Here at Butlin’s, our true intent is all for your delight. When you're looking for a break, we want to be sure you're not missing out on anything that might guide you on your way. Therefore, we need to ask you for a little personal information, either directly or, with your permission, by tracking how you use our website.

Where we have your permission, we'll send you marketing information we think will be of interest. We'll also collect some technical details, so our website works as well as it possibly can. Sometimes, we'll share information with third parties, such as business partners and service providers, but only so we can provide you with a better service.

If you’re coming on a break with us, we’ll ask for a few more details about yourself, including any special requirements you may have.

We keep your personal information securely, and for limited and appropriate amounts of time. If you’d like to stop receiving our email marketing, just click ‘unsubscribe’ at any time. If you don't want any mail through your letterbox, simply send it back and we'll remove you from our database.

For more details, please see our full privacy policy on the next tab.

You can contact us at any time with questions, concerns, comments, requests or complaints about our privacy policy or your personal information. Please email privacy@butlins.com in the first instance.

For further details about this privacy policy or the way we handle your personal information, you can also contact the UK Information Commissioner on 0303 123 1113 or by visiting ico.org.uk.

From time to time, we might review our privacy policy and make changes to it. If so, we’ll always highlight it on our website butlins.com and, where appropriate, let you know by email.

1. Introduction

This privacy policy (and any other documents referred to in it) explains in detail the types of personal data we may collect about you when you interact with us. It also explains how we’ll store and handle your data and keep it safe. Please read this privacy policy carefully to understand our practices regarding your personal information and how we will treat it.

We know it may seem like a lot of information, but we want you to be appropriately informed about your rights, how we use your data, and how we combine data across Bourne Leisure to build a picture of you.

We hope the following sections will answer any questions you may have, but if not, please do get in touch.

We may update this notice from time to time. If there is any significant change, we will let you know, but you’re welcome to come back and check it whenever you wish.

For your information this privacy policy was last updated on 10 December 2019.

2. Who are Bourne Leisure LTD?

Our business is organised into three main brands and business units:

Haven Holidays which owns and operates thirty-six family holiday parks, providing caravans for sale, touring and camping (including facilities) in the UK, in predominantly coastal locations.

Butlins Skyline LTD which owns and operates three large seaside resorts in the UK, also providing caravans for sale at certain resorts.

Warner Leisure Hotels which owns and operates fifteen country and coastal properties around the UK, offering short adult only breaks.

Evergreen Finance Limited an entity that offers finance and insurance products to our caravan owners.

For simplicity throughout this notice, ‘we’ and ‘us’ means Bourne Leisure LTD, its brands and its business units.

We have a legal duty to protect personal information that we collect under Privacy Legislation such as, the Data Protection Act 2018 (the “DPA”) and the Privacy and Electronic Communications Regulations 2003, (PECR).

For the purpose of the DPA and PECR, we are the data controller and are located at One Park Lane, Hemel Hempstead, HP2 4YL. If you have any queries relating to this policy, you may contact us at privacy@butlins.com.

3. The Legal bases we rely on

The law on data protection sets out a number of different reasons for which a company may collect and process personal data, including:

Consent

In certain circumstances, we can collect and process your data with your consent.

For example, when you tick a box to tell us you would like to receive news and offers from us.

Contractual Obligations

In certain circumstances, we can collect and process your personal data to comply with contractual obligations.

For example, if you book a holiday with us, we’ll collect your personal information to enable us to book your holiday and communicate with you about all the details.

Legal Compliance

If the law requires us to, we may need to collect and process your data.

For example, we can pass on details of people involved in fraud or other criminal activity affecting Bourne Leisure LTD to law enforcement.

Legitimate interest

In specific situations, we require your data to pursue our legitimate interests in a way which might reasonably be expected as part of running our business and which does not materially impact your rights, freedom or interests.

For example, we will use your booking history to send you or make available personalised offers.

We also combine the booking history of many customers to identify trends and ensure we can keep up with demand or develop new products/services.

We may also use your address details to send you direct marketing information by post, telling you about products and services that we think might interest you.

4. When do we collect your personal information?

We may collect and use various types of personal information about visitors to our websites and guests who book a holiday with us or buy a holiday home from us, including:

• When you create an account with us.
• When you engage with us on social media.
• When you engage with one of our contact centres, we may record audio.
• When you download or install one of our applications.
• When you join one of our loyalty programmes (such as Warner Club).
• When you contact us with a query or make a complaint.
• When you ask us to email you about a holiday or service.
• When you enter prize draws or competitions.
• When you book an appointment or attend an event provided by a 3rd party supplier e.g. a big weekend or a bowls event.
• When you choose to complete a survey that we send you.
• When you leave reviews or comment on our services.
• If you fill in any forms e.g. booking an activity or when going to a spa.
• If an accident or incident takes place.
• When you book a break through one of our partners e.g. Saga, family fund or The Sun.
• When you give a third-party permission to share with us any information they hold about you.
• When you use our car parks and resort facilities, we usually have CCTV, ANPR and Body worn cameras in operation for the safety and security of both our guests and our Team Members. These systems may record your image during your visit.

5. What types of personal data do we collect?

• Title
• Name
• Address
• Telephone Number
• Age and DOB (including children’s or additional parties)
• Gender
• Online Identifiers (e.g. IP Address, Social Media identifiers)
• Booking reference
• Health & Medical information
• Proof of identity (e.g. passport & driving license)
• Financial information (e.g. bank/credit/debit details)
• Biometric (e.g. Photography/CCTV/Body worn camera, ANPR and Poolview)
• Audio
• Third party letting information

6. How and why do we use your personal data?

• To process any bookings that you make or services that you purchase using our websites, apps or on site. If we don’t collect your personal data during checkout, we won’t be able to process your booking, fulfil our contract with you and comply with our legal obligations.

For example, your details may need to be passed to a third party to supply or deliver the booking or service that you ordered, and we may keep your details for a reasonable period afterwards in order to fulfil any contractual obligations such as refunds, guarantees and so on.

• To respond to your queries, refund requests and complaints. Handling the information, you provide enables us to respond. We may also keep a record of these to inform any future communication with us and to demonstrate how we communicated with you throughout. We do this based on our contractual obligations to you, our legal obligations and our legitimate interests in providing you with the best service and understanding how we can improve our services based on your experience. To protect our business and your account from fraud and other illegal activities. This includes using your personal data to maintain, update and safeguard your account. We’ll also monitor your browsing activity with us to quickly identify and resolve any problems and protect the integrity of our websites. We’ll do all of this as part of our legitimate interest.

For example, by checking your password when you login and using automated monitoring of IP addresses to identify possible fraudulent logins from unexpected locations.

• To protect our customers, premises, assets and Partners from crime, and to ensure health and safety at all times, we operate CCTV systems on our facilities and car parks which record images for security. We do this on the basis of our legitimate business interests.
• We may sometimes receive requests from TV and other companies to film/photograph on resort. We also take our own Butlin's promotional films and photographs on the parks throughout the year.
• To process payments and to prevent fraudulent transactions. We do this based on our legitimate business interests. This also helps to protect our customers from fraud.
• If we discover any criminal activity or alleged criminal activity through our use of CCTV, fraud monitoring and suspicious transaction monitoring, we will process this data for the purposes of preventing or detecting unlawful acts. We aim is to protect the individuals we interact with from criminal activities.
• We may record conversations with you for training and monitoring purposes.
• With your consent, we will use your personal data, preferences and details of your transactions to keep you informed by email, web, text, telephone and through our contact centres about relevant products and services including tailored special offers, discounts, promotions, events, competitions and so on.

Of course, you are free to opt out of hearing from us by any of these channels at any time.

• To send you relevant, personalised communications by post in relation to updates, offers, services and products. We’ll do this on the basis of our legitimate business interest.

You are free to opt out of hearing from us by post at any time.

• To send you communications required by law or which are necessary to inform you about our changes to the services we provide you. For example, updates to this Privacy Notice, and legally required information relating to your bookings. These service messages will not include any promotional content and do not require prior consent when sent by email or text message. If we do not use your personal data for these purposes, we would be unable to comply with our legal obligations.
• To display the most interesting content to you on our websites or apps, we’ll use data we hold about your favourite types of holiday or services. We do so on the basis of your con-sent to receive app notifications and/or for our website to place cookies or similar technology on your device.

For example, we might display a list of holidays you’ve recently looked at, or offer you recommendations based on your purchase history and any other data you’ve shared with us.

• To administer any of our prize draws or competitions which you enter, based on your consent, given at the time of entering.
• To develop, test and improve the systems, services and products we provide to you. We’ll do this on the basis of our legitimate business interests.

For example, we’ll record your browser’s Session ID to help us understand more when you leave us online feedback about any problems you’re having on our website.

• To comply with our contractual or legal obligations to share data with law enforcement and other authorities.

For example, when a court order is submitted to share data with Government functions & law enforcement agencies or a court of law e.g. HM Revenue or DWP.

• To send you survey and feedback requests to help improve our services. These messages will not include any promotional content and do not require prior consent when sent by email or text message. We have a legitimate interest to do so as this helps make our products or services more relevant to you.
• To build a rich picture of who you are and what you like, and to inform our business decisions, we’ll combine data captured from across the group, third parties and data from publicly-available lists e.g. the electoral roll, credit reference agencies (where applicable and demographic information. As we have described in the section 'What sort of personal data do we collect?' we’ll do this on the basis of our legitimate business interest.

For example, by combining this data, this will help us personalise your experience and decide which inspiration or content to share with you. We also use anonymised data from customer booking histories to identify trends in different areas of the country. This may then guide which types of news and offers we send to different locations. Or when buying a caravan with us we may carry out checks against the electoral roll and credit reference agencies.

• Help inform business decisions for example which 3rd Party websites we partner with to ensure our advertising reaches our customers.

7. Combining your data for personalised direct marketing

We want to bring you news and offers that are most relevant to your interests at particular times. To help us form a better, overall understanding of you as a customer, we combine your personal data gathered across Bourne Leisure LTD as described above, for example your shopping history at both Haven Holidays and Warner Leisure Hotels. For this purpose, we also combine the data that we collect directly from you with data that we obtain from third parties to whom you have given your consent to pass that data onto us.

We may also use something called “Facebook custom audiences” to deliver advertisements to our website customers, based on email addresses that we collect from you. When we use this, we do not share any of your personal information with Facebook (including your shopping history). Instead, the tool enables us to convert your email address into a unique number that Facebook can then match with the numbers generated from its own customers email addresses. You may learn more about Facebook custom audiences by visiting https://www.facebook.com/business/help/341425252616329?id=2469097953376494 and about how to opt out of receiving advertisements based on your email address by reading section 14 below, titled ‘How can you stop the use of your personal data for direct marketing?’

8. Who do we share your personal data with?

We sometimes share your personal data with trusted third parties. Here’s the policy we apply to those organisations to keep your data safe and protect your privacy:

• We provide only the information they need to perform their specific services.
• They may only use your data for the exact purposes we specify in our contract with them.
• We work closely with them to ensure that your privacy is always respected and protected.
• If we stop using their services, any of your data held by them will either be deleted, returned or rendered anonymous.

Examples of the kind of third parties we may work with are:

• IT companies who support our website, applications and other business systems.
• Direct marketing companies who help us manage our electronic and postal communications with you.
• Data Insight and Market research agencies.
• Google/Facebook to show you products that might interest you while you’re browsing the internet. This is based on either your marketing consent or your acceptance of cookies on our websites. See our Cookies Policy for details.
• Payment service providers that enable us to fulfil transactions with you.
• Partnerships we work with e.g. RBS Rewards schemes
• For fraud management, we may share information about fraudulent or potentially fraudulent activity in our premises or systems. This may include sharing data about individuals with law enforcement bodies.
• We may also be required to disclose your personal data to the police or other enforcement, regulatory or Government body, in your country of origin or elsewhere, upon a valid request to do so. These requests are assessed on a case-by-case basis and take the privacy of our customers into consideration.
• We may, from time to time, expand, reduce or sell our business and therefore may share data with Prospective buyers of our business or assets. If this happens, your personal data will, where relevant, be transferred to the new owner or controlling party, under the terms of this Privacy Notice.
• Activity providers
• Where you are attending an event organised by a third party at our Resorts, we may share booking details with them to allow the event to be planned effectively. This includes: Spring Harvest breaks, ESF breaks, Status Quo Fan club breaks. Our legal basis for the sharing of this data is our contractual obligation to our partners.
• If you take out holiday insurance as part of your holiday, we will pass on details of your booking to our insurers, Towergate and their underwriters. This will allow them to administer your policy and any claim.

For further information please contact our Data Protection Officer.

9. Security on our Resorts

The following are operated in our resorts to assist with monitoring & maintaining resort safety, to prevent & detect crime & assist law enforcement (where necessary):

• CCTV
• Automated Number Plate Recognition (ANPR)
• Body Worn Cameras (BWC) - the security team will always inform you before turning their BWC’s on
• Pool view, some sites may operate drowning prevention technology

These systems are operated for the protection of our guest, employees & premises from criminal activities.

If we discover any criminal activity or alleged criminal activity through our use of CCTV, we will process this data for the purposes of preventing or detecting unlawful acts.

The Legal basis for our use of this information is in our Legitimate Interests to ensure the safety of guests and employees at resorts and to assist with law enforcement. We may also use the footage to exercise & defend our legal rights.

10. How we use Sensitive Personal Information

We do not normally collect sensitive personal information from you as part of the booking process. However, if you make us aware of any special requests, for your booking including anything due to specific medical, dietary or religious requirements, we will note these so that we can do our best to meet your request. We will not process this data for any other purpose.

If you book onsite activities (including, but not limited to, sports, outdoor activities and spa treatments), we ask for information about your health including any existing conditions relevant to the activity and details of who to contact in the event of an emergency.

The information is collected for the following purposes:

• To provide the activities and treatments you want and to ensure you can safely take part
• To ensure we are able to contact someone in an emergency

The legal basis for our use of this data is your consent and to fulfil our contract with you. You have the right to object to us processing this data at any time and our right to process data is not overridden by your interests, fundamental rights and freedoms.

11. Where We Transfer and Store Personal Information

The personal information that we collect from our website visitors and guests may be transferred to, and stored at, destinations outside the European Economic Area, (the "EEA”). To safeguard your personal information and to make sure that it is properly protected we have put in place contractual safeguards with our Data Processors.

Any transfer of your personal data will follow applicable laws and we will treat the information under the guiding principles of this Privacy Notice.

12. How long will we keep your personal data?

Whenever we collect or process your personal data, we’ll only keep it for as long as is necessary for the purpose for which it was collected. This period will be determined based on any business and/or legal requirements.

At the end of that retention period, your data will either be deleted completely or anonymised, for example by aggregation with other data so that it can be used in a non-identifiable way for statistical analysis and business planning.

If you need further information, please contact us at privacy@butlins.com

13. Your Rights in Your Personal Information

You have certain rights in respect of the personal information that we hold about you. Details of these rights are set out below. To exercise any of these rights, please contact us at privacy@butlins.com.

We will process all personal data in line with your rights, in each case to the extent required by and in accordance with applicable law only (including in accordance with any applicable time limits and any requirements regarding fees and charges). We will respect your personal information rights. For more information on your rights, please see https://ico.org.uk/your-data-matters.

14. How can you stop the use of your personal data for direct marketing?

There are several ways you can stop direct marketing communications from us:

Click the ‘unsubscribe’ link in any email communication that we send you. We will then stop any further emails from that division.

If you have an account, log in into your account and change your preferences.

In our apps, you can manage your preferences and opt out from one or all the different push notifications by selecting or deselecting the relevant options in the ‘Settings’ section.

If you do not wish to see advertising on social media, you can also manage this within your social media platform settings.

Please note that you may continue to receive communications for a short period after changing your preferences while our systems are fully updated.

15. Cookies and other tracking technology

Our website uses “cookies” and other tracking technologies which are placed and stored on your computers’ hard drives, or in their browser memories, if you agree, when you visit our website. These are used for various purposes, including distinguishing you from other web-site visitors.

You can manage all cookies using your browser settings or using a service such as https://www.aboutcookies.org.uk/managing-cookies. You can manage your preferences for the Facebook pixel through Facebook settings. See our Cookies Policy for more information.

16. How do we protect your personal data?

We treat your information with the utmost care and take all appropriate steps to protect it.

We secure access to all transactional areas of our websites and apps using ‘https’ technology.

Access to your personal information is password-protected, and sensitive data is secured and tokenised to ensure it is protected.

We regularly monitor our system for possible vulnerabilities and attacks, and we carry out penetration testing to identify ways to further strengthen security.

17. Changes to Our Privacy Policy

We reserve the right to modify this privacy policy from time to time. Any changes we make in the future will be posted on the following website: www.butlins.com. You should check back frequently to see any updates or changes to our privacy policy.

18. Any questions?

We hope this Privacy Notice has been helpful in setting out the way we handle your personal data and your rights to control it.

If you have any questions that haven’t been covered, please contact our Data Protection Officer who will be pleased to help you:

Questions, concerns, comments, requests or complaints regarding this privacy policy, our website and/or our use of your personal information should be addressed to privacy@butlins.com.

If you have any complaints regarding this privacy policy, you may also contact the UK Information Commissioner at telephone number 0303 123 1113 or https://ico.org.uk/make-a-complaint.

What are cookies?

Cookies are small text files that are stored by the browser you use on your computer or mobile device when you visit a website. All websites use cookies, primarily to:

• Allow a website to work more efficiently
• Make the site easier to navigate by remembering information you’ve entered
• Customise the site by showing you information that’s relevant to you

Cookies set by the website owner are called ‘first party cookies’. Cookies that have been set by parties other than the website owner are called ‘third party cookies’.

Why do we use them?

We use cookies to improve your website experience and to tailor it to your needs.

Examples of how we use cookies include:

• To gather information which allows us to identify your platform and record sales
• To ensure you are provided with correct and useful information during your visit to our site
• To allow you to proceed through our checkout.
• To collect data which allows us to improve our services based on purchases and site usage.
• For statistical analysis purposes.

What you need to know about the types of cookies that we use

1. Necessary – these help make a website usable by enabling basic functions like page navigation and access to secure areas of the website. The website cannot function properly without these cookies and therefore cannot be switched off in our systems. They are usually only set in response to actions made by you which amount to a request for services, such as filling in forms. You can set your browser to block or alert you about these cookies, but some parts of the site will not then work. These cookies do not store any personally identifiable information.

2. Preferences – these cookies enable a website to remember information that changes the way the website behaves or looks, like your preferred language or the region that you are in. They may be set by us or by third party providers whose services we have added to our pages. If you do not allow these cookies, then some or all of these services may not function properly.

3. Statistics – these cookies allow us to count visits and traffic sources and improve performance of our site. They help us to know which pages are the most and least popular and see how visitors move around the site. All information these cookies collect is aggregated and therefore anonymous. If you do not allow these cookies we will not know when you have visited our site and will not be able to monitor its performance. Statistical/performance cookies do not collect personal data.

4. Marketing – these cookies may be set through our site by our advertising partners. They may be used by those companies to build a profile of your interests and show you relevant adverts on other sites. They do not store directly personal information but are based on uniquely identifying your browser and internet device. If you switch these cookies off at browser level you will experience less targeted advertising.

Our lawful basis for collecting your personal information by using cookies is our ‘legitimate interest’ to develop and market our services. We believe that users of our websites have reasonable expectations that cookies will be collected and that you can opt out using browser settings.

Third party cookies

Some of the cookies on our website are not related to Butlins and are placed by our advertising partners and other Third Parties. For example, if you visit a web page that contains embedded content, such as a YouTube video, the other website may send cookies to you. These third party cookies may collect your personal data and so we have provided you with a link to find further information and to allow you to manage all cookies at a browser level: http://optout.networkadvertising.org/?c=1#!/. Please note that we cannot be responsible for an external website’s content.

Common third party cookie providers

There are a small number of common third party cookie providers for whom we provide more information:

Facebook

If you browse a page within our website which includes a Facebook product (e.g. a Like button), and you have a Facebook account, Facebook will use cookies to enable them to offer you relevant information and products. It also helps them understand the information they receive from you. Our website also uses a Facebook Pixel, which is a web beacon, to personalise advertising to you. You are able to manage your Facebook related marketing through the settings on your Facebook account.

Google Analytics

Our website uses Google Analytics Premium, a web analytics service provided by Google Ireland Limited ('Google'). Google Analytics Premium is a data processor for Bourne Leisure and their terms of service can be found here: www.google.com/analytics/terms/us.html

Google Analytics uses 'cookies' to help the website analyse how users use the site and does not store any personal information. The information generated by the cookies about your use of the website will be transmitted by your browser to Google on servers in the United States and other countries.

Google Marketing Platform

The website uses pixels, or transparent GIF files, to help manage online advertising. These GIF files are provided by our ad management partner, Google Marketing Platform. These files enable Google to recognize a unique cookie on your Web browser, which in turn enables us to learn which advertisements bring users to our website. The cookie was placed by us, or by another advertiser who works with Google. With both cookies and pixels, the information that we collect and share is anonymous and not personally identifiable. It does not contain your name, address, telephone number, or email address. For more information about Google Ads, including information about how to opt out of these technologies, go to: www.google.com/intl/en/policies/privacy/

How you can control cookies

You have the right to decide whether to accept or reject cookies. If you do not want to accept cookies you can change your browser settings. However, if you do this, please be aware that you may lose some functionality of the website. Each browser is different so please check the Help menu of your own browser to find out more about how to change your cookie preferences.

You can control individual cookies on your browser at the Network Advertising Initiative's website or at Your Ad Choices website.

For more information about cookies and how to disable them, please visit the Information Commissioner’s webpage about cookies. You can also read more about cookies at www.aboutcookies.org

Please note that we can not be responsible for external websites’ content.