GDPR Privacy Policy – Shorter Overview

Min y Don needs to gather and use certain information about you before your holiday. General Data Protection Regulations (“GDPR”) dictate how we must store this data, and what we can (and can’t) do with it. This is a quick overview about how we look after your data and how we keep your privacy secure – while a longer version can be read on our Privacy Policy. As always, if you have any questions then you can email or call 01341 250433 to speak with us.

1. Your Information
The information we ask for on your Booking Form and Parental Consent Form (if you’re under 18 years old) is necessary in order for us to process your booking. If you choose not to provide any of the information we require, we may not be able to process your booking.

2. What happens to your information?
We never ever sell your information, or pass it on to other organisations. At Min y Don, we’re always working to improve our website and services, and so may use the information you give us to better understand your requirements. We may also store your information internally for record keeping, which is then destroyed when it is no longer necessary to keep it. Generally, we keep your data for up to two years from your last holiday.

Under the these new GDPR rules, you have the right to request what data we have about you, and for that data to be deleted (“right to be forgotten”).

3. Where is your data stored?
At Min y Don, your information is stored digitally on our computers and on paperwork. The only the people who have access to your information and are those who process your booking. We use a number of online services to help with our email, storage and website – and we’re confident that they also have a robust GDPR policy in place. All credit & debit card payments are always encrypted and your payment details are never stored on our servers.

4. Data Breach Policy
We have a robust Data Breach Policy – but a quick overview of it is that while we have systems in place to prevent a data breach occurring, if in the unlikely situation of a data breach being discovered – everyone knows who to report this too, and how to follow this up. A report will then be made about going forwards and a decision on whether we need to inform those involved and the ICO. 

5. Links to other websites
Sometimes we like to link to other websites from Our Privacy Policy can only apply to our own website, and you should read their own Privacy Policy.

This privacy policy overview was updated: 20th April 2018