for reference – for example your confirmation documents.

Hard-copies of files are stored in each branch’s filing cabinets (which are solid and lockable).

Important bit!

We will never pass your information on to third parties to use for their own marketing activities. It will only be used in the process of our business activities, as described in this document.

Who has access to my data?

The Destination Lounge Team

During the day-to-day running of our Travel Agency, all of our travel professionals have access to your information to properly service your experience with us. As mentioned above, each staff member is required to use multiple passwords to access this data.

Third Party Access

In order to process your bookings and enquiries, data we collect from you is passed onto third parties – such as the tour operator/s your holiday is booked with. These operators follow the same strict data management and privacy protection standards as us and we are required to confirm that with each operator we work with (generally by sight of their own policies for data protection).

The other important third party to have access to your data is the consortium that we are members of – Advantage Travel Partnership. They provide the back office system and financial processes that allow us to do our job and, as before, they operate with strict data protection standards.

How do I access my information?

You’ve always been able to ask for access to the information we hold about you, but here’s what you can do and how. It’s called a ‘Subject Access Request (SAR).

See what we hold

You can make a request for us to run a report on everything we hold on file about you. You need to ask a member of the team for assistance with this - they will help you complete a request form which will be submitted to our data controller. The data controller will respond within 40 days.

Amend or Delete what we hold

If you think we have incorrect information about you, you can request it be amended at any time – that’s a bit of a no-brainer. If we don’t have the correct information we can’t accurately act on your behalf!

You can also make a formal request for your information to be deleted, however this is dependant on the information you wish to be deleted. For example, we are unable to delete information that is needed for management of bookings (current or historical) but we can remove anything regarding marketing activity.

It is wise to consider simply unsubscribing from marketing activity rather than deleting your data completely, to avoid being re-subscribed later on (for whatever reason).

Identification

Please note that we can only respond to an individual’s request to action their own data and this may require formal identification.

Cookies

We have a separate policy regarding cookies on our website - you can read it here.

Changes to our privacy policy

We reserve the right to update or alter this Privacy Policy from time to time without notice to you.

ACCEPT COOKIESTo give you the best possible experience, this site uses cookies. Using this site means you agree to our use of cookies. We have published a cookies policy, which you should read to find out more about the cookies we use. View cookies policy.