Visit Thanet Privacy Policy
1. Introduction
Visit Thanet/Thanet Tourism Service (part of Thanet District Council) is strongly committed to safeguarding your privacy. We want to inspire you to visit our beautiful destinations of Margate, Broadstairs, Ramsgate and surrounding villages, to keep you informed of travel ideas, offers, exciting events and updates to make your next visit here as fun as possible. This Privacy Policy explains our policy for the collection and use of information about you and your transactions with us.
By using our website, you agree to our Policy and data practices.
Thanet Tourism is the data controller in connection with any personal information collected or received by us arising from your use of any of our products, services, applications, websites and customer support communications.
The personal information we collect may include your name, address, email address, IP address, and information regarding what pages are accessed, when and in what order.
2. How do we collect information from you?
We obtain information about you when you use our website, when you contact us about our products or services, when you sign up to receive newsletters, enter a competition or request a brochure or information from the Visitor Information Centre.
In this section, we have set out:
• the general categories of personal data that we may process
• the purposes for which we may process personal data.
We will process your personal data in accordance with the EU’s General Data Protection Regulation. We maintain strict security standards and procedures with a view to preventing unauthorised access to your data by anyone, including our staff. We use leading technologies such as (but not limited to) data encryption, firewalls and server authentication to protect the security of your data. Thanet Tourism, our staff and any third parties we hire to provide support services, are required to observe our privacy standards and to allow us to audit them for compliance.
2.1 Visitor Profiling & Statistics
We may analyse your personal information to create a profile of your interests and preferences so that we can contact you with information relevant to you. When you consent to share personal information with us, we may use this information to improve our services to you and to tailor the information we provide in future. We may also use it to understand the success of our marketing and make improvements to our services overall. Personal data is stored for as long as the purpose intended, after this, the information will be confidentially destroyed
We may use the information you supply about your location (town/city/country) to tailor our email marketing and website information and make it more relevant to you.
2.2 Marketing
At times we will process information that you provide to us for the purpose of visitor registration, brochure requests, e-newsletters subscriptions and competition entry. This data may be processed for the purposes of sending you the relevant notifications and media.
• E-newsletters - by completing our e-newsletter signup page you are agreeing to receive email marketing communications. These can be unsubscribed from at any time, simply by clicking the unsubscribe link at the bottom of the email. We only collect this data when we have your consent and retain it on a secure database. If you withdraw consent it will be deleted within one calendar month.
• Competitions - please check the individual terms and conditions associated with each competition. When you enter a competition, we may collect your name, email address and postal address. You are also given the option to consent to future marketing from us and also from our competition partners. We process this data as part of our contract to you and we retain it for three months after the competition has closed. After this point, it will be deleted until you have consented to receive future marketing communications from us. If you consent to future marketing, we will continue to process your data on that basis and in accordance with this privacy policy. We may use this data to tailor the communications we send and improve our service to you and others.
2.3 User Generated Content
2.3.1 Social Media
If you use any of our social network pages or applications or you use one of our products or services that allow interaction with social networks, we may receive information relating to your social network accounts. For instance:
• If you click on a ‘like’, ‘+1’ or ‘tweet’ or similar button in one of our websites or services, we may record the fact that you have done so. In addition, the content that you are viewing may be posted to your social network profile or feed. We may receive information about further interactions with this posted content (for example, if your contacts click on a link in the posted content), which we may associate with the details that we store about you.
• If you ‘like’, ‘+1’ or similar one of our pages on a social network site, we may receive information about your social network profile, depending on your social network account privacy settings.
For more information and for details about how you can control access to your social network profile, you should view the privacy policy and other guidance available on your social network’s website.
2.3.2 Blog comments
Each time you create or reply to a post or thread on a blog from us, in addition to providing this blog comment service, we may also record the blog name and the time and date of your post or thread. We do this to better understand the ‘typical users’ of our blogs and to select or tailor our marketing communications to reflect your blog activity. We do not use the actual content of your blog posts or threads for purposes of sending marketing communications.
2.4 Other Contact
If you get in touch with us via email, we will retain your email and our response to it for as long as the business issue remains. After this, the information will be confidentially destroyed.
If you contact us via post, we will retain your letter/postal address/personal information and our response to it for as long as the business issue remains. After this, the information will be confidentially destroyed.
2.5 Legal Obligation
In addition to the specific purposes for which we may process your personal data set out in this section, we may also process any of your personal data where such processing is necessary for compliance with regulatory and legal obligation to which we are subject, or in order to protect your vital interests or the vital interests of another natural person.
3. Providing your personal data to others
We may use other third party service providers to provide certain data processing services for us (acting as our authorised data processors). Examples of authorised data processors could include, IT solution providers, data analytics providers who process information on our behalf for the purposes outlined above. When acting as our authorised data processors, our service providers are required to only process data in accordance with our instructions, in line with this Policy, and are subject to appropriate confidentiality and security obligations.
In addition to the specific disclosures of personal data set out in this section, we may also disclose your personal data where such disclosure is necessary for compliance with a legal obligation to which we are subject, or in order to protect your vital interests or the vital interests of another natural person.
4. International transfers of your personal data
We store your data on our secure servers in the United Kingdom and retain it for a reasonable period or as long as the law requires. In some circumstances, your data will be transferred to companies based in the United States of America. These currently include Mailchimp and Amazon Web Services, both of whom are certified under the EU-US Privacy Shield framework and are therefore legally allowed under GDPR to process personal data from the United Kingdom. We will notify you by email if and when we decide to process data to additional countries."
5. Retaining and deleting personal data
This Section sets out our data retention policies and procedure, which are designed to help ensure that we comply with our legal obligations in relation to the retention and deletion of personal data.
• Personal data that we process shall not be kept for longer than is necessary for that purpose or those purposes.
• Notwithstanding the other provisions of this Section 5 we may retain your personal data where such retention is necessary for compliance with a legal obligation to which we are subject, or in order to protect your vital interests.
6. Links to third party sites
Some of our websites may contain links to other third party websites that are not operated by us. While we try to link only to sites that share our high standards and respect for privacy, we are not responsible for the content, security or privacy practices of those third party websites. We strongly encourage you to view the privacy and cookie policies displayed on those third party websites to find out how your personal information may be used.
7. Amendments
• We may update this policy from time to time by publishing a new version on our website.
• You should check this page occasionally to ensure you are happy with any changes to this policy.
• We will notify you of changes to this policy by email and update via our website.
8. Your Rights
In this Section we have summarised the rights that you have under data protection regulation. Some of the rights are complex, and not all of the details have been included in our summaries. Accordingly, you should read the relevant laws and guidance from the regulatory authorities for a full explanation of these rights.
Your principal rights under data protection law are:
(a) the right to access;
(b) the right to rectification;
(c) the right to erasure;
(d) the right to restrict processing;
(e) the right to object to processing;
(f) the right to data portability;
(g) the right to complain to a supervisory authority; and
(h) the right to withdraw consent.
You may instruct us to provide you with any personal information we hold about you; provision of such information will be subject to the supply of appropriate evidence of your identity. For this purpose, we will usually accept a photocopy of your passport certified by a solicitor or bank plus an original copy of a utility bill showing your current address. Please put your request in writing to the address shown below.
In practice, you will expressly agree (opt in) in advance to our use of your personal information for marketing purposes. Where consent has been given, you are entitled at any time to opt out of the use of your personal information for marketing purposes.
To the extent that the legal basis for our processing of your personal information is consent, you have the right to withdraw that consent at any time. Withdrawal will not affect the lawfulness of processing before the withdrawal.
You have the right to lodge a complaint, if you wish to complain about how we are processing your personal information please contact
The Data Protection Officer
Thanet District Council
Cecil Street,
Margate
CT9 1XZ
email: dataprotection@thanet.gov.uk
Tel: 01843 577000
You also have the right to complain to the Information Commissioner’s Office, at:
The Information Commissioner, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF
Phone: 0303 123 1113 or 01625 545745
Website: www.ico.org.uk
9. Cookies
By using our website and agreeing to this policy, you consent to our use of cookies in accordance with the terms of this policy.
9.1 About Cookies
A cookie is a simple text file that is stored on a user’s computer (or mobile device) that is created when a user visits a website using a program called a browser (Chrome, Internet Explorer, Firefox or Safari).
A cookie isn't a program itself and doesn't actively do anything on a user's computer. A cookie cannot be used to identify a user personally but they do contribute to improving a user's experience of a website.
A cookie simply allows the website to read the contents of the cookie text file. The text file itself simply contains a unique identifier code; the site name and some digits and numbers.
9.2 Why are Cookies used?
Most websites will use cookies in order to improve the user experience by enabling the website to ‘remember’ the user, either for the duration of the visit or for repeat visits.
Cookies do lots of different jobs, such as:
• remembering what items a user may have added to a shopping basket or an itinerary as the user moves between pages on a website
• saving a user's preferences to allow them to customise a website
• measuring what users do on a website to ascertain which parts of a website are popular, how long they spend on a website, how often users return, where they come from etc
9.3 What Cookies are used by this site?
Cookies are set by this website (first party cookies) but may also be set by other websites (e.g. You Tube) that run content on the website’s pages (third party cookies).
Cookies can be set to remember a visitor for the duration of their visit (session cookies) or to remember a visitor for repeat visits (persistent cookies).
9.4 Heat Mapping
When enabled heat mapping software will record mouse clicks, mouse movements, and scrolling activity. It logs that you entered text but not the information entered. This software uses Cookies. Analysing the results from heat mapping software enables us to assess the performance of our website and its suitability for different audiences’ needs.
Google Analytics
Digital analytics tools such as Google Analytics may be used by (by Google) to record anonymous users’ interaction with our websites. This data may then be used to retarget users through advertising on other websites, therefore an individual's behaviour on one of our websites may result in them being retargeted by Google with advertising related to the pages they visited or actions they took on the site.
You may opt out of the DoubleClick cookie by visiting the Google advertising opt-out page https://policies.google.com/technologies/ads or you may opt out of our use of Analytics by visiting the Google Analytics opt-out page. https://tools.google.com/dlpage/gaoptout
10. Data Breach Policy
In the highly unlikely event that a data breach incident occurs which places your personal data, rights and freedoms at risk, we will, without undue delay and where possible, notify both you as the affected individual and the Information Commissioner’s Office of the breach not later than 72 hours after having become aware of it.
11. 16 or Under
We are committed to protecting the privacy of children aged 16 or under. If you are aged 16 or under‚ please get your parent/guardian's permission beforehand whenever you provide us with personal information.
12. About Us
The website is owned and operated by Visit Thanet / Thanet Tourism part of Thanet District Council
Our principle place of business is Margate.
Contact us:
By Post – Thanet Tourism, PO BOX 9, Cecil Street, Margate, Kent CT9 1XZ
Telephone – 01843 577577
Email – tourism@thanet.gov.uk
Visitor Information Centre The Droit House Stone Pier Margate Kent CT9 1JD Te: 01843 577577 Email: visitorinformation@thanet.gov.uk www.visitthanetbusiness.co.uk