Personal Data Security Statement re: GDPR

Personal Data Ownership

Nineoaks Fishery’s Privacy Policy re GDPR.

We are dedicated in providing you with top quality accommodation at fair prices and with the best possible service. To do that we gather information about you and because your privacy matters we want you to be happy that what you share with us, while using this site, is safe and secure. This Privacy Policy is intended to let you know how we retain and use that information to give you a better, more personalised experience. You will also learn how and why we collect your personal information, your rights and choices when it comes to these details, plus the things we do to keep it as secure and private as possible

Updated: 24th May 2018

1. What this Privacy Policy covers

This is the Privacy Policy for nineoaks-fisheries.co.uk (the "Site").
We want to be transparent as to how we collect, use and protect your personal information. For the purposes of this policy, the data controller is Nineoaks Fisheries (referred to here as "we", "us" or "our").
This Policy explains:

  • the personal information we collect;
  • how and why we collect and use that personal information;
  • why we process your personal information;
  • when and why we will disclose your personal information;
  • the rights and choices you have when it comes to your personal information;
  • why we use cookies; the steps we take to ensure your information is kept secure and confidential;
  • how long we will hold your information for; and
  • how to contact us.

Our Site contains links to third-party websites that are not subject to this Privacy Policy. Read section 7 below for further information on third party links. Always make sure that you read a third party's terms and conditions and privacy policy carefully before providing any personal information on a third-party website, as we cannot accept any responsibility or liability for those third-party websites.

2. The Personal Information we collect

  • When you contact us to make an enquiry, either by telephone, by email or through our web-site or any of our (infrequent) emails you may provide us with your email address, mailing address, contact telephone number(s) and name(s).
  • When you book with us you must provide us with personal details, including without limitation your name, postal address, email addresses, phone numbers, title and some limited credit card and/or bank information.
  • When you visit our Site, Google (on our behalf) may collect impersonal information about your online browsing behaviour and any devices you have used to access our Site (including your IP address, browser type and mobile device identifiers)

3. How we collect and use your personal information

This section explains how we collect and use your personal information.

3.1. Holiday Accommodation

We collect your personal information from you when you place a holiday booking or holiday enquiry with us. We use this so that we can identify, manage, deliver and subsequently support your booking. If we need to pass your personal information to a third party to meet your request except for the purpose of delivery (see below), we will make it clear at the time you submit your details. If that happens, then in line with section 1 above, we advise you to read the privacy policies of whichever third parties we tell you about.

3.2. Birthday and Christmas cards

Where we have an email address and a known Birthday, occasionally we may send a Birthday or Christmas e-card. For those that have visited us within the last two years we usually send a postal Christmas card. We collect your email address when you contact us for holiday and other enquiries. We use this to send you emails as appropriate for example, confirmation of your booking, confirmation of a Credit Card payment and so forth.

3.3. Accommodation Provision

We use a third-party International Bank to provide Credit Card processing facilities and we believe their privacy policies to be appropriate for the service they deliver. For them to do this, we need to let them have some of your personal information including but not limited to the title and name as shown on the card to be used, card identification details such as long card number, expiry date, and security code information.

3.4. Internal reporting, deposits and balances analysis

We may use the personal information referred to in this section 3 to generate aggregated, anonymised data for the purposes of internal reporting, insight and analysis, enabling us to improve and personalise our Web Site, the holidays we offer and search results for our Site. We do not use any third parties to perform these analyses.

3.5. Site personalisation

We may use your personal information and/or feedback to personalise aspects of our Site, and for market research. We are always working to make a better Site for you and using your personal information in this way helps us to do this. It also means that if you've given us permission, any email we send to you is appropriate for your needs.

3.6. Contacting you

We collect and may use your personal information to:

3.6.1 contact you in response to communications you have sent to us. We want to help you, so we use your personal data to provide clarification or assistance in response to your communications;

3.6.2 We may invite you to take part in polls and other market research activities carried out by us or by other organisations on our behalf. Any feedback you provide will only be used to improve our Site and will not be published. However, should we contact you about this, you do not have to respond;

4. Why do we process your personal information?

We will only collect and use your personal information (as described in sections 2 and 3) in accordance with data protection laws. Our grounds for processing your personal information are as follows:
  • Consent – Where necessary we will only collect and process your personal information if you have consented for us to do so. For example, after you have contacted us, we will use your personal information to provide the services detailed in sections 3.1 and 3.2
  • Legitimate Interests – We may use and process some of your personal information where we have sensible and legitimate business grounds for doing so. Under European privacy laws, there is a concept of "legitimate interests" as a justification for processing your personal information. Our legitimate interests for processing your personal information are:
  • to communicate with you about a booking. For example, sending you a series of confirmation and update emails after you have placed a booking with us. Unless you have agreed to the contrary, this will not include any non-purchase specific emails or other communications
  • to enable us to properly and efficiently serve any claims you may have under our Guarantee and/or other terms and conditions of sale; and
  • to improve our Site. We may use your personal information to undertake demographic segmentation and generate profiling information to help us understand what you might be interested in and for market research. We are always working to make a better Site for you and using your personal information in this way helps us to do this.

From 25th May 2018, you will have a right to object to our use of your personal information for these legitimate interests, including a right to object to profiling by us (see section 8 below).

5. Use of children's personal information

We do not knowingly collect or store any personal information about children under the age of 16. If you are aged under 16 please get your parent or guardian's permission before you provide any personal information to us.

 

6. Third Party Personal Information and Personal Information Review

6.1 If you're providing us with another person's personal information you should first ask them to read this Privacy Policy. By giving us personal information about another person you are confirming that they have given you consent to provide the personal information to us and that they understand how their details will be used.

6.2 We will periodically review your personal information to ensure that we do not keep it for longer than is permitted by law (see section 12 below).

7. Disclosure of your personal information to other organisations

The personal information that we collect when you use our Site is confidential, however, we may disclose your personal information to a third party in the following circumstances:

7.1. Our Credit Card provider and our e-card provider – as described in sections 3.2 to 3.5 above, and for the purposes of providing certain services and enabling your interaction with the Site. We won't ask for your permission to do so on our Site.

7.2. If required or allowed to do so by law;

7.3. If ordered to by any court or any other applicable regulatory, compliance, governmental or law enforcement agency;

7.4. If necessary in connection with legal proceedings or potential legal proceedings;

7.5. If ownership of all or part of our Site is transferred, in which case any purchaser would only be entitled to use that information in accordance with this Privacy Policy.

7.6. We use GOOGLE ANALYTICS to anomalously collect data on your journey to our site and around it. We never send personal information to Google. The data is transferred outside of the EU but Google are an active member of the Privacy Shield Framework which you can view here:

https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI

8. How you can change permissions

All emails or other forms of communication directly from us to you will include clear instructions on how to unsubscribe or amend your subscription preferences. In addition, if you don't want to be contacted by us anymore you can simply email datacontroller@nineoaks-fisheries.co.uk. Section 9 below also sets out your other information rights.

9. Your information rights and responsibilities

9.1. You already have certain rights under existing data protection legislation, including the right to request a copy of the personal information we hold on you if you request it in writing. From 25th May 2018 you will have the following rights:

9.1.1. Right to correct: the right to have your personal information amended if it is inaccurate or incomplete;

9.1.2. Right to erase: the right to request that we delete or remove your personal information from our systems;

9.1.3. Right to restrict our use of your information: the right to 'block' us from using your personal information or limit the ways in which we can use it;

9.1.4. Right to data portability: the right to request that we move, copy or transfer your personal information;

9.1.5. Right to object: the right to object to our use of your personal information including where we use it for our legitimate interests, or where we use your personal information to carry out profiling to inform our market research and user demographics. If you raise an objection we will stop processing your personal information unless exceptional circumstances apply, in which case we will let you know why we're continuing to process your personal information.

We will use reasonable efforts consistent with our legal duty to provide you with your rights in accordance with data protection legislation.

9.2. To make enquiries, exercise any of your rights set out in this Privacy Policy and/or make a complaint please contact datacontroller@nineoaks-fisheries.co.uk or write to the Data Protection Officer at Nineoaks Fishery, Oakford near Llanarth, Ceredigion, SA47 0RW.

9.3. If you're not satisfied with the way any complaint you make in relation to your personal information is handled by us, then you may be able to refer your complaint to the relevant data protection regulator. In the UK, this is the Information Commissioner's Office.

10. Cookies

10.1. We use cookies (files which are sent by us to your computer or other access devices) and tracking technology to help to improve the functionality and performance of our Site.

10.2. The information derived from our use of cookies will be aggregated to generate statistical information about the usage of our Site. However, we do not use any information derived from cookies, nor any IP addresses we collect, to identify any individual user of our Site.

10.3. Some third-party technology we use (eg, embedded videos, social sharing) also use cookies to improve your experience on their sites.

11. Keeping your personal information secure

11.1. Keeping information about you secure is very important to us so we store and process your personal information in accordance with the high standards required under data protection legislation. Although we have never done so, it is conceivable that in the future, for operational reasons the personal information we collect from you may be transferred to and stored in countries outside of the European Economic Area ("EEA"). Your information may also be processed by some of our service providers which may in the future be based outside the EEA. Different countries have different data protection and security laws and some of these do not offer the same level of protection as you enjoy under UK data protection legislation. However, when we appoint our service providers to help us provide products and services to you (which may include some based in the USA), we take care to ensure that they have appropriate security measures in place.

11.2. We do our best to keep the information that you disclose to us secure. However, we can't guarantee its 100% security but will always use our best endeavours to ensure its security and safe storage. By using our Site, you accept the inherent risks of providing information online and will not hold us responsible for any breach of security.

12. How long do we keep your personal information?

Unless a longer retention period is required or permitted by law, we will only hold your personal information on our systems for the period necessary to fulfil the purposes outlined in this Privacy Policy or until you request it is deleted. If we’ve not heard from you or had any contact with you, we may contact you to ensure you're still happy to receive communications from us. Even if we delete your personal information it may persist on back-up or archival media for legal, tax or regulatory purposes.

 

13. How to contact us

Our Data Protection Officer is the Managing Director of Nineoaks Fishery.
If you have any queries relating to our use of your personal information or any other related data protection questions, please contact us at datacontroller@nineoaks-fisheries.co.uk or write to the Data Protection Officer at Nineoaks Fishery, Oakford near Llanarth, Ceredigion, SA47 0RW.

 

14. Changes

This policy is effective from 25th May 2018 and replaces with immediate effect any preceding Privacy Policy. We may, from time to time, make changes to this Privacy Policy to reflect any changes to our privacy practices in accordance with changes in legislation, best practice or Site enhancements. We will let you know what these changes are by posting them to this page. Where the changes are significant, we may also choose to email you with the new details and get your consent to make these changes where required by law. It is your responsibility as a user to make sure that you are aware of changes posted on this page, by checking for any changes on a regular basis. Changes posted on this page will become effective as soon as they are posted.

 

15. Further Information

You can find further information on how GDPR affects you by visiting the website of the Information Commissioners Office (ICO) ico.org.uk

Effective as of: 25th May 2018

  • Click Here, to download this Policy as a WORD document.
  • Or to download this Policy as a PDF document Click Here.
  • Return to Top

    Have a question or need help?

    Copyright © 2005 Nineoaks Angling Centre. All Rights Reserved.   Web Design  www.Mabdesign.co.uk


    Trout Fishery, Carp Fishery, Wales Fisheries, Fisheries,Fisheries in Wales,Holiday Fisheries.