All Aboard UK Ltd (the “Company”) respects the privacy concerns of the users of its website, http://www.nisei-legacy-tours.com and the services provided therein (the “Site”). The Company thus provides this privacy statement to explain what information is gathered during a visit to the Site and how such information may be used.
The General Data Protection Regulation (GDPR)
We have taken the necessary steps to ensure that we are in compliance with the General Data Protection Regulation (GDPR), supplemented in the UK by the DPA (Data Protection Act) 2018.
Under GdPR, individuals are granted the following data subject rights:
- Right to be informed: organisations must tell individuals what data of theirs is being collected, how it’s being used, how long it will be kept and whether it will be shared with any third parties.
- Right of access: individuals have the right to request a copy of the information that an organisation holds on them.
- Right of rectification: individuals have the right to correct data that is inaccurate or incomplete.
- Right to be forgotten: in certain circumstances, individuals can ask organisations to erase any personal data that’s stored on them.
- Right of portability: individuals can request that organisation transfer any data that it holds on them to another company.
- Right to restrict processing: individuals can request that an organisation limits the way it uses personal data.
- Right to object: individuals have the right to challenge certain types of processing, such as direct marketing.
- Rights related to automated decision making including profiling: individuals can ask organisations to provide a copy of its automated processing activities if they believe the data is being processed unlawfully. You should also remind individuals that they are free to exercise their rights and explain how they can do this.
Personal Information We Collect
The type of personal information we collect depends on how you are interacting with us.
The personal information we may collect directly from you consists of the following:
- Name and contact data, such as, first and last name, email address, postal address, phone number, and other similar contact data;
- Payment information, such as, payment card number (credit or debit card), and the security code associated with your payment instrument, if you make a payment; and
- Comments, feedback, questions and other information you provide to us
We automatically collect personal information when you:
- Visit, interact with, or use our website;
- Access, use, or download content from us; and
- Open emails or click links in emails from us.
How We Use the Information You Provide/Lawful Basis
We process personal information about you:
- To perform a contract;
- With your consent;
- For our legitimate interests;
- To comply with the law;
We will not sell or trade your personal information.
We may transfer your personal information to a third party in the event of a bankruptcy, dissolution, merger, sale, acquisition, or change of control.
We may transfer your personal information to a third party if we need to comply with our legal obligations, resolve disputes, and/or enforce our agreements.
Most of the personal information we process is provided to us directly by you to:
- Process and fulfill a booking request, download, subscription, or other transaction;
- Respond to your requests, inquiries, comments and concerns; and
- Send marketing emails.
We also process personal information to:
- Provide online behavioral advertising;
- Inform you of and administer promotions, contests, sweepstakes or surveys;
- Help us address problems with and improve our website;
- Protect the security and integrity of our website; and
- Contact you for other business reasons, if necessary.
“Cookies” are small text files that are placed on a computer or other device and used to identify the user or device and to collect information when you visit a website.
We use absolutely necessary cookies, which allow you to move around our website and use its features.
You can disable cookies through your web browser’s settings, but disabling this function may diminish your experience on our website as some features may not work as intended.
Malware/Spyware/Viruses: Neither the Company nor the Site knowingly permit the use of malware, spyware, viruses, and/or other similar types of software.
“Do Not Track” (DNT) Signals
Some browsers transmit Do Not Track (DNT) signals to websites.
Due to the lack of a common interpretation of DNT signals throughout the industry, we do not currently alter, change, or respond to DNT requests or signals from these browsers.
How the Information is Shared and Stored
We also will disclose your personal information if we have a good faith belief that such disclosure is necessary to:
- meet any applicable law, regulation, legal process or other legal obligation;
- detect, investigate and help prevent security, fraud or technical issues; and/or
- protect the rights, property, or safety of www.nisei-legacy-tours.com and all Aboard UK Ltd, our users, employees or others.
We retain your personal information for as long as necessary to fulfil the transactions you have requested, or for other essential purposes such as complying with our legal obligations, maintaining business and financial records, resolving disputes, maintaining security, detecting and preventing fraud and abuse, and enforcing our agreements, or until such time as you let us know you would like for us to delete it or unsubscribe from our marketing contacts.
Information Protection and Security
Our website uses commercially acceptable security measures to prevent your personal information from being lost, used or accessed in an unauthorized way. We use a Secure Sockets Layer (SSL) certificate and never transmit your credit card information via email. If you receive an email from us that appears to be a request for personal information, do not respond because it may be a phishing scam designed to steal your personal information.
We cannot guarantee that your personal information will always be secure. Should there be a data breach, we will notify you when we are legally required to do so.
Your Rights to Control Your Information
You can unsubscribe from our e-newsletters or updates at any time through the unsubscribe links found in the communications you receive from us.
Use and Transfer of Your Information Out of the European Economic Area (EEA)
This website is operated in the UK and the third parties with whom we might share your personal information (as explained above) are located in the United States, the EU or other countries located outside the European Economic Area.
If you are located outside of the United States, please be aware that any information you provide will be transferred to the United States. By using this website, participating in any of its services and/or providing your information, you consent to this transfer.
Filing a Complaint
If you are covered by the GDPR, and you are not content with how we manage your personal information, you may lodge a complaint with a supervisory authority in the European Union (or European Economic Area) state where you are a resident, work, or where the alleged infringement of data protection laws took place.
Please be sure to specify which right you want to exercise and provide us with enough information to verify your identity. If we cannot verify your identity, we may not be able to fulfill your request.
Changes to this Privacy Notice