Privacy Policy
Last Updated: 15 January 2026
CoachDayTrips.co.uk ("we", "us", "our") is committed to protecting your privacy and personal data. This Privacy Policy explains how we collect, use, store, and protect your information in compliance with the UK General Data Protection Regulation (UK GDPR) and Data Protection Act 2018.
Quick Summary: We collect information necessary to process your bookings and improve our service. We don't sell your data. You have full control over your information and can request access, correction, or deletion at any time.
1. Information We Collect
1.1 Information You Provide
When you use our website and book trips, we collect:
| Data Type | Examples | Purpose |
|---|---|---|
| Contact Details | Name, email, phone number | Booking confirmation, trip updates, customer support |
| Booking Information | Pickup location, date, number of passengers | Processing and fulfilling your trip |
| Payment Details | Card information (securely processed by Stripe) | Payment processing |
| Account Information | Username, password, booking history | Account management, faster future bookings |
| Communications | Support messages, reviews, feedback | Customer service, service improvement |
1.2 Information We Collect Automatically
When you visit our website, we automatically collect:
- Technical Data: IP address, browser type, device information, operating system
- Usage Data: Pages visited, time spent on site, links clicked, search queries
- Location Data: Approximate location based on IP address (for showing relevant trips)
- Cookies: Small files stored on your device (see our Cookie Policy)
1.3 Information from Third Parties
- Payment Processors (Stripe): Payment confirmation and transaction data
- Analytics Services (Google Analytics): Aggregated usage statistics
- Social Media: If you interact with us on social platforms
2. How We Use Your Information
2.1 Legal Basis for Processing
We process your personal data based on:
- Contract Performance: To fulfill bookings and provide services you've requested
- Legal Obligation: To comply with tax, accounting, and regulatory requirements
- Legitimate Interests: To improve our services, prevent fraud, and ensure security
- Consent: For marketing communications (you can opt out anytime)
2.2 Purposes of Data Processing
We use your information to:
Booking & Service Delivery:
- Process and confirm bookings
- Share your details with the relevant coach operator
- Issue tickets and booking confirmations
- Send trip reminders and updates
- Handle cancellations and refunds
Customer Support:
- Respond to queries and complaints
- Resolve booking issues
- Provide assistance before, during, and after trips
Service Improvement:
- Analyze usage patterns and preferences
- Improve website functionality and user experience
- Develop new features and services
- Conduct surveys and research
Marketing & Communications:
- Send relevant trip recommendations and special offers
- Share news and updates about our service
- Personalize content based on your interests
- You can opt out of marketing at any time
Legal & Security:
- Prevent and detect fraud
- Enforce our Terms & Conditions
- Comply with legal obligations
- Protect our rights and those of our users
3. Sharing Your Information
3.1 Coach Operators
We share necessary booking information (name, contact details, pickup location) with the operator running your trip. They are independent data controllers responsible for their own privacy practices.
3.2 Service Providers
We share data with trusted third parties who help us operate:
- Payment Processing: Stripe (for secure payment handling)
- Email Services: For sending booking confirmations and communications
- Cloud Hosting: Firebase/Google Cloud (for data storage and infrastructure)
- Analytics: Google Analytics (anonymized usage data)
- Customer Support: Help desk and communication tools
All service providers are contractually required to protect your data and use it only for specified purposes.
3.3 Legal Requirements
We may disclose your information if required by law, court order, or regulatory authority, or to protect our legal rights and safety.
3.4 Business Transfers
If our business is sold or merged, your data may be transferred to the new owner, subject to the same privacy protections.
3.5 What We DON'T Do
- ❌ We do NOT sell your personal data to third parties
- ❌ We do NOT share your data for others' marketing without consent
- ❌ We do NOT use your data in ways incompatible with this policy
4. Data Security
4.1 Security Measures
We implement appropriate technical and organizational measures to protect your data:
- Encryption: SSL/TLS encryption for data transmission
- Secure Storage: Data stored on secure, access-controlled servers
- Payment Security: PCI-DSS compliant payment processing (we don't store card details)
- Access Controls: Limited access to personal data on need-to-know basis
- Regular Audits: Security reviews and vulnerability assessments
- Staff Training: All staff trained on data protection
4.2 Your Responsibility
- Keep your account password secure and confidential
- Use secure, up-to-date devices and browsers
- Be cautious of phishing emails claiming to be from us
- Log out after using shared or public devices
4.3 Data Breaches
In the unlikely event of a data breach that poses a risk to your rights, we will notify you and the Information Commissioner's Office (ICO) within 72 hours as required by law.
5. International Data Transfers
5.1 Where We Store Data
Your data is primarily stored within the UK and European Economic Area (EEA). Some service providers may process data outside the UK/EEA.
5.2 Safeguards
When data is transferred internationally, we ensure appropriate safeguards are in place:
- Standard Contractual Clauses (SCCs) approved by the UK/EU
- Adequacy decisions by the UK government
- Service providers certified under recognized frameworks
6. Data Retention
6.1 How Long We Keep Data
| Data Type | Retention Period | Reason |
|---|---|---|
| Booking Information | 7 years | Tax and accounting requirements |
| Account Data | Until account deletion + 30 days | Account management and legal obligations |
| Marketing Consent | Until you withdraw consent | Compliance with marketing regulations |
| Support Communications | 3 years after closure | Customer service and dispute resolution |
| Analytics Data | 26 months (Google Analytics default) | Usage analysis and improvement |
6.2 Deletion
After retention periods expire, we securely delete or anonymize your data so it can no longer identify you.
7. Your Rights
7.1 Under UK GDPR, You Have the Right To:
1. Access Your Data
Request a copy of the personal data we hold about you (Subject Access Request).
2. Rectification
Correct inaccurate or incomplete information.
3. Erasure ("Right to be Forgotten")
Request deletion of your data in certain circumstances (note: we may need to retain some data for legal obligations).
4. Restrict Processing
Limit how we use your data in specific situations.
5. Data Portability
Receive your data in a structured, machine-readable format to transfer to another service.
6. Object
Object to processing based on legitimate interests or for direct marketing.
7. Automated Decision-Making
Not be subject to solely automated decisions that significantly affect you (we don't use automated decision-making).
8. Withdraw Consent
Withdraw consent for marketing or other consent-based processing at any time.
7.2 How to Exercise Your Rights
To exercise any of these rights:
- Email us at: privacy@coachdaytrips.co.uk
- Include your name, email, and specify which right you're exercising
- We'll respond within 30 days (may be extended by 2 months for complex requests)
- You can also manage some preferences in your account settings
7.3 Complaints
If you're unhappy with how we handle your data, you have the right to lodge a complaint with:
Information Commissioner's Office (ICO)
Website: https://ico.org.uk
Phone: 0303 123 1113
Post: Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF
8. Marketing Communications
8.1 What You'll Receive
With your consent, we may send:
- Trip recommendations based on your interests
- Special offers and promotions
- Newsletter with travel tips and inspiration
- Service updates and new features
8.2 Opting Out
You can opt out at any time by:
- Clicking "unsubscribe" in any marketing email
- Updating preferences in your account settings
- Emailing us at privacy@coachdaytrips.co.uk
Note: You'll still receive essential booking-related communications (confirmations, updates, receipts).
9. Cookies & Tracking
9.1 What Are Cookies
Cookies are small text files stored on your device that help us provide and improve our service.
9.2 How We Use Cookies
- Essential Cookies: Required for booking and site functionality (always active)
- Performance Cookies: Analytics to understand usage (Google Analytics)
- Functional Cookies: Remember your preferences and settings
- Marketing Cookies: Track effectiveness of advertising campaigns
9.3 Managing Cookies
You can control cookies through:
- Our cookie consent banner (first visit)
- Your browser settings
- Third-party opt-out tools
For full details, see our Cookie Policy.
10. Children's Privacy
Our service is not directed at children under 16. We do not knowingly collect personal data from children. If you believe a child has provided us with personal information, please contact us immediately so we can delete it.
Bookings for children must be made by a parent or guardian who is 18 or over.
11. Third-Party Links
Our website may contain links to third-party websites (e.g., operator websites, social media, attractions). We are not responsible for their privacy practices. Please review their privacy policies before providing any personal information.
12. Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. We will:
- Post the updated policy on this page with a new "Last Updated" date
- Notify you by email of significant changes (if you have an account)
- Obtain fresh consent where required by law
We encourage you to review this policy periodically.
13. Contact Us
13.1 Data Protection Contact
For any questions about this Privacy Policy or how we handle your data:
- Email: privacy@coachdaytrips.co.uk
- General Support: support@coachdaytrips.co.uk
- Website: www.coachdaytrips.co.uk
13.2 Data Controller
The data controller responsible for your personal information is:
CoachDayTrips.co.uk
United Kingdom
We take your privacy seriously. If you have any concerns about how we handle your data, please don't hesitate to contact us. We're here to help and ensure your information is protected.