Privacy Notice
We are FHR Airport Services Ltd, a company registered in England with company number 07156413 and our registered office is at Unit 7 Borers Yard, Borers Arms Road, Copthorne, West Sussex, RH10 3LH (“we”, “us”, or “our” throughout this policy).
We are committed to ensuring that your privacy is protected. When we process your personal data, we will comply with the UK GDPR (and where applicable the GDPR), the Data Protection Act 2018, together with any other relevant data protection and privacy legislation (together “Data Protection Legislation”). We are the data controller of the personal data you pass to us pursuant to this policy and, therefore have the responsibility to ensure we comply with the Data Protection Legislation.
This privacy policy together with our website terms and conditions and cookie policy set out how we collect personal information from you and how the personal information you provide will be processed by us. By visiting the website at https://www.bookfhr.com (the “Website”) you are accepting and consenting to the practices described in this privacy policy.
If you do not consent, please do not submit any personal data to us via the Website or otherwise. We do not require a formally appointed data protection officer as we do not meet the criteria required by the Information Commissioner’s Office (“ICO”) or the Data Protection Legislation. However, if you have any questions or comments in respect of our compliance with the Data Protection Legislation, please contact us at customerservices@bookfhr.com.
It is very important that the information we hold about you is accurate and up to date. Please let us know if at any time the personal information we process about you changes by emailing us at customerservices@bookfhr.com
1. The Personal Data We Collect About You And The Purpose and On What Lawful Basis We Process It
Personal data means any information from which you are capable of directly or indirectly identifying an individual. It does not include anonymised data.
We may process the following categories of personal data about you:
Customers
If you place an order for our products or services (whether through our Website, by phone or by other means) we process the following information about you:
· Identify data such as your full name, marital status and title;
· Contact data such as your delivery address, billing address, email address and telephone numbers;
· Information about your booking or holiday to the extent necessary to facilitate the provision of goods and/or services to you; and
· Payment data such as your card and/or bank account details as required to take payment for goods and/or services.
We process most of the above information on the grounds of fulfilment of our contract with you, namely to confirm your order, contact you about delivery, arrange for your payment to be
processed and provide you with the goods/services you have purchased. We may also use your personal data for our legitimate interests, including for the purposes of fraud protection and for training and quality.
Website Visitors
To help us improve our Website and the products and services we offer, we collect data about the ways in which you use our Website. This includes, for example, technical data such as your IP address, which is collected through our use of cookies.
Candidates
If you apply for a job vacancy with us, or speculatively send us your CV, the personal data that we are likely to process about you includes:
· identity data such as your first name, middle names, last name, marital status, title, date of birth and gender;
· contact data such as your postal address, email address and telephone numbers;
· background data such as your education, career background and work experience;
· personal information such as your skills and qualities; and
· any other information that you include on any CV, application or covering letter you send to us.
We process your information on the grounds of our legitimate interests to determine whether or not we have a suitable vacancy for you. To the extent we need to process special categories of data about you (for example, to ensure our premises are suitably equipped for you if you attend for an interview), we will do so in accordance with our legal obligations. If you provide special categories of data to us which we have not requested, we will process it on the grounds of your consent because you have voluntarily provided the information to us.
Sensitive Data
We do not collect any Sensitive Data about you. Sensitive data refers to data that includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic and biometric data. We do not collect any information about criminal convictions and offences.
Where we are required to collect personal data by law, or under the terms of the contract between us and you do not provide us with that data when requested, we may not be able to perform the contract (for example, to deliver goods or services to you). If you don’t provide us with the requested data, we may have to cancel a product or service you have ordered but if we do, we will notify you at the time.
We will only use your personal data for a purpose it was collected for or a reasonably compatible purpose if necessary. For more information on this please email us at customerservices@bookfhr.com. In case we need to use your details for an unrelated new purpose we will let you know and explain the legal grounds for processing.
We may process your personal data without your knowledge or consent where this is required or permitted by law.
We do not carry out automated decision making or any type of automated profiling.
2. How We Collect Your Personal Data
Customers, Suppliers and Business Contacts
We use different methods to collect data from and about you including through:
· Direct interactions
You may give us your personal data by filling in forms on our Website or by corresponding with us by post, phone, email or otherwise. This includes personal data you provide when you: place an order for our products or services; submit a query about our products or service whether on our website or by email or phone; request for marketing to be sent to you; or give us feedback or contact us.
· Automated technologies or interactions
As you interact with our website, we may automatically collect personal data about you.
3. Marketing Communications
We occasionally send special offers and newsletters relating to airport parking, car rental, accommodation, airport lounges, holidays and other travel products which we believe may be of legitimate interest to you. We only send you marketing if we are entitled to do so under data protection and privacy legislation, which usually means we either have your consent to send you marketing or we send it to you because you are one of our existing customers. You can unsubscribe to our marketing communications at any time, either by clicking “unsubscribe” in any marketing email we send to you or by emailing us at customerservices@bookfhr.com.
4. Disclosure of Your Personal Data
We may have to share your personal data with the parties set out below:
· Other companies in our group who provide services to us.
· Service providers who provide IT and system administration services.
· Professional advisers including lawyers, bankers, auditors and insurers
· Government bodies that require us to report processing activities.
· Price comparison sites that have referred you to us.
· Third parties that assist with our customer satisfaction surveys and reviews.
· Third parties that assist us with fulfilment of your order, including by providing name and address verification services.
· Third party payment processors.
· Third party email distribution providers and market research companies. Please note your personal data will only be processed for marketing purposes in accordance with the section below headed “Marketing”;
· Third parties to whom we sell, transfer, or merge parts of our business or our assets.
· if you are a candidate, we may provide feedback to you via the recruiter or agency that recommended you to us
We require all third parties to whom we transfer your data to respect the security of your personal data and to treat it in accordance with the law. We only allow such third parties to process your personal data for specified purposes and in accordance with our instructions.
5. International Transfers
We do not transfer your personal data outside the European Economic Area (EEA) other than where you reside outside the EEA or where required in order to facilitate your booking.
Countries outside of the European Economic Area (EEA) do not always offer the same levels of protection to your personal data, so European law has prohibited transfers of personal data outside of the EEA unless the transfer meets certain criteria.
Many of our third parties service providers are based outside the European Economic Area (EEA) so their processing of your personal data will involve a transfer of data outside the EEA.
Whenever we transfer your personal data out of the EEA, we do our best to ensure a similar degree of security of data by ensuring at least one of the following safeguards is in place:
· We will only transfer your personal data to countries that the European Commission have approved as providing an adequate level of protection for personal data by; or
· Where we use certain service providers, we may use specific contracts or codes of conduct or certification mechanisms approved by the European Commission which give personal data the same protection it has in Europe; or
· If we use US-based providers that are part of EU-US Privacy Shield, we may transfer data to them, as they have equivalent safeguards in place.
If none of the above safeguards is available, we may request your explicit consent to the specific transfer. You will have the right to withdraw this consent at any time.
6. Data Security
We have put in place security measures to prevent your personal data from being accidentally lost, used, altered, disclosed, or accessed without authorisation. We also allow access to your personal data only to those employees and partners who have a business need to know such data. They will only process your personal data on our instructions and they must keep it confidential.
We have procedures in place to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach if we are legally required to.
7. Data Retention
Customers
Your personal data is retained for no more than seven years from the date you place your order. This enables us to deal with any potential issues or claims that may arise as a result of your purchase. After that date your personal data will be deleted or anonymised so that it is no longer personally identifiable. Your information will be kept securely at all times.
Suppliers and Business Contacts
Your personal data is retained for the duration of our relationship with you or the organisation for which you work. Please let us know if you leave the organisation or if your details change. If we receive notification from you or your organisation that you no longer work at that organisation, or if we no longer maintain a working relationship with your organisation, we will delete your information from our system.
If we are corresponding with you as a potential supplier, we will retain your details until we receive notification from you or your organisation that you no longer work at that organisation or until we no longer correspond with the organisation for which you work.
Candidates
If you are successful, we will retain your personal data in line with our employee facing privacy policy, a copy of which will be provided to you. If you are unsuccessful, we will retain your application, CV and/or covering letter and any other personal data you provided to us for six months from the date we reach our decision in case any other suitable roles arise in which we think you may be interested, or in case you have any questions about our decision. After that date, your personal data will be permanently deleted or destroyed.
8. Your Legal Rights
You benefit from a number of rights in respect of the personal data we hold about you. We have summarised your rights below, and more information is available from the Information Commissioner’s Office website (https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/individual-rights/). These rights apply for the period in which we process your data. There are certain caveats and exemptions to those rights which mean that in some circumstances you may not be entitled to exercise them, if we believe that is the case upon receipt of a request from you we will let you know.
Access to your data
You have the right to ask us to confirm that we process your personal data, as well as access to and copies of your personal data. You can also ask us to provide a range of information, although most of that information corresponds to the information set out in this fair processing notice.
Rectification of your data
If you believe personal data we hold about you is inaccurate or incomplete, you can ask us to rectify that information.
Right to be forgotten
In some circumstances, you have the right to ask us to delete personal data we hold about you.
Right to restrict processing
In some circumstances you are entitled to ask us to suppress processing of your personal data. This means we will stop actively processing your personal data but we do not have to delete it.
Data portability
You have the right to ask us to provide your personal data in a structured, commonly used and machine-readable format so that you are able to transmit the personal data to another data controller.
Right to object
You are entitled to object to us processing your personal data:
· if the processing is based on legitimate interests or performance of a task in the public interest or exercise of official authority;
· for direct marketing purposes (including profiling); and/or
· for the purposes of scientific or historical research and statistics.
We do not intend to use your personal data to send you direct marketing nor for scientific or historical research and statistics.
Automated decision making
Automated decision making means making a decision solely by automated means without any human involvement.
You may be subject to automated decision making if you submit a finance application for credit, which would be considered by our third party intermediary. If you do not wish to be subject to automated decision making for that purpose we would be unable to offer you credit.
Your right to complain about our processing
If you think we have processed your personal data unlawfully or that we have not complied with GDPR, please get in touch with us so we can help. You can report your concerns to the supervisory authority in your jurisdiction. The supervisory authority in the UK is the Information Commissioner’s Office (“ICO”). You can call the ICO on 0303 123 1113 or get in touch via other means, as set out on the ICO website - https://ico.org.uk/concerns/.
9. Third Party Links
This website may include links to third-party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements. When you leave our website, we encourage you to read the privacy notice of every website you visit.
10. Cookies
You can set your browser to refuse all or some browser cookies, or to alert you when websites set or access cookies. If you disable or refuse cookies, please note that some parts of this website may become inaccessible or not function properly.