You’re here:  Home »Data Processing Agreement

The new General Data Protection Regulations (GDPR) effective 25th May 2018 ensures that the customer has complete control over their data which the data controller and data processor process, retain and utilise.

Golden Tours Limited, the Data Processor, takes full responsibility of ensuring that all processing policies undertaken by Golden Tours Limited, pertaining to data protection, are GDPR compliant. Further details can be found within our Privacy Policy.

As part of the new legislation, Golden Tours Limited expects that all data controllers (including, but not limited to, Booking Agents, Hotel Concierges, Affiliates, and any other person who collects data or processes bookings on behalf of Golden Tours Limited) will take the necessary steps to implement GDPR-compliant collection and processing policies. The data controller is solely responsible for all collection and processing policies undertaken by themselves.

Please see below for a brief overview of how Golden Tours Limited processes and utilises the data that has been collected by the data controller.

What information is collected?

          The customer’s personal details, including the customer’s name, email address, nationality, phone number, billing address.

          The customer’s payment details, including their card number, name on the payment card, the expiry date and the card type.

Why the information is collected and how it is used.

          The primary reason is for operational purposes, such as the processing of bookings.  

          The secondary reason is for marketing purposes, such as sending personalised marketing adverts via email or post based on consent given by customers.

How the data is protected

Access to the Personal Data stored on the company’s servers is protected by strict security procedures, including technical and physical restrictions. Only authorized personnel, who have received formal training, are permitted to access Personal Data.

All individuals handling the data will not share or sell information to any third party for financial gain.

The retention of data.

In accordance with the legislation, Golden Tours Limited retains data for only as long as necessary for the relevant purposes.

The data subject’s rights over the information.

The data subject can ask for their details to be amended on the database if they believe that the information is incorrect. The data subject can also ask not to be contacted for marketing purposes. The data subject can ask for a copy of the information held on the Golden Tours Limited database by emailing dataprotection@goldentours.com