Introduction
This website is operated by Green Tourism (“we”, “us” and “our” below). Green Tourism is a trading name of Green Business UK Limited (Company number SC227139), which is responsible for delivering the Green Tourism programmes which promote greener ways for businesses and organisations to operate.
We are committed to a policy of protecting the rights and privacy of individuals, in accordance with the UK Data Protection Act 201, the General Data Protection Regulation (GDPR) and all other applicable data protection legislation (“the Data Protection Legislation”) This statement sets out our privacy policy and explains what we do with the personal information that we collect from our users. Please read the following to understand our views and practices regarding personal information. If you have any questions or concerns regarding this statement, you should contact us using the details given at the end of this statement.
Please note that this policy applies only to our website and not to the web sites of other organisations to which we may provide links. We are not responsible for the privacy policies or practices of such third-party sites, and you should make your own enquiries in respect of them.
Collection of your information
We will collect personal information if you contact us or make an enquiry. The personal information which you may provide can include your name, work address, mailing address, chosen email for the member profile, company/organisation and current job within the company/organisation.
We may also collect personal information from you when you access the website for auditing usage of the site and for general administration purposes. The information we may collect will comprise some or all of the following: your name, address, telephone and fax numbers, e-mail address, IP address and post code. Your IP address is a unique identifier for your computer but should not be linked to any information from which you are personally identifiable.
We may in some cases collect information about you that may not be personal data. For example, the type of Internet browser you are using, the type of computer operating system you are using, and the domain name of a website from which you linked to our website.
Use of your information
We will use your personal information for membership administration purposes if your company/organisation is, or applies to be a member, in addition, we may also use your personal information for the following purposes:
We also use your personal information to inform you of news we think you would find interesting and any new features and offers. You can opt out of this service at any time using the ‘unsubscribe’ function.
Retaining your personal information
Unless we explain otherwise to you, we’ll hold your personal information based on the following criteria:
Third parties
We may share your personal information with third parties but only in the strictly limited circumstances set out below.
- In certain circumstances we may share your personal information with affiliated companies and service providers who perform functions on our behalf such as our internet service provider. These third parties must at all times provide the same levels of security for your personal information as us and will be bound by a legal agreement to keep your personal information private and secure.
- We may also supply your personal information to government bodies and law enforcement agencies but only: if we are required to do so by the requirements of any applicable law; if in our good faith judgment, such action is reasonably necessary to comply with legal process; to respond to any claims or actions; or to protect our rights or those of our customers and the public.
Security
We are committed to protecting the privacy of your personal data. We use appropriate standards of technology and operational security to protect personal information including a secure server and network firewall connection. Operationally, access to personal information is restricted to authorised personnel who are under a duty to maintain the confidentiality and security of such information.
Internet and Data Storage
The Internet is inherently insecure. Personal information submitted by means of the Internet may be vulnerable to unauthorised access by third parties. Submission of personal information using the Internet is at your own risk. We will take reasonable and appropriate technical measures to ensure that your personal information is stored in a secure manner. However, we shall have no liability for disclosure of data due to errors in transmission or the fraudulent, negligent or other illegal acts of a third party, such as ‘Hacking’. Any transmission of personal information on or through the use of our website is at your own risk
Transmission of Data Overseas
In certain circumstances, we may transfer your personal information to countries outside the United Kingdom or the European Economic Area. This may include circumstances where we use service providers who are based outside the UK/EEA or who use “cloud” infrastructure which means that their servers are based all over the world. Where we transfer your information to companies outside the UK/EEA, we will make sure it’s protected in a manner that is consistent with how your information will be protected by us. This can be done in a number of different ways for instance:
In other circumstances the law may permit us to otherwise transfer your information outside the UK or EEA. In all cases however, we will ensure that any transfer of your information is compliant with the Data Protection Legislation.
Your rights
You have a number of legal rights in relation to the information that we hold about you, including:
(This does not provide an absolute “Right to be forgotten”. Where the personal data in question has been disclosed to a third party, we will inform them about the erasure of the personal data, unless it is impossible or involves disproportionate effort to do so. Personal data will be erased by removal from our internal and cloud servers.)
You can also contact us to exercise your right to request that: -
Many of the rights listed above are limited to certain defined circumstances and we may not be able to comply with your request. We will tell you if this is the case.
If you choose to make a request to us, we will aim to respond to you within one month. We will not charge a fee for dealing with your request.
You also have the right to make a complaint with the Information Commissioner at www.ico.org.uk if you think that any of your rights have been infringed by us.
All requests will be dealt with in your own merit, and in accordance with the Data Protection Legislation guidance.
Should a data breach occur, we have compliant procedures in place to investigate and report the matter to the Individual. In the event of a breach, it will be reported to you within 72 hours of discovery. A record of any breaches will be kept by the company.
You can exercise your rights by contacting us using the details set out in the “Contact Address" section below.
Changes to the privacy policy
We reserve the right to modify or amend this privacy policy at any time and for any reason. Details of any changes will be posted at the top of the privacy policy web page.
Contact Address:
Green Tourism
Reception Business Centre
21 Lansdowne Crescent
Edinburgh
EH3 7BJ