Camperadventures take your privacy seriously and endeavour to protect it. We are a small family run business, with one owner, Mrs Helen Weston, who is the data controller.
When you make a booking, through our website, on the phone or in person we will ask you to provide personal information about yourself. This will include your name, address and other contact details. The information and the information about your booking(s) is used to arrange your campervan holiday and any other services you are requesting.
The Purpose of this statement is to help you understand how we use your data and to ensure compliance with GDPR. This statement will clarify the following;
Who is the data controller
Company owner, Mrs Helen Weston
What data we receive
Where data is stored
Your booking information is held securely by us on a password protected macintosh or, if paper copy, in a locked filing cabinet within our secure office.
Information you provide to us will not be shared with third parties without your knowledge. We use the information to provide holiday services to you under our contractual obligation and to provide you with the best possible service. We may also use it to improve our products and services.
Limited information about your booking will be shared with our insurance broker and underwriters if necessary to your hire of your campervan.
Who has access
Mrs Helen Weston, company owner (all information)
Insurance company (driver information/licence DVLA code check print out and 2 forms of ID)
For what purpose is data stored
How long is data stored
All information is stored securely before and during hire period
Name, address and email address will be stored post hire period. We will hold your information on our systems for a period that we deem to be commercially viable. All other personal information will be destroyed within one month of hire period
Should you wish to request this, please do so in writing to email@example.com
How is consent to use data obtained
Enquiries made via telephone, email, social media and website and upon arranging booking verbally or electronically.
Our website is hosted by GoDaddy and they are GDPR compliant.
How is a request for data handled
All subject request applications to be made to the data controller in writing via email to firstname.lastname@example.org. All requests will be responded to within 30 days. The subject data request will only be accepted by the person who the data relates to.
How is data deleted
Data is deleted by the data controller. Any requests to delete data outwith the standard timeframes outlined above, will be actioned within 30 days of receipt of request.
What control measures are in place
All third party business partners mentioned in this document who keep data of customers also have GDPR policies
What is the procedure to report a breach
If a suspected breach has occured, all those who may have been affected will be contacted within 24 hours.