Privacy Policy

Last Updated: 17 Jan 2024

1. Introduction

This Privacy Policy (hereinafter referred to as the “Policy”) sets forth the terms and conditions under which Travel Industry Design Limited (hereinafter referred to as “we,” “us,” “our,” or “Company”) collects, uses, processes, discloses, and safeguards personal data provided by individuals (hereinafter referred to as “you” or “your”) in connection with your access to and use of the website located at https://clientenquiry.co.uk (hereinafter referred to as the “Website”). By accessing or utilizing the Website and its related services, you expressly consent to the practices described herein. Should you have any questions regarding this Policy or any concerns regarding the processing of your personal data, please contact our Data Protection Officer (“DPO”), Michael Carter, at dpo@clientenquiry.co.uk.

2. Who We Are

Client Enquiry is a platform operated by Travel Industry Design Limited, a company incorporated under the laws of England and Wales with the company number 13518613 and its registered office at 58 Constance Ave, Stoke on Trent, Staffordshire ST48XJ (hereinafter referred to as the “Controller”). The Controller may be contacted for matters pertaining to the processing of personal data at the following email address: dpo@clientenquiry.co.uk.

3. Definitions

For the purposes of this Policy, the following definitions shall apply:

  • “Personal Data” shall refer to any information relating to an identified or identifiable natural person (“Data Subject”).
  • “Processing” shall refer to any operation or set of operations performed upon personal data, including but not limited to collection, storage, use, transfer, disclosure, or deletion.
  • “Controller” shall refer to the entity which determines the purposes and means of processing personal data.
  • “Processor” shall refer to any entity that processes personal data on behalf of the Controller.
  • “Third Party” shall refer to any entity other than the Data Subject, Controller, or Processor.

4. Personal Data Collected

The Controller hereby informs you that the following categories of personal data may be collected, stored, and processed in connection with your use of the Website and related services:

  • Customer Data: Contact information (e.g., full name, email address, telephone number), travel preferences, and payment details as required for the provision of services.
  • Supplier Data: Business contact details including names, email addresses, and communication preferences of suppliers and business partners.
  • Visitor Data: Technical data such as IP address, browser type, and usage data collected through cookies and similar tracking technologies.
  • Form Submission Data: Information submitted via forms on the Website, processed through WS Form PRO, which may include personal data such as names, email addresses, and other information pertinent to the services requested.

Failure to provide certain personal data may result in the Controller’s inability to fulfill the obligations or services requested.

5. Legal Basis for Processing

The legal bases for processing your personal data are as follows:

  • Performance of a Contract: Processing is necessary for the performance of a contract to which you are a party or in order to take steps at your request prior to entering into such contract.
  • Legitimate Interests: Processing is necessary for the purposes of the legitimate interests pursued by the Controller, including but not limited to website maintenance, service enhancement, and security purposes.
  • Consent: Where applicable, processing is based on your explicit consent to the collection and use of your personal data.

6. Use of Personal Data

The personal data collected by the Controller shall be used solely for the purposes outlined below:

  • To provide, operate, and maintain the Website and services offered by Client Enquiry;
  • To process and respond to inquiries, communications, or service requests submitted by you through the Website;
  • To facilitate the processing of payments via Stripe and other payment processors;
  • To manage customer relationships and interactions via Zoho CRM and other integrated systems;
  • To improve the Website’s functionality and user experience through Advanced Custom Fields (ACF) and other plugins;
  • To manage and facilitate data collection through WS Form PRO, including the generation of PDFs and integration with Stripe and Zoho;
  • To enhance the Website’s design and layout through Oxygen and OxyExtras plugins;
  • To provide Progressive Web App functionality via Super Progressive Web Apps (SuperPWA), including the storage of anonymous data and usage information;
  • To comply with legal obligations, including applicable data protection laws.

7. Disclosure of Personal Data

Personal data may be disclosed to the following Third Parties under the circumstances described below:

  • Payment Processors: Personal data, including payment details, will be disclosed to Stripe for the secure processing of transactions.
  • CRM Providers: Personal data, including customer contact information, may be shared with Zoho CRM for the purposes of managing customer relationships and business communications.
  • Hosting Providers: Personal data may be accessible to our hosting provider solely for the purposes of website hosting, maintenance, and security compliance.
  • Service Providers: Third-party service providers who assist in the administration, maintenance, and development of the Website, including those providing web development, analytics, and security services, will have access to personal data strictly for these purposes.

Travel Industry Design Limited shall not disclose, share, or sell personal data to any Third Party except as required to fulfill the purposes outlined in this Policy or in compliance with applicable legal obligations.

8. International Data Transfers

Personal data may be transferred to, and processed in, countries outside of the European Economic Area (“EEA”). In cases where such transfers occur, the Controller shall ensure that appropriate safeguards are in place, including but not limited to the use of Standard Contractual Clauses, to ensure that your personal data receives the same level of protection as required by the GDPR or other applicable data protection laws.

9. Retention of Personal Data

The Controller shall retain personal data only for as long as is necessary to fulfill the purposes for which it was collected, including for the purposes of satisfying any legal, accounting, or reporting requirements. Retention periods are as follows:

  • Form Submission Data: Retained for a period of six months unless required for longer periods by applicable legal obligations.
  • Payment Data: Retained only for the duration necessary to process the transaction via Stripe.
  • Customer Data: Retained for the duration of the customer relationship and for any subsequent period as required by applicable laws.
  • Comments: Retained indefinitely unless otherwise requested for deletion by the Data Subject.

Upon the expiration of the retention period, personal data shall be securely deleted or anonymized in accordance with applicable laws.

10. Data Subject Rights

In accordance with applicable data protection laws, including the GDPR, you are entitled to exercise the following rights:

  • Right of Access: You may request access to your personal data and obtain a copy thereof.
  • Right to Rectification: You have the right to request the correction of any inaccurate or incomplete personal data.
  • Right to Erasure: You may request the deletion of your personal data under certain circumstances.
  • Right to Object: You may object to the processing of your personal data based on legitimate interests.
  • Right to Withdraw Consent: Where processing is based on consent, you may withdraw your consent at any time.

Requests to exercise any of these rights should be directed to the DPO at dpo@clientenquiry.co.uk.

11. Data Security

The Controller employs appropriate technical and organizational measures to ensure the confidentiality, integrity, and security of personal data. Such measures include, but are not limited to, HTTPS encryption, secure server hosting, access controls, and the use of WP_Image_Editor_Imagick for secure image and media handling. In the event of a data breach, the Controller will notify the affected Data Subjects and relevant supervisory authorities as required by law.

12. Changes to the Privacy Policy

The Controller reserves the right to amend or update this Policy at any time. Any material changes will be communicated via the Website or other appropriate channels. It is your responsibility to review this Policy periodically to ensure your awareness of any modifications.

13. Contact Information

Should you have any inquiries or concerns regarding this Policy, or should you wish to exercise your rights under applicable data protection laws, please contact our Data Protection Officer:

Michael Carter
Data Protection Officer
Travel Industry Design Limited
58 Constance Ave
Stoke on Trent
Staffordshire ST48XJ
Email: dpo@clientenquiry.co.uk

14. Governing Law and Jurisdiction

This Policy shall be governed by and construed in accordance with the laws of England and Wales, and any disputes arising out of or in connection with this Policy shall be subject to the exclusive jurisdiction of the courts of England and Wales.

Copyright © 2024 Travel Industry Design