Privacy Policy

The Purpose of This Privacy Policy

We treat our responsibility to the security of your data seriously. This policy explains what personal data we collect as data controllers, how it’s stored, how it’s used and with who it’s shared. Personal data means information which relates to an identified or an identifiable individual, and a data controller is an organisation which is responsible for deciding what personal data is processed, and how it’s processed.

For information on the personal data processed by us as data processors (on behalf and under the instructions of our customers) in connection with the provision of The Holiday Tracker, please read our article on GDPR and The Holiday Tracker.

Our Contact Details

When we say we, us or our, we mean Burns Software Development Ltd., trading as The Holiday Tracker, whose principal business address is: The Holiday Tracker, Buddle Work Village, Buddle Road, Newcastle, NE4 8AW

If you have any questions about this privacy notice or your personal data, (including complaints and any requests to exercise your data protection rights) please contact us either by:

1. email at info@theholidaytracker.co.uk;
2. phone on 0191 241 3754; or
3. post to the address given above.

What Data We Collect

We may collect, use, store and transfer various types of personal data relating to your identity, contact details, profile, profession, usage of our website and our products and services, and our professional interactions with you.

Types of personal data we may collect	Examples
Identity data	Name; title;
Contact data	Address; email; telephone number;
Profile data	Preferences; feedback and survey responses;
Professional data	Job title; name of business or organisation; professional credentials; professional contact details;
Usage data	Information about your use of our website and The Holiday Tracker;
Financial data	Details of your credit or payment card, billing, invoicing and payments;
Contractual data	Information related to our contractual relationship with you;
Enquiries data	Details of enquiries submitted to us;
IT data	Logins and usernames to The Holiday Tracker portals; encrypted passwords;
Technical data	Internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access this website.

We also collect data on your behaviour as you use our website and The Holiday Tracker. This data allows us to better understand how our customers and their employees use our product. The data we collect is anonymised statistical data and it is impossible to correlate a particular user’s browsing behaviour with the user themselves.

How We Collect Data

We collect most of this information from you direct. However, we may also collect information from other sources.

Type of source	Examples
Your use of our website	when you sign up for the free trial of The Holiday Tracker; when you sign up to our mailing list; submit an online enquiry; subscribe to our blogs; complete a survey; or give us your feedback;
Direct interactions with you	when you first contact us (e.g. by phone or email); when you give us your business card; when you register interest in our products;
From publicly accessible sources	your website; your professional profiles on social media platforms (e.g. LinkedIn, Facebook, Twitter);
Directly from a third party	another organisation or professional who told us that you would like to hear from us;
Automated technologies or interactions	As you interact with our website or The Holiday Tracker, we may automatically collect technical data about your equipment, usage of The Holiday Tracker, browsing actions and patterns. We collect this personal data by using cookies, server logs and other similar technologies.

How and Why We Use the Data

We primarily use the data we collect to provide and to improve our services to you. We also use your email address to send notifications related to actions within The Holiday Tracker - notification of a holiday request, for example.

We may also use email addresses to provide you with information about updates to the service, other services we feel may be of interest to you and any other information we feel is valuable to you as a customer. You can opt out of these emails by using the Unsubscribe link in the email.

We can only use your personal data if we have a proper reason for doing so. For example, because:

• you have given us your consent;

  Generally we do not rely on consent as a legal basis for processing your personal data other than:

  • to place cookies on your device (please see our Cookies Policy for further details); or
  • to send you electronic marketing communication (if you are not our existing client or have not previously enquired about our products).

  Where your permission is required, we will ask you for such consent separately and clearly. You have the right to withdraw consent to marketing at any time by emailing us at info@theholidaytracker.co.uk or using the ‘unsubscribe’ link in our marketing emails. Even if we are not required to obtain your consent for marketing purposes, you can still opt-out of receiving marketing communications at any time, so you are still in control.

• it is necessary for the performance of a contract;

  We will use your personal data if we need to do it to perform our obligations under a contract with you, or if it is necessary for a contract which we are about to enter with you. For example, if we need to:

  • register you as a new Holiday Tracker customer or administer your account;
  • provide our services to you (e.g. technical support in relation The Holiday Tracker); or
  • manage our relationship with you (e.g. to respond to your enquires or to notify you about changes to our products and services).
• it is necessary for our legitimate interests or those of a third party; or

  A legitimate interest is when we have a business or commercial reason to use your information, so long as this is not overridden by your own rights and interests. We rely on our own, and/or or a third party’s legitimate interests, when we process your data for the following purposes:

  • to provide our products and services to, and manage our relationship with our customer or prospective customer whom you represent;
  • to administer and protect our business, The Holiday Tracker, and this website (including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data);
  • to interact with you professionally (e.g. if you represent our client, supplier or business partner);
  • to manage your account and our relationship with you;
  • to manage payments, fees, charges, and to collect debts which you may owe to us;
  • to deal with your enquiry unrelated to a contract which we may have with you;
  • to ask you to leave a review or complete a survey;
  • to send you our updates or other electronic marketing communications;
  • to increase our business or promote our brand through delivering relevant website content and advertisements to you and marketing communication;
  • to measure or understand the effectiveness of the advertising we provide to you;
  • to improve our website, products, services, marketing, and customer relationships and understanding;
  • to conduct web analytics;
  • for the prevention and detection of fraud; or
  • for the establishment, exercise or defence of legal claims.
• we must comply with a legal obligation.

  We may process your personal data to comply with our legal obligation. For example, to:

  • notify you about changes to our terms or privacy policy;
  • address your complaint; or
  • comply with a request from a competent authority.

Third Parties

The Holiday Tracker make use of a limited number of third party services to provide you with the service we make available. These third parties all comply with the Data Protection and the GDPR. Below is a list of the third parties.

Third party	Purpose
Google	Our email is hosted by Google’s G-Suite, so any emails you exchange with our employees, or with our support@theholidaytracker.co.uk email address is stored and processed on Google’s servers. The Holiday Tracker makes use of Google Analytics to better understand how our customers and their employees use our product. Google Analytics collects anonymised statistical data about the use of our website and The Holiday Tracker application. We use Google Analytics to help us identify how users make use of our website and The Holiday Tracker itself. No personal data is passed to Google Analytics and it is impossible to correlate a particular user’s browsing behaviour with any data stored within Google Analytics. Google Analytics simply allows us to view anonymised statistical data about how our users make use of The Holiday Tracker. Google is based in the US and subscribes to the EU-US and Swiss-US Privacy Shield Framework. Transfers of personal data under the Privacy Shield framework are deemed by the European Commission to provide an appropriate level of protection. Google’s Privacy Policy: https://www.google.com/policies/privacy/
Microsoft	The Holiday Tracker application and all data is hosted by Microsoft in it’s UK data centres. We chose Microsoft as their experience and reputation inspire confidence in their ability to keep your data safe and secure. By using their Azure platform, we’re guaranteed that our servers and firewalls are always up to date. Security patches are applied automatically without the need to shutdown or restart the servers hosting The Holiday Tracker. You can read more about their specific standards and procedures, and their approach to GDPR compliance at the links below. https://azure.microsoft.com/en-gb/support/trust-center/ https://www.microsoft.com/en-us/TrustCenter/Privacy/gdpr/default.aspx
SendGrid	Any automated emails sent by The Holiday Tracker, such as holiday request notifications, are sent via our email partner SendGrid, who are based in the US. To ensure the adequate protection of personal data, they have certified to the EU-US and Swiss-US Privacy Shield Framework. More details on this can be found at the links below. https://sendgrid.com/blog/sendgrid-is-privacy-shield-certified/ https://sendgrid.com/resource/general-data-protection-regulation/
Stripe	Credit and debit card payments are handled by our partner Stripe Payments Europe Limited. As with all third parties, we provide them with the minimum amount of data required for them to provide the required service. In Stripe’s case, this is limited to the card payment details you provide on the billing page. In addition, we don’t store your card details ourselves at all, other than the last four digits of your card and the expiry date. Stripe’s parent company are based in the US and in order to process payments, Stripe Payments Europe transfers personal data to Stripe, Inc. in the US. To ensure the adequate protection of personal data, they have certified to the EU-US and Swiss-US Privacy Shield Framework. More details on this can be found at the link below. https://stripe.com/privacy-shield-policy
MailChimp	As a customer you may also be subscribed to our mailing list. We send a monthly newsletter to our mailing list using MailChimp. We only provide MailChimp with names and email addresses in order to facilitate them sending our newsletter. The Rocket Science Group, the company behind Mailchimp, is based in the US and participates in and has certified its compliance with the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework. https://mailchimp.com/legal/privacy/

How We Store Data

The Holiday Tracker application and all data is hosted by Microsoft in its UK data centres. We chose Microsoft as their experience and reputation inspire confidence in their ability to keep your data safe and secure.

We use industry standard SSL encryption to encrypt all data transferred between you and our servers – look for the padlock in your browser. We also employ encryption-at-rest on the data stored on the servers.

Backups of the data are taken every 10 minutes and are retained for two weeks.

How Long We Keep Data

We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for. For example, if you:

• subscribe to our updates, we will hold your data for that purpose until you unsubscribe or otherwise tell us that you no longer wish to receive such communications;
• subscribe to use The Holiday Tracker, we will keep your personal data for six years after the end of our contract with you; or
• enquire about or subscribe to use The Holiday Tracker, we will keep your personal data for marketing purposes for 12 months from when we last heard from you, unless you opt-out from receiving marketing communications.

In some circumstances we may anonymise your personal data (so that it can no longer be associated with you) for research or statistical purposes, in which case we may use this information indefinitely without further notice to you.

Your Data Protection Rights

You have a number of rights in relation to your personal data, which allow you to access and control your information in certain circumstances. You can exercise these rights free of charge, unless your request is manifestly unfounded or excessive (in which case we may charge a reasonable administrative fee or refuse to respond to such request).

Your right	Explanation
Access	This enables you to receive a copy of the personal data we hold about you and to check that we are lawfully processing it.
Rectification	The right to require us to correct any inaccuracies in your personal data.
Erasure (to be forgotten)	The right to require us to delete your personal data in certain situations.
Restriction of processing	The right to require us to restrict processing of your personal data in certain circumstances (e.g. if you contest the accuracy of the data we hold).
Data portability	The right to receive, in certain situations, the personal data you provided to us, in a structured, commonly used and machine-readable format and/or transmit that data to a third party.
To object	The right to object at any time to your personal data being processed for direct marketing (including profiling) or, in certain other situations, to our continued processing of your personal data (e.g. processing carried out for the purpose of our legitimate interests).
Not to be subject to automated individual decision-making	The right not to be subject to a decision based solely on automated processing (including profiling) that produces legal effects concerning you, or similarly significantly affects you.

If you would like to exercise any of those rights, please contact us at info@theholidaytracker.co.uk. Please let us know what right you want to exercise and the information to which your request relates.

We hope that we can resolve any query or concern you may raise about our use of your information. However, if you are not happy with our handling of your complaint, you have a right to lodge a complaint with a supervisory authority, in particular in the European Union (or the European Economic Area) state where you work, normally live or where any alleged infringement of data protection laws has occurred. The supervisory authority in the UK is the Information Commissioner, who may be contacted at https://ico.org.uk/concerns or by telephone on: 0303 123 1113. We would, however, appreciate the chance to deal with your concerns before you approach the Information Commissioner’s Office, so please contact us in the first instance.

Changes to This Privacy Policy

This Privacy Policy is updated from time-to-time. The latest version can always be found at: www.theholidaytracker.co.uk/privacy