The Data Controller (the organisations responsible for looking after your data) is the partnership Brooklinn Mill Holidays. When we say “we”, “our”, “us”, etc., that’s who we’re talking about.
We are grateful for the trust you place in us to arrange holidays, and to use personal information responsibly. We are committed to protecting your information and we believe you have a right to know how we will use it. This policy sets out the data protection principles we follow.
This policy covers our dealings with customers– people who have booked or are looking for a holiday. Please note that our customers must be over the age of 25 and we do not therefore collect personal information from children.
We will update our Privacy and Cookies Policy as data protection law or business practice changes. You can always find the latest version of this policy on our website, www.brooklinnmill.co.uk This version of the policy is effective from 25 May 2018.
Our Data Protection Officer is Louise Copeland, who may be contacted using our contact form or via post, to Brooklinn Mill Holidays, Brooklinn Mill, Blairgowrie, PH10 6TB, UK.
We generally use your data either on the basis of your consent, or based on a contract between us (e.g. when you book a holiday). You have the right to withdraw your consent. All our marketing communications include an unsubscribe link, to make it easy to withdraw consent.
If you withdraw your consent (e.g. by opting out of marketing communications), we will stop processing your data as requested. Bear in mind if you have a holiday booked and you have not yet travelled, we’ll still need to hold onto your data so we can process the holiday. That’s because the contract between us is the basis for using your data (rather than consent). For more information, see the “Legal basis of processing” section below.
If you are concerned about the processing of your data, please contact our Data Protection Officer (see above). If you are unhappy with our use of your data, you also have the right to make a complaint to the Information Commissioner’s Office, which supervises data protection in the UK.
You have the right to receive a copy of your personal data. You also have the right to request that we correct or remove your data, when there remains no legal basis for keeping it. Please note that when these rights are exercised, we will conduct identification checks in order to ensure your privacy is safeguarded. You will need to contact us using our contact form or post, to exercise these rights.
In order to provide you with the best possible holiday service, we collect the following information:
Through our partnerships, we may receive some of the above information from other companies you use (e.g.Paypal). In such cases, those companies must also inform you about their use of your data.
We use your personal information to:
• Manage your holiday booking
• Understand how to improve our accommodation and services
• Detect and prevent fraud or abuse of our services
• Communicate with you, including for example, responding to your emails, messages on social media, web chat requests, handling customer service matters and so on
• Process your payments
• With your permission, send you relevant marketing information such as details of competitions, special offers and items of news related to Brooklinn Mill Holidays and the local area which we think will be of interest to you
• Manage competitions, promotions and special offers in which you participate
• Make sure our servers and websites are operating correctly
We receive personal information from:
• You, as you provide it to us (e.g. when booking a holiday, leaving a review or enquiring about renting our holiday properties )
• Your use of our website
• Third party holiday providers you may book with, who advertise our properties (e.g. HomeAway, Tripadvisor, Airbnb)
• Your interaction with our marketing activities (provided you have not unsubscribed)
• Third party review services such as TripAdvisor
There are several grounds on which we will store and use your data:
We may provide details of your data and transactions to our technical partners in order for them to assist us in resolve technical issues relating to our website or booking platform should the need arise. These companies are under strict obligations to protect your privacy. Our technical partners are:
We may give some of your contact information to our appointed representatives (for example cleaners or trades people) in the event that we are not here, so they can get in touch about key collection or emergency repairs. We also give you their contact details, for the same reason.should the need arise.
If you permit us to send you marketing information, we may share your data with companies that provide specialist marketing platforms. These companies are under strict obligations to protect your privacy and comply with your marketing preferences. Our marketing partner companies are:
Mailchimp: www.mailchimp.com The Rocket Science Group, LLC675 Ponce de Leon Ave NE, Suite 5000, Atlanta, GA 30308 USA
• 1. We store your data in certain cloud services provided by third parties. Those third parties do not however have access to your data.
• 2. We do not transfer your data outside the UK or the European Union.
Security of your data
We protect your data with various technological measures. We also regularly test and evaluate the security of our systems, updating safeguards as appropriate. Our staff are trained in the importance of security and privacy and we treat breaches of confidentiality and privacy as disciplinary matters.
Payment service providers
In order to ensure your transactions are as secure as possible, we hand over payment card processing to the following suppliers:
• PayPal (Europe) S.à r.l. et Cie, S.C.A. Attention: Legal Department, 22-24 Boulevard Royal L-2449, Luxembourg
Links to other websites
Our website contains links to other websites which we feel may be of interest. However, once you have used these links to leave our site, you should note that we do not have any control over that other website. Therefore, we cannot be responsible for the protection and privacy of any information which you provide whilst visiting such sites and such sites are not governed by this privacy statement. You should exercise caution and look at the privacy statement applicable to the website in question.