Privacy Notice for Norfolk Broads Direct
In this Notice, the use of “we”, “us” and “our” refers to Norfolk Broads Direct Limited, Norfolk Broads Direct Limited is the controller of your personal information and is registered as a Data Controller with the Information Commissioners Office. Our registration number is Z2172715.
Please read this notice in conjunction with our Terms and Conditions of Booking; these are available at TERMS AND CONDITIONS
We collect information about you from several different methods
When you book a holiday directly with us we collect the following personal information to enable us to administer and provide your holiday
We do not record telephone calls.
If you book your holiday via a Booking Agent, the Agent will request the information listed in 1.2. The Booking Agent may also request additional personal information.
Our Booking Agents are
When you book a day craft or river trip with us we will collect and store the following information
The information that you provide us will be used:
We will not send you any marketing information unless you opt in to receive this information.
You can opt-in to receiving marketing information at the time of booking your holiday or by informing the booking office of your request.
You can opt-out of receiving marketing information by contacting us via phone, email or post.
Your personal information is stored within a booking system which has been developed in house, and therefore we act as both data processor and data controller.
In the event of you cancelling your holiday with us, we may request and process sensitive personal information about you or the affected party member (s). this information is only retained for as long as necessary to process the cancellation and this information is then disposed of in a secure manner.
We do not store any payment card information. When booking online you are redirected to Opayo – our payment provider – and they process online payments on our behalf.
Payments taken over the telephone are processed over an https secure link to Opayo and the details are not written down or otherwise recorded on our booking system.
How do we protect your information:
We take all reasonable steps to protect and secure the personal information that we hold.
All communications with our website and booking system are encrypted using Transport Layer Security (TLS). TLS is used to protect and encrypt the connection between your web browser and our website.
We may share your information if we are required by law or to help provide our services to you. This may include sharing certain information with:
Cookies are text files placed onto your computer that are used to collect and retain information about how you interact with our websites, communications and services.
We use cookies in the following ways:
We also use ‘web beacons’ (also known as tracking pixels) to track interaction with our social media pages. This is used on some campaigns we run in order to interact with people on social media. We would use these in cases where a user has clicked on an advert and we wanted to track whether that ‘click’ converted into a booking or potential lead.
We will not keep your personal information for longer than necessary for our business purposes.
As a cruiser or property customer you are entitled to a loyalty discount if you book another holiday directly with us with 2 seasons of your last holiday. For this reason, we will retain your personal information and may contact you about our services during this time if you have not opted out. This personal information is stored electronically on our booking system and will be kept for no more than 6 years of customer inactivity.
Personal information from Broads Tours (day boats and river trips) will be kept for a period of 2 years from the end of the financial year following the date of hire or trip. After this period the information will be removed from our booking system.
Our financial year runs from the 1st April until 31st March.
You have a right to request any personal information that we hold about you. This type of request is known as ‘Subject Access Request’. If you would like a copy of some or all of your personal information that we hold about you, please email or write to us using the contact details at the bottom of this Notice. Unless the request is unfounded and excessive, these will be no charge for this service, and we will respond to your request with 30 days.
We want to ensure that your personal information is up to date. If you feel that any of the personal information that we hold is incorrect or inaccurate, please contact us to rectify this issue.
This Privacy Notice does not apply to any third-party websites that this website links to. You are advised to read any privacy policies that may be applicable to third-party websites.
We keep our Privacy Notice under regular review, and we will place any updates on this page. We will endeavour to make any changes or additions clearly distinguishable, along with showing the date that any changes come into force.
This Privacy Notice was last updated on: 11 Nov 2021.
Please contact us if you have any questions about our Privacy Notice or the information, we hold about you:
If you wish to register a complaint about how we handle your Personal Information, you can contact the Information Commissioners Office who are the Supervisory Authority for Data Protection in the United Kingdom.
