Skyros Privacy Policy
At HOLISTIC ISLAND BREAKS LTD looking after the personal data you share with us is an important part of this. We want you to be confident that your data is safe and secure with us, and understand how we use it to offer you a better and more unique and inspiring experience.
The data controller is HOLISTIC ISLAND BREAKS LTD UK Limited (referred to in this Notice as “we” or “us”)
We are committed to doing the right thing when it comes to how we collect, use and protect your personal data. Your privacy matters to us, so please do take the time to read our Privacy Notice which explains:
What types of personal data we collect and why we collect it.
When and how we may share personal data within the HOLISTIC ISLAND BREAKS LTD and with other organisations.
The choices you have, including how to access and update your personal data.
Personal data we may collect when you buy through us:
Your personal details, including your address, email address, phone number and date of birth.
Your account login details, such as your username and the password you chose.
Travel preferences.
Information about when you click on one of our adverts, including those shown on other organisations’ websites.
Information about the way you access our digital services, including operating system, IP address, online identifiers and browser details.
Social preferences, interests and activities.
Insurance details.
Relevant medical data and any special, dietary, religious or disability requests.
Information about your purchases, including what you bought, when and where you bought it, how you paid for it and credit or other payment information.
When you contact us or we contact you or you take part in promotions, competitions, surveys or questionnaires about our services, we may collect:
Personal data you provide when you connect with us, including by email, post and phone or through social media, such as your name, username and contact details.
Details of emails and other digital communications we send to you that you open, including any links in them that you click on.
Your feedback and contributions to customer surveys and questionnaires.
Other sources of personal data:
We may use personal data from other sources, such as specialist companies that supply information, retail partners and public registers.
Your insurance company, their agents and medical staff may exchange relevant personal data and special categories of personal data with us in circumstances where we/they need to act on your behalf or in the interest of other customers or in an emergency.
Personal data you provide about other individuals:
We use personal data about other individuals provided by you, such as those people on your booking.
By providing other people’s personal data, you must be sure that they agree to this and you are allowed to provide it. You should also ensure that, where appropriate, they understand how their personal data may be used by us.
Using your personal data
We use your personal data in a variety of ways, as explained below.
To provide the products and services you request
We need to process your personal data so that we can manage your account or booking, provide you with the products and services you want to buy and help you with any orders and refunds you may ask for.
To manage and improve our products, services and day to day operations
We use personal data to manage and improve our products, websites and other services.
We monitor how our services are used to help protect your personal data, detect and prevent fraud, other crimes and the misuse of services. This helps us to make sure that you can safely use our services.
We may use personal data to respond to and to manage security operations, accidents or other similar incidents, including medical and insurance purposes.
We use personal data to carry out market research and internal research and development, and to develop and improve our services, IT systems, security, know-how and the way we communicate with you. We use CCTV images to help maintain the safety of anyone working in or visiting our premises and other buildings, and for the prevention, detection and prosecution of criminal offences. We may also rely on the images to establish, exercise or defend our legal rights.
To personalise your experience
We want to ensure that marketing communications relating to HOLISTIC ISLAND BREAKS LTD are relevant to your interests.
To do this, we may use your personal data to better understand your interests so that we can try to predict what other products, services and information you might be most interested in. This enables us to tailor our communications to make them more relevant and interesting for you.
Looking at your browsing behaviour and purchases helps us to better understand you as a customer and it allows us to provide you with personalised offers and services.
We may also measure your responses to marketing communications relating to products and services we offer, which enables us to offer you products and services that better meet your needs as a customer.
If you do not want to receive a personalised service from us, you can change your preference over the phone or by writing (e.g. email) to us at any time. We will update our records as soon as we can.
To make contact and interact with you
We want to serve you better as a customer so if you contact us, for example by email, post, and phone or via social media, we may use personal data to provide clarification or assistance to you.
We need to process your personal data so that we can manage any promotions and competitions you choose to enter. For example, if you win a prize.
We may invite you to take part in customer surveys, questionnaires and other market research activities carried out by HOLISTIC ISLAND BREAKS LTD.
We do not sell your personal data to third parties.
Marketing Communications
From time to time we may send you relevant offers and news about our services in a number of ways, including by email.
You can change your marketing preferences online, over the phone, using the ‘unsubscribe’ link in our marketing emails or by writing to us (e.g. email) at any time. Of course, the choice is entirely yours, but if you say you do not want to receive marketing information from us this will prevent you from receiving news and offers that may be of interest to you.
You may still receive service-related communications from us. For example, confirming bookings you make with us and providing important information about the use of our services.
Sharing personal data with suppliers and retail partners
In order to provide products or services requested by you we may share personal data with suppliers of your travel arrangements, including hotels and transport companies.
We also work with carefully selected suppliers that carry out certain functions on our behalf. For example, companies that help us with IT services, storing and combining data, marketing, advertising campaign, market research, processing payments and delivering products and services.
We may need to share personal data to establish, exercise or defend our legal rights; this includes providing personal data to others for the purposes of preventing fraud and reducing credit risk.
When we share personal data with other organisations we require them to keep it safe, and they must not use your personal data for their own marketing purposes.
We only share the minimum personal data that enable our suppliers and retail partners to provide their services to you and us.
Sharing personal data with regulatory authorities
So that you can travel, it may be mandatory (as required by government authorities at the point(s) of departure and/or destination) to disclose and process your personal data for immigration, border control, security and anti-terrorism purposes, or any other purposes which they determine appropriate. Even if not mandatory, we may assist where appropriate.
We may share the minimum personal data necessary with other public authorities if the law says we must, or we are legally allowed to do so.
Sharing personal data within Holistic Holidays LTD
Our Privacy Notice applies to all of the services offered by HOLISTIC ISLAND BREAKS LTD. We may share the minimum personal data necessary within HOLISTIC ISLAND BREAKS LTD, for example, to provide the products and services you request; to manage and improve our products, services and day-to-day operations; to help to personalise your experience; where appropriate, to make contact and interact with you; and, if allowed and appropriate, for marketing or market research purposes.
Protecting your personal data
We know how important it is to protect and manage your personal data. We take appropriate security measures to help protect your personal data from accidental loss and from unauthorised access, use, alteration and disclosure.
The security of your data also depends on you. For example, where we have given you or where you have chosen a password for access to certain services, you are responsible for keeping this password confidential. We put in place appropriate protections to make sure your personal data remains adequately protected and that it is treated in line with this Notice.
Data retention
We will retain your personal data for only as long as it is necessary for the uses set out in this Privacy Notice and/or to meet legal and regulatory requirements.
About cookies
Cookies are small data files that allow a website to collect and store a range of data on your desktop computer, laptop or mobile device. Cookies help us to provide important features and functionality on our website and we use them to improve your customer experience.
This website uses cookies to better the users experience while visiting the website. Where applicable this website uses a cookie control system allowing the user on their first visit to the website to allow or disallow the use of cookies on their computer / device. This complies with recent legislation requirements for websites to obtain explicit consent from users before
This website uses tracking software to monitor its visitors to better understand how they use it. This software is provided by Google Analytics which uses cookies to track visitor usage. The software will save a cookie to your computers hard drive in order to track and monitor your engagement and usage of the website, but will not store, save or collect personal information.
Other cookies may be stored to your computers hard drive by external vendors when this website uses referral programs, sponsored links or adverts. Such cookies are used for conversion and referral tracking and typically expire after 30 days, though some may take longer. No personal information is stored, saved or collected.
Links to other websites
Our websites or mobile apps may contain links to websites operated by other organisations that have their own privacy notices. Please make sure you read the terms and conditions and privacy notice carefully before providing any personal data on another organisation’s website as we do not accept any responsibility or liability for websites of other organisations.
Social media features
Our website may contain social media features such as Facebook, Twitter, Instagram, and Pinterest that have their own privacy notices. Please make sure you read their terms and conditions and privacy notice carefully before providing any personal data as we do not accept any responsibility or liability for these features.
Accessing and updating your personal data; and complaints
You have a right to ask for a copy of the personal data we hold about you. You can write to us asking for a copy of other personal data we hold about you.
Please include any details to help us identify and locate your personal data. Where we can provide data access, we will do so free of charge except where further copies are requested in which case we may charge a reasonable fee based on administrative costs.
We want to make sure that the personal data we hold about you is accurate and up to date. If any of the details we hold are incorrect, please let us know.
You can also ask for your personal data to be rectified or erased, to object to the processing of your personal data and, where technically feasible, to ask for personal data you provided to be transmitted to another organisation.
We will update or erase your data, unless we have to keep it for legitimate business or legal purposes.
You can also contact us if you have a complaint about how we collect, store or use your personal data. We aim to resolve complaints but if you are dissatisfied with our response, you may complain to the Information Commissioner’s Office.
Please submit your request or complaint in writing to the Data Protection Officer:
By post: HOLISTIC ISLAND BREAKS LTD, 9 Eastcliff Road, Shanklin, Isle of Wight, PO37 6AA
By email: holidays@skyros.com
Please note that we may ask you to verify your identity before we can act on your request or complaint. We may also ask you for more information to help ensure that you are authorised to make such a request or complaint when you contact us on behalf of someone else.
Legal basis for processing personal data
We will only collect and use your personal data if at least one of the following conditions applies:
We have your consent;
Example: Customer account
You give us permission to process your personal data when you register for a customer account.
It is necessary for a contract with you or to take steps at your request prior to entering into a contract;
Example: To provide the products and services you request
We need to process your personal data so that we can manage your account or booking, provide you with the products and services you want to buy and help you with any orders and refunds you may ask for.
It is necessary for us to comply with a legal obligation;
Example: Sharing personal data with regulatory authorities
So that you can travel, it may be mandatory (as required by government authorities at the point(s) of departure and/or destination) to disclose and process your personal data for immigration, border control, security and anti-terrorism purposes, or any other purposes which they determine appropriate.
It is necessary to protect your vital interests or those of another individual;
Example: In an emergency
Your insurance company, their agents and medical staff may exchange relevant personal data and special categories of personal data with us in circumstances where we/they need to act on your behalf or in the interest of other customers or in an emergency.
It is in the public interest or we have official authority; or
Example: Security operations
We may use personal data to respond to and to manage security operations, accidents or other similar incidents, including medical and insurance purposes.
It is in our or a third party’s legitimate interests and these are not overridden by your interests or rights.
Example: To personalise your experience
We may use your personal data to better understand your interests so that we can try to predict what other products, services and information you might be most interested in. This enables us to tailor our communications to make them more relevant and interesting for you.
Where we need to process special categories of personal data, for example health data for medical reasons, we will only do so if one or more additional conditions apply. For example, we have your explicit consent; it is necessary to protect the vital interests of you or another individual and you are physically or legally incapable of giving consent; it is necessary to establish, exercise or defend legal claims; it is necessary for reasons of substantial public interest.
Changes to our Notice
This Notice replaces all previous versions. We may change the Notice at any time so please check it regularly on our website(s) for any updates. If the changes are significant, we will provide a prominent notice on our website(s) including, if we believe it is appropriate, electronic notification of Privacy Notice changes.
Last update: September 2018