What information does Tate’s Travel collect? How do we use it?
When you contact us, we may gather information from you such as your name, telephone, etc.
We may use the information we collect to occasionally notify you about important functionality changes to the website, new products, services and special offers we think you’ll find valuable.
If you would rather not receive this information, details of how to remove yourself from our subscription system will be contained in the emails that you receive from us. Make sure you change your preferences for each account you hold or email address you have provided.
How does Tate’s Travel protect customer information?
As required by the UK Data Protection Acts of 1984 and 1998, we follow strict security procedures in the storage and disclosure of information which you have given us, to prevent unauthorised access. Our security procedures mean that we may occasionally request proof of identity before we are able to disclose sensitive information to you.
What about “cookies”?
Will Tate’s Travel disclose the information it collects to outside parties?
Tate’s Travel does not sell, trade or rent your personal information to others. We may choose to do so in the future with trustworthy third parties, but you can tell us not to by removing yourself from our lists (details will be provided in the newsletter emails you receive from Tate’s Travel). Also, Tate’s Travel may provide aggregate statistics about our customer’s, sales, traffic patterns and related site information to reputable third-party vendors, but these statistics will include no personally identifying information.
We are committed to protecting your privacy. We use the information we collect on here at Tate’s Travel is used to enhance your experience with us. We do not sell, trade or rent your personal information to others. We may choose to do so in the future with trustworthy third parties, but you can tell us not to by removing yourself from our list. If you never want to receive any announcements or special offers from us, please send a blank email message titled “remove” to change your preferences. Remember to change your preferences for each of the email accounts you have given us.
Tell us what you think
Tate’s Travel welcomes your questions and comments about privacy.
Tate’s Travel (“Tate’s Travel ” or the “Company”) is committed to protecting the privacy of individuals who visit the Company’s Web sites (“Visitors”), individuals who register to download free or trial software or use the Company’s services as defined below (“End Users”), and individuals who register to attend the Company’s in-person or web-based events (“Attendees”).
This Privacy Statement describes: Tate’s Travel’s privacy practices in relation to:
- the Company’s Web sites;
- the services ( “Services”) offered by Tate’s Travel to its customers (“Customers”).
In relation to both our Web sites and our Services, this Privacy Statement explains the following:
- what information Tate’s Travel may collect about you;
- how Tate’s Travel will use information we collect about you;
- when Tate’s Travel may use your details to contact you;
- whether Tate’s Travel will disclose your details to anyone else;
- your choices regarding the personal information you provide to us or which we collect about to you; and
Web Sites Covered
This Privacy Statement covers the information practices of Web sites that link to this Privacy Statement, including: https://www.tatestravel.com and other Web sites under the Tate’s Travel domain which are owned and operated by the Company.
Tate’s Travel’s Web sites contain links to other external Web sites, for instance to our content on social media platforms like Facebook, Twitter, YouTube and LinkedIn, and to the Web site homepages of our technology alliance partners and channel partners. The privacy statements of these other Web sites govern the information practices or the content of these other Web sites. The Company encourages you to review the privacy statements of other Web sites to understand their information practices.
Our Web site includes social media features, such as the Facebook ‘Like’ button and widgets, such as the ‘Share this’ button or interactive mini-programs that run on our Web site. These features may collect your IP address, which page you are visiting on our site, and may set a cookie to enable the feature to function properly. Social media features and widgets are either hosted by a third party or hosted directly on our Web site. Your interactions with these features are governed by the privacy statement of the company providing it.
Personal Data Collected
We set out a summary of how we use, retain and share the categories of personal data we collect about you and related information in the table below:
Use of Visitor information through our Web sites
Personal data How and why we use it
Who we share it with and why
The lawful basis for Visitors located in the EU
How long we keep it for
Contact information, such as name, company name, title, email address, mailing address and phone number To send you materials you request like whitepapers, details of our events and webinars and to send you other marketing materials by email, postal mail or telephone, for instance if you choose to trial our Services. If you choose to set up an account, we use your contact information to provide you technical training for our Services and to give you access to our online community forum. We also collect contact information from members of our partner programs (other companies who we have arrangements with under which they promote our Services) where an individual expresses an interest in our Services. Where that happens, we will use the information to send details of events, webinars, whitepapers and marketing materials as described above. We also use your contact data to measure our own marketing efforts and performance, analysing all marketing contact with you, its timing and the extent of its success. With our customer relationship management software providers marketing automation platform providers (Marketo), webinar software providers (Zoom), email platforms (such as aWeber), Web site hosting providers (Cloudabove), our online community platform provider, our learning management system software provider, and members of our partner programs Our legitimate interests in promoting our business and assessing the success of our promotional activities You may opt-out of ongoing marketing communications by following the process here.
Name, contact details and employment details if you send us a CV, resumé or other details of your employment history, qualifications and experience in connection with an advertised job vacancy or a general inquiry regarding employment opportunities with us. To assess your application and communicate with you about to the position with our human resources information system provider (Workday) and our background check service providers Taking steps necessary prior to entering into a potential employment or consultancy agreement with you and our legitimate interests in properly assessing applicants for employment. We keep information on unsuccessful applicants located in the EU for 6 months in case another relevant position arises and will contact you about it. If you prefer us not to, please let us know at email@example.com. Information on successful applicants will be used in our Human Resources systems and processes.
Information from your Web browser (such as browser type and browser language), your Internet Protocol (“IP”) address, internet service provider (ISP), operating system, date/time stamp, and clickstream data and the actions you take on the Company’s Web sites (such as the web pages viewed and the links clicked) We use this information for what is usually called “analytics” — essentially to understand how Visitors move around our Web sites, what content is popular and what is not – and (either alone or with information about the company you work for) to provide more personalized information about us. We hold this information against a Visitor’s IP address, unless a Visitor submits contact information to us, in which case we hold this information against the submitted contact information. We use this information to help improve our Web sites. Usage data is collected on our behalf and analysed by third party analytics providers (Google Analytics) on our behalf. Our legitimate interests in monitoring and improving our Web sites We keep usage data for analytics and product improvement purposes indefinitely because historical usage data is always relevant to the development of our technology.
Personal testimonials of satisfied customers and other endorsements We publish testimonials on our Web site to promote our business. With our customer reference management software provider We use testimonials for our legitimate interests in promoting our business. You can request removal of your testimonials by contacting us at firstname.lastname@example.org.
We retain testimonials until withdrawn on your request (where we are legally required to remove or otherwise choose to remove).
Community forum content you upload If you choose to join one of our community forums, we will make what you upload available to other forum Visitors. With our hosting provider (currently Amazon Web Services), our online community platform provider and with Visitors to our community forums Our legitimate interests in encouraging the sharing of ideas and experiences between Tate’s Travel End Users. You can request removal of your testimonials by contacting us at email@example.com.
We retain your community forum-posted content until withdrawn at your request (where we are legally required to remove or otherwise choose to remove).
Account user name and password For Visitors to set up accounts so that they can interact with our Web site, such as interacting with our support functions, submitting content to our community forum or signing up for courses
Usernames are shared with our online community platform provider and learning management system software provider. We do not share passwords. Our legitimate interests in receiving information from Website Visitors and providing access to information (such as software downloads) that are only available to registered End Users We retain your user name and password until you request deactivation of your account (or until we are legally required to otherwise choose to deactivate your account).
Use of Customer information in relation to our Services
Personal data How and why we use it Who we share it with and why Lawful basis for Customers located in the EU How long we keep it for
Financial qualification and billing information, such as billing name and address, credit card number, and the number of users or systems within the organization that will be using Services (“Billing Information”) To onboard a new client for invoicing and payment and use of the system With our payment processing providers (currently First Data) and/or equivalent additional or replacement payment processors and our enterprise resource management software provider. Use is necessary for our legitimate interests in providing our Services on a commercial basis. We retain Billing Information for the duration of our contract with our Customer and thereafter an necessary for legal and audit purposes. You may request removal of your contact information by letting us know at firstname.lastname@example.org.
Contact information, such as name, company name, title, email address, mailing address and phone number To provide customer support and training and to solicit feedback from our Customers With our customer success software provider, survey tool service providers, calendar scheduling tool providers and learning management system software provider Our legitimate interests in supporting our customers in their use of our Services and improving our Services We retain this information for the duration of our contract with our Customer and thereafter as an inactive account. You may request removal of your contact information by letting us know at email@example.com. Information in support cases may be retained indefinitely because historical data regarding customer issues is always relevant to the development of our Services.
Specific vendors listed may change from time to time.
Lawful basis refers to the need under EU privacy law to have a specific reason, recognized by law, for us to have and use your personal data.
Specific vendors listed may change from time to time.
Lawful basis refers to the need under EU privacy law to have a specific reason, recognised by law, for us to have and use your personal data.
Tate’s Travel customers may electronically submit information through the Services (‘Customer Data’). Tate’s Travel will not share, distribute, or reference any such Customer Data except as provided in our software subscription, licensing or services agreements with our Customers, or as may be required by law. In accordance with our agreements with our Customers, Tate’s Travel may access Customer Data (other than as expressly set out in this Privacy Statement) only for the purpose of providing Services, preventing or addressing service or technical problems, license enforcement and at a Customer’s request in connection with other customer support matters, professional services, or as may be required by law.
Data Collected through the Tate’s Travel Services Portals
Tate’s Travel collects and processes 3rd party personal data in addition to the personal data referred to in the table above under the direction of our Customers and only to provide the Services our Customer has agreed to. This includes, for example:
Personal Data Why the Personal Data is used by the Services Unique Device ID (UDID), a system generated unique user ID, and a device IP address To identify the device used
End User login information in the form of a username and password To enable single sign on (SSO) functionality
A storage of previously used passwords which are hashed. Hashing passwords is a security method where passwords are encrypted using a one-way algorithm (prior to storage into a database) to provide robust security for credential storage. To enforce the password policy
A user display name, one-time passcodes and user security question/answer To determine whether to request more information for multi-factor authentication
User location which is determined using geolocation technology together with third party databases To provide functionality such as locating lost or stolen devices. End Users who do not want their location used can turn off location services in their account settings or mobile phone settings.
We have no ownership of this information or any direct relationship with individual End Users whose personal data may be processed as part of providing our Services. If you are a customer or End User of one of our Customers and would no longer like to be contacted by one of our Customers that use our Services, please contact the Customer that you interact with directly. Tate’s Travel may transfer personal data to companies that help us provide our Services. Transfers to subsequent third parties are covered by our licensing and service agreements with our Customers.
Tate’s Travel acknowledges that End Users have the right to access their personal information and to request erasure, rectification and data portability. An individual who seeks access to or who seeks to correct, amend, or delete inaccurate data which Tate’s Travel holds solely in order to provide its Services should direct his/her query to the Tate’s Travel Customer they interact with directly (the data controller). If a Tate’s Travel Customer requests that we remove personal data on their behalf, we will respond to their request within one month. Our Customers’ right to receive their Customer Data is covered by licensing or services agreements with them.
Customer Provided Content
Some Services permit Customers to store customer content such as documents, images and other information (“Customer Content”). Tate’s Travel processes and stores Customer Content that Customers choose to upload into the Services. Customer Content is accessible only by the Customer and Tate’s Travel does not use Customer Content for any other purpose. Each Customer is solely responsible for its Customer Content including that Customer Content is not inappropriate or unlawful and that it does not contain any viruses or harmful content. If Tate’s Travel determines in its sole discretion that any Customer Content may be inappropriate or unlawful or that it contains a virus or harmful content, Tate’s Travel may remove the Customer Content from the Services.
Google User Data
Through Google Directory APIs, the Services access and store Google Directory user profiles and group membership information to allow the Services to implement federated identity across Google Directory. This provides Google Directory users with “single sign on” to the apps that are accessible through the Services portal. Tate’s Travel does not share Google Directory user profiles and group information with third parties.
Tate’s Travel will retain personal data we process on behalf of our Customers for as long as needed to provide services and as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.
Anonymous Data Collected
“Anonymous Data” is collected or generated by the Services and is not associated or linked to Personal Data. Anonymous Data does not identify individual persons. Tate’s Travel de-identifies by removing Personal Data and aggregates data so the data cannot be traced to End Users or their devices. Tate’s Travel may share Anonymous Data with business partners for use for their business purposes.
The security of our Customer’s personal data is important to us. Tate’s Travel uses robust security measures to protect Customer Data from unauthorized access, maintain data accuracy, and help ensure the appropriate use of Customer Data. When the Services are accessed over the Internet Transport Layer Security (TLS) technology protects Customer Data using both server authentications for data-in-transit and data encryption of Customer Data stored at rest in Tate’s Travel Services. These technologies are intended to ensure that Customer Data is safe, secure, and only available to the Customer to whom the information belongs and those to whom the Customer has granted access using unique encryption keys. Tate’s Travel hosts its Services in a secure server environment that uses firewalls, intrusion detection systems, and other advanced technology designed to prevent interference or access from outside intruders. No method of transmission over the Internet, or method of electronic storage, however, is 100% secure. Therefore, we cannot guarantee or warrant its absolute security. If you have any questions about security, you can contact us at privacy@Tate’stravel.co.uk. Customers are responsible for maintaining the security and confidentiality of their End User usernames and passwords.
If at any time after consenting to our sending you marketing communications, you change your mind about receiving information from us, please send us a request specifying your new choice. Simply send your request to firstname.lastname@example.org. Tate’s Travel will respond to your request within at most one month from the date of your request.
We will retain and use your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements and will only contact you in relation to these items.
Cookies and other Tracking Technologies
We use the following types of cookies on our Web sites:
- Strictly necessary cookies. These are cookies that are required for the operation of our Web sites and under our terms with you. They include, for example, cookies that enable you to log into secure areas of our Web site.
- Analytical/performance cookies. They allow us to recognize and count the number of Visitors and to see how Visitors move around our Web sites when they are using it. This helps us for our legitimate purposes to improve the way our Web sites work, for example, by ensuring that users are finding what they are looking for easily.
- Functionality cookies. These are used to recognize you when you return to our Web sites. This enables us, subject to your choices and preferences, to personalize our content for you, greet you by name and remember your preferences (for example, your region).
- Targeting cookies. These cookies record your visit to our Web site, the pages you have visited and the links you have followed. We will use this information subject to your choices and preferences to make our Web site and the advertising displayed on other Web sites you visit more relevant to your interests. We may also share this information with third parties for this purpose.
Behavioural Targeting / Re-Targeting
Tate’s Travel provides community forums on the Company’s Web sites. Any personal data you choose to submit in such a forum may be read, collected, or used by others who visit these forums, and may be used to send you unsolicited messages. Tate’s Travel is not responsible for the personal data you choose to submit in these forums. To request removal of your personal data from our blog or community forum, contact us at email@example.com. In some cases, we may not be able to remove your personal data, in which case we will let you know if we are unable to do so and why.
Sharing of Information Collected
We will share your personal data with third parties only in the ways that are described in this Privacy Statement. We do not sell your personal data to third parties.
Tate’s Travel may share personal data about Visitors and Attendees with the Company’s contracted service providers so that these service providers can provide services on our behalf, such as administering email services. Tate’s Travel may also share your personal data with the Company’s service providers to ensure the quality of information provided. These companies are authorized to use your personal data only as necessary to provide these services to us.
Tate’s Travel reserves the right to use or disclose information provided if required by law or if the Company reasonably believes that use or disclosure is necessary to protect the Company’s rights, protect your safety or the safety of others, investigate fraud and/or to comply with a judicial proceeding, court order, legal process or other governmental authority; provided, however, that unless prohibited by law, Tate’s Travel will use its reasonable efforts to give you notice to enable you to seek a protective order or take other appropriate action.
Privacy and Children
Tate’s Travel Web sites do not offer information intended to attract children. Tate’s Travel does not knowingly solicit personal data from children under the age of 13.
Tate’s Travel offers Visitors and Attendees who provide contact information a means to choose how the Company uses the information provided. You may manage your receipt of marketing and non-transactional communications by clicking on the ‘unsubscribe’ link located on the bottom of the Company’s marketing emails and newsletters. Customers cannot opt out of receiving transactional emails related to their account associated with Services purchased that are required for support and maintenance of these Tate’s Travel products.
Notification of Data Breaches
- In the case of a personal data breach, the controller shall without undue delay and, where feasible, not later than 72 hours after having become aware of it, notify the personal data breach to the supervisory authority competent in accordance with Article 55, unless the personal data breach is unlikely to result in a risk to the rights and freedoms of natural persons. Where the notification to the supervisory authority is not made within 72 hours, it shall be accompanied by reasons for the delay.
- The processor shall notify the controller without undue delay after becoming aware of a personal data breach.
- The notification referred to in paragraph 1 shall at least:
- describe the nature of the personal data breach including where possible, the categories and approximate number of data subjects concerned and the categories and approximate number of personal data records concerned;
- communicate the name and contact details of the data protection officer or other contact point where more information can be obtained;
- describe the likely consequences of the personal data breach;
- describe the measures taken or proposed to be taken by the controller to address the personal data breach, including, where appropriate, measures to mitigate its possible adverse effects.
- Where, and in so far as, it is not possible to provide the information at the same time, the information may be provided in phases without undue further delay.
- The controller shall document any personal data breaches, comprising the facts relating to the personal data breach, its effects and the remedial action taken.
Communication of a personal data breach to the data subject
- When the personal data breach is likely to result in a high risk to the rights and freedoms of natural persons, the controller shall communicate the personal data breach to the data subject without undue delay.
- The communication to the data subject referred to in paragraph 1 of this Article shall describe in clear and plain language the nature of the personal data breach and contain at least the information and measures referred to in points (b), (c) and (d) of Article 33(3).
- The communication to the data subject referred to in paragraph 1 shall not be required if any of the following conditions are met:
- the controller has implemented appropriate technical and organisational protection measures, and those measures were applied to the personal data affected by the personal data breach, in particular those that render the personal data unintelligible to any person who is not authorised to access it, such as encryption;
- the controller has taken subsequent measures which ensure that the high risk to the rights and freedoms of data subjects referred to in paragraph 1 is no longer likely to materialise;
- it would involve disproportionate effort. In such a case, there shall instead be a public communication or similar measure whereby the data subjects are informed in an equally effective manner.
- If the controller has not already communicated the personal data breach to the data subject, the supervisory authority, having considered the likelihood of the personal data breach resulting in a high risk, may require it to do so or may decide that any of the conditions referred to in paragraph 3 are met.
Right to data portability
- The data subject shall have the right to receive the personal data concerning him or her, which he or she has provided to a controller, in a structured, commonly used and machine-readable format and have the right to transmit those data to another controller without hindrance from the controller to which the personal data have been provided, where:
- In exercising his or her right to data portability pursuant to paragraph 1, the data subject shall have the right to have the personal data transmitted directly from one controller to another, where technically feasible.
- 1The exercise of the right referred to in paragraph 1 of this Article shall be without prejudice to Article 17. 2That right shall not apply to processing necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.
- The right referred to in paragraph 1 shall not adversely affect the rights and freedoms of others.
Correcting and Updating Your Information
Upon request Tate’s Travel will let Visitors and Attendees know whether we hold any of your personal data. Individuals may update or change their registration information by editing their user profile. To update a user profile, please email firstname.lastname@example.org with your Tate’s Travel username and password and click ‘Account Settings.’ If you wish to have your user account deactivated, cancel your account and/or have your personal data removed from our system, please login (as described in the preceding sentence) and contact us by creating a support ticket, or contact us using the information below. Personal data and Billing Information may be updated, changed or removed; you can do so by contacting email@example.com or by regular mail addressed to:
6-7 Park Lane
Tate’s Travel will respond to your correction or update request within at most one month from the date of your request.
If another entity acquires Tate’s Travel or all or substantially all of Tate’s Travel’s assets, Customer Data and any other information that Tate’s Travel has collected about Customers will be transferred to such entity as one of the transferred assets. You will be notified via email and/or a prominent notice on our Web site of any change in ownership or uses of your personal data, as well as any choices you may have regarding your personal data.
Processing Data Outside of European Economic Area (EEA)
Tate’s Travel may store, process and/or transfer personal data to countries outside of the EEA (including countries where the European Commission has not made a decision of an adequate level of protection of personal data), especially to servers in the United State’s. The transfer of such data will be in compliance with local legislation for the cross-border transfer of data, where applicable. If you do not agree to this procedure you should not use our Services. By using Services, you consent to Tate’s Travel’s transferring your information to countries outside your own and the EEA, if necessary, for the business purposes as outlined above.
You have a right to see the personal data held by Tate’s Travel about you. If you wish to obtain a copy of particular information about you, or if you become aware the information we hold is incorrect and you would like to correct it, please send an e-mail to firstname.lastname@example.org.
Tate’s Travel is responsible for the processing of personal data it receives, under the Privacy Shield Framework, and subsequently transfers to a third party acting as an agent on its behalf. Tate’s Travel complies with the Privacy Shield Principles for all onward transfers of personal data from the EU and Switzerland, including the onward transfer liability provisions.
Changes to this Privacy Statement
We may update this Privacy Statement to reflect changes to our information practices. We encourage you to periodically review this page for the latest information on our privacy practices.
Questions regarding this Privacy Statement or the information practices of the Company’s Web sites should be directed to email@example.com.
Right to erasure (‘right to be forgotten’)
The data subject shall have the right to obtain from the controller the erasure of personal data concerning him or her without undue delay and the controller shall have the obligation to erase personal data without undue delay where one of the following grounds applies:
- the personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed;
- the data subject withdraws consent on which the processing is based according to point (a) of Article 6(1), or point (a) of Article 9(2), and where there is no other legal ground for the processing;
- the data subject objects to the processing pursuant to Article 21(1) and there are no overriding legitimate grounds for the processing, or the data subject objects to the processing pursuant to Article 21(2);
- the personal data have been unlawfully processed;
- the personal data have to be erased for compliance with a legal obligation in Union or Member State law to which the controller is subject;
- the personal data have been collected in relation to the offer of information society services referred to in Article 8(1).
- Where the controller has made the personal data public and is obliged pursuant to paragraph 1 to erase the personal data, the controller, taking account of available technology and the cost of implementation, shall take reasonable steps, including technical measures, to inform controllers which are processing the personal data that the data subject has requested the erasure by such controllers of any links to, or copy or replication of, those personal data.
- Paragraphs 1 and 2 shall not apply to the extent that processing is necessary:
- for exercising the right of freedom of expression and information;
- for compliance with a legal obligation which requires processing by Union or Member State law to which the controller is subject or for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller;
- for reasons of public interest in the area of public health in accordance with points (h) and (i) of Article 9(2) as well as Article 9(3);
- for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes in accordance with Article 89(1) in so far as the right referred to in paragraph 1 is likely to render impossible or seriously impair the achievement of the objectives of that processing; or
- for the establishment, exercise or defence of legal claims.
Right of access by the data subject
- The data subject shall have the right to obtain from the controller confirmation as to whether or not personal data concerning him or her are being processed, and, where that is the case, access to the personal data and the following information:
- the purposes of the processing;
- the categories of personal data concerned;
- the recipients or categories of recipient to whom the personal data have been or will be disclosed, in particular recipients in third countries or international organisations;
- where possible, the envisaged period for which the personal data will be stored, or, if not possible, the criteria used to determine that period;
- the existence of the right to request from the controller rectification or erasure of personal data or restriction of processing of personal data concerning the data subject or to object to such processing;
- the right to lodge a complaint with a supervisory authority;
- where the personal data are not collected from the data subject, any available information as to their source;
- the existence of automated decision-making, including profiling, referred to in Article 22(1) and (4) and, at least in those cases, meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing for the data subject.
- Where personal data are transferred to a third country or to an international organisation, the data subject shall have the right to be informed of the appropriate safeguards pursuant to Article 46 relating to the transfer.
- The controller shall provide a copy of the personal data undergoing processing. For any further copies requested by the data subject, the controller may charge a reasonable fee based on administrative costs. Where the data subject makes the request by electronic means, and unless otherwise requested by the data subject, the information shall be provided in a commonly used electronic form.
- The right to obtain a copy referred to in paragraph 3 shall not adversely affect the rights and freedoms of others.
- The data subject shall have the right to obtain from the controller confirmation as to whether or not personal data concerning him or her are being processed, and, where that is the case, access to the personal data and the following information:
For all matters concerning Data Privacy, contact the company at firstname.lastname@example.org or write to us at
6-7 Park Lane
This Privacy Statement was last modified on January 6th 2020.