Last updated: 21/01/2019
Questor Travel are committed to protecting and respecting your privacy.
Questor Travel, a trading name of Riverside Travel Limited (“We” or “Riverside Travel”), are committed to protecting the privacy of the individuals we encounter in conducting our business.
“Personal Information” is information that identifies and relates to you or other individuals (the Data Subject).
Riverside Travel Limited is the Data Controller for all Personal Information collected. This Privacy Notice covers Riverside Travel Limited and its websites, mobile applications and mobile websites except where you are notified of another privacy notice.
We will only collect, process, use, share and store your personal information where we are satisfied that we have an appropriate legal basis to do this. We have set out below, in a table format, a description of all the ways we plan to use your personal data, and which of the legal bases we rely on to do so. We have also identified what our legitimate interests are where appropriate.
Note that we may process your personal data for more than one lawful ground depending on the specific purpose for which we are using your data. Please contact us to discuss further.
|Purpose/Activity||Lawful basis for processing including basis of legitimate interest|
|To register you as a new customer||Performance of a contract with you|
To process and deliver your order including:
To manage our relationship with you which will include:
|To enable you to partake in a prize draw, competition or complete a survey||
|To administer and protect our business and this website (including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data)||
|To deliver relevant website content and advertisements to you and measure or understand the effectiveness of the advertising we serve to you||If you have given your consent for us to do so|
|To use data analytics to improve our website, products/services, marketing, customer relationships and experiences||If you have given your consent for us to do so|
|To make suggestions and recommendations to you about goods or services that may be of interest to you||If you have given your consent for us to do so|
Where we are processing your data for marketing purposes, our lawful basis for doing so is the consent that the data subject has provided. You can change or remove your marketing preferences at any time. Please see “Marketing Preferences” below. A data subject can withdraw their consent at any time.
Collectively, these are referred to below as the “Questor Travel Electronic Services”. We may collect your information through other means (for example, claim forms, telephone calls, emails, other communications, claim investigators, medical professionals, witnesses or other third parties involved in our business dealings with you.
The General Data Protection Regulation provides the following rights for individuals:
If you wish to access any of the rights set out above, we may ask you for additional information to confirm your identity and for security purposes, before disclosing personal information to you. We reserve the right to charge a fee where permitted by law, for example, if your request is manifestly unfounded or excessive.
If you have any questions about our use of your Personal Information, you can contact our Compliance Team via email: firstname.lastname@example.org. You can also write to the Compliance Team, Riverside Travel Limited, Third Floor Riverside House, 40-46 High Street, Maidstone, ME14 1JH.
We will only collect data than is necessary for the purpose of the processing.
You do not have to provide your personal information to us, but if you do not provide certain information, we will only be able to provide limited products and services to you. For example, where you refuse to provide mandatory travel information, we will not be able to arrange travel for you.
Depending on your relationship with us (for example, as prospective customer, existing customer, member of the booked party), Personal Information collected about you and other passengers may include:
We may collect special categories of personal information, including details about your health or any medical conditions.
We use special categories of personal information to:
We do not generally collect special categories of personal information from you (or those you are booking for), but where we do, we seek to minimise the collection and use of it and handle it with extra care. We also share this information with third parties (who help manage our business and deliver services [such as those parties who provide wheelchairs at airports]), and we transfer it globally.
Where you (or any passenger travelling) provides us with special categories of personal information you agree that you have voluntarily provided such information, and you consent (and the passenger travelling consents) for us to use that information for the purposes for which it was collected.
Making a booking on behalf of another person
If you are making a booking on behalf of another person(s), it is your responsibility to obtain their consent to make the booking and share their details with us (as anticipated by this Privacy Notice), which we will assume that you have done prior to making the booking. It is also your responsibility to represent that person during the booking process, which means that you will need to provide us with the information required to make a booking, such as the full name and passport details of the person concerned and explain to that person how we will use their personal information as set out in this Privacy Notice.
We use this Personal Information to:
In an emergency, we may use your personal information to:
Your personal information may be transferred outside your country of residence. Some other countries are subject to different standards of data protection than your country of residence.
We will take appropriate steps to ensure that transfers of personal information are in accordance with applicable law, and we only transfer personal information to another country where:
In the event your personal information is transferred to a foreign jurisdiction, it may be subject to the laws of that jurisdiction and we may be required to disclose it to the courts, law enforcement or governmental authorities in those jurisdictions.
You have a right to contact us for more information about the safeguards we have put in place to ensure the adequate protection of your personal information when this is transferred as mentioned above.
Riverside Travel Limited may make Personal Information available to:
Riverside Travel will take appropriate technical, physical, legal and organisational measures, which are consistent with applicable privacy and data security laws. Unfortunately, no data transmission over the Internet or data storage system can be guaranteed to be 100% secure. If you have reason to believe that your interaction with us is no longer secure (for example, if you feel that the security of any Personal Information you might have with us has been compromised), please immediately notify us. (See the “Who to Contact About Your Personal Information” section above.)
When Riverside Travel provides Personal Information to a contracted service provider, the service provider will be selected carefully and required to use appropriate measures to protect the confidentiality and security of the Personal Information.
We use personal information to let you know about products and services that we think may be of interest to you based on interests you have expressed previously, either by quoting or purchasing.
We will provide you with regular opportunities to tell us your marketing preferences, including in our communications to you. To tell us your marketing preferences or to opt-out, you can also contact us by e-mail at: email@example.com or by writing to: Customer Service, Riverside Travel Ltd, Third Floor, Riverside House, 40-46 High Street, Maidstone, ME14 1JH.
We aim to comply with all opt-out requests within a reasonable period. Please note that if you opt-out as described above, we will not be able to remove your Personal Information from the databases of third parties with whom we have already shared your Personal Information (i.e., to those to whom we have already provided your Personal Information as of the date on which we respond to the opt-out request). Please also note that if you do opt-out of receiving marketing communications from us, we may still send you other important administrative communications from which you cannot opt-out.
In certain countries, an individual may have the right to access, correct or object to the use of, or request deletion or suppression of Personal Information on certain grounds. Please contact us as set out in the “Who to Contact About Your Personal Information” section above with any such requests or if you have any questions or concerns about how we process Personal Information. Please note that some Personal Information may be exempt from access, correction, objection, deletion or suppression rights in accordance with local privacy and data protection laws.
“Other Information” is any information that does not reveal your specific identity, such as:
We and our third-party service providers may collect Other Information in a variety of ways, including:
Please note that we may use and disclose Other Information for any purpose, except where we are required to do otherwise under applicable law. If we are required to treat Other Information as Personal Information under applicable law, then, in addition to the uses listed in the “Other Information We Collect” section above, we may use and disclose Other Information for all the purposes for which we use and disclose Personal Information.
Please note that we are not responsible for the collection, usage and disclosure policies and practices (including the information security practices) of other organizations, such as Facebook, Twitter, Apple, Google, Microsoft®, RIM/Blackberry or any other app developer, app provider, social media platform provider, operating system provider, wireless service provider or electronic device manufacturer, including any Personal Information you disclose to other organizations through or in connection with the Questor Travel Electronic Services.
The Questor Travel Electronic Services are not directed to individuals under the age of eighteen (18), and no minor will be able to use our services without a full paying adult. We may receive Personal Information from minors where the lead passenger is travelling with one or more minors.
If you are concerned that we have breached a privacy law or code binding on us, please send an email to firstname.lastname@example.org. We aim to respond in a reasonable time (usually no later than 5 working days). Our Compliance Team will handle your complaint and will give you additional information about how it will be handled.
You also have the right to complain to the Information Commissioner’s Office (ICO) if you believe we have not handled your request in an appropriate manner. For more information, please see: www.ico.org.uk/concerns.