- The personal information we collect about you
- What we do with your information
- Who your information might be shared with
Information which we may collect and when do we collect it
We collect personal information about you when you register with us, book with us, contact us or when you submit a response to an online questionnaire on our website. We may collect the following personal information:
- Full name
- Postal address
- Email address
- Telephone numbers
- Date of birth
- Dietary requirements, only collected if you make a booking with us
- Disability information, only collected if you make a booking with us
- Special request / room requirements, only collected if you make a booking with us
- Next of kin details, only collected if you make a booking with us
- Payment information, only collected if you make a booking with us
- Insurance details, only collected if you make a booking and don't take out a policy with us
- Passport details, only collected if you make a booking with us
How we use your information
We'll collect your personal information for the following purposes:
- To identify you and manage any accounts you hold with us – we will use your information so we can store customer records that allow us to identify you when you request products and services from us
- To process, manage and deliver your booking – we will use your information to fulfill the services you request or purchase from us. This includes booking your holiday (with appropriate flights, transport, hotel etc) and issuing you with your tickets. We may use this information to provide any suppliers and travel providers who we have agreements with, allowing us to carry out our contract of service with you. When booking with us, some special categories of personal information may be collected such as medical information
- To send you service and support communications – we will use your information to send you any communications relevant to the products and services purchased from us. This may include emails to confirm your booking, customer service emails, and information about any changes to your booking
- To personalise your customer experience - we use your information to provide you with a more personalised service. For example we will tailor our communications to you based on information contained in your account, or we will send you advertising which we think you will be interested in (where we have your consent to do so)
- To conduct research, statistical analysis and behavioural analysis – we may use your information to carry out research about engagement and interaction with our services and products. We may also ask you to participate in customer surveys and customer focus groups occasionally. We also may analyse the information we hold to profile our customer database
- Notify you of any changes to our website or to our services that may affect you – we will notify you of any changes that are relevant to the services and purchases you have with us, for example changes to online account settings, preference captures and policy updates
- Carry out security vetting – we may use your information to ensure the security of our services and ensure we are protecting you and us against fraud, unauthorised or illegal activities, systems testing, maintenance and development
- Improve our product and services, both online and offline – we may record and monitor calls for the purposes of improving our customer service, ensuring quality, for training purposes and for general business purposes
- Resolving complaints and dealing with any disputes – we will use your information to handle and resolve your complaints. We will store records of customer complaints and communications with you for our records
What Do We Do With Your Sensitive Personal Information?
Special categories of personal information, such as any relevant health conditions, disabilities, access requirements and dietary requirements, require higher levels of protection. We need to have further justification for collecting, storing and using this type of personal information. We may use your personal information which falls into a special category in the following ways:
- To allow us to process your booking and provide appropriate assistance to your medical needs/requirements
- To allow us to process any special dietary requirements that are relevant when travelling with us
- To provide you with appropriate travel insurance, where relevant
What is our Legal Basis for using your personal information?
We only use your personal information where that is permitted by laws that protect your privacy rights. We will only use your personal information where:
- We have your consent (if consent is needed)
- We need to use the information for legal purposes
- We need to use the information to perform a contract with you
- It is fair to use the personal information either in our interests or someone else's interests, where there is no disadvantage to you (what is known as a 'legitimate interest') – this can include where it is in our interests to market additional products or services to you
We may use your personal information to send promotional emails about new products, special offers or other information which we think you may find interesting using the email address which you have provided. From time to time, we may also use your information to contact you for market research purposes. We may contact you by email, phone, or mail. We may use the information to customise the website according to your interests.
We will only send you marketing messages where there is a legal basis for us to do so, and you can withdraw your consent or opt out of marketing at any time. To unsubscribe from marketing communications, please click on the unsubscribe link contained in any of our emails. To opt out of postal communications, please contact our customer services team at Customercare@shearings.com. Please see 'The right to ask us to stop contacting you with direct marketing' below for further information.
How long we will keep your personal information
We will only retain your personal data for as long as necessary to fulfill the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.
Our approach to information security
To protect your information, Shearings has policies and procedures in place to make sure that only authorised personnel can access personal information, that personal information is handled and stored in a secure and sensible manner and all systems that can access personal information have the necessary security measures in place. To accomplish this, all employees, contractors and sub-contractors have roles and responsibilities defined in those policies and procedures.
To make sure all employees, contractors and subcontractors understand these responsibilities they are provided with the necessary training and resources they need. In addition to these operational measures, we also use a range of technologies and security systems to reinforce the policies.
To make sure that these measures are suitable, vulnerability tests are run regularly. Audits to identify areas of weakness and non-compliance are routinely scheduled. Additionally, all areas of the organisation are constantly monitored and measured to identify problems and issues before they arise.
Transfers of your information out of the EEA
We may need to transfer your personal information to third parties (such as relevant airlines, hotels, tour companies) which are located outside the European Economic Area, for the purpose of fulfilling your booking and related services with us. For example, to allow us to organise elements of your holiday including transfers, flights, insurance etc. We shall ensure that any such transfers are lawful by putting in place appropriate contractual undertakings, and that your personal information is kept secure in accordance with data protection legislation. For more information on how we do this please contact our data protection officer at email@example.com.
In order to process any of the requests listed below, we may need to verify your identity for your security. In such cases your response will be necessary for you to exercise this right.
- The right to access information we hold about you, at any point you can contact us to request the information we hold about you as well as why we have that information, who has access to the information and where we got the information. Once we have received your request we will respond within 30 days
- The right to correct and update the information we hold about you' if the data we hold about you is out of date, incomplete or incorrect, you can inform us and we will ensure that it is updated
- The right to have your information erased, if you feel that we should no longer be using your data or that we are illegally using your data, you can request that we erase the data we hold. When we receive your request, we will confirm whether the data has been deleted or tell you the reason why it cannot be deleted
- The right to object to processing of your data, you have the right to request that Shearings stops processing your data. Upon receiving the request, we will contact you to tell you if we are able to comply or if we have legitimate grounds to continue. If data is no longer processed, we may continue to hold your data to comply with your other rights
- The right to data portability, you have the right to request that we transfer your data to another controller. Once we have received your request, we will comply where it is feasible to do so
Sharing your information
Where necessary to fulfil our obligations to you, Shearings Limited may pass your details to third parties where this is necessary for the functioning of our product. These third parties include:
- Members of the Shearings Leisure Group – including Shearings Hotels Limited, National Holidays, UK Breakaways, Caledonian Travel and Wallace Arnold Travel Shops
- Prospective buyers of our business or assets
- Our travel partners and suppliers - such as airlines, airports, hoteliers, insurance companies and ground handling agents so that they can provide you with the arrangements and assistance you require
- Amazon Web Services - all of your personal information will be stored in a secure central database in the “cloud” (on Amazon AWS virtual servers) and transmitted securely across networks. This information will be accessible only to those who are authorised to view it. For any one user, this will include administrators working for Shearings, and it may also include one or more administrators who work for the company which employs the end user and who has been pre-authorised to access the data. This means that users who have the permissions will be able to see the information you have provided such as your personal details and records of any existing medical conditions
- Fulfillment & Distribution Houses - we work with a number of companies who help fulfill our direct mailing and distribution requirements, who may have access to some of your personal data to enable them to fulfill their responsibilities they have with us
- External data management and development companies - we work with a number of external development and systems companies to operate our business and perform services related to the contracts we enter into with you
- Card payment facilitators – we work with selected card payment facilitators who help us process customer payments and assist us in detecting and preventing fraudulent payments or bookings
- Trusted suppliers who assist us in our data processing activities, such as our refer-a-friend programme partner, Mention Me and our email marketing platform Pure360.
When contacted with an enquiry, Shearings will hold the name and contact details for the purposes of handling the enquiry. The online forms are subject to the same cookies and tracking as the rest of the website (see the above section “Cookies and Tracking” for more information). Calls made to us may be recorded to protect the interests of all parties. Call records are deleted after 18 months unless needed for ongoing actions.
Right to Complain
You can make a complaint to us by contacting us via email to firstname.lastname@example.org or to the data protection supervisory authority – in the UK, this is the Information Commissioner's Office, at https://ico.org.uk/.
Data Protection Officer
Wigan Pier Business Park