Privacy Policy

 

Canal and River Cruises Ltd treat your privacy seriously. This Privacy Policy will explain how we collect and use your personal data and gives you the opportunity to limit our use of this information. 

Canal and River Cruises Ltd use the personal information that we collect to provide you with the services you have ordered and assist in processing any enquiries that you make through this website or by phone or email. Our main communication channel is through email which will be used to provide details of our services, payment requests, booking status updates and useful information directly related to the services you have booked. You may receive automated payment requests where due in order to keep your account in order.

We do not store payment card details nor do we share customer details with any 3rd parties, nor do we run any form of mailing lists except with your full agreement by opting in to such lists.

What personal data do we store?
Your name, phone number, email are required in order to make a booking for one of our services. We usually also collect your address which is only used in the preparation of your invoice/receipt and is optional.

How do we obtain this information?
When you book online, the data you provide is held electronically by our outsourced reservation system. If you book by phone we manually create your online reservation record. Booking online gives you the option to have your personal data retained for future reference such as making a new reservation. If you choose not to store your data we will mark your record to be deleted automatically but this will of course mean we can no longer enter into correspondence with you.

Who has access to this information?
Only employees of Canal and River Cruises.

We use a third party cloud based reservation system run by Checkfront who are fully GDPR compliant. 

We use a third party cloud based accounting system run by Sage.com who are fully GDPR compliant.

We use card payment services run by Paypal, Square and Stripe all of whom are GDPR compliant. These companies may collect your personal information for the purpose of processing card payments and will not use this information for any other purpose. Data security in this highly sensitive area is controlled not just by the GDPR but also PCIDSS standards which are very rigorous. We do not ever collect your or store your card details, nor do we have access to this information. We do however receive notification of payment attempts which we will use to process your reservation.

Covid-19 Policy may require us to collect contact details for you and your party in accordance with directives from the UK Government. At the time of writing we understand this to be retained for 21 days with the purpose of Covid-19 contact tracing.

Your data is not held electronically elsewhere.

You are entitled to a copy of your information held by us. If you would like to see this please contact us.

You are entitled to ask us to make corrections to any personal data which we hold.

You are entitled to ask us to delete any personal information which we hold and we will be happy to do so.

This Privacy Policy only applies to this website and not to the websites of other companies, individuals or organisations to which we provide links in good faith. Canal and River Cruises has no responsibility for those linked sites.
Canal and River Cruises Ltd are not responsible and will not be able to protect your privacy if you disclose personal information by emailing. Please be careful when disclosing personal information in this way.

Updated for GPDR compliance, 9th May 2018 and for Covid-19 on 27th June 2020