We respect your right to privacy. Our overall aim is to ensure that our collection and use of personal data is appropriate to the provision of services to you and our clients and is in accordance with applicable data protection laws.
Who we are
Forget Me Not WB is the data controller of the personal data that we collect from you.
The personal data we collect about you
If you (either as an individual or as part of a group booking) are seeking to rent Forget Me Not or to obtain details about a potential holiday, we will usually collect the minimum information required to fulfil your needs. This will likely include your name, contact details, payment details, date of birth, details of other members of your party plus information on your specific requirements in order to customise your holiday and deliver your specific requirements.
How we store, use and share your personal data for our business
We collect, store and use your personal details as outlined above for our legitimate business interests, so that we can fulfil both your immediate and any potential future holiday booking or enquiry needs. This storage and use of your personal data allows you to be contacted about both your current booking or enquiry.
How we might otherwise share your personal data and who we share it with
We will disclose information under the following circumstances:
- NHS Track and Trace request
- In some circumstances we need to handle your personal data in a certain way to be able to comply with our legal obligations – for example: if we are requested to disclose your personal data to regulatory bodies or if we need to demonstrate our compliance with applicable law such as any tax and national insurance legislation relating to the payment of personal service company contractors and immigration law.
We employ comprehensive, reasonable and appropriate security measures to protect against the loss, misuse, and alteration of the personal data we process. This includes security (passwords), physical security and IT security (encryption). Please note that no transmission over the Internet can ever be guaranteed secure and as a consequence please note that we cannot guarantee the security of any personal data that you transfer over the Internet to us.
We retain information (including personal data) for the minimum reasonable time period to allow us to provide our services and to comply with legal requirements which require us to retain transactional records for six years following the end of the tax year in which you last interact with us. The only exceptions are in cases where we need to keep limited personal data to resolve ongoing disputes or enforce our agreements.
You have rights in relation to your personal data. If you would like further information in relation to these or would like to exercise any of them, please contact us at firstname.lastname@example.org at any time. You have the right to request that we:
- provide access to any personal data we hold about you;
- update any of your personal data which is out of date or incorrect;
- delete any personal data which we are holding about you;
- restrict the way that we process your personal data;
- prevent the processing of your personal data for direct-marketing purposes;
- provide your personal data to a third-party provider of services;
- provide you with a copy of any personal data which we hold about you; or
- consider any valid objections which you have to our use of your personal data.
We will consider all such requests and provide our response within a reasonable period (and in any event within any time period required by applicable law). Please note, however, that certain personal data may be exempt from such requests in certain circumstances.
If an exception applies, we will tell you this when responding to your request. We may request you provide us with information necessary to confirm your identity before responding to any request you make.