Alternative Travel Group Ltd Privacy Notice
Many of us have concerns about possible compromise of our privacy, and the management and use of our personal data. ATG has long been aware of its clients’ needs for the highest level of personal security and had policies in place to ensure this.
Data Systems Management
Although Alternative Travel Group (ATG Oxford) is structured as a small group of companies, all administration, bookings and data management go through a single source. All data files at ATG are held on a secure internal server with access limited by password protection. Firewall and anti-virus systems are in place to prevent access to this information, and encryption is used for transmitting shared data.
- What personal data does ATG receive?
All personal data received by ATG has been provided directly by individuals in relation to requested travel arrangements, services and information.
- Information requests: Contact details such as postal or email address and phone number, provided by individuals to enable ATG to respond to requests for newsletters, brochures or other information, are held in a secure discrete system until the requested information has been supplied. Depending on the timing of a request, this may include two mailings.
- Booking Data is received from individuals enabling ATG to provide the travel arrangements, services and information requested. The booking file will remain ‘active’ only until there is no legal requirement, business need, or customer interest for this information to be retained. A record of trips taken will be retained as proof of eligibility for a (very worthwhile!) discount on every 11th trip taken, and contact details retained to provide information about future trips, events and opportunities.
- Personal data enquiries: Any requests for information relating to you or your personal data (irrespective of the alleged source or nature of the enquiry – a friend, colleague, etc) will be refused and the enquirer invited to leave a message – which, ‘if we have any contact details will be passed on…’.
- Feedback is very highly valued by ATG, and is subject to strict confidential procedures. Source documentation (questionnaires, emails, letters, etc,) is retained only until any salient issues have been responded to, resolved and actioned, after which all data is entered anonymously (‘anonymised’ – no recorded source) to become an integral part of ATG Quality System.
- Hotels and Airlines need to know your name and relevant booking dates.
- Passport details: For escorted group trips in countries where provision of identification is mandatory when checking into hotels, ATG requests passport details to facilitate rapid group check-in. If you do not wish to provide passport details to ATG, you may provide these directly to hotels on arrival, although this may cause delays.
- Tour Consultants engaged in operating ATG trips will receive (read-only) salient encrypted information in the booking, including specific conditions or requirements and information such as where and when you will be joining a trip.
- Financial Data: Statutory obligations require the retention of basic client information for legal and tax purposes, including identity, contract, financial and transactional data, for up to 7 years.
- Credit Card details: ATG is PCI compliant, and information and process are stringently managed under this legislation.
- Mail distribution/dispatch: When a Mailing House is used, ATG ensures that this is compliant with the ICO Code of Conduct for GDPR and the DMA Direct Marketing Code of Practice.
- Employment: Applications for employment with ATG are retained until selection/ interviews have taken place.
- Statutory records relating to employees and employment are kept. Only factual references are given.