1. Policy statement
We have a legal duty to protect any personal data that we collect from you as a “controller” of that personal data under the data protection legislation. Merlin Travel Group safeguards your personal data and maintains security standards to prevent any unauthorised access.
2. What do we use your information for?
We require to collect your personal data when you register on our website or offline, place an order, respond to a survey, fill out a form or contact us. Any of the personal data we collect from you is processed by us as necessary for the purposes of delivering travel agent services under our contract with you or for taking steps to enter into a contract with you to deliver travel agent services.
In order to do this, we may use your personal data in the following ways:
To fulfil your booking, including: processing your booking; sending you a booking confirmation; assessing your needs to determine suitable products of services; sending you requested product or service information; sending you product updates or warranty information; administering your account; to notify you of any changes to your booking or our services; to allow us to consider your comments, questions and suggestions and respond, if necessary; and to enable or facilitate the exercise of our rights under our website terms and conditions and booking terms and conditions.
We will also process your personal data in pursuit of our legitimate interests to improve and promote our services:to administer competitions, promotions or surveys that you have entered, and notify you if you won; to personalize your experience (your information helps us to better respond to your individual needs), including displaying content based upon your interests; where you have given permission for a location-based service through your browser or App: displaying content based upon your location; checking you in to a store or other location to enable you to earn loyalty rewards or let know where you are; providing you with local search results; providing you with special local offers enabling designated to track your location mapping routes and provide directions to locations that you specify; enabling you to share your location with friends to improve our website (we continually strive to improve our website offerings based on the information and feedback we receive from you); to improve customer service (your information helps us to more effectively respond to your customer service requests and support needs), including by conducting research and analysis; and to display advertising on our website / App or manage our advertising on other websites / Apps with our ad network partner who uses technologies to collect non-personally identifiable information about your activities on this website / App and other websites / Apps to provide you targeted advertising based upon your interests.
We may also be required to process your personal data to comply with our legal obligations under Protected Trust Services membership / ATOL membership.
Failure to provide your personal data when making a booking will mean that we will not be able to process your booking.
3. What information do we collect?
We may collect the following personal data from you through our website / App: contact information, such as name, email address, mailing address, phone number; billing information, such as credit card number and billing address; usage activity, about how you interact with us such as purchase history, what content you viewed, and which areas of our website / App you visited; device information, such as your IP address, browser type, referring / exit pages, operating system, mobile device ID, device type, cookies and mobile service carrier; location-based data, where permitted by you through your browser [such as information about the wi-fi routers closest to you and the mobile phone IDs of the towers closest to you]; information about your business, such as company name, company size and business type; and demographic information, such as household income, age, education, gender, interests and post code. However, you may visit our website anonymously by changing the settings on your browser.
4. Do we disclose any information to outside parties?
Acting as a travel agent, we will pass your personal data onto any third party tour operator / travel company as necessary to complete your booking.
Your personal data may be accessed by or given to our staff, contractors and agents who assist us or act on our behalf: to operate our website / App, conduct our business as a travel agent, including delivering services to you; to protect the rights, property and safety of Merlin Travel Group, our customers or others, including for the purposes of fraud protection and credit risk reduction, or responding to a government request; in the event that we sell or buy any business or assets, in which case, we may disclose personal data held about our customers to the prospective seller or buyer of such business or assets in respect of a merger, acquisition, or sale of all or a portion of Merlin Travel Group’s assets, in which case personal data held about our customers will be one of the transferred assets; or as required by law to comply with any legal obligation or in order to enforce or apply our website terms and conditions, service agreement or other agreement.
Your personal data, whether public or private, will not be sold, exchanged, transferred, or given to any other company for any reason whatsoever, without your consent, other than for the express purpose of delivering the purchased product or service requested.
Your personal data is held on our computer records and paper records in the [UK / EU].
Your personal data may be transferred outside of the EU for the purpose of providing you with the travel products you are booking, depending on the supplier whom you are booking with.
5. How do we protect your information?
The security of your personal data is important to us. We implement a variety of security measures to maintain the safety of your personal data when you make a booking or enter, submit, or access your personal data. We offer the use of a secure server. All supplied commercially sensitive / credit information is transmitted via Secure Socket Layer (SSL) technology and then encrypted into our database only to be accessed by those authorised with special access rights to our systems who are required to keep the information confidential.
We follow generally accepted industry standards to protect your personal data, both during transmission and once we receive it, against unauthorised or unlawful processing and accidental loss, destruction or damage. Unfortunately, the transmission of information via the internet is not completely secure. Although we take reasonable endeavours to protect your personal data, we cannot guarantee the security of your personal data transmitted through our website / App, any transmission is at your own risk.
6. How long do we keep your information?
We will retain your information for as long as your account is active or as needed to provide you services. If you wish to cancel your account or request that we no longer use your information to provide you services contact us at www.merlintravelgroup.com.
We will retain and use your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.
7. Third party links
Any views or opinions along with special offers and promotions on external websites / Apps may not represent the product offering / opinion or special offers at Merlin Travel Group or its associated brands.
8. Social Networks
We may enable you to access one of our social media pages or groups, and share information such as messages, photos, and videos with others within our network and through our website. We cannot control the actions of others with whom you may choose to share your pages and information. Also, we cannot guarantee that the content you post on our website / App will not be viewed by others outside your network.
9. Other Information
Our social media pages an groups offer publicly accessible blogs and community forums. You should be aware that any information you provide in these areas may be read, collected, and used by others who access them. To request removal of your personal data from our blog or community forum, contact us at firstname.lastname@example.org.
In some cases, we may not be able to remove your personal data, in which case we will let you know if we are unable to do so.
10. Your rights
You have the following rights under the data protection legislation in relation to your personal data held by us:
the right to request access to your personal data held by us; where any of the personal data we hold about you is inaccurate or incomplete, the right to request that such personal data is rectified; the right to request that we erase your personal data (subject to conditions); and the right to restrict and / or object to the processing your personal data by us in certain circumstances.
If you wish to exercise any of the above rights, please contact us on email@example.com providing details of your request.
If you are dissatisfied with our data processing activities, you have the right to complain to the Information Commissioner’s Office at www.ico.org.uk
12. Terms and conditions
Please also view our Website Terms and Conditions section establishing the use, disclaimers, and limitations of liability governing the use of our website.
This policy was last modified on 14 October 2019
This data protection policy is for this website; [MerlinTravelGroup.com] and is served by Merlin Travel Group Ltd of Merlin House, Mossland Road, Glasgow, G52 4XZ, and governs the privacy of its users who choose to use it. It explains how we comply with the GDPR (General Data Protection Regulation), the DPA (Data Protection Act) [pre GDPR enforcement] and the PECR (Privacy and Electronic Communications Regulations).
Further explanations may be provided for specific pages or features of this website in order to help you understand how we, this website and its third parties (if any) interact with you and your computer / device in order to serve it to you. Our contact information is provided if you have any questions.
The DPA & GDPR May 2018
We and this website complies to the DPA (Data Protection Act 1998) and already complies to the GDPR (General Data Protection Regulation) which came into affect from May 2018.
We will update this policy accordingly after the completion of the UK’s exit from the European Union.
What are cookies?
Cookies are small files saved to the user’s computers hard drive that track, save and store information about the user’s interactions and usage of the website. This allows the website, through its server to provide the users with a tailored experience within this website.
Users are advised that if they wish to deny the use and saving of cookies from this website on to their computers hard drive they should take necessary steps within their web browsers security settings to block all cookies from this website and its external serving vendors or use the cookie control system if available upon their first visit.
Website Visitor Tracking
This website uses tracking software to monitor its visitors to better understand how they use it. The software will save a cookie to your computers hard drive in order to track and monitor your engagement and usage of the website, but will not store, save or collect personal information.
Adverts and Sponsored Links
Downloads & Media Files
Any downloadable documents, files or media made available on this website are provided to users at their own risk. While all precautions have been undertaken to ensure only genuine downloads are available users are advised to verify their authenticity using third party anti virus software or similar applications.
We accept no responsibility for third party downloads and downloads provided by external third party websites and advise users to verify their authenticity using third party anti virus software or similar applications.
Contact & Communication With Us
Users contacting this us through this website do so at their own discretion and provide any such personal details requested at their own risk. Your personal information is kept private and stored securely until a time it is no longer required or has no use. Where we have clearly stated and made you aware of the fact, and where you have given your express permission, we may use your details to send you products/services information through a mailing list system. This is done in accordance with the regulations named in ‘The policy’ above.
Email Mailing List & Marketing Messages
We operate an email mailing list program, used to inform subscribers about products, services and/or news we supply/publish. Users can subscribe through an online automated process where they have given their explicit permission. Subscriber personal details are collected, processed, managed and stored in accordance with the regulations named in ‘The policy’ above.
Subscribers can unsubscribe at any time through an automated online service, or if not available, other means as detailed in the footer of sent marketing messages. The type and content of marketing messages subscribers receive, and if it may contain third party content, is clearly outlined at the point of subscription.
Email marketing messages may contain tracking beacons / tracked clickable links or similar server technologies in order to track subscriber activity within email marketing messages. Where used, such marketing messages may record a range of subscriber data relating to engagement, geographic, demographics and already stored subscriber data.
External Website Links & Third Parties
Although we only look to include quality, safe and relevant external links, users are advised to adopt a policy of caution before clicking any external web links mentioned throughout this website. (External links are clickable text / banner / image links to other websites.)
Shortened URL’s; URL shortening is a technique used on the web to shorten URL’s (Uniform Resource Locators) to something substantially shorter. This technique is especially used in social media and users should take caution before clicking on shortened URL links and verify their authenticity before proceeding. We cannot guarantee or verify the contents of any externally linked website despite our best efforts. Users should therefore note they click on external links at their own risk and we cannot be held liable for any damages or implications caused by visiting any external links mentioned.
Social Media Policy & Usage
We adopt a Social Media Policy to ensure our business and our staff conduct themselves accordingly online. While we may have official profiles on social media platforms users are advised to verify authenticity of such profiles before engaging with, or sharing information with such profiles. We will never ask for user passwords or personal details on social media platforms. Users are advised to conduct themselves appropriately when engaging with us on social media.
There may be instances where our website features social sharing buttons, which help share web content directly from web pages to the respective social media platforms. You use social sharing buttons at your own discretion and accept that doing so may publish content to your social media profile feed or page. You can find further information about some social media privacy and usage policies in the resources section below.