PRIVACY POLICY – (REVISED MAY 2018 GDPR)
Business Name: Ideal Leisure/Ultimate Golf Service (‘IL’) Ultimate Golf Service is a brand within the Business registered as Ideal Leisure. Ideal Leisure is registered and compliant with the Information Commissioners Office (ICO) for client and stakeholder protection.
Company Contact details for queries: Chris Syme is the nominated Data Protection Officer and can be contacted on chris@ultimategolfservice.com or by mail at 132 Maryfield Park, Mid Calder, Scotland, EH12 5PN or by Phone on 01506 88 35 30
Topic: Data protection & Data Processing of Client Information
Date: 1st May 2018
The Business is a golf tour operator and visitor experience which provides visitors to Scotland, mainly, though other countries are provided, the chance to enjoy help, advice and action in booking trips and tours. The Business must process personal data so that it can provide these services – in doing so, the Business acts as a data controller.
You may give your personal details to the Business directly, such as on an application or registration form or via our website, or we may collect them from another source such as telephone enquiries received. The Business must have a legal basis for processing your personal data. For the purposes of providing you with services and/or information relating to roles relevant to you we will only use your personal data in accordance with the terms of the following statement.
- Collection and use of personal data
a. Purpose of processing customer enquiries and purchases
The Business will collect your personal data which typically will comprise your contact details (to communicate and arrange quotes), and will process such personal data for the purposes of providing you with tourism and travel services. This includes for example, contacting you about promotional opportunities, updating our databases, and developing and managing our services and relationship with you and our clients.
The legal bases we rely upon to offer these services to you are:
- Your consent granted when registering with us via our website or job board or by phone or by signing a consent form.
- Our legitimate interests which are: to try and find you the best visitor or tour experience, to keep you updated on current opportunities (1-2 times per month approx.), to keep our database up-to-date
- To comply with a legal or contractual obligation that we have with either you or our clients
- To fulfil an agreed obligation that we have with you
In reality, we may not even contact you this often. However you will have the opportunity to be removed from any future marketing communications if you wish.
b. Recipient/s of data
The Business will process your personal data with the following recipients:
- Potential accommodation and travel organisations only (we will endeavour to ensure that our clients are also compliant with GDPR wherever possible).
- We do not provide any of your data to any government organisations
- Please be assured that we do not ever sell information on our database to any 3rd parties.
- GDPR & business outside the EU
Our job-seeking services are global in nature and both in and out with the EU.
If you are seeking travel outside the EU you should be aware that Businesses outside the EU may not be GDPR compliant and that given the size of the clients we work with they are unlikely to be giving an express consent to be GDPR compliant. We will endeavour to ensure that they have a compliant data protection policy.
- Data retention
The Business will retain your personal data only for as long as is necessary for the purpose we collect it. Different laws may also require us to keep different data for different periods of time. At present our retention policy is to retain the data for six years which is in line with tax legislation to keep auditable accounting records for HMRC in the UK.
- Your rights
Please be aware that you have the following data protection rights:
- The right to be informed about the personal data the Business processes on you;
- The right of access to the personal data the Business processes on you;
- The right to rectification of your personal data;
- The right to erasure of your personal data in certain circumstances;
- The right to restrict processing of your personal data;
- The right to data portability in certain circumstances;
- The right not to be subjected to automated decision making and profiling; and
- The right to withdraw consent at any time.
If you believe that any of your data that the Business processes is incorrect or incomplete, please contact us using the details above and we will take reasonable steps to check its accuracy and correct it where necessary.
You can also contact us using the above details if you want us to restrict the type or amount of data we process for you, access your personal data or exercise any of the other rights listed above.
- Complaints or queries
If you wish to complain about this privacy notice or any of the procedures set out in it please contact the Data Protection Officer. The ICO is the body that governs data protection in the UK.