Magnetic North Travel Ltd adheres to and complies with the guidelines and laws developed by the European Union, specifically the principles laid out by GDPR.
PERSONAL DATA DISCLOSURE
Magnetic North Travel collects personal data to provide you with the best possible customer service, internal record keeping and quality management. All staff members are associated with the processing of personal and confidential data.
Submitting personal information is always voluntary and you will always be aware when you do so. We collect your personal data when you:
- contact us via the phone
- submit an enquiry on the website form
- use our online chat
- decide to sign up for our online newsletter
- message us on social media
- email our business email
- submit feedback on our website, social media
Personal data that may be collected in the process includes:
- Your name
- Home address
- Personal details of fellow travellers
- Booking details e.g. proposed travel dates, login codes for our travel app
- Contact details
- Any other information you send to us to complete a booking or change the itinerary
We share your personal data with our suppliers as necessary to complete any transaction or provide any product you paid for. This may include arrival times, dietary requirements, names of passengers and your name as it appears on your passport.
When we do ask you to enter personal information that information is encrypted and is protected with the best encryption software in the industry, SSL (Secure Sockets Layer). The site employs SSL via a digital certificate, issued by RapidSSL.
Transferral of data outside the EEA
Sometimes it may become necessary to transfer your data to a country outside the UK and European Economic Area (EEA) to complete your booking. By submitting a request to travel to a country whose privacy regulations are not subject to GDPR you agree to a data transfer to this country.
If you approach Magnetic North Travel on behalf of another company we will keep a record of the information provided to us. If a person joins or leaves the company we expect the employer to update or change the personal details provided.
Your payment information will not be stored. It is processed by our payment provider WorldPay who will automatically delete your payment information once the payment has been processed. We do not keep any internal records of your payment information should you ask us to enter the payment information via the phone. We will always ask you to re-enter your payment information if you wish to amend your booking.
Customers/users younger than 16
Customers aged 16 or under require a written permission from their parent or guardian before providing Magnetic North Travel with personal information via the phone, website or social media. If no permission has been given customers or users younger than 16 are not allowed to provide us with personal information.
THIRD PARTY DATA DISCLOSURE
When you visit our website we collect small amounts of data to monitor the way website visitors engage with our website.
Information retrieved from cookies includes browsers, devices and pages visited. We use traffic log cookies to identify which pages are being used. This helps us analyse data about webpage traffic and improve our website in order to tailor it to customer needs. We only use this information for statistical analysis purposes and then the data is removed from the system.
We also track IP-addresses in order to provide a better website experience based on the country you are based in e.g. our American and Canadian customer see a landing page providing them with the best number to call.
Overall, cookies help us provide you with a better website by enabling us to monitor which pages you find useful and which you do not. A cookie in no way gives us access to your computer or any information about you, other than the data you choose to share with us.
You can choose to accept or decline cookies. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. This may prevent you from taking full advantage of the website. We will store data allowing us to analyse website usage over time for 38 months. After that, the data will automatically be deleted.
We use small pieces of code provided by Facebook to monitor the way our website is being used. We may then decide to advertise products you might be interested in, we will not know who visited our website or whether the advert appeared on your Instagram or Facebook newsfeed. The information Facebook collects is not identifiable to us which means that we do not hold any personal information identifying you as a person. The use of Facebook cookies also helps us limit the number of times you will see the advertising.
Social media plugins
On some pages on our website you can visit our social media channels by clicking on the respective icons. You will then be directed to the social media network where their terms and conditions apply.
Social media messages
You may contact us on our social media channels including Facebook, Twitter and Instagram. Your message will be shared with the relevant department if required and will be stored by the respective network.
If you like to learn more about the way Facebook, Instagram, Twitter or Pinterest processes your data we recommend reading their terms of service.
THE SECURITY OF YOUR PERSONAL DATA
Keeping your data safe is important to us. For this reason, we have put security systems and procedures in place designed to safeguard your personal information. We also work with trusted third parties, who may host some personal data. You can find the parties we work with below. We will never share your personal information with non-affiliated third parties.
Digital Tools and storage
- People who submit an enquiry form on the website
If you contact us on the website the data will be transferred to our online booking system TourCMS.
- People who use our live chat
We use a GDPR-compliant third party supplier, ZenDesk to handle client requests in real-time. If you use the LiveChat service we will collect your name, email address (optional) and a record of your LiveChat session. This information will be retained for two years will not be shared with any other organisations.
- People who contact us on the phone
If you do contact us via the phone we store your phone number using Gradwell our phone system provider. Occasionally, we will request your phone number over the phone and add it to our booking system.
Read more about Gradwell's privacy and data security policy here.
- Our travel app
If you decide to book with us you will receive a unique login code to the Magnetic North Travel app. The app stores vouchers, tickets and day-to-day itineraries and lead passenger names.
- People who signed up to our newsletter
We use a third party GDPR-compliant newsletter provider, MailChimp, to send newsletters to those who proactively agreed to join our mailing list.
- Our web developer
Your web information is also accessible to our web developing company 18a who occasionally conducts work on the front and backend of our website.
- Breach notice
We will notify you within 72h after becoming aware of a breach of your data. This also applies to breaches occurring with a companies we are collaborating with to process your booking or store your data.
ACCESSING YOUR PERSONAL DATA
Under the GDPR guidelines coming into effect 25.5.2018 Magnetic North Travel has the duty to provide access to the personal data the company stores for various reasons.
There are a number of ways which allow you to access, change, restrict or delete the data Magnetic North Travel stores. If you like us to take any of the above listed actions you can submit an individual request following the instructions below. Your request will be processed within 30 calendar days. Please note that for each of the requests listed below we need to verify your identity. The 30 day processing period will only begin once sufficient proof of identity has been provided.
Your right to privacy as outlined in this policy is non-transferrable. We do not accept requests from other individuals or third parties. The verification of identity has to be made by the individual whose data should be accessed, changed, restricted or deleted.
The right to rectify your personal data
If you like us to correct or update the data we may store you are welcome to contact us at firstname.lastname@example.org. We will change or delete the data where appropriate.
The right to restrict data processing
Users and clients are entitled to restrict the processing of their personal data. If you like us to stop processing the information submitted you can email email@example.com. You can follow up with a request to rectify or erase your data. Please note, that we are unable to issue tickets or proceed with the booking during the data restriction period. You’ll be notified if there are any legal reasons that may override the request to restrict the processing of your data.
The right to be forgotten
25.5.2018 users and clients are entitled to the erasure of their personal data, unless we are required to store the information for legal reasons. To be erased from our records please contact firstname.lastname@example.org, we will then confirm the erasure of your personal data within the next 30 days by sending you a confirmation. The 30 day period commences once the identity of the person sending the request has been verified.
Bookings and travel records are held for seven years after travel to comply with UK regulations. If your have travelled with us we are required to store booking data, instead of erasing your booking data we will anonymise it instead.
Access to your personal data
If you would like to learn more about ways in which we store your personal data you can contact us at email@example.com.
If you like to request personal information we store, you can get in touch with us at firstname.lastname@example.org. Please quote 'Subject to Access Request' in the email you send. You may also post the request to West Wing, The Lodge, Friars Well Business Centre, North Drive, Wartnaby, Leicestershire, LE14 3HQ, United Kingdom. Once Magnetic North Travel has verified your identity the company will send an electronic copy of the data to you.
If you agree, Magnetic North Travel can handle the request informally and can pass on the information via the phone or email.
If the company does hold information about you, we will:
- give you a description of it;
- tell you why we are holding it;
- tell you who it could be disclosed to; and
- let you have a copy of the information in an intelligible form
- Requesting access to your personal data is free of charge. In the case of excessively repetitive requests we reserve the right to charge for the service.
We reserve the right to change this policy at any given time and recommend to regularly check this page. Updates posted on this policy take effect immediately.
-Last updated May 2018