Privacy Policy
This is the privacy notice of Indigo Sails Ltd. In this document, “we”, “our”, or “us” refer to Indigo Sails Ltd.
We are company number 12874376 registered in England and Wales.
Our registered office is at 3rd Floor, 86-90 Paul Street, London EC2A 4NE
1.1. Indigo Sails takes your privacy seriously and will only use your personal data in accordance with the Data Protection Act 2018 as fully described in Schedule [1] to this agreement.
1.2. If any term or provision of this agreement is at any time held by any jurisdiction to be void, invalid or unenforceable, then it shall be treated as changed or reduced, only to the extent minimally necessary to bring it within the laws of that jurisdiction and to prevent it from being void and it shall be binding in that changed or reduced form. Subject to that, each provision shall be interpreted as severable and shall not in any way affect any other of these terms.
1.3. Any obligation in this agreement intended to continue to have effect after termination or completion shall continue.
1.4. No failure or delay by any party to exercise any right, power or remedy will operate as a waiver nor indicate any intention to reduce that or any other right in the future.
1.5. The parties agree that electronic communications satisfy any legal requirement that such communications be in writing.
1.6. In the event of a dispute between the parties to this agreement, then they undertake to attempt to settle the dispute by engaging in good faith with the other in a process of mediation before commencing arbitration or litigation.
1.7. This agreement does not give any right to any third party under the Contracts (Rights of Third Parties) Act 1999 / Contracts (Rights of Third Parties) (Scotland) Act 2017 or otherwise, except that any provision in this agreement which excludes or restricts the liability of the directors, officers, employees, subcontractors, agents and affiliated companies of a party, may be enforced under that Act.
1.8. Any communication to be served on either of the parties by the other shall be delivered by hand or sent by first class post or recorded delivery or by e-mail.
It shall be deemed to have been delivered:
if delivered by hand: on the day of delivery;
if sent by post to the correct address: within 72 hours of posting;
If sent by e-mail to the address from which the receiving party has last sent email: within 24 hours if no notice of non-receipt has been received by the sender.
Schedule 1: Privacy notice
1.9. The validity, construction and performance of this agreement shall be governed by the laws of England and Wales / Scotland / Northern Ireland and the parties agree that any dispute arising from it shall be litigated only in that country.
2.1 The following information constitutes our privacy notice.
2.2 In this Schedule, “we”, “our”, or “us” refers to Indigo Sails and “you”, “your” refers to the lead-named person on the booking details of all persons on whose behalf a booking is made.
2.3 You can contact us by e-mail about privacy at bookings@indigosails.co.uk
Introduction
- This is a notice to inform you of our policy about all information that we record about you. It sets out the conditions under which we may process any information that we collect from you, or that you provide to us.
3.1 We take the protection of your privacy and confidentiality. We understand that you are entitled to know that your personal data will not be used for any purpose unintended by you, and will not accidentally fall into the hands of a third party.
3.2 We undertake to preserve the confidentiality of all information you provide to us, and hope that you reciprocate.
3.3 Except as set out below, we do not use, share or disclose to a third party any information collected under this contract or otherwise.
- Definitions
4.1 In this Schedule, the following words shall have the following meanings:
“Act” | means the Data Protection Act 2018. |
“Data Protection Legislation” | means all or any of: (a) the GDPR, (b) the applied GDPR, (c) the Act, (d) regulations made under the Act (e) regulations made under section 2(2) of the European Communities Act 1972 which relate to the GDPR or the Law Enforcement Directive. |
“the GDPR” | means Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (General Data Protection Regulation). |
“the applied GDPR” | means the GDPR as applied by Chapter 3 of Part 2 of the Act. |
“Law Enforcement Directive” | means Directive (EU) 2016/680 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data by competent authorities for the purposes of the prevention, investigation, detection or prosecution of criminal offences or the execution of criminal penalties, and on the free movement of such data, and repealing Council Framework Decision 2008/977/JHA. |
4.2 “data controller”, “data processor”, “data subjects”, “personal data”, “process”, “processed” and “processing” shall have the meanings respectively, as defined in the Act. Note that “process” and “processing” are defined to include simple events like receiving data into our system, or storing it. Processing is not limited to “doing something with it”.
In this agreement, “personal data”, is limited to data which comes into our hands in some way connected to the terms and conditions of your booking.
- Data Protection
5.1 The obligations described in this Schedule are in addition to our obligations under the Data Protection Legislation.
5.2 Under the Act, we are obliged to inform you what personal data we hold about you, or may hold at some future date. We must tell you how we propose to use that data and give you other information.
- What data we may process in each category
We shall process this basic personal data:
6.1 your name, age, personal address, private email address.
6.2 telephone number
6.3 passport data
6.4 all other information you gave to us.
6.5 all data which comes to the attention of any of our representatives or other staff whom you may contact for any reason.
6.6 financial information processed through the banking system.
6.7 information supplied to us by a third party.
6.8 information relevant to the performance of your contract.
6.9 technical information relating to electronic communication, which is personal information only when associated with the name or identity of the data subject.
- The bases on which we process information about you
7.1 The Data Protection Legislation requires us to determine under which of six defined groups we process different categories of your personal information, and to notify you of the basis for each category. We mention three categories below. The others are not relevant to your contract.
7.2 If a basis on which we process your personal information is no longer relevant, then we shall immediately stop processing your data.
7.3 If the basis changes, then if required by law, we shall notify you of the change and of any new basis under which we have determined that we can continue to process your information.
7.4 Information we process because we have a contractual obligation with you.
7.4.1 When a contract is formed between you and us, in order to carry out our obligations under that contract, we must process personal information.
7.4.2 We use your information in order to provide you with our services under that contract.
7.4.3 We process this information on the basis there is a contract between us, or that you have requested we use the information before we enter into a legal contract.
7.4.4 We shall continue to process this information until the contract between us ends, or is terminated by either party under the terms of the contract.
7.5 Information we process with your consent
7.5.1 Only when you have given us explicit permission to do so, do we process your personal information under the basis of consent.
7.5.2 We continue to process your information on this basis until you withdraw your consent or it can be reasonably assumed that your consent no longer exists.
7.5.3 You may withdraw your consent at any time. However, if you do so, you may not be able to use our services further.
7.6 Information we process because we have a legal obligation
7.6.1 Sometimes, we must process your information in order to comply with a statutory obligation.
7.6.2 For example, we may be required to give information to legal authorities if they so request or if they have the proper authorisation such as a search warrant or court order.
7.6.3 This may include your personal information.
- Specific uses of information you provide to us
8.1 Booking and pre-booking enquiries
8.1.1 We use your personal information to arrange, process and confirm your booking and to answer any pre-booking enquiry you may have. While making your travel arrangements we will need to disclose personal data to the suppliers of the services which are part of your booking.
8.2 Communicating with you
8.2.1 When you contact us, whether by telephone or by e-mail, we collect the data you have given to us in order to reply with the information you need.
8.2.2 We record your request and our reply in order to increase the efficiency of our business.
8.2.3 We keep personally identifiable information associated with your message, such as your name and email address so as to be able to track our communications with you at a later time.
8.3 Dealing with complaints
8.3.1 When we receive a complaint, we record all the information you have given to us.
8.3.2 We use that information to resolve your complaint.
8.3.3 If your complaint reasonably requires us to contact some other person, we may decide to give to that other person some of the information contained in your complaint. We do this as infrequently as possible, but it is a matter for our sole discretion as to whether we do give information, and if we do, what that information is.
8.3.4 If we think your complaint is vexatious or without any basis, we shall not correspond with you about it.
8.3.5 We may compile statistics from information relating to complaints to assess the level of service we provide, but not in a way that could identify you or any other person.
- Management of your information
9.1 Access to your personal information
9.1.1 At any time you may review or update personally identifiable information that we hold about you.
9.1.2 To obtain a copy of the information we hold about you, please contact us at dataprotection@indigosails.co.uk
9.1.3 After receiving the request, we will tell you when we expect to provide you with the information, and whether we require any fee for providing it to you.
9.2 Removal of information
9.2.1 If you wish us to remove personally identifiable information from our record, you should contact us at dataprotection@indigosails.co.uk
9.2.2 If you do so we may have no alternative other than to treat your request as notice to terminate this contract. If that happens, termination will accord with the provisions in this contract.
9.2.3 All provisions in this contract relating to termination, express and implied, will follow.
- Verification of your identity
9.1 When we receive any request to access, edit or delete personal identifiable information we shall first take reasonable steps to verify your identity before granting you access or otherwise taking any action. This is important to safeguard your information.
11. Post termination
11.1 Physical goods of yours, which we necessarily hold as part of our contractual relationship are not personal data and are not affected by the Act.
11.2 We shall not destroy or delete all your data and retain such personal data for six years, for these reasons:
11.2.1 for accounting and taxation purposes;
11.2.2. to provide evidence if required in connection with a legal claim;
11.2.3. for any other reason where the law provides a six years limitation period;
11.3 If any event occurs which requires us lawfully to continue to retain data beyond that period, then we may do so.
