Privacy Policy for GlenFjord Cycles
At GlenFjord Cycles, we are committed to protecting your privacy and handling your personal data responsibly. This Privacy Policy outlines how we collect, use, disclose, and protect your information when you interact with our services, including guided bicycle tours, custom bike rental packages, cycling route planning, group and corporate cycling events, and bike maintenance workshops.
1. Information We Collect
We collect various types of information from you in connection with the services we provide:
- Personal Identifiable Information (PII): This includes information you provide directly to us so we can identify or contact you. Examples include your name, email address, postal address, phone number, date of birth, emergency contact details, and payment information when you book a tour, rent a bike, or register for an event.
- Health and Fitness Information: For certain tours or activities, we may request information about your cycling ability, health conditions, or dietary restrictions to ensure your safety and provide appropriate accommodations. This information is collected with explicit consent and treated with the utmost sensitivity.
- Booking and Service Data: Details related to your bookings, tour preferences, rental history, and participation in workshops or events.
- Communication Data: Records of your communications with us, including emails, phone calls, and inquiries through our contact forms.
- Website Usage Data: Information about how you interact with our online platform, such as IP address, browser type, pages visited, time spent on pages, and referring URLs. This is collected through cookies and similar technologies.
2. How We Use Your Information
We use the information we collect for the following purposes:
- To Provide and Manage Services: To process your bookings, manage bike rentals, organize tours and events, conduct workshops, and provide cycling route planning services.
- Customer Support: To respond to your inquiries, provide assistance, and resolve any issues you may encounter.
- Safety and Well-being: To ensure your safety during tours and activities, especially when health and fitness information is provided (with your explicit consent).
- Improve Our Services: To understand how our services are used, identify areas for improvement, and develop new offerings.
- Marketing and Communications: To send you updates, promotions, and information about our services, events, or special offers that may be of interest to you, where you have consented to receive such communications. You can opt-out at any time.
- Billing and Payments: To process payments for services rendered.
- Legal Compliance: To comply with legal obligations, enforce our terms and conditions, and protect our rights or the rights of others.
3. Legal Basis for Processing (GDPR)
For individuals in the European Economic Area (EEA), our processing of your personal data is based on the following legal grounds:
- Consent: Where you have given explicit consent for specific processing purposes (e.g., for marketing communications or processing of health data). You have the right to withdraw your consent at any time.
- Contractual Necessity: Where processing is necessary for the performance of a contract with you or to take steps at your request before entering into a contract (e.g., to process your tour booking).
- Legal Obligation: Where processing is necessary for compliance with a legal obligation to which we are subject (e.g., tax and accounting requirements).
- Legitimate Interests: Where processing is necessary for the purposes of our legitimate interests or those of a third party, provided those interests are not overridden by your fundamental rights and freedoms (e.g., improving our services, preventing fraud).
4. Sharing and Disclosure of Information
We do not sell your personal data. We may share your information with:
- Service Providers: Third-party vendors who perform services on our behalf, such as payment processors, IT support, marketing services, and analytics providers. These providers are obligated to protect your information and use it only for the purposes for which it was disclosed.
- Tour Operators and Guides: Where necessary to facilitate your participation in specific tours or events.
- Legal and Regulatory Authorities: If required by law, court order, or governmental regulation, or if we believe it's necessary to protect our rights, property, or safety, or that of our customers or the public.
- Business Transfers: In connection with a merger, acquisition, or sale of all or a portion of our assets, your personal data may be transferred to the acquiring entity.
5. Data Retention
We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, including for the purposes of satisfying any legal, accounting, or reporting requirements. To determine the appropriate retention period, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure, the purposes for which we process your personal data, and whether we can achieve those purposes through other means, and the applicable legal requirements.
6. Data Security
We implement appropriate technical and organizational measures to protect your personal data from unauthorized access, accidental loss, destruction, alteration, or disclosure. This includes using secure servers, encryption, access controls, and regular security assessments. While we strive to protect your personal data, no method of transmission over the internet or method of electronic storage is 100% secure.
7. Your Data Protection Rights (GDPR)
If you are located in the EEA or UK, you have the following rights regarding your personal data:
- The Right to Access: You have the right to request copies of your personal data.
- The Right to Rectification: You have the right to request that we correct any information you believe is inaccurate or incomplete.
- The Right to Erasure (Right to be Forgotten): You have the right to request that we erase your personal data under certain conditions.
- The Right to Restrict Processing: You have the right to request that we restrict the processing of your personal data under certain conditions.
- The Right to Object to Processing: You have the right to object to our processing of your personal data under certain conditions.
- The Right to Data Portability: You have the right to request that we transfer the data that we have collected to another organization, or directly to you, under certain conditions.
- The Right to Lodge a Complaint: You have the right to lodge a complaint with your local data protection supervisory authority if you have concerns about how we are processing your personal data. In Ireland, this is the Data Protection Commission (DPC).
To exercise any of these rights, please contact us using the contact details provided below. We will respond to your request within one month.
8. Third-Party Links
Our online platform may contain links to other websites not operated by us. This Privacy Policy applies only to GlenFjord Cycles. We encourage you to review the privacy policies of any third-party sites you visit. We have no control over and assume no responsibility for the content, privacy policies, or practices of any third-party sites or services.
9. Changes to This Privacy Policy
We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page. You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page.
10. Contact Us
If you have any questions about this Privacy Policy or our data practices, please contact us:
- GlenFjord Cycles
- 2847 Liffeybank Road, Suite 3A
- Galway, Connacht, H91 C5W2
- Ireland