We are committed to your privacy
Any questions concerning personal data should be addressed to the Data Protection Officer by email to [email protected] or by post to Golfbreaks.com, Minton Place, Victoria Street, Windsor, SL4 1EG. Additionally, you can adjust your preferences at any stage via your online Golfbreaks account.
You have the right to make a complaint at any time to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues (www.ico.org.uk). We would, however, appreciate the chance to deal with your concerns before you approach the ICO so please contact us in the first instance.
We reserve the right to modify or amend this Policy at any time and will display the effective date at the end of this Policy. Previous versions can be obtained by contacting us.
It is important that you read this Policy together with any other privacy notice or fair processing notice that we may provide on specific occasions when we are collecting or processing personal data about you so that you are fully aware of how and why we are using your data. This Policy supplements the other notices and is not intended to override them.
What Personal Data we collect
As a travel business, we need to collect certain personal data (such as name, address and contact details) from you to ensure that we can make the arrangements for your golf break with the golf, hotel and other suppliers, and in order to perform your golf break contract services. We will also collect your personal data to able to provide you with details of future golf breaks and for the other purposes set out in this Policy. We will ask for your consent or rely on another legal basis for processing before we process your personal data, in accordance with the Data Protection Laws.
Under the Data Protection Laws, personal data means any information relating to an identified or identifiable natural person. An identifiable natural person is one who can be identified, directly or indirectly in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical physiological, genetic, mental, economic, cultural or social identity of that natural person.
We will collect personal data, such as your full name, address, email address and telephone number when you:
- make an enquiry with our sales team;
- make a booking for a golf break;
- make a payment for a golf break;
- make a service case or ask a question to our customer service team;
- start a live chat session with our contact centre;
- register for an account in our secure customer portal;
- enter a competition;
- register for events; or
- subscribe to our email newsletter;
If you make a booking with us we will also ask you to provide us with the name and contact details of the other members of your party. Where we make flight bookings as part of your golf break, we may also need to ask you for your passport details.
Health and mobility information: When you make an enquiry or a booking with us, we will ask you to disclose whether you have a medical condition or health issue or have any restrictions on your mobility. See the Section below on “How we use your Personal Data" for information for details of why we need to process this information and how we will obtain your consent. If you choose not to disclose this information to us or do not give us your consent to use it for the outlined purposes, we may not be able to provide the services you have requested due to our legal responsibility to provide you with a safe holiday.
Group data: If you provide us with the personal data of any other parties, for example, any other individuals included in your booking, you must ensure that you have the consent of those other parties to provide their information to us. We will use their personal data as necessary to perform the booking contract.
Automated technologies: As you interact with our website, we may automatically collect technical data about your equipment, browsing actions and patterns. Technical data may include internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions we collect from the devices you use to access our website. We collect this personal data by using cookies and other similar technologies. We may also receive technical data about you if you visit other websites employing our cookies.
How we use your Personal Data
When you make an enquiry about a golf break, we will use the personal data that you provide to us, such as name and contact details, to enable us to service your enquiry and take the steps that you request towards making a possible booking with us.
When you make a booking for a golf break, we will need to use your personal data such as name and address to make the travel arrangements for your break and otherwise as necessary to ensure that your booking contract is performed. This will usually require us to pass your personal data on to relevant third party suppliers of your travel arrangements such as hotels, airlines, transport providers, ground agents and destination management companies.
In order to affect your booking, we may also need to provide your personal data: to security or credit checking companies and/or credit and debit card companies in order to take payment for your booking; and to regulatory or public authorities such as customs or immigration if required by them, or as required by law.
Where we need to disclose your information to a third party for the fulfilment of your travel booking, we require that third party to have appropriate technical and organisational measures in place to protect your personal data and to process your data in accordance with our instructions and the Data Protection Laws.
Data transfers outside of the EEA
If necessary to perform your booking contract, we may need to transfer your personal data to third parties, such as travel suppliers, located outside of the European Economic Area (EEA). This will be the case where you book a golf break or tour that is based outside of the EEA, such as the USA or one of our other worldwide destinations. See the Section on “Sharing your Personal Data” for details of how we ensure adequate safeguarding of your personal data when transferring it outside of the EEA.
Health and Mobility information
We will use the health and mobility information that you provide to us to enable us (and the suppliers of your golf break) to ensure your health, safety and welfare during your break, which is our legal responsibility. We will ask for your explicit consent for our use of this information at the time of requesting it, including our sharing of your information with the suppliers of your break only for the purposes set out above.
Breakpoints loyalty scheme
When you make a booking with us and register for an online account in our secure customer portal, you will automatically earn points under our Breakpoints loyalty scheme which may be redeemed against future golf breaks. See the terms and conditions of the Breakpoints scheme for further details.
We will use your name, email address or postal address to contact you to tell you what points you have accumulated and when your points will expire. If you opt in to receiving marketing communications from us (see next paragraph), we will send you details of offers for redeeming your Breakpoints and earning additional Breakpoints.
We would like to be able to send you details of our offers and promotions by email, telephone, text message and/or post according to your choice. We have established a preference centre as part of your Golfbreaks online account so that you can tell us what marketing communications you would like to receive. You can change your preferences at any time by simply updating your preferences in your online account. We will not send you any marketing communications unless you have expressly opted in to receive them.
You can also opt-in by:
- Subscribing online for our email newsletters;
- Telephoning us on 01753 752900;
- Emailing us on [email protected];
- Writing to us at Golfbreaks, Minton Place, Victoria Street, Windsor, SL4 1EG
If you have opted-in to receive marketing communications from us, you can opt-out at any time by:
- Updating your preferences in your online account;
- Clicking the unsubscribe link in our email newsletters;
- Telephoning us on 01753 752900;
- Emailing us on [email protected];
- Writing to us at Golfbreaks, Minton Place, Victoria Street, Windsor, SL4 1EG
Where you have consented to do so, we may also use your personal data to keep you informed about the selected partner offers that may be of interest to you.
We use Hotjar in order to better understand our users’ needs and to optimise this service and experience. Hotjar is a technology service that helps us better understand our users’ experience (e.g. how much time they spend on which pages, which links they choose to click, what users do and don’t like, etc.) and this enables us to build and maintain our service with user feedback.
For further details, please see the ‘about Hotjar’ section of Hotjar’s support site.
For other lawful purposes
We will use your personal data for such other lawful purposes as are permitted under the Data Protection Laws and we will always obtain consent where required.
Security and storage
We take appropriate technical and organisational measures to protect your personal data against unauthorised or unlawful processing and against accidental loss, destruction or damage to personal data. This includes, as appropriate: the pseudonymisation and encryption of personal data; the ability to ensure the ongoing confidentiality, integrity, availability and resilience of processing systems and services; the ability to restore the availability and access to personal data in a timely manner in the event of a physical or technical incident; and a process for regularly testing, assessing and evaluating the effectiveness of technical and organisational measures for ensuring the security of the processing.
When you provide your personal data through our website, this information is transmitted across the internet securely using high-grade encryption. In addition to this, we are a PCI DSS compliant company. This means we adhere to high security standards in order to protect your payment card details when you make a booking over the phone or pay your balance through your online account in our secure customer portal.
Where we have given you (or where you have chosen) a password which enables you to access certain parts of our site, you are responsible for keeping this password confidential. We ask you not to share your password with anyone.
We will only retain your personal data for as long as is appropriate and necessary to the fulfil the purposes for which it was collected, including for the purposes of satisfying any legal, accounting, or reporting requirements, taking into account the amount, nature and sensitivity of the data, the potential risk of harm from unauthorised use or disclosure of your data, and whether we can achieve those purposes through other means. We will limit the period for which personal data is stored to a minimum. We will set time limits for erasure or periodic review. You may request details of our retention policy and in addition, you have a right to have your personal data restricted or erased – see more details under “Your Rights” below.
Your rights under the Data Protection Laws in relation to your personal data include (but are not limited to) the following:
You have the legal right to ask us to supply you with a copy of the personal data that we hold about you at any time free of charge. This could include booking information relating to breaks that you have booked through us. Further copies may incur a reasonable fee and also if your request is clearly unfounded, repetitive or excessive (or we may refuse to comply with your request in these circumstances).
You can also ask us to rectify any errors in your personal data or complete any incomplete data that we hold or you can update your own details at any time by accessing your online account in our secure customer portal.
Where you have given your consent to our processing your data, you have the right to withdraw your consent at any time. If you withdraw your consent and there is no other legal ground for us to process your data, you can ask us to erase your personal data. You can also require us to erase your data if we have processed your data unlawfully or if the law requires us to erase your data. Note, however, that we may not always be able to comply with your request of erasure for specific legal reasons which will be notified to you, if applicable, at the time of your request.
You may also restrict the processing of your data: This enables you to ask us to suspend the processing of your personal data if: (a) if you want us to establish the data’s accuracy; (b) where our use of the data is unlawful but you do not want us to erase it; (c) where you need us to hold the data even if we no longer require it as you need it to establish, exercise or defend legal claims; or (d) you have objected to our use of your data but we need to verify whether we have overriding legitimate grounds to use it..
You may request the transfer of your personal data to you or to a third party. We will provide to you, or a third party you have chosen, your personal data in a structured, commonly used, machine-readable format. Note that this right only applies to automated information which you initially provided consent for us to use or where we used the information to perform a contract with you.
Sharing your personal data
Transfers outside of the EEA Where we need to transfer your data to a third party supplier or service provider based in a country located outside of the EEA, either in order to fulfil your booking, or for the purposes of the third party providing us with a service, we will ensure that either the country to which the data is to be transferred has an adequate level of protection for data (as determined by the European Commission) or we may use specific contracts approved by the European Commission which give personal data the same protection it has in Europe or where a supplier or service provider is based in the US, we may transfer data to them if they have certified to the Privacy Shield Framework Principles which requires them to provide similar protection to personal data shared between Europe and the US.
Please contact us if you want further information on the specific mechanism used by us when transferring your personal data out of the EEA.
We will share your personal data with any member of our group of companies (which means our subsidiaries, our ultimate holding company and its subsidiaries, as defined in section 1159 of the Companies Act 2006) for internal administrative purposes including the processing of personal data on the basis of being in our legitimate interests to do so. We ensure that our group companies follow the same rules when processing your personal data. These rules are called “binding corporate rules”.
If the shares in Golfbreaks or substantially all of our assets are sold to a third party, your personal data may be disclosed to the prospective buyer during the sale negotiations and on the conclusion of the sale will be transferred as a company asset to the third party. This is necessary for our legitimate interests to be able to sell the company or its assets in the future, provided that we take all appropriate steps to keep your personal data confidential and secure at all times in accordance with this Policy and the Data Protection Laws, including requiring the third party to sign a confidentiality and non-disclosure agreement.
Golfbreaks will not give or sell any personal data to any third party companies, organisations or individuals without your prior consent.
Cookies and other tracking technologies
Third party websites
Our site may, from time to time, contain links to and from the websites of our partners and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.