Last Updated: 23rd March 2021
Roam is committed to protecting your privacy and security. This statement sets out how we collect and process personal data which we collect from you or which you provide to us. These are the data that you enter when you make an enquiry on our website, and information collected by us as you interact with our services. Whenever you provide personal information, we will treat that information in accordance with this statement, with current legislation on protection and use of data.
Who are we – who holds your data?
Roam is operated by Joe Armstrong, a sole trader, trading as Roam. Address: 8 Stanley Park, Easton, Bristol, BS5 6DU. Our website address is: https://roambikepacking.co.uk. Our Data Controller is our Company Founder Joe Armstrong. This data privacy statement applies to us and our activities in the UK.
What data do we collect and how?
We collect the following categories of data about you:
1. Name and Contact Details
The information you provide when booking a trip.
2. Personal / Sensitive Data
We will need to collect your height, for allocating you the correct sized bike and dietary requirements when booking bed & breakfast accommodation.
3. Financial Information
Payment information such as bank account details
If you allow us to use photographs you have taken, we may store your name and the fact that you have given us permission to use them.
If you are pictured in a photograph we have taken, and given us permission to use it, we will record this.
5. Accidents or Incidents
If an accident or incident occurs on one of our trips, or involving one of our staff then we’ll keep a record of this (which may include personal data and sensitive personal data, such as information relating to health).
How do we use your personal data?
We may process your personal information for carefully considered and specific purposes which are permitted by regulations and enable us to carry out our services. Roam will use your data for the following purposes:
- To answer an enquiry
- For the supply of the service you have requested
- For maintaining contact with you
- Improving the services we provide
- Processing any payments due to you, or handling any contract we have entered into with you
- For our administration and for compliance with legislation and regulations
We will always comply with the law.
Who has access to your data?
We may disclose your personal information to any of our employees, contractors, agents, partners or subcontractors insofar as reasonably necessary for the purposes set out in this privacy statement. In addition, we may disclose your personal information:
- to the extent that we are required to do so by law;
- in connection with any ongoing or prospective legal proceedings;
- in order to establish, exercise or defend our legal rights (including providing information to others for the purposes of fraud prevention and reducing credit risk);
- to the purchaser (or prospective purchaser) of any business or asset that we are (or are contemplating) selling; and
- to any person who we reasonably believe may apply to a court or other competent authority for disclosure of that personal information where, in our reasonable opinion, such court or authority would be reasonably likely to order disclosure of that personal information.
Except as provided in this privacy statement, we will not provide your information to third parties.
Which third parties have access to your data?
We will only share your data with partners and service providers who are directly involved in your booking, for example, we may pass your name and dietary requirements to a bed & breakfast.
How do we secure your data and how long do we retain them?
We will take reasonable technical and organisational precautions to prevent the loss, misuse or alteration of your personal information.
Personal data is collated using a WordPress Booking Enquiry Form which we receive via an email which is password protected. Information you enter in the website via the booking enquiry form will be protected by encryption technology. You acknowledge that the transmission of information over the internet is inherently insecure, and we cannot guarantee the security of data sent over the internet.
Any personal information downloaded will be stored on a secure (password) document.
On occasion, personal information is printed and given to Roam staff for the successful delivery of a trip. Once your trip is completed this data is disposed of by shredding.
We retain your data as long as required to realise the objectives as described in this privacy statement, but generally no longer than 2 years* after your last interaction with us, unless so far as such is necessary for compliance with our statutory obligations, or for the benefit of potential disputes. If we no longer require data then we destroy these data or anonymise them in order that they can no longer be linked to you
*Accident Records: will be kept for a minimum of 3 years, or if it involves a child until they reach 21
By providing personal data you consent to its processing as described in this Policy. If you do not wish to receive information in any or all of following ways – mail, telephone, e- mail, SMS – or wish to express other preferences, contact: email@example.com
External links on our website
How can I exercise my statutory rights?
You may contact us at firstname.lastname@example.org at any time to exercise any of the rights you are granted under applicable data protection laws, which includes (1) the right to access your data, (2) to rectify them, (3) to erase them, (4) to restrict the processing of your data, (5) the right to data portability and (6) the right to object to processing. Please note that we may require you to provide additional information to verify your identity.
You can also contact us at email@example.com if you have any questions, remarks or complaints in relation to this privacy statement. If you have any unresolved concerns, you also have the right to lodge a complaint with your Data Protection Authority
If you have any problems or queries about your data, please contact: Joe Armstrong, 8 Stanley Park, Easton, Bristol. BS5 6DU. firstname.lastname@example.org
If there is a breach in personal data security leading to its accidental or unlawful destruction, loss, alteration, unauthorised disclosure, unauthorised access. We will assess the risk to people’s rights and freedoms and take appropriate action. If the breach is likely to result in a high risk of adversely affecting individuals’ rights and freedoms, we will inform those individuals without delay and notify the Information Commission Office within 72 hours.
We will document all breaches and near breaches of personal data security
Roam reserves the right to amend this Privacy Statement at any time. Any change will be posted on our website and will take effect on publication. Your continued use of our website after changes are posted constitutes your acceptance of these Terms and Conditions.