Powder Blue Holidays Limited (PBHL) are committed to protecting and respecting your privacy.
This policy, together with our terms & conditions and any other documents referred to in either document, sets out some information about the personal data that we collect from you and how we will process it. Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it.
For the purpose of the Data Protection Act 1998, the General Data Protection Regulation, and any replacement or amending legislation of that legislation (altogether referred to as the “Legislation”), the data controller is Powder Blue Holidays Limited, a company registered in England and Wales under company number 06613318, with its registered office at c/o Landin Wilcock & Co, 68 Queen Street, Sheffield S1 1WR.
If you have any questions or comments on the information contained in this document, please contact us using the contact details given in section 7 below.
1. PERSONAL DATA WE COLLECT FROM YOU
Over the course of your interaction with us via our websites (www.goskimeribel.com) and (www.meribelsummers.com) (together referred to as the “sites”), we will collect and process the following categories of data about you:
(a)Personal data you give us. This is data about you that you give us by filling in forms on the sites or by entering a competition or prize draw (whether via the sites or otherwise). This will be:
You can access and alter the personal data that you give us in this way at any time via the links given on any emails that we may send or on the functionalities available on the sites.
We do not require, and you should not send to us, special categories of (sensitive) personal data, such data being that which reveals sensitive information about you, such as your racial or ethnic origin, your political or religious beliefs, your health or other special categories of personal data. Any such sensitive personal data that we receive will be disposed of as soon as it is discovered.
(b)Personal data we collect about you. This is data that we collect automatically about your visit during your time on the sites, or otherwise through your interaction with us and the sites.This data helps us to provide you with a good experience when you browse the sites, including more targeted advertising on the sites, and also to indicate where the sites might require improvement.It involves technical information, such as:
We collect this personal data using small data files called “cookies”.
Personal data we receive from other sources. This is data that we receive about you from third parties, such as business partners & dedicated ski travel agencies.
Our business partners that may send us personal data about you include:
2. USES MADE OF PERSONAL DATA
All personal data about you that we collect or receive, whether of a personal or technical nature, will be used by us in any one or more of the following ways:
Your data will only be accessed and used by our staff, who are appropriately trained in how to handle personal data correctly and securely.Only those staff involved in sales and marketing, quality control and customer service or bookings will be granted such access, which shall be limited to that which is strictly necessary for the purposes of that role.
3. LAWFUL BASIS FOR USE
Under the Legislation, we can only process personal data where there is a lawful basis for doing so.These bases are set out in the Legislation.Of relevance to the processing identified in section 2 above are the following:
4. DISCLOSURE OF YOUR PERSONAL DATA
Pursuant to one of the lawful bases set out in section 3 above, we may share your personal data as follows:
In such circumstances, we will only share the minimum personal data necessary to achieve the purpose and only on terms that ensure the security and confidentiality of that data, and which comply with the Legislation generally.
Save for as set out above, we will not disclose any of your personal data to third parties without your consent, except that we may:
All third parties to whom we may disclose personal data are legally and contractually obliged to comply with the Legislation, to keep that personal data confidential and only to use it as we may direct.
Some of the disclosures mentioned in this section 4 may involve transferring part of your personal data outside of the European Economic Area.We will seek your consent to such transfers only if the transfer is not:
subject to contractual clauses that impose obligations at least equivalent to those contained in the Legislation.
5. WHERE WE STORE YOUR PERSONAL DATA
Most personal data that we collect is disclosed to specific third parties (see section 4 above for more detail on this).Once disclosed, the personal data is securely deleted from our servers, but these third parties may retain your data for a period of time - please view their respective privacy policies for more information on this.
Personal data that we do not disclose is securely stored on our servers only for as long as required - e.g. if the data was collected as part of a competition, for as long as that competition is open and then until prize is claimed or expires.After this time, the data is securely deleted from our servers.
We take appropriate technical and organisational measures in accordance with standard practice within the industry to protect your personal data while it is on our servers, including (without limitation) the following measures:
Where we have given you (or where you have chosen) a password which enables you to access certain parts of the site, you are responsible for keeping this password confidential.We ask you not to share your password with anyone.
Unfortunately, the transmission of information via the internet can never be completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to the site at all times, and any transmission is at your own risk. Once we have received your data, we will use strict procedures and security features to try to prevent unauthorised access.
Should we, or one of our processors, suffer a data breach (i.e. unauthorised access to, or loss or corruption of, personal data), and that data breach is likely to result in a high risk of harm to your rights and freedoms, we will inform you and/or the Information Commissioner’s Office without delay, and in any event within 72 hours of becoming aware of it..
6. YOUR RIGHTS
You have the following rights under the Legislation in respect of your personal data - please contact us or see the website of the Information Commissioner’s Office (https://ico.org.uk) for more information on any of these rights and how they apply to your personal data:
Should you wish to exercise any of these rights, you may do so at any time by writing to us at the address given in section 7 below. We will endeavour to respond to you as quickly as possible, and in any event within one month.
If you feel that your rights have been breached in any way, you should contact the Customer Service Team using the contact details given below, or lodge an official complaint with the Information Commissioner’s Office.
The sites may contain links to and from the websites of third parties, which may or may not be affiliated with us.If you follow a link to any of these websites, please note that these websites will have their own privacy policies and that we do not accept any responsibility or liability for personal data collected and processed by these third parties.You should check the privacy policies of these websites before you submit any personal data via them.