Last updated: January 2024
Our Commitment to Data Protection
coral-snow is committed to complying with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. We take your privacy seriously and are dedicated to protecting your personal information.
Who We Are
coral-snow acts as the data controller for personal information collected through this website and our travel services. Our contact details are:
Address: 47 Manningham Lane, Bradford, BD1 3BN, West Yorkshire
Email: [email protected]
Your Rights Under UK GDPR
The UK GDPR provides you with the following rights regarding your personal data:
Right to Be Informed
You have the right to be informed about how we collect and use your personal data. This information is provided in our Privacy Policy and this GDPR page.
Right of Access
You have the right to request a copy of the personal data we hold about you. This is commonly known as a Subject Access Request (SAR). We will respond to your request within one month.
Right to Rectification
If you believe any personal data we hold about you is inaccurate or incomplete, you have the right to request that we correct it. We will respond within one month.
Right to Erasure
Also known as the "right to be forgotten", you can request that we delete your personal data in certain circumstances, such as:
- When the data is no longer necessary for the purpose it was collected
- When you withdraw consent (where consent was the legal basis for processing)
- When you object to processing and there is no overriding legitimate interest
- When the data has been unlawfully processed
Right to Restrict Processing
You can request that we limit how we use your personal data in certain circumstances, such as:
- While we verify the accuracy of data you have challenged
- When processing is unlawful but you do not want the data erased
- When we no longer need the data but you need it for a legal claim
- While we consider an objection you have made to processing
Right to Data Portability
Where technically feasible, you can request that we transfer your personal data to another organisation or directly to you in a commonly used, machine-readable format.
Right to Object
You have the right to object to processing based on legitimate interests or direct marketing at any time. We will stop processing unless we have compelling legitimate grounds that override your interests.
Rights Related to Automated Decision Making
You have the right not to be subject to decisions based solely on automated processing, including profiling, that have legal or similarly significant effects on you. We do not currently use automated decision-making processes.
How to Exercise Your Rights
To exercise any of your data protection rights, please contact us:
Email: [email protected]
Address: 47 Manningham Lane, Bradford, BD1 3BN, West Yorkshire
When making a request, please provide:
- Your full name and contact details
- A clear description of the information or action you are requesting
- Any relevant details that will help us identify you in our records
We may need to verify your identity before processing your request to ensure we do not disclose personal data to the wrong person.
Response Times
We will respond to your request within one month. In complex cases or where we receive many requests, we may extend this period by up to two additional months. If we need to extend the deadline, we will inform you within the first month.
Fees
In most cases, exercising your rights is free. However, we may charge a reasonable fee if a request is manifestly unfounded or excessive, or if you request additional copies of your data.
Complaints
If you are not satisfied with how we handle your personal data or respond to your requests, you have the right to lodge a complaint with the supervisory authority:
Information Commissioner's Office (ICO)
Wycliffe House, Water Lane
Wilmslow, Cheshire SK9 5AF
Website: ico.org.uk
We would appreciate the opportunity to address your concerns before you contact the ICO. Please reach out to us first so we can try to resolve the issue.
Data Security
We implement appropriate technical and organisational measures to protect personal data against unauthorised or unlawful processing, accidental loss, destruction, or damage. These measures include:
- Secure storage systems with access controls
- Staff training on data protection
- Regular review of our security practices
- Secure transmission of data where appropriate
International Transfers
When you book international travel, we may need to transfer your data to countries outside the UK. We ensure that appropriate safeguards are in place to protect your data, such as standard contractual clauses or transfers to countries with adequate protection levels.
Data Retention
We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, comply with legal obligations, and resolve disputes. Specific retention periods are detailed in our Privacy Policy.
Updates to This Information
We may update this GDPR information from time to time. Any changes will be posted on this page with an updated revision date.