Rhodes Advisory (“we”, “us” and “our”) do our very best to protect and respect your privacy. If you make a booking, contact us, or sign up to receive our news and special offers, this policy explains what information we will collect, how we will use it, the conditions under which we may disclose it to others, and how we keep it secure.
This Policy sets out:
1. what personal data we collect about you and how;
2. our lawful basis for using that information and why we use that information;
3. who we may share that information with;
4. where we store that information;
5. your rights under Data Protection laws, and;
6. how long we will retain your information.
For the purpose of Data Protection laws, the data controller is Rhodes Advisory.
Third party websites
Our website may include external links to other websites, which may be operated by third parties. Clicking on these links may allow the collection or sharing of personal data about you in ways which may differ from the terms set out here. We are not responsible for the privacy policies, contents or practices of third party websites, and encourage you to read the privacy policies of every external website you visit from our website.
We reserve the right to revise this policy or any part of it from time to time and will provide you with a new policy notice where any substantial updates are made. We may also notify you through other means, about the processing of your information.
1. What information do we collect about you?1.1 We may process information you have given us by filling in forms on our website www.rhodesadv.com (“our website”) or by corresponding with us by phone, email or otherwise.
1.2 This information may include:
a) your name and address;
b) email address;
c) mobile phone number;
d) payment details;
e) special requirements (such as a disability or medical condition which may affect your enjoyment of the tour, as well as any dietary restrictions).
f) other personal data that may relate to the reason why you are corresponding with us.
1.3 With regard to each of your visits to our site we may automatically collect the following information:
a) technical information, including the Internet protocol (IP) address used to connect your computer to the internet, browser type and version, time zone setting, browser plug-in types, and;
b) information about your visit, including the full Uniform Resource Locators (URL) clickstream to, through and from our site (including date and time); products viewed or searched for; page response times, download errors, lengths of visits to certain pages, page interaction (such as scrolling, clicks and mouse-overs), methods used to browse away from the page and any phone number used to call us.
2. How will we use your personal information?
2.1.1 We will only use your information when it is fair and lawful to do so. Most commonly, we will use your personal information in the following circumstances:
a) where it is necessary for our legitimate interests (or those of a third party) namely providing you with information that you request, contacting you to establish how and if we can assist you and enabling the management of all matters relating to our business, but only where your interests and fundamental rights do not override those interests;
b) where you have given your consent and that consent has not subsequently been withdrawn by you.
2.1.2 We may also use your personal information in the following circumstances, which are likely to be rare:
a) where we need to protect your interests (or someone else’s interests);
b) where we are required to do so by a legal or regulatory obligation;
c) where it is needed in the public interest.
2.2 The information we collect about you may be used in the following ways:
a) if you are enquiring about tour services, or any other services via our enquiry forms, we will use the information that you give us to carry out our obligations to you and to provide you with the information and/or services that you request from us;
b) if you are applying for a position within Rhodes Advisory, we will use your personal information to assess your suitability for the role, to contact you for further information or to invite you to interview;
c) if you otherwise provide personal information to us, we may use this data to carry out our obligations to you and to provide you with the information and/or services that you request from us;
d) to administer our site and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes;
e) for internal training purposes and to improve our service to our clients through listening to phone calls;
f) to improve our site to ensure that content is presented in the most effective manner for you and for your computer;
g) as part of our efforts to ensure the security of our website and services.
3. Who we may share your information with
3.1 We may share your information to third parties where this is reasonably necessary, for the purposes set out in the policy including:
a) suppliers, consultants and sub-contractors for the performance of any contract we enter into with them or you;
b) analytics and search engine providers that assist us in the improvement and optimisation of our site.
3.2 We may disclose your personal information to third parties:
a) if we are under a duty to disclose or share your personal data in order to comply with any legal obligation, or in order to enforce or apply our terms of business and other agreements from time to time; or to protect the rights, property, or safety of Rhodes Advisory, our clients or others. This includes exchanging information with other companies and organisation for the purposes of fraud protection and credit risk reduction.
4. Where we store your data
4.1 We have put in place appropriate security measures to prevent your personal data from being accidentally lost, misused or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties with a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality and where necessary, a non-disclosure agreement.
4.2 We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally obliged to do so.
4.3 We use Google Analytics to collect information about your visit to our site for the purposes outlined above. This information may be transferred and stored outside of the European Economic Area (“EEA”). Where any transfer is made to a country outside of the EEA and the European Commission has not made an adequacy decision in relation to the laws of that country we will ensure that appropriate safeguards are in place prior to any transfer of your data. Those safeguards are likely to consist of either the use of standard data protection clauses adopted or approved by the European Commission or transfer to a US based recipient which is a member of the EU-US Privacy Shield self certification arrangement or an equivalent regime.
5. Your rights under Data Protection law
5.1 Under certain circumstances, the law permits that you have the right to:
a) access your information;
You are entitled to request access to the information we hold about you (known as a ‘data subject access request’). You are entitled to receive a copy of the personal information we hold about you and to check that it is being lawfully processed.
b) correct your information;
If the information we hold for you is incomplete or incorrect, you have the right to request a correction.
c) request erasure;
Where there is no lawful reason for continuing the processing of your personal information, you are able to request the removal or deletion of the personal information.
d) object to processing;
Where the firm relies on legitimate interest for the processing of your personal information, or for the purposes of direct marketing, you have the right to object to the processing.
e) request the restriction of processing;
You are entitled to request for a suspension for the processing of your personal information, for example, if you are awaiting the reasons for the processing of the information or require us to establish its accuracy.
f) transfer your personal information;
You are able to request the transfer of your personal information to another party.
5.2 If you would like to exercise any of the rights outlined above, please contact firstname.lastname@example.org.
5.3 These rights are available to you at no cost; however we may charge a reasonable fee where a request is deemed to be excessive or unfounded. In such circumstances, we may otherwise refuse to comply with the request.
5.4 If you consider that our processing of your personal information infringes the Data Protection laws, you have the right to make a complaint at any time to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues.
6. How long is your personal data retained?
6.1 Personal information that we process for any purposes will be kept for no longer than is necessary for the purposes for which it was collected.
6.3 It is not always possible to specify in advance the length of time your personal information will be retained due to the nature of the services we offer. The retention of your personal data will be determined based on statutory authority, the nature of your relationship with the firm, the nature and sensitivity of the personal information, the purposes for which the information is being processed and whether there are other means to achieve those purposes.
6.4 Personal information may be retained for as long as necessary to comply with our service obligations, or in order to protect yours or another person’s vital interest.