1. Introduction
1.1 We are The Unusual Tourist Limited, incorporated in England and Wales with company number 11140493 and registered address at 4 Timbercroft Close, Four Marks, Alton, Hampshire, GU34 5BB England. This Policy sets out how we will process and handle personal data that you provide to us. You can contact us at [email protected]
1.2 We reserve the right to update this Policy from time to time at our discretion. If we do so, and we have your email address, we shall contact you. Otherwise, the updated version will be effective as soon as it is accessible. You are responsible for regularly reviewing this Policy so that you are aware of any changes to it.
1.3 We are the data controller of the personal data that you provide to us.
2. Collecting Your Data
2.1 We need to collect your personal data when you make a booking, we will collect your name, email address, geographical address and payment details. All personal data that you provide to us must be true, complete and accurate.
2.2 If you provide the personal data of any one else on the booking, you agree that you have obtained their consent to do so.
2.3 We shall also collect any personal data you choose to provide us if you otherwise contact us. We may keep a record of any conversation that we hav
3. Data we automatically collect
3.1 When you use our website, we, or third parties on our behalf, do not collect nor store information about your device and your activities. We do not use cookies, we do not track your behaviour on the website nor do we collect any personal identification. Our website tracking is non-invasive and respects your privacy.
3.2 The only cookies that we may use are set by CloudFlare. They are strictly necessary cookies that serve to ensure the security of the website.
4. Use of your personal data
4.1 We will process your personal data to perform any contract we have entered into with you, including in particular to provide you with an Event, notify you of any changes or requirements of the Event, deal with your queries in relation to an Event and manage any refunds payable.
4.2 We may also use your personal data for our legitimate interests, including dealing with any customer services you require, enforcing our terms and conditions, for regulatory and legal purposes (for example anti-money laundering and fraud prevention purposes), for audit purposes and to contact you about changes to this Policy.
5. Who do we share your data with?
5.1 For our legitimate interests, we may share your personal data with any service providers, sub-contractors and agents that we may appoint to perform functions on our behalf and in accordance with our instructions, including payment providers, IT service providers, accountants, auditors and lawyers. We shall provide our service providers, sub-contractors and agents only with such of your personal data as they need to provide the service for us and if we stop using their services, we shall request that they delete your personal data. In particular, we shall ask any service provider involved in the Event to delete your personal data when the Event is complete.
5.2 In order to comply with our legal obligations, under certain circumstances we may have to disclose your personal data under applicable laws and/or regulations, for example, as part of anti-money laundering processes or protect a third party’s rights, property, or safety.
5.3 For our legitimate interests, we may also share your personal data in connection with, or during negotiations of, any merger, sale of assets, consolidation or restructuring, financing, or acquisition of all or a portion of our business by or into another company.
6. Where we hold and process your personal data
6.1 Given the nature of our business, some or all of your personal data may be stored or transferred outside of the European Economic Area (the EEA) for any reason, including for example, if our email server is located in a country outside the EEA or if any of our service providers are based outside of the EEA. You are deemed to accept and agree to this by using the system and submitting information to us.
6.2 If we do store or transfer your personal data outside the EEA, we will take all reasonable steps to ensure that your data is treated as safely and securely as it would be within the EEA and under applicable data protection laws.
7. Security
7.1 We shall process your personal data in a manner that ensures appropriate security of the personal data, including protection against unauthorized or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organizational measures. However, no system can be completely secure. Therefore, although we take steps to secure your information, we do not promise that your personal data that you provide to us will always remain secure.
7.2 We use a third-party web application firewall from Cloudflare to help maintain the security and performance of our website. The service checks that traffic to the site is behaving as would be expected. The service will block traffic that is not using the site as expected. To provide this service, Cloudflare processes site visitors’ IP addresses.
7.3 We shall process your personal data in a manner that ensures appropriate security of the personal data, including protection against unauthorized or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organizational measures. All information you provide to us is stored on our secure servers.
7.4 However, you acknowledge that no system can be completely secure. Therefore, although we take these steps to secure your personal data, we do not promise that your personal data will always remain completely secure.
8. Your rights and retention of personal data
8.1 You have the right to obtain from us a copy of the personal data that we hold for you, and to require us to correct errors in the personal data that we process for you if it is inaccurate, incomplete or out of date. You also have the right at any time to require that we delete your personal data and to withdraw your consent to receive marketing materials from us. To exercise these rights, or any other rights you may have under applicable laws, please contact us.
8.2 Please note, we reserve the right to charge an administrative fee if your request is manifestly unfounded or excessive.
8.3 If you have any complaints in relation to this Policy or otherwise in relation to our processing of your personal data, please contact us, or you can contact the Information Commissioner, see www.ico.org.uk . If you are outside of the UK, you have the right to lodge your complaint with the relevant data protection regulator in your country of residence.
8.4 Our website may contain links to other sites of interest. Once you have used these links to leave our website, you should note that we do not have any control over that other website. Therefore, we cannot be responsible for the protection and privacy of any information that you provide whilst visiting such sites and such sites are not governed by this Policy.
8.5 We retain your personal data in accordance with applicable laws. Therefore, if you register with us, we shall retain your personal data until you close your account except where we are required to retain your personal data for longer to comply with accounting and taxation requirements. If you receive marketing communications from us, we shall retain your personal data until you opt out of receiving such communications. If you have otherwise contacted us with a question or comment, we shall retain your personal data for 6 months following such contact to respond to any further queries you might have.
9. General
9.1 If any provision of this Policy is held by a court of competent jurisdiction to be invalid or unenforceable, then such provision shall be construed, as nearly as possible, to reflect the intentions of the parties and all other provisions shall remain in full force and effect.
9.2. This Policy shall be governed by and construed in accordance with the law of England and Wales.