When we refer to “you” and “your” in this Policy, we refer to you, any individuals whose personal information we collect, use and disclose.
The website www.storytellertravel.co.uk is operated by Storytellerr Limited and we are a “data controller” for the purposes of the Data Protection Act 1998 and the EU General Data Protection Regulation 2016/679. This means that we are responsible for, and control the processing of, your personal information.
We are committed to ensuring that your privacy is protected. Should we ask you to provide certain information by which you can be identified when using this website, then you can be assured that it will only be used in accordance with this Privacy statement.
We may change this policy from time to time by updating this page. You should check this page from time to time to ensure that you are happy with any changes. This policy is effective from 21 January 2018.
How does Storyteller collect your personal information:
- When you register or use the Storyteller Website
- When you contact Storyteller via email or telephone
- When you enter any prize draws or competitions run by Storyteller
- When you make any applications for volunteering opportunities, paid employment or other purposes with Storyteller
- When completing any surveys that we send you for research and marketing purposes (although you are under no obligation to complete these
- Make a tailored website for you
- Verify your identity
- Prevent crime and fraud and other related purposes
- With your agreement, to contact you electronically about promotional offers of the products and service which we think may interest you
- For promotional and marketing purposes and to tailor and personalise products and services
- To train and manage our team and develop products and services
- For customer insight and market research purposes, which helps us to better understand your needs
- To enable us to manage all customer service interactions with you
- Where we have a legal right or duty to disclose your information (for example in relation to an investigation by a public authority or in a legal dispute)
We use your personal data for electronic marketing purposes and providing updates on products and services which are of interest and relevant to you as an individual.
You have the right to opt out of receiving promotional communications at any time by:
- Changing your marketing preferences via your registered account
- Clicking the “unsubscribe” link at the bottom of our emails
- Contacting us directly via the contact details within this policy
3. Web Advertising
If you visit our websites, you may receive personalised advertisements for our products and services whist using other websites. Any advertisements you will see will relate to products or services you have viewed whilst browsing our website on your computer or other devices, or which we believe are of interest to you.
4. Usage data
We may process data about your use of our website and services (“usage data“). The usage data may include your IP address, location, browser type and version, operating system, referral source, length of visit, page views and website navigation paths, as well as information about the timing and pattern of your service use. This is used to allow us to process and analyse the use of this website.
5. Sharing data with Third Parties
Our service providers and suppliers
To make certain services available to you, we may need to share your personal data with some of our service partners. These include IT, delivery and marketing service providers.
We only allow our service providers to handle your personal data when we have confirmed that they apply appropriate data protection and security controls. We also impose contractual obligations on service providers relating to data protection and security, which means they can only use your data to provide services to us and to you, no other purposes.
Other third parties
Aside from our service providers, we will not disclose your personal data to any other third party, except for those set out below:
- Our selected partners who provide our branded products and services
- Credit reference agencies, banks and payment card issuers (such as Visa, Mastercard and American Express)
- Third party marketing partners such as Google or Facebook (to deliver advertising)
- Government bodies, regulators, law enforcement agencies, courts/tribunals and insurers where we are require to do so
We will never sell or rent our customer data to other organisations for marketing purposes.
6. International transfers
To deliver products and services to you, it may be necessary for us to share your data outside of the European Economic Area (“EEA”). This will occur when service providers are located outside the EEA which are subject to special rules under data protection laws. If this happens, we will ensure that the transfer will be compliant with data protection law and all personal data will be secure. Our practice is to use standard data protection clauses which has been approved the European Commission.
7. How long do we keep data
We will not retain your data for longer than necessary, and the longest we will normally hold any personal data is 6 years.
If you no longer wish for us to hold your information, you can contact us and request that we close your account. However, please note we have a legal requirement to keep some of your personal data even after you have asked us to delete it to ensure we can meet our legal or regulatory requirements, resolve disputes, prevent fraud or enforce our terms & conditions.
8. What type of information we collect:
In addition to personal details such as your name, date of birth, address, email and telephone number, we may also collect some of the following information:
- Job title
- Details of transactions made from us (including billing and shipping address, credit and debit cards/payment details
- Details of your visits to our website
- Details of when you contact Storyteller by email, post or telephone. Please note that we may keep a record of that correspondence
- Demographic information such as age, postcode, preferences and interests
- Other information relevant to customer surveys and/or offers
- Any other information from which we can identify you (or available on public registers)
- Details of your IP address, time zone, your length of visit to our website
- Name, age/date of birth and gender
- Your contact details, postal address including billing and delivery addresses, telephone numbers and email addresses
- Your communication and marketing preferences
- Your interests, preferences, feedback and survey responses
- Your correspondence and communication with us
- Publicly available personal data including information shared on social media platforms such as Twitter, Instagram and Facebook
Our website is not intended for children and we do not knowingly collect data relating to children.
This list is not exhaustive and in specific instances, we may need to collect additional data for purposes set out in this Policy. Some of the above personal data is collected directly, i.e. through online sign ups other personal data is collected indirectly, i.e. when you are browsing this website.
9. How we protect your data
We are committed to keeping your personal data safe and secure. To do this, our security measures include the following:
- Encryption of data
- Regular cyber security assessments of all service providers who may handle your personal data
- Regular scenario planning and crisis management exercises to ensure we are ready to respond to cyber security attacks and data security incidents
- Regular system testing
- Security software to protect our website infrastructure
- Internal policies setting out data security approach and training for employees
We use Secured Socket Layer (“SSL”) software to encrypt the personal information that you provide to us whilst it is in transit over the internet. This will work if your browser is SSL enabled, and you check if this is working by finding the symbol of a closed lock on the bottom bar of your browser and checking that your web address in the browser address bar has changed from “http” to “https”.
No method of transmission over the Internet, or method of electronic storage, is 100% secure, however we will do our best to provide a high level of security. If there is a security breach of your details, we will do our best to correct this, although you agree not to legally pursue Storyteller if any such issue does arise.
How you can help us protect your data
We will never ask you to confirm any bank account or credit details via email, if you receive an email claiming to be from us asking you to do the same, please ignore it and do not respond.
When creating a password, we recommend you use at least 8 characters with a combination of special characters and not using your name/email address or other personal data.
10. Your rights
You have rights relating to your personal information, these are:
- To ask for a copy of personal data that we hold about you (right to access)
- To request that we delete personal data held on you, where we no longer have any legal reason to retain it (right of erasure)
- To ask us to update and correct any out of date or incorrect personal data that we hold about you (right of rectification)
- To opt out of any marketing communications that we may send to you and to object to using/holding your personal data if we have no legitimate reasons to do so, see below (right to object)
- To ask us to restrict processing of data (only in certain circumstances)
- To ask us to supply you with some of the personal data we hold about you in a machine readable format (right to data portability)
- The right to ask us to explain any computer-system decision about you
If you wish to exercise any of the above rights, please contact us using the details below.
11. Legal basis for using data
We are required to set out the legal basis for our processing of personal data.
We collect and use customers’ personal data as it is necessary to:
- Pursuit our legitimate interests
- Purposes of complying with our duties and exercising our rights under a contract for the sale of goods to a customer or
- Complying with our legal obligation
Customers have the right to withdraw consent at any time. Where consent is the only legal basis for processing, we will cease to process data after consent is withdrawn.
12. Our legitimate interests
The usual legal basis for processing customer data is that it is necessary for our legitimate interests, which includes:
- Selling and supplying goods and services to our customers
- Protecting customers, employees and other individuals and maintaining their safety, health and welfare
- Promoting, marketing and advertising our products and services
- Sending promotional communications which are relevant and tailored to individual customers (add the names any loyalty schemes or memberships here)
- Understanding customer behaviours, preferences and needs
- Improving existing products and services and developing new products and services
- Complying with legal and regulatory obligations
- Preventing, investigating and detecting crime, fraud and anti-social behaviour
- Handling customer contacts, queries, complaints and disputes (including refunds)
- Managing any claims made by customers (including legal)
- Respond to you on Social Media, particularly if you are unhappy with a service
- Managing corporate transactions, including selling any parts of the business to third parties
13. Data Protection Officer
Our Data Protection Officer helps us to ensure we protect personal data of our customers and comply with data protection legislation.
If you have questions about this Privacy Statement or your rights, you may contact the Data Protection Officer for us who is Bhavesh Patel and can be reached by email at firstname.lastname@example.org, or by mail 20-22 Wenlock Road, London, N1 7GU.
A cookie is a small file which asks permission to be placed on your computer’s hard drive. Once you agree, the file is added and the cookie helps analyse web traffic or lets you know when you visit a particular site. Cookies allow web applications to respond to you as an individual. The web application can tailor its operations to your needs, likes and dislikes by gathering and remembering information about your preferences.
We use traffic log cookies to identify which pages are being used. This helps us analyse data about web page traffic and improve our website in order to tailor it to customer needs. We only use this information for statistical analysis purposes and then the data is removed from the system.
Overall, cookies help us provide you with a better website, by enabling us to monitor which pages you find useful and which you do not. A cookie in no way gives us access to your computer or any information about you, other than the data you choose to share with us.
You can choose to accept or decline cookies. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. This may prevent you from taking full advantage of the website.
Third Party Cookies
Please note that we do not allow the third party to use the cookies for any purpose other than those listed above.
Several partners advertise on our behalf and affiliate tracking cookies simply allow us to see if our customers have come to the site through one of our partner sites so that we can credit them appropriately and where applicable, allow our affiliate partners to provide any bonus that they may provide you for making a purchase.
Please note that we do not allow any third party to use the cookies for any purpose other than those listed above.
Cookies help us provide you with a better website, by enabling us to monitor which pages you find useful and which you do not. A cookie in no way gives us access to your computer or any information about you, other than the data you choose to share with us.
You can block cookies but please note that may mean you will be unable to access all or parts of our website.
You can opt-out and remove cookies from your PC by using these guides:
- Internet Explorer: https://support.microsoft.com/en-us/kb/278835#/en-us/kb/278835
- Chrome: https://support.google.com/chrome/answer/95647?hl=en
- Safari: https://support.apple.com/kb/PH17191?locale=en_GB
- Firefox: https://support.mozilla.org/en-US/kb/delete-cookies-remove-info-websites-stored
How long do you store cookies for
Cookies can be stored for varying lengths of time on your browser or device. Session cookies are deleted from your computer or device when you close your browser, but Persistent cookies will remain stored on your computer or device until deleted or until they reach their expiry date.
We may update this policy from time to time. If we make significant changes, we will let you know, but please do check regularly this policy to ensure you are aware of the most updated version.
15. Applicable Law
This policy is subject to the law of England and Wales and you must bring any claims against us exclusively in the courts of England and Wales.