Privacy is a very important issue for everyone, and is a subject we handle as a priority. Looking after the personal data you share with us is extremely important. Trust, respect and fairness have always been values that are integral to the Riviera River Cruises business and how we operate. This document outlines how we collect and use your personal data, so you can be confident it’s safe and secure with us, and to understand how we use it to give you a better customer experience.
We have tried to keep this notice as easy to read as possible, but if you are unfamiliar with the terms used you will find some explanations in the Key Terms document in the appendix. If you have any questions about this policy you can contact us at:
Riviera River Cruises
New Manor, 328 Wetmore Road
Burton-on-Trent, DE14 1SP
England, UK
The data controller is Riviera Tours Ltd trading as Riviera River Cruises (referred to in this notice as “we” or “us”) of New Manor, 328 Wetmore Road, Burton-on-Trent, DE14 1SP, England, UK. We comply with the Data Protection Act 2018, the General Data Protection regulation 2016/679 and all relative European Union and Member State data protection legislation in force and as amended or replaced from time to time including, the Privacy and Electronic Communications (EC Directive) Regulations 2003 (PECR).
Our privacy notice explains:
• What types of personal data we collect, and why.
• How we use personal data provided to us.
• How we protect and ensure personal data is handled securely.
• When and how we share personal data within our company and with other organisations.
• The rights and choices you have in regard to your personal data.
When you register for any of our services, request information, buy our products online or by telephone or, in a limited way, browse our websites, we will collect and store your information as required:
When you contact us or we contact you or you take part in competitions, surveys or questionnaires about our services, we collect:
Other sources of personal data we use
Personal data you provide about other individuals
To provide the products and services you request
We need to process your personal data so that we can provide you with services that you have requested from us such as to provide you with the products and services you want, such as brochures and to manage your booking. If you do not provide us with your personal data, this is likely to affect our ability to provide these services to you.
To manage and improve our products, services and day-to-day operations
We use personal data to manage and improve our products, websites, mobile apps, operations and other services.
We use personal data to respond to and to manage security operations, accidents or other similar incidents, including medical and insurance purposes.
We use personal data to carry out market research and internal research and development, and to develop and improve our product range, services, IT systems, security, know-how and the way we communicate with you.
We use CCTV images to help maintain the safety of anyone working in or visiting our premises, and for the prevention, detection and prosecution of criminal offences. We will rely on the images to establish, exercise or defend our legal rights.
To personalise your experience
We want to ensure that communications relating to our products and services, including our marketing information and that of our partners, including online advertising, are relevant to you.
To do this, we use your personal data, preferences, previous transactions and browsing behaviour to better understand you, and to try to predict what other products, services and information you might find the most relevant and interesting.
We measure your responses to marketing communications relating to products and services we offer, which enables us to offer products and services that better meet the needs of our customers.
If you do not want to receive a personalised service from us, you can change your preference by email, over the phone or in writing at any time. We will update our records as soon as we can. Please contact us at:
Data Protection Lead
Riviera River Cruises
1515 Black Rock Turnpike
Fairfield, CT 06825
To make contact and interact with you
In the event you contact us, for example by email, post, telephone or via social media, we use personal data to provide clarification or assistance to you.
We process your personal data so that we can manage any competitions you choose to enter. For example, if you win a prize.
From time to time we invite our loyal customers to take part in surveys, questionnaires and other market research activities carried out by us or by other organisations on our behalf and we will process your personal data in order to improve the service we provide to you.
We combine the personal data we collect across different sources, digital and offline, in order to provide you with relevant service and marketing communications (including online advertising relevant to your interests).
With your permission, we will send you relevant information from time to time about our products and services, such as new product launches. This includes our email newsletter. We will also keep you informed by post by using our legitimate business interest.
We will not sell your data to 3rd parties and it would only be with your permission that we pass your details to our partners, including media publishers who will be named, so that they can send you information on their products and services. We will only do this if you agree to receive these marketing communications from those named partners.
When you request a brochure, book or create an account with us we will ask if you would like to receive marketing communications. You can change your contact preferences at any time by email, phone, in writing or by clicking the unsubscribe link that you will find on all our emails. This is entirely your choice but this will prevent you from receiving content or marketing information that we hope is of interest to you. You may still receive service-related communications from us that provide important information about the use of our products and service, e.g., booking confirmations.
So that we can improve our products and services, we like to hear your views, so from time to time we will contact you for market research purposes. You always have the choice about whether to take part in our market research.
To change your contact preferences please contact us at:
Data Protection Lead
Riviera River Cruises
1515 Black Rock Turnpike
Fairfield, CT 06825
We will only carry out international data transfers of your personal data to a country outside the EEA where the recipient is compliant with EU data protection legislation and the means of transfer provides adequate safeguards in relation to your data, for example:
We may also undertake a transfer:
With suppliers and partners
In order to provide products or services requested by you we share personal data with suppliers of your travel arrangements, including airlines, hotels and transport companies.
We use Easyjet as one of our airline suppliers. Easyjet’s group booking facility is used to reserve flights for specific departures. While each customer will be provided with individual boarding passes as part of your travel documentation, the information contained on boarding passes for all clients on the same departure will be accessible for view via Easyjet’s website using the booking reference provided by all customers on that group booking, this includes your full name and passport number.
We also work with carefully selected suppliers that carry out certain functions on our behalf. For example, companies that help us with IT services, storing and combining data, marketing, market research, processing payments and delivering products and services.
When we share personal data with other reputable service providers it is conducted under contractual agreements where we require them to keep it safe, and we do not allow them to use your personal data for their own purposes including marketing.
We only share the minimum personal data that enable our suppliers and partners to provide their services to you and us.
On occasion, we need to share personal data to establish, exercise or defend our legal rights; this includes providing personal data to others for the purposes of preventing fraud and reducing credit risk.
In the event that we enter into negotiations to sell or transfer any of our businesses or any of our rights or obligations under any agreement we have with you we will share your personal data with that organisation as necessary. If the transfer or sale goes ahead, the organisation receiving your personal data can use your data in the same way as us.
With regulatory authorities
So that you can travel, it is sometimes mandatory (as required by government authorities at the point(s) of departure and/or destination) to disclose and process your personal data for immigration, border control, security and anti-terrorism purposes, or any other purposes which they determine appropriate.
Some countries will only permit travel if your advance passenger data is provided. These requirements differ depending on your destination and you are advised to check. Even if not mandatory, we assist where appropriate.
We may share the minimum personal data necessary with other public authorities if the law says we must, or we are legally allowed to do so.
We take our responsibility to protect and manage your personal data very seriously. We take appropriate security measures to protect your personal data from accidental or unlawful destruction, loss, alteration, unauthorised disclosure, unauthorised access when it is being transmitted, stored or otherwise processed.
Where you have been provided or chosen usernames and passwords for restricted areas of the websites, e.g. My Booking areas, you are responsible for keeping this information confidential.
Where applicable, and to fulfil the requirements of your vacation, we need to share your data with companies situated outside the European Economic Area (EEA). Your personal data will be securely transferred within our group or to one of our reputable service providers who store and process this information outside the European Economic Area (EEA). Only the minimal amount of personal data required for a processing activity will be transferred and we can assure you that we have taken all appropriate steps to ensure your data is handled securely. We have appropriate agreements in place with our suppliers.
We will retain your personal data for as long as it is necessary for the uses set out in this privacy notice and no longer than 12 years, and/or to meet legal and regulatory requirements. After this period, we will securely erase personal data or take appropriate measures to anonymise it, if data is needed after this period for analytical, historical or other legitimate business purposes.
Cookies are small text files that are stored on your computer or mobile device. They can’t harm your computer and don’t store personally identifiable information such as credit card details but help us to provide features and functionality on our websites and mobile apps that we use to improve your customer experience. Please see our cookie notice for further information.
When you visit our website, we use a third party service, Google Analytics, to collect information and details of user browsing patterns and habits. We do this to monitor visits to various areas of our website.
We also use this software to assign a unique Google Analytics ID to each user to provide a more personalised experience on our website. This software enables us to link your IP address to your browsing on our website and to tailor your browsing experience. Please see Google’s privacy policy for further information on Google Analytics.
Our websites or mobile apps contain links to websites operated by other organisations. They will have their own privacy notices so please make sure you read their privacy notice carefully before providing any personal data as we do not accept any responsibility or liability for websites of other organisations.
Our websites or mobile apps contain social media features such as Trip Advisor, Facebook and Twitter that have their own privacy notices. Please make sure you read their privacy notices carefully before providing any personal data as we do not accept any responsibility or liability for these features.
Where Riviera Travel processes your personal data on the basis of consent which has been provided by you, you have the right to withdraw that consent at any time.
You have a right to ask for a copy of the personal data we hold about you, and the right for data to be rectified or erased. You can write to us asking for a free copy of the personal data we hold about you, including any details you think will help us to identify and locate your personal data. Where further copies are requested we may charge a reasonable fee based on administrative costs.
We want to ensure personal data held is accurate and up to date. If any of the details we hold are incorrect, please let us know. We will update or erase your data, unless we have to keep it for legitimate business or legal purposes.
You can also object to the processing of your personal data, as well as the right, where technically feasible, to ask for personal data you provided to be transmitted to another organisation.
If you would like to make a request, please email or write to:
Data Protection Lead
Riviera River Cruises
1515 Black Rock Turnpike
Fairfield, CT 06825
You can also contact the Data Protection Lead if you have a complaint about how we collect, store or use your personal data. We aim to resolve complaints but if you are dissatisfied with our response, you may complain to the local data protection authority. In the UK, this would be the Information Commissioner’s Office, contactable via Information Commissioner’s House, Wycliffe House, Water Lane, Wilmslow SK9 5AF; 0303 123 1113; or https://ico.org.uk/concerns/
For your security, we can ask you to verify your identity before we can act on your request or complaint.
Where you have entered into a contract with us, failure to provide personal data may mean that we are unable to properly implement the contract and that you are unable to exercise certain contractual rights.
We will only collect and use your personal data if at least one of the following conditions applies:
Where we need to process special categories of personal data, for example health data for medical reasons, we will only do so if one or more additional conditions apply. E.g.:
This notice replaces all previous versions. We may update the notice at any time so please check it regularly for any changes. If the changes are significant, we will provide a prominent notice including, if we believe it is appropriate, email notification of privacy notice changes.
Here is a list of key terms relating to privacy notices and privacy regulation.
Updated: November 2018