Great Rail Journeys Ltd understands and respects the importance of your privacy and we are committed to safeguarding your personal information. In providing our services to you, we must collect personal information from you and this policy outlines how we treat your personal data after it has been collected by any of our channels which include our website, call centre and any future digital services or channels as they evolve.
WHAT INFORMATION WILL WE COLLECT?
We may collect all or some of the following information relating to you or other members of your party:
- names and contact/address details including telephone number and email address;
- credit/ debit card or other payment details (including card number, cardholder name, expiry date);
- special requirements such as those relating to any disability or medical condition which may affect the chosen arrangements;
- dietary restrictions (which may disclose your religious beliefs).
You are responsible for ensuring that other members of your party are aware of the content of this Policy and consent to your acting on their behalf in all your dealings with us.
Some of the information we collect (such as about health or religion) may be considered "sensitive personal data" under the Data Protection Act 1998. We collect it to cater to your needs or act in your interest, and we are only prepared to accept sensitive personal data from you on the condition that we have your positive consent. We will seek this consent when necessary.
Where is my personal information stored?
Any and all information you provide to us will be stored in secure databases at our secured offices, and prohibited from unauthorised viewing and usage.
What does Great Rail Journeys do with the information collected?
Great Rail Journeys only receives information about you when you submit such information to us by making a booking or requesting a brochure. We do not collect personal information about you while you are browsing.
Details such as your name, address and credit card details will be collected when you book your holiday with us. We will only disclose your information to external parties (some of whom may be located outside the UK/EEA) in order to complete your booking with us and exercise our responsibilities to you as our customer. It may also be necessary to share your information for associated administration, or seeking professional advice related to your booking.
Great Rail Journeys may use details you have submitted to our site to contact you about your booking.
We may also use the information you have submitted to us to contact you about our offers, which are updated regularly. If you would rather we did not use your information to contact you about offers you can indicate this using the options we have provided. If you would like to receive further offers but have already opted out then please contact us at Great Rail Journeys, Saviour House, 9 St. Saviourgate, York, YO1 8NL.
When you visit our site by selecting a link from another, we may store the name of the site you have navigated from for internal administration purposes.
We may need to disclose your information where required by law, where such a request is made by a legal authority. We may need to disclose our customer list including any personal information relating to you to a third party who acquires or attempts to acquire all or substantially all of the asset/stock in our company or our website. We may also disclose information to organisations who act as "data processors" on our behalf, or to other organisations that perform business functions on our behalf, some of whom are outside the UK/EEA. These functions include administration, providing services (and contacting you where necessary), customer care, business management and operation, re-organisation/structuring/sale of our business (or our group companies), risk assessment, security and crime prevention/detection, research and analysis, marketing, monitoring, measuring and assessing customer purchasing preferences and trends, dispute resolution, credit checking and debt collection.
Any communication you have with Great Rail Journeys may be recorded for the purposes of training and monitoring.
We have taken all reasonable steps to have appropriate security measures in place to protect your information. Outside the European Economic Area, controls on data protection may not be as wide as the legal requirements in this country. The transmission of information via the internet is never completely secure. We exclude our liability for personal data lost in transmission to the website.
WHAT CAN I DO?
If you do not agree to our use of the information as set out above, you should inform us as soon as possible by writing to us at Great Rail Journeys, Saviour House, 9 St. Saviourgate, York, YO1 8NL or by email at email@example.com.
In accordance with the Data Protection Act 1998, you may ask us in writing for a copy of the information we hold about you (for which we may charge an administration fee) and to correct any inaccuracies in your information. We aim to respond to you within 21 days from the date of request. You can also choose not to provide us with some of the information we request, however as a result we may not be able to complete your arrangements.
What is a cookie?
Cookies are files sent to your Internet browser that are stored on your computer. Cookies identify a computer browsing a website, not an individual.
Cookies simplify your booking by saving you from resubmitting your information, and help us keep track of a booking between pages. Neither your password nor any other information is stored within a cookie.
To help us improve our website and the services we provide, we conduct trend analysis using information about computers browsing our website. This is not profile-building of individual customers.
For personalised marketing purposes, Great Rail Journeys contacts customers who have submitted their email address. We provide an opt-out with every communication we send to you.
Great Rail Journeys offers a personalised browsing experience while you are visiting our site, by using cookies stored on your computer during previous visits to recommend services you may be interested in.
You may experience advertisements from us when browsing other websites. These are effected by cookies that do not hold personal details and that are based on your browsing during visits to our website.
If you wish to manage, block or remove cookies then your Internet browser will allow you to do so. This may detrimentally affect your browsing experience.
Which cookies does Great Rail Journeys have?
The following are the main cookies we use:
|Microsoft Atlas||MUID||Contains a GUID that identifies a specific browser/machine||Each user visit to Microsoft sites, as well as any third party site that calls into the atdmt domain, if cookie not present||Domains may include: atdmt.com; msn.com; bing.com; live.com; Microsoft.com||2 years - reset every visit|
|Microsoft Atlas||ANON||Also referred to as ANID. Contains a GUID that identifies users have a Live ID||On every WLID logon, if it does not yet exist||Domains may include: atdmt.com; msn.com; bing.com; live.com; Microsoft.com||2 years - reset every logon|
|Microsoft Atlas||NAP||Contains an encrypted version of the user's country, zip code, age, gender, language and occupation if known based on the Windows Live profile||On every WLID logon, if it does not yet exist||Domains may include: atdmt.com; msn.com; bing.com; live.com; Microsoft.com||2 years - reset every logon|
|Microsoft Atlas||NONCHK||When present, no 302 synchronisation redirection occurs with MUID/ANON/NAP, based on master atdmt.com domain||Set if cookie not present or is expired||Domains may include: atdmt.com; msn.com; bing.com; live.com||72 hours|
|Microsoft Atlas||SRM_**||Each domain retains a copy of the previous MUID cookie prior to every cookie sync event, in the case of sync failure. These SRM_ cookies are suffixed with A,B,M,L||Operational usage associated with Microsoft's synchronisation of cookies across its domains||c.atdmt.com; h.atdmt.com; msn.com, bing.com; live.com||2 years|
|Microsoft Atlas||SRA_**||Each domain retains a copy of the previous ANON(ANID) prior to every cookie sync event, in the case of sync failure. These SRA_ cookies are suffixed with A,B,M,L||Operational usage associated with Microsoft's synchronisation of cookies across its domains||c.atdmt.com; h.atdmt.com; msn.com, bing.com; live.com||2 years|
|Microsoft Atlas||TOptOut||Indicates that the user does not want to receive a behaviourally targeted ad from the Microsoft Ad Network||User initiated - upon opt out||All||5 years|
|Microsoft Atlas||AA002||Contains a GUID that is used to identify a browser on a specific computer. Used for load balancing, fraud detection and targeting on behalf of customers||Set if cookie not present or is expired||atdmt.com||2 years|
|Microsoft Atlas||ACH00||Maintains information regarding a user's ad clicks, used for Universal Action Tag Selective Pinging a.k.a. Selective Piggybacking, Timestamp, PublisherID/AdvertiserID. Used by Atlas Media Console only||Used for click count for reporting to determine click attribution||atdmt.com||2 years|
|Microsoft Atlas||ACH01||Maintains information regarding a user's ad clicks, used for Universal Action Tag Selective Pinging a.k.a. Selective Piggybacking, Timestamp, PublisherID/AdvertiserID. Last click: Timestamp, PlacementID, PublisherID, AdvertiserID||Used for click count for reporting to determine click attribution||atdmt.com||2 years|
|Google Analytics||_utma||These cookies are used to collect information about how visitors use our site. We use the information to compile reports and to help us improve the site. The cookies collect information in an anonymous form, including the number of visitors to the site, where visitors have come to the site from and the pages they visited||This cookie is typically written to the browser upon the first visit to your site from that web browser. If the cookie has been deleted by the browser operator, and the browser subsequently visits your site, a new _utma cookie is written with a different unique ID. This cookie is used to determine unique visitors to your site and it is updated with each page view. Additionally, this cookie is provided with a unique ID that Google Analytics uses to ensure both the validity and accessibility of the cookie as an extra security measure||.||2 years from set/update|
|Google Analytics||_utmb||These cookies are used to collect information about how visitors use our site. We use the information to compile reports and to help us improve the site. The cookies collect information in an anonymous form, including the number of visitors to the site, where visitors have come to the site from and the pages they visited||This cookie is used to establish and continue a user session with your site. When a user views a page on your site, the Google Analytics code attempts to update this cookie. If it does not find the cookie, a new one is written and a new session is established. Each time a user visits a different page on your site, this cookie is updated to expire in 30 minutes, thus continuing a single session for as long as user activity continues within 30-minute intervals. This cookie expires when a user pauses on a page on your site for longer than 30 minutes||.||30 minutes from set/update|
|Google Analytics||_utmz||These cookies are used to collect information about how visitors use our site. We use the information to compile reports and to help us improve the site. The cookies collect information in an anonymous form, including the number of visitors to the site, where visitors have come to the site from and the pages they visited||This cookie stores the type of referral used by the visitor to reach your site, whether via a direct method, a referring link, a website search, or a campaign such as an ad or an email link. It is used to calculate search engine traffic, ad campaigns and page navigation within your own site. The cookie is updated with each page view to your site||.||6 months from set/update|
To find out more information about cookies, please visit www.allaboutcookies.org.
How will I know if you change this policy?