Privacy Policy of bluebaytravel.co.uk

This Website collects some Personal Data from its Users.

Personal Data collected for the following purposes and using the following services:

    • Analytics

      • Google Analytics with anonymized IP

        Personal Data: Cookies and Usage Data

    • Content commenting

      • Facebook Comments

        Personal Data: Cookies and Usage Data

      • Disqus

        Personal Data: Cookies, Usage Data and various types of Data as specified in the privacy policy of the service

    • Displaying content from external platforms

      • Google Fonts and Typekit

        Personal Data: Usage Data and various types of Data as specified in the privacy policy of the service

    • Heat mapping and session recording

      • Hotjar Heat Maps & Recordings

        Personal Data: Cookies, Usage Data and various types of Data as specified in the privacy policy of the service

    • Hosting and backend infrastructure

      • Cloudinary and DigitalOcean

        Personal Data: various types of Data as specified in the privacy policy of the service

    • Interaction with external social networks and platforms

      • Twitter Tweet button and social widgets, Facebook Like button and social widgets and Google+ +1 button and social widgets

        Personal Data: Cookies and Usage Data

    • Managing contacts and sending messages

      • SparkPost

        Personal Data: email address and various types of Data as specified in the privacy policy of the service

    • Platform services and hosting

      • WordPress.com

        Personal Data: various types of Data as specified in the privacy policy of the service

    • Remarketing and behavioral targeting

      • AdWords Remarketing and Facebook Remarketing

        Personal Data: Cookies and Usage Data

    • Traffic optimization and distribution

      • Cloudflare

        Personal Data: Cookies and various types of Data as specified in the privacy policy of the service

Further information about Personal Data

    • Feefo


      1. Background

      1.1 This privacy policy sets out how we use your personal data and what your rights are in respect of it.

      1.2 We may change this privacy policy from time to time. If we make significant changes in the way we treat your personal information, or to the privacy policy, we will make that clear on this website, or by some other means such as email, so that you are able to review the changes before you continue to use our website.

      1.3 This page was last updated on 15th March 2018.

      2 Our Details

      2.1 We are Feefo Holdings Limited, a limited company registered in England with the company registration number 7191962 and our registered address at Feefo Holdings Ltd, Feefo Barn, Heath Farm, Heath Road East, Petersfield, Hampshire, GU31 4HT.

      2.2 If you wish to contact us in relation to this notice, or data protection generally, please contact us by:

      (a) telephone on 0203 362 4209;

      (b) email on gdprcompliance@feefo.com; or

      (c) post using the address above.

      3 Our relationship to you and your personal data

      3.1 Our legal status in relation to you and your personal data differs, depending on where you are in the review process, which we explain in this section. You should contact the “controller” of your data, as indicated below.

      Emails inviting you to submit a review Here, we act as data processor, solely on behalf and on the instruction of the merchant/retailer.

      Where we email you to ask you to submit a review in respect of a merchant/retailer’s product or service, that merchant/retailer has given us your name and email address, and asked us to send you such email.

      We will not use your name and email address for any other purpose, unless we already hold it in respect of a review (see paragraph 3.2 below). Even where we already hold your name and email address, we will only invite you to submit a review where the merchant/retailer has provided the same name and email address.

      3.2 When you visit our website, and your review itself (and any other data you submit with it)

      Here, we act as data controller.

      When you visit our website, we will automatically collect certain personal data using cookies and your IP address.

      We may also collect personal data contained in any forms you submit to our website, including the details of any review you submit.

      The purposes for which we use your personal data are set out in the table below.

      Please note that merchant/retailer will also be a data controller of review data, and you may need to contact both us and the merchant/retailer to exercise rights in respect of your personal data.

      4 Who you should contact in relation to your personal data and your rights

      4.1 Where Feefo is the “controller”, as set out in paragraph 3 above, you should direct any queries you have in relation to your personal data to Feefo.

      4.2 Where Feefo is the “processor”, as set out in paragraph 3 above, you should direct any queries you have in relation to your personal data to the merchant/retailer in question.

      5 The processing

      5.1 This privacy policy applies to customers of merchants/retailers that use our services, and visitors to our website.

      5.2 Where a row is tinted grey, we carry out that activity as the data processor of a merchant/retailer, and any queries you have in relation to such activity should be directed to the merchant/retailer.

      5.3 The table below sets out the personal data that we will collect, why we collect it, the legal basis on which we rely and how long we will keep it.

      Type of data

      Your name and email address.

      Review data, including the product or service you bought, your name and location (if you provide them), email address, a customer service star rating, a product star rating and any free text you enter as part of your review.

      Your IP address, the web site from which you visit us, the web pages you actually visit and the date and length of your visit.


      Purpose

      To invite you to submit a review in respect of a product or service, on the instruction of a merchant/retailer.

      To publish your review on our website.


      Note: where you have asked us to keep your review anonymous, we won’t publish your name.

      To supply the relevant merchant/retailer a feed of reviews.

      Note: where you have asked us to keep your review anonymous, we won’t provide your name.

      For the merchant/retailer to publish your review on its website, marketing collateral and social media profiles.

      Note: where you have asked us to keep your review anonymous, the merchant/retailer won’t publish your name

      To generate aggregated/anonymised statistics.

      Note: which we may publish publically or make available to third parties. However, such aggregated/anonymised statistics are not in themselves personal data, as you will not be identifiable from them.

      To bring or defend legal claims.

      To understand how visitors use our website.

      To help us secure and manage the performance of our websites.

      Legal basis for the processing

      As a data processor, we are not responsible for establishing a legal basis. The merchant/retailer, as data controller, must have a legal basis.

      Necessary for our legitimate interest of carrying out market research, for example only to analyse buying trends or customer sentiment.

      Necessary for our legitimate interest of publishing reviews submitted in respect of our merchant/retailer clients.

      Necessary for our legitimate interest of fulfilling our contract with the merchant/retailer.


      Necessary for the merchant/retailer’s legitimate interest in (a) carrying out market research to improve its customer experience, products and/or services; and (b) promoting its products and services with positive customer reviews.

      Necessary for the merchant/retailer’s legitimate interest in (a) carrying out market research to improve its customer experience, products and/or services; and (b) promoting its products and services with positive customer reviews.

      Our legitimate interest of bringing and/or defending legal claims.

      Necessary for our legitimate interest of optimising and improving our website.

      Necessary for our legitimate interest of securing and managing the performance of our websites.


      How long we keep it

      Until the earlier of:

      • the merchant/retailer instructing us to delete it; and

      • the expiry or termination of our contract with the merchant/retailer.

      In some cases we may keep it for longer, for instance where we are required to by law or need it to bring or defend a legal claim.

      We keep your data for the length of the contract we have with our customer as this is used for statistical purposes.

      5.4 Where multiple retention periods apply to the same personal data, the retention period will be the longest one (although we will stop using such personal data for a purpose when the retention period for that purpose expires).

      5.5 Where our legal basis for processing is legitimate interests, you may have the right to object to our processing (see the section titled “Objecting to legitimate interests processing” below).

      5.6 Other than the personal data set out above, we also collect certain non personal data, which might derive from personal data. For instance, we may aggregate statistics about trends in buying habits, or trends in user sentiment. Unless it is impossible to re-identify you from this information, we will treat it as personal data.

      6 Where we obtain your personal data from

      We obtain your personal data in the following ways:

      6.1 from merchants/retailers (although we do so as their data processor);

      6.2 directly from you, for instance where you submit something to our website, communicate with us, or otherwise voluntarily providing personal data to us; and

      6.3 from your accounts on other website, where you give us permission to do so. For instance if you use Facebook or Twitter to log into our website, we may obtain some information from those websites;

      6.4 automatically when you use our website. For instance:

      (a) like most websites, we use cookies (which are smaller text files sent between your web browser and our services) to provide or improve certain functionality and to track which of our pages you visit (see our the “cookie” section below for more information); and

      (b) our web server automatically collects certain information about your use of our website, for instance some key settings on your device, what type of device you are using, the operating system on your device, the website from which you came and your IP address.

      7 Persons with whom we may share you data:

      7.1 All review data is shared with the merchant in respect of which you submitted a review.

      7.2 In general, internal access to your personal data will be restricted to those who have a need to access it in order to carry out their duties (for example our customer services team).

      7.3 However, we will also share your personal data with the following external third parties in some circumstances:

      (a) fraud prevention agencies or other third parties that assist us in preventing fraud or other forms of risk;

      (b) regulators such as the ICO, and government authorities such as HMRC or the police, if we are required to do so by law or if the regulator or authority requests it and we regard that request as reasonable or are required to comply by law;

      (c) our insurers, legal advisers or other third parties who need access to it in the context of managing, investigating or defending claims or complaints;

      (d) in connection with re-organisations, mergers and acquisitions of all or part of our business;

      (e) organisations that process your data on our behalf who are not allowed to use your data for any other purpose, for instance our web hosts;

      (f) other companies within our group, for instance where they provide us services; and

      (g) where you have consented to do us doing so.

      7.4 Where we share your personal data with our service providers, we have contracts with those service providers setting out how they must handle your personal data, including not to use your personal data other than in accordance with our instructions.

      7.5 Where we have been able to full anonymise personal data, we may share that anonymised data with third parties, for instance our merchants/retailers to share market trends or consumer sentiment, or in PR material that we publish.

      8 Solely Automated Decision Making

      We do not make any solely automated decisions based on personal data with legal or similarly significant effects.

      9 Transfers outside of the EEA

      9.1 In certain limited circumstances, we may export personal data outside of the European Economic Area for processing, and we may use third party service providers who do the same.

      9.2 We only do that if there is a good reason to do it and where either:

      (a) there are adequate safeguards in place (such as the appropriate contractual arrangements with suppliers, or adequacy decisions, depending on the destination country); or

      (b) we are otherwise permitted by data protection law (for instance, where you consent or such transfer is necessary to provide our service to you).

      10 Withdrawing consent

      10.1 Where we process your personal data on the basis of consent for marketing purposes, you can withdraw your consent in one of the following ways:

      (a) by visiting www.feefo.com/consent (note, you may need to login to verify your identity);

      (b) by following the unsubscribe link which we include in all of the electronic marketing we send; or

      (c) by contacting our customer services team using the email address consent@feefo.com.

      11 Objecting to our legitimate interests processing

      11.1 Where we process your personal data on the basis of our legitimate interests for direct marketing purposes, you always have the right to object to that processing. To object to direct marketing [either follow the instructions for withdrawing marketing consent in the section above or] contact us using the details at the top of this notice.

      11.2 You have the right to object to other processing on the basis of our legitimate interests, but we might not have to cease processing where you do so if either:

      (a) we are able to demonstrate compelling legitimate grounds for the processing which override your interests; or

      (b) where that legitimate interest is the establishment, exercise or defence of legal claims.

      To object to legitimate interests processing, please contact us using the details at the top of this notice.

      12 Your rights (with effect from 25 May 2018)

      The law gives you certain rights in respect of the personal data that we hold, which you should be aware of:

      12.1 You have the right to obtain your personal data from us except in limited circumstances. Where we provide it, the first copy will be free of charge, but we reserve the right to charge a small fee for additional requests;

      12.2 You have the right to require us to rectify any inaccurate personal data we hold concerning you;

      12.3 Taking into account the purposes of the processing, you may also have the right to have incomplete personal data completed, by means of providing a supplementary statement or otherwise;

      12.4 You have the right to require us to erase your personal data on certain limited grounds (including where they are no longer necessary for the purpose for which they were collected or where we rely on consent, which you withdraw, and there is no other legal ground for the processing);

      12.5 Where we process personal data either on the basis of consent or contractual necessity, you provided the personal data to us, and we process that personal data by automated means, you have the right to require us to give you your data in a commonly used electronic format;

      12.6 You have the right to object to our processing of personal data which we process on the grounds of our legitimate interests, as detailed in the paragraph titled “objecting to our legitimate interest processing” above;

      12.7 You have the right to require us to restrict the processing of your personal data on certain grounds, including where:

      (a) you contest the accuracy of the personal data and want us to restrict processing of your personal data while we verify its accuracy;

      (b) the processing is unlawful, but you request a restriction of the processing rather than erasure;

      (c) we (as controller) no longer need the data for the purposes of the processing, but you have told us you require us to retain that personal data for you to establish, exercise or defend legal claims; or

      (d) you have objected to us processing your personal data on grounds of legitimate interests and want us to restrict processing of your personal data while we consider your objection.

      12.8 If you would like to exercise any of these rights, please contact us using the details set out at the top of this notice.

      13 If we can’t remedy an issue you have

      Should you have any complaints or issue with our treatment of your personal data, you may lodge a complaint with the Information Commissioner’s Office (ico.org.uk).

      14 Cookies

      14.1 We use cookies when you visit our site. Cookies are small text files placed on your browser, typically made up of text and numbers. Those text and numbers will correspond with a record on our webserver, which can contain information about you or your website visit.

      14.2 We may use other technologies that allow us to do similar things where more appropriate to do so. For instance we may use “tracking pixels” which are tiny image files that are used to track your movements across our website.

      14.3 There are four main types of cookies – here’s how and why we use them.

      (a) Site functionality cookies – these cookies allow you to navigate the site and use our features;

      (b) Site analytics cookies – these cookies allow us to measure and analyse how our customers use the site, to improve both its functionality and your experience.

      (c) Customer preference cookies – when you are browsing or shopping on our website these cookies will remember your preferences, so we can make your experience as seamless as possible, and more personal to you.

      (d) Targeting or advertising cookies – these cookies are used to deliver ads relevant to you. They also limit the number of times that you see an ad and help us measure the effectiveness of our marketing campaigns.

      (e) Third party functionality cookies. We include third party services on our website to allow you to interact with them whilst on our website. In doing so, such third parties pay place cookies on your device to enable their functionality. Examples may include LinkedIn, Facebook, Twitter and Instagram.

      14.4 By using our site, you agree to us placing these sorts of cookies on your device and accessing them when you visit the site in the future. If you want to delete any cookies that are already on your computer, the “help” section in your browser should provide instructions on how to locate the file or directory that stores cookies. Further information about cookies can be found at https://ico.org.uk/for-organisations/guide-to-pecr/cookies-and-similar-technologies/.

      14.5 Please note that by deleting or disabling future cookies, your user experience may be affected and you might not be able to take advantage of certain functions of our site

    • ResponseIQ

      Response IQ Ltd Privacy Policy
      Last updated: April 24, 2018

      The https://responseiq.com/ website (the “Website”) is operated by Response IQ Ltd, company registration number 09951115 and the registered office of which is at Rocketspace, 40 Islington High St, London, United Kingdom, N1 8XB (“We”, “Us” or “ResponseIQ”).
      We take your privacy very seriously and we ask that you read this Privacy Policy carefully as it contains important information on:

      - the personal information we collect about you,
      - what we do with your information, and
      - who your information might be shared with.

      Who we are
      ResponseIQ are a “data controller” for the purposes of the General Data Protection Regulation EU 2016/679 (the “GDPR”), (i.e. we are responsible for, and control the processing of, your personal information).

      What information we collect?

      Personal information provided by you
      We may collect personal information about you (such as your name, address, telephone number, payment card details etc.) when you use our Website, register with us or purchase services from us. We may also collect personal information when you contact us, send us feedback or post material to the Website.
      We may also collect information that your browser sends us whenever you visit our Website. This data may include information such as your computer’s IP address, browser type, browser version, the pages of our Website that you visit and other statistics relating to your use of the Website. This information may be collected in conjunction with third party services such as Google Analytics.

      Personal information provided by third parties
      The nature of the Services we offer means that we may receive information about you from a third-party source, such as one of our clients. We will only accept that information if we have evidence that you have consented for the personal information to be passed to us or it is passed pursuant to another legal basis under the GDPR.
      Personal information about other individuals
      If you give us information on behalf of someone else, you confirm that the other person has appointed you to act on his/her behalf and has agreed that you can:

      - give consent on his/her behalf to the processing of his/her personal data;
      - receive on his/her behalf any data protection notices; and
      - give consent to the transfer of his/her personal data abroad.

      Sensitive personal information
      It is very unlikely that we will ask you to provide sensitive personal information. If we request such information, we will explain why we are requesting it and how we intend to use it.

      Sensitive personal information includes information relating to your ethnic origin, your political opinions, your religious beliefs, whether you belong to a trade union, your physical or mental health or condition, your sexual life, and whether you have committed a criminal offence.

      We will only collect your sensitive personal information with your explicit consent.

      Monitoring and recording communications
      We may monitor and record communications with you (such as telephone conversations and emails) for the purpose of performing the Services we offer to our clients, quality assurance, training, fraud prevention and regulatory compliance.

      Use of cookies
      A cookie is a small text file which is placed onto your computer (or other electronic device) when you access our Website. We use cookies on this Website to:

      - keep track of any services you may wish to purchase;
      - recognise you whenever you visit this Website (this speeds up your access to the Website as you do not have to log in each time);
      - obtain information about your preferences, online movements and use of the internet;
      - carry out research and statistical analysis to help improve our content and services and to help us better understand our visitor and customer requirements and interests;
      - target our marketing and advertising campaigns more effectively by providing interest-based advertisements that are personalised to your interests; and
      - make your online experience more efficient and enjoyable.

      The information we obtain from our use of cookies will not usually contain your personal data. Although we may obtain information about your computer or other electronic device such as your IP address, your browser and/or other internet log information, this will not usually identify you personally. In certain circumstances we may collect personal information about you—but only where you voluntarily provide it (e.g. by completing an online form) or where you purchase services from us.
      In most cases we will need your consent in order to use cookies on this Website. The exception is where the cookie is essential in order for us to provide you with a service you have requested (e.g. to enable you to purchase services from us).
      There is a notice on our home page which describes how we use cookies and which also provides a link to this Privacy Policy. If you use our Website after this notification has been displayed to you, we will assume that you consent to our use of cookies for the purposes described in this Privacy Policy.
      We may work with third party suppliers who may also set cookies on our Website. These third-party suppliers are responsible for the cookies they set on our Website. If you want further information, please go to the website of the relevant third party.
      If you do not want to accept cookies, you can change your browser settings so that cookies are not accepted. If you do this, please be aware that you may lose some of the functionality of this Website. For further information about cookies and how to disable them please go to the Information Commissioner’s webpage on cookies: https://ico.org.uk/for-the-public/online/cookies/.

      How will we use the information about you?
      We collect information about you so that we can:

      - identify you and manage any accounts you hold with us;
      - process your order or carry out obligations arising from any contract(s) entered into between you and us;
      - conduct research, statistical analysis and behavioural analysis;
      - carry out customer profiling and analyse your purchasing preferences;
      - if you agree, let you know about other products or services that may be of interest to you—see ‘Marketing’ section below;
      - detect and prevent fraud;
      - customise our Website and its content to your particular preferences;
      - notify you of any changes to our Website or to our services that may affect you;
      - carry out security vetting; and
      - improve our services and notify you about changes to these services.

      Marketing
      Only where you have provided us with specific, informed and unambiguous consent shall we provide you with marketing materials by the mechanism(s) you have consented to (e.g. email). We will only provide you with marketing materials relating to features that you have explicitly consented to.

      If you have consented to such receive marketing from us, you can opt out at any time. See ‘What rights do you have?’ below for further information.

      Who your information might be shared with

      We may disclose your personal data to:

      - our clients as part of the service offered, but only with your explicit consent or pursuant to another legal basis under the GDPR;
      - our service providers pursuant to strict data processing agreements that protect your personal data to the same or higher standards than we treat it;
      - law enforcement agencies in connection with any investigation to help prevent unlawful activity; and
      - a court of law or regulator where we are under a duty to disclose or share your personal data in order to comply with a legal or regulatory obligation.

      Rest assured that we will never pass your information to a third party outside of the categories above without your explicit consent.

      Keeping your data secure
      We will use technical and organisational measures to safeguard your personal data, for example:

      - access to your account is controlled by a password and username that are unique to you;
      - we store your personal data on secure servers; and
      - payment details are encrypted using SSL technology (typically you will see a lock icon or green address bar (or both) in your browser when we use this technology).

      While we will use all reasonable efforts to safeguard your personal data, you acknowledge that the use of the internet is not entirely secure and for this reason we cannot guarantee the security or integrity of any personal data that are transferred from you or to you via the internet. If you have any particular concerns about your information, please contact us (see ‘How can you contact us?’ below).

      Our Website may contain links to other websites of our partners, suppliers, advertisers or other approved third parties. If you follow a link to any of these websites, please note that these websites have (or should have) their own privacy policies. We do not accept any responsibility or liability for these policies or the way in which your personal data may be treated by these third parties. We recommend you check the privacy policy of any third party before you submit any personal data to their website.

      Transfers of your information out of the EEA

      We may need to transfer your personal data to countries which are located outside the European Economic Area (“EEA”), for the purpose of providing the services to you. You may be located in a country outside of the EEA and therefore we may have no choice but to transfer your data outside of the EEA. Rest assured that any transfer of your personal data outside of the EEA will be subject to a GDPR-compliant guarantee (such as the EU-US Privacy Shield or a Model Contract Clause approved by the European Commission) that will safeguard your privacy rights and give you remedies in the unlikely event of a security breach.

      How long do we hold your data for?
      We only keep your personal data as long as necessary for the purpose for which it was obtained. After that period, we either: (1) anonymise the data if we still wish to use it for analytical purposes, or (2) pseudonymise the data if believe in good faith that we may need to process the data in the future for a legitimate purpose, or in all other cases (3) delete it completely from our servers.

      What rights do you have?

      Right to request a copy of your information
      You can request a copy of your information which we hold (this is known as a subject access request). If you would like a copy of some or it, please:

      - email, call or write to us (see ‘How can you contact us?’ below),
      - let us have proof of your identity and address (a copy of your driving licence or passport and a recent utility or credit card bill will suffice), and
      - let us know the information you want a copy of, including any account or reference numbers, if you have them.

      We will acknowledge receipt of your request and will respond within thirty (30) days. We will not charge you for providing the information.


      Right to correct any mistakes in your information
      You can require us to correct any mistakes in your information which we hold free of charge. If you would like to do this, please:

      - email, call or write to us (see ‘How can you contact us?’ below),
      - let us have enough information to identify you (e.g. account number, user name, registration details), and
      - let us know the information that is incorrect and what it should be replaced with.

      We will acknowledge receipt of your request and will respond within thirty (30) days.


      Right to ask us to stop contacting you with direct marketing
      You can ask us to stop contacting you for direct marketing purposes. If you would like to do this, please:

      - email, call or write to us (see ‘How can you contact us?’ below). You can also click on the ‘unsubscribe’ button at the bottom of marketing emails from us,
      - let us have proof of your identity and address (a copy of your driving licence or passport and a recent utility or credit card bill will suffice), and
      - let us know what method of contact you are not happy with if you are unhappy with certain ways of contacting you only (for example, you may be happy for us to contact you by email but not by telephone).

      We will acknowledge receipt of your request and will respond within thirty (30) days.

      Right to erasure
      You can request that we delete all personal data relating to you free of charge. If you would like to do this, please:

      - email, call or write to us (see ‘How can you contact us?’ below), and
      - let us have proof of your identity and address (a copy of your driving licence or passport and a recent utility or credit card bill will suffice), and
      - provide us with the justification for the erasure request (e.g. you are withdrawing your consent, you no longer believe that we should be processing the personal data for the original purpose for which it was obtained, the personal data is being unlawfully processed, there is a legal reason for erasure etc.).

      We will acknowledge receipt of your request and will respond within thirty (30) days.


      Right to Restrict Processing
      You can request that we restrict processing of some of your personal data. If you would like to do this, please:

      - email, call or write to us (see ‘How can you contact us?’ below), and
      - let us have proof of your identity and address (a copy of your driving licence or passport and a recent utility or credit card bill will suffice), and
      - provide us with details of what personal data you would like us to restrict the processing of (e.g. where you contest the accuracy of some personal data, we shall restrict the processing of it whilst its accuracy is verified).

      We will acknowledge receipt of your request and will respond within thirty (30) days. If we agree to restrict the processing of the personal data before the thirty (30) day period, we will inform you as soon as we have put in place the restriction.


      Right to Object
      You can object to us processing any of your personal data. If you would like to do this, please:

      - email, call or write to us (see ‘How can you contact us?’ below), and
      - let us have proof of your identity and address (a copy of your driving licence or passport and a recent utility or credit card bill will suffice), and
      - provide us with details of what personal data you object to us processing.

      We will acknowledge receipt of your request and will respond within thirty (30) days.


      Right to Data Portability
      You can request that be provide some or all of your personal data we hold to a third party free of charge. If you would like to do this, please:

      - email, call or write to us (see ‘How can you contact us?’ below),
      - let us have proof of your identity and address (a copy of your driving licence or passport and a recent utility or credit card bill will suffice), and
      - provide us with sufficient details of the third-party entity to which you would like your data transferred.

      We will acknowledge receipt of your request and will provide your personal to the third-party entity in a commonly used machine-readable format within thirty (30) days providing you have provided us with sufficient information to do so. We will not charge you for this service.


      Rights relating to automated decision making and profiling

      We use software that automatically processes personal data for us. We ensure that processing using this software is fair and we implement all appropriate technical and organisational measures to ensure inaccuracies are minimised. If you are concerned about the use of such software, you have the right to ask for more details about the processing and request that we stop using the software to process your data. If you would like to do this, please:

      - email, call or write to us (see ‘How can you contact us?’ below),
      - let us have enough information to identify you (e.g. account number, user name, registration details), and
      - provide us with details of your concerns and the categories of personal data you believe are being processed by automated software.

      We will acknowledge receipt of your request and will respond within thirty (30) days. Please note that if the automated processing is necessary for the performance of a contract between you and us, if you request that the software is no longer used to process your data, we may not be able to provide you with services anymore.


      Right to complain to the supervisory authority
      If you are unhappy with the way in which we have dealt with a request you have made or you feel that we are not complying with this Privacy Policy in any way, you have the right to complain to the supervisory authority in the country in which you live. The supervisory authority in England and Wales is the Information Commissioners Office and details of how to contact them are available on their website: www.ico.org.uk.

      Time Extensions and Refusals
      We reserve the right to extend the time period to respond to any of the requests listed above by up to sixty (60) days where a request is complex or a large number of requests are made. If we fail to respond to you by the deadline we set, you have a right to complain to the supervisory authority or seek a judicial remedy (see – ‘Right to complain to the supervisory authority’ above).

      We may also refuse a request where there are legitimate reasons to do so. These include, but are not limited to:

      - where a request is manifestly unfounded, excessive or repetitive; or
      - where personal data is being processed:
      • in order to comply with a legal obligation;
      the public interest;
      • in the exercise or defence of a legal claim;
      • in the exercise of the right to freedom of expression and information.



      How to contact us

      Please contact us via help@responseiq.com or call +44 208 629 5280. Our Data Protection Officer is Scott Lee. If you have any questions about this Privacy Policy or the information we hold about you, we will be delighted to assist.

      Changes to this Privacy Policy
      We may change this Privacy Policy from time to time. You should check this policy occasionally to ensure you are aware of the most recent version that will apply each time you access this Website.

    • Pure360

      Pure360 Privacy Policy

      1. Introduction

      This Privacy Policy explains the way in which any personal information that we collect from you, or that you provide to us, will be processed by us when you visit our website at www.pure360.com (“Site”).

      The Site is operated by Pure360 (also referred to below as “we”, “us” or “our”). For further details about us, see the section Company details at the end of this Privacy Policy.

      We endeavour to take all due care to protect your personal information, in accordance with the applicable Data Protection legislation from time to time.

      For the purposes of Data Protection legislation, Pure360 is the data controller in respect of the personal information that we collect through the Website.

      2. Information we may collect from you when you visit the Site

      The personal information we collect when you visit the Site (“Information”) includes:

      your name, address, e-mail address and telephone number(s), and the company or other entity on whose behalf you are acting;
      records of emails and other correspondence (including any further information we may request from you) when you contact us to request information, report a problem, or provide feedback on our products and services;
      standard information automatically collected by our web server including your IP address, browser type, and operating system;
      details of your visits to our site, including access time.

      If you contact us to enquire about a job vacancy, we will collect details relevant to your enquiry and any subsequent application you may make, which will include your name, address, e-mail address and telephone number(s), CV and work experience, and (in certain cases) your personal circumstances. We will provide you with further details at the time.

      3. How we use your information

      We will only use the Information we collect as follows:

      to provide you with the information about our products and services that you request;
      for internal record keeping, billing, accounting and market research purposes;
      to respond to any queries, complaints or requests for further information;
      to improve the content of the Site;
      to customise the content and/or layout of the Site; and
      to provide you with marketing information about other products and services we supply that may be of interest to you.

      If you contact us to enquire about a job vacancy, we will only use your Information for that purpose.

      4. On what basis do we use your information?

      We will process the Information that you provide, or we collect from you, on the basis that it is necessary for our legitimate interests in promoting and marketing our products and services, and for the other purposes mentioned in paragraph 3 above, or (as appropriate) for providing you with information about job vacancies.

      Your Information will not be used for any other purpose, or disclosed to any third party, unless we are required to do so by law, or as mentioned in the next paragraph.

      For details about how we process our customers’ data when they use our products and services to our clients, please see our Licence Agreement, the standard form of which can be found on the Site.

      5. Who do we share your Information with?

      We may disclose your Information if we need to do so in order to comply with any legal or regulatory obligation or request, or where we have a legitimate interest in doing so, such as in order to enforce or apply a contract with you (or the organisation you represent), to investigate potential breaches, or to protect the rights, property or safety of Pure360 or others. This may include exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction.

      If another company acquires us or all or substantially all of our assets, that company will possess the same information and will assume the rights and obligations with respect to that information.

      Except as set out above, we will never sell, distribute or disclose any of your Information (except anonymous aggregate data) with any third party without your express consent.

      In order to provide some of our services, we may use the input of third party providers situated in countries outside Europe (such as the USA) that do not always have the same standards of Data Protection laws as the UK. However, we will ensure that contractual or other safeguards are in place to ensure that your information is adequately protected, and that enforceable rights and effective legal remedies are available for data subjects.

      6. How long do we keep personal information for?

      If you contact us with an enquiry but you do not (or the organisation you represent does not) enter into a contract with us, we will normally delete your personal data after [6 months]. If you order (or the organisation you represent orders) any of our products or services, we normally retain contract information (including related personal data) for 6 years after the end of the relevant contract, in case issues arise during or after the termination of the contract.

      If you contact us about a job vacancy, we will normally delete your personal data after 12 months, unless you become an employee of ours.

      7. Your rights as a data subject

      As a data subject you have certain legal rights including:

      the right to access the personal data held about you;
      the right to ask us not to process your personal data for marketing purposes;
      the right to withdraw at any time any consent you have given to receive marketing material from us;
      the right to ask us to rectify inaccurate personal data about you;
      the right to ask for the restriction of personal data concerning yourself that is inaccurate, unlawfully processed, or no longer required;
      the right to ask for the erasure of personal data concerning yourself where processing is no longer necessary, or the legitimate interests we have in processing your personal data are overridden by your interests, rights and freedoms as the data subject; and
      the right to make a complaint about to the supervisory authority (the Information Commissioner’s Office).

      8. Internet security

      We follow generally accepted industry standards to protect your Information from unauthorised use. However, as no data transmissions over the Internet can be guaranteed to be 100% secure, we cannot take responsibility for any unauthorised access or loss of personal information that is beyond our control.

      Please remember that other methods of Internet communication, such as emails and messages sent via a website, are not secure unless they are encrypted. We take no responsibility for any unauthorised access or loss of personal information that is beyond our control.

      9. Changes to this Privacy Policy and future developments

      We may revise this Privacy Policy from time to time. The most current version of this Privacy Policy will govern our use of information about you and will be located on this page. If we make material changes to this Privacy Policy then where appropriate we will notify you by email or by posting a notice on the Site prior to the effective date of the changes.

      10. How to Contact Us

      If you have any questions, comments or requests about the Site generally, please contact us by email to support@pure360.com.

      If you any questions, comments or requests regarding our use of your personal information, or wish to delete your personal information, please contact us by email to support@pure360.com or write to us at the following address: The Data Protection Manager, Pure360, Unit A-E, Level 3 South, New England House, Brighton, East Sussex, BN1 4GH, England

      11. Company details

      We are Purepromoter Limited, trading as Pure360, registered in England and Wales with company number 4266410. Our registered office is at Unit A-E, Level 3 South, New England House, Brighton, East Sussex, BN1 4GH, England.

Contact information

    • Owner and Data Controller

      Blue Bay Travel Ltd, Unit A4 Bellringer Road, Trentham Business Quarter, Stoke on Trent, ST4 8GB

      Owner contact email: gdpr@bluebaytravel.co.uk