PRIVACY POLICY – CONSENSIO HOLIDAYS LIMITED

Introduction

Consensio Holidays Limited (referred to as Consensio or we or our or us) is a company registered in England under number 07008912 whose registered office address is located at 9 Reece Mews, South Kensington, London SW7 3HE.

Privacy is extremely important to Consensio.  We will never misuse or sell your data to anyone and will always ensure any data we hold is stored securely.

The aim of this privacy policy is to let you know what personal information we collect from you when you use our website, communicate with us by email or telephone, book holidays with us, or apply for a job with us.  It describes how we store and use your personal information and how you can access and manage this information. Your personal information (also called ‘personal data’) is the information which identifies you as an individual that we get from you and others in various ways.  This privacy policy only covers consensiochalets.co.uk website, other websites (such as those of our partners) accessible via links are not covered by this policy.  If you access any of these sites, please check the privacy policy applicable to these sites before you subject any of your personal information to them.

Consensio is the data controller for the purposes of the European General Data Protection Regulation (GDPR) and data protection legislation from time to time in force and is responsible for your personal data.

Types of personal information collected by Consensio

We will collect personal information that you provide to us when contacting us via our website, completing a booking form, filling out response cards, subscribing to mailing lists, entering competitions, participating in market research, when applying for jobs with us and when contacting us both on and offline.

The type of information we might collect from you includes:

  • Name, address, contact information including phone and email.

If you apply for a job with us (for example sending us your CV or application form or completing an application via a job board) the personal data contained in your application will be collected by Consensio and will be processed for the purposes of managing Consensio’s recruitment related activities, which include setting up and conducting interviews and tests for applicants, evaluating and assessing the results, and as is otherwise needed in the recruitment and hiring processes. We may also keep records of references received from third parties and of any other communication or correspondence between you and us.

We will automatically collect some information when you use our website, access our marketing information or contact us by email or phone including:

  • Browsing, purchase and search history.
  • We may also use software tools such as Google Analytics to measure and collect session information, length of visits to certain pages, repeat visits and page interaction information (such as clicks and mouse movements).
  • The domain and IP address that your computer uses to connect to the internet; your computer, browser, operating system, internet connection, referral information, search terms and other standard information collected by default by tools such as Google Analytics.
  • Telephone information including phone numbers, call duration and on occasional call recordings that we use for training and quality control.

We may collect information from third party sources which we may add to our account information – for example, we update address information using data from the Royal Mail “Change of Address” File, which we may use to correct our records.

In addition, if you ‘like’ our page on Facebook or ‘follow’ us on Twitter we will receive your personal information from those sites.  If you were referred to us by a third party such as an agent or another supplier – they may share personal information about you with us.

How do we use your personal information?

We will only use your personal data when the law allows us to. Our legal basis for the processing of personal data is our legitimate business interests, described in more detail below, although we will also rely on contract, legal obligation and consent for specific uses of data.

We will rely on contract if we are negotiating or have entered into an agreement with you or your organisation or any other contract to provide services to you or receive services from you or your organisation.

We will rely on legal obligation if we are legally required to hold information about you to fulfil our legal obligations – for example, we are legally required to hold passport information of all individuals staying in Consensio chalets and to confirm your right to work where you are offered employment with Consensio.

We will in some circumstances rely on consent for particular uses of your data and you will be asked for your express consent if legally required.

With respect to marketing, if you have previously engaged with us for the provision of services and we are marketing other related services we will take your consent as given unless or until you opt out. For other types of e-marketing if you have previously registered with us to receive Consensio marketing then we will continue to send marketing materials to you.  You have the right to opt out of receiving marketing materials from us in any circumstances and at any time by contacting us on.

Please note that where we need to collect personal data by law, or under the terms of a contract we have with you and you fail to provide that data when requested, we may not be able to perform the contract we have or are trying to enter into with you. In this case, we may have to cancel a product or service you have with us.

Our Legitimate Business Interests

As a luxury chalet operator and organiser of luxury holidays, we are exercising a legitimate interest in collecting and retaining the personal data of our clients and suppliers so that we can organise your holiday and provide you with the services promised.  We also have a legitimate business interest in sending relevant and useful information about our chalet offering and services to clients and potential clients in order to develop our products and services and grow our business.

With respect to managing our recruitment process, we have a legitimate business interest in solicitation, evaluation, and selection of applicants for employment.

Cookies on our website

A cookie is a small text file that is stored on your computer or another device when you visit a website. They are very widely used in order to make websites function properly, or more efficiently, as well as provide information to the owners of the site. Cookies allow web applications to respond to you as an individual. The web application can tailor its operations to your needs, likes and dislikes by gathering and remembering information about your preferences. Overall, cookies help us provide you with a better website, by enabling us to monitor which pages people find useful. A cookie in no way gives us access to your computer or any personal information about you, other than the data you choose to share with us.

Consensio uses cookies to collect information about your usage of our website. This helps us to give you the best possible user experience. Users may opt out of Google’s use of cookies by visiting the Google advertising settings page. By using the Consensio website, you will be asked to consent to the use of cookies. If you do not consent to the use of cookies, please ensure that your browser or computer/device is set to reject or prompt before accepting third-party cookies. This may prevent you from taking full advantage of the website.

Making sure your personal data is secure

It is important to be aware that unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to us over the internet and any transmission is at your own risk.

Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.  All information you provide to us is stored on secure servers in the UK. We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions.

We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.

We may disclose your personal information to any member of our group, which means our subsidiary companies and operational office in France.  Whenever we transfer your personal data out of the EEA, we ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented:

  • We will only transfer your personal data to countries that have been deemed to provide an adequate level of protection for personal data by the European Commission.
  • We may use specific contracts approved by the European Commission which give personal data the same protection it has in Europe.
  • We will ask for your consent.

Please contact our Data Protection Representative (DPR) (contact details below) if you want further information on the specific mechanism used by us when transferring your personal data out of the EEA.

Service Providers: We may disclose your personal data to third party companies and individuals we engage including to:

  • Delivery companies such as the couriers, Royal Mail, City Link and their affiliates – we will only pass on information that is required in order to fulfil the booking or enquiry, such as name and address to delivery companies and name and passport information to airlines.
  • Ski guides/schools, private jet/helicopter companies, nannies and transfer companies.
  • Our professional advisors including lawyers, bankers, accountants, auditors and our insurers.
  • Facilitate our site and services.
  • Provide certain functions on our behalf in connection with the operation of our business.
  • Perform site-related services.

Establishing or defending legal claims: sometimes it may be necessary for us to process personal data and, where appropriate and in accordance with local laws and requirements, special category personal data in connection with exercising or defending legal claims.  This may arise for example where we need to take legal advice in relation to legal proceedings or are required by law to preserve or disclose certain information as part of the legal process.

Business Re-Organisations: we may need to disclose your personal data to third parties if we choose to sell, transfer, or merge parts of our business or our assets. Alternatively, we may seek to acquire other businesses or merge with them. If a change happens to our business, then the new owners may use your personal data in the same way as set out in this Privacy Policy.

We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.

Compatible with the GDPR we will endeavour to keep your information accurate and up to date, and not keep it for longer than is necessary.  Consensio is required to retain information in accordance with the law, such as information needed for income tax and audit purposes. How long certain kinds of personal data should be kept may also be governed by specific business-sector requirements and agreed practices. Personal data may be held in addition to these periods depending on individual business needs.  For details please contact the Data Protection Representative.

Under the GDPR you have the right to:

  • Request correction of the personal information that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected.
  • Request erasure of your personal information. This enables you to ask us to delete or remove personal information where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal information where you have exercised your right to object to processing (see below).
  • Object to processing of your personal information where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground. You also have the right to object where we are processing your personal information for direct marketing purposes. To stop receiving marketing communications from us or change your preferences please contact us on sales@consensiochaletsco.uk.
  • Request the restriction of processing of your personal information. This enables you to ask us to suspend the processing of personal information about you, for example, if you want us to establish its accuracy or the reason for processing it.
  • Request the transfer of your personal information to another party in certain formats, if practicable.
  • Withdraw consent to processing at any time where we are relying on consent to process your personal data. However, this will not affect the lawfulness of any processing carried out before you withdraw your consent. If you withdraw your consent, we may not be able to provide certain products or services to you. We will advise you if this is the case at the time you withdraw your consent.
  • Make a complaint to a supervisory body which in the United Kingdom is the Information Commissioner’s Office. The ICO can be contacted through this link: https://ico.org.uk/concerns/

If you wish to exercise any of the rights set out above, please contact the DPR at [email address].

  • You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances.
  • We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.
  • We try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.

Changes to this Privacy Policy and your duty to inform us of changes

This version was last updated on [insert date that you load this to website].  Any changes we make to our Privacy Policy in the future will be posted on this page. Please check back frequently to see any updates or changes to our Privacy Policy.

It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your relationship with us.

Contact Us

We have appointed a DPR who is responsible for overseeing questions in relation to this Privacy Policy.  If you have any questions about this Privacy Policy, including any requests to exercise your legal rights (detailed below) please contact:

Name: Ceri Tinley

Email: ceri@consensiochalets.co.uk

Phone: +44 (0) 20 3393 0833

This is a unique website which will require a more modern browser to work!

Please upgrade today!