Cookies, Data & Privacy Policy

Cookies, Data and Privacy Policy for www.topsail-adventures.co.uk

Our website uses cookies and forms to collect and share some user data. This Cookies, Data & Privacy Policy explains what how we aim to protect your privacy.

Topsail Adventures Ltd: Data & Privacy Policy – Last Updated 24/2/2019

Who we are

This website (https://www.topsail-adventures.co.uk) is owned and managed by Topsail Adventures Ltd, Registered Company Number: 6000046 (England & Wales).

Data & Privacy Information and Policies.

Relevant People

Data & Privacy; Security, Management and Policy: Nick Beck, Managing Director Topsail Adventures Ltd. nick.a.beck@gmail.com, 07831 710946.

Website design and management: Nick Beck, Managing Director Topsail Adventures Ltd. nick.a.beck@gmail.com, 07831 710946.

Data systems design and management: Nick Beck, Managing Director Topsail Adventures Ltd. nick.a.beck@gmail.com, 07831 710946.

Our Web and Email hosts.

www.topsail-adventures.co.uk and ahoy@topsail-adventures.co.uk are hosted by Heart Internet (https://www.heartinternet.uk/). Heart Internet may store meta (log) information about any web browsing sessions and email messages sent to our domains. For more information regarding data retention and privacy on Heart Internet’s systems please refer to their website (https://www.heartinternet.uk/terms/heart-internet-privacy-statement).

www.PilotCutterAmelieRose.com redirects to www.topsail-adventures.co.uk and is not a hosted entity in its own right.

Communication with the www.topsail-adventures.co.uk website is secured via SSL using a certificate issued by Starfield Technologies Inc. More details can be found here: https://ssl-ccp.secureserver.net/repository/.

Certain data that we collect are stored on a database within the Heart Internet network. This database is held on a server within the Heart Internet network which is accessible to our Webserver but not directly via the internet. Further details about the security of Heart Internet’s network can be found on their website. Details about what data are stored in this way are detailed in the relevant sections of this document.

The nick.a.beck@gmail.com and pilotcutter.amelierose@gmail.com email accounts are hosted by Google on their Gmail service. The Google (and gmail/drive) data use, retention and privacy policies can be viewed here > https://policies.google.com/privacy.

Data Backups: Our website and its associated database are backed up automatically every 24 hours and the last 5 of these backups are stored in our Google Drive “cloud” service.

The online chat facility used by www.topsail-adventures.co.uk is provided by Tidio LLC (https://www.tidiochat.com). Any messages sent/received using the chat system are hosted on their systems. More information regarding their data use, retention and privacy policies can be found here https://www.tidiochat.com/en/privacy-policy/.

Webserver technologies and Security

www.topsail-adventures.co.uk uses WordPress (currently version 5.1x) running on RedHat Enterprise Linux, utilising Apache 2.4.xx, PHP v7.2.x and MariaDB SQL Server v10.1.x.

A number of plugins are used in addition to the basic WordPress Build:

ACF Content Analysis for Yoast SEO, Advanced Custom Fields, Better Search Replace, Content Views, Content Views Pro, Cookiebot, Cool Tag Cloud, CSS Hero, Divi Booster, Divi Stop Stacking, Divi Tweaker, Jetpack by WordPress.com, Mhmm – Mighty Header & Menu Maker, Monarch Plugin, Really Simple SSL, Really Simple SSL pro, SB Divi Contact Form DB, Search Layout Injector, Simple Divi Shortcode, Smart Slider 3 Pro, SSL Insecure Content Fixer, Taxonomy Layout Injector, Testify, Tidio Chat, UpdraftPlus – Backup/Restore, WP and Divi Icons, WPForms, WPForms Form Templates Pack, WPForms MailChimp, WP Sitemap Page, Yoast SEO.

Many of these plugins are commercially supported and both the WordPress Core and all Plugin Security Updates are implemented within 15 days of us being notified. Notifications are automatic for all of our plugins and for the WordPress Core. Details about these plugins are available on their respective sites that can be found by searching for the plugin name online.

Our Cookie reporting and management service is supplied by https://www.cookiebot.com. Their privacy policies can be found here: https://www.cookiebot.com/en/privacy-policy/.

Who has access to these data:

Nick Beck (details above): Full access to all data for bookings, vouchers/referrals, sales and contact admin, marketing, crew management, safety management, incident handling

Julie Harris (julie@topsail-adventures.co.uk, 0800 773 4264): Access to booking form database for crew management, safety management and incident handling.

Chris Kay (chris@topsail-adventures.co.uk, 0800 773 4264): Access to booking form database for crew management, safety management and incident handling.

Rebecca Sykes (rebecca@topsail-adventures.co.uk, 0800 773 4264): Access to booking form database for crew management, safety management and incident handling.

Adam Cloote (adam@topsail-adventures.co.uk, 0800 773 4264): Access to booking form database for crew management, safety management and incident handling.

If an incident is declared then selected booking form information may also be shared with; emergency services, coastguard, and search & rescue services as deemed appropriate.

Some identifiable personal data may also be shared with:

Adam Style (Accountants) Ltd (adam@styleaccountants.co.uk, 01273 597343): Access to Topsail Adventures Ltd Bank Account Statements, Paypal Account Statements and copies of Topsail invoices & receipts for the purpose of preparing our accounts and advising on our tax affairs.

HMRC (https://www.gov.uk/government/organisations/hm-revenue-customs/contact) : Access to Topsail Adventures Ltd Bank Account Statements, Paypal Account Statements and copies of Topsail invoices & receipts for the purpose of auditing our accounts or tax records and payments.

Data that we collect

Email

Topsail adventures have 3 primary email addresses; ahoy@topsail-adventures.co.uk, pilotcutter.amelierose@gmail.com and nick.a.beck@gmail.com.

Email that is sent to ahoy@topsail-adventures.co.uk (in fact any email that is sent to anything@topsail-adventures.co.uk) is forwarded automatically to nick.a.beck@gmail.com. A copy remains on our hosts email system until we manually clear it out which we do when the mailbox becomes full. We leave email here as a backup for our gmail accounts and in case of lost/accidentally deleted emails. We can, on request, use our host’s email search function to list and/or delete emails from/to a particular email address.

Email in the nick.a.beck@gmail.com mailbox may be stored in perpetuity in order for us to refer back to previous email conversations. We can, on request, use the Gmail search function to list and/or delete emails from/to a particular email address.

The pilotcutter.amelierose@gmail.com address is primarily used as a google ID for our Pilot Cutter Amelie Rose Youtube Channel. Email in the pilotcutter.amelierose@gmail.com mailbox may be stored in perpetuity in order for us to refer back to previous email conversations. We can, on request, use the Gmail search function to list and/or delete emails from/to a particular email address.

Emails sent from our nick.a.beck@gmail.com account (including some emails that will appear to come from ahoy@topsail-adventures.co.uk and pilotcutter.amelierose@gmail.com) may be tracked via MailTrack (https://mailtrack.io/en/). This is for the purposes of understanding when our emails are opened and when the links within them are clicked – ensuring that our emails are being delivered – with the aim of providing the best possible service to our clients. More details about MailTrack’s data use, retention and privacy policies can be found here: https://mailtrack.io/en/privacy-policy.

MailChimp

Topsail Adventures Ltd uses the email service MailChimp to handle all of our bulk email. MailChimp’s data retention/use and privacy policies are available to view on their website (https://mailchimp.com/legal/privacy/).

Data is retained in perpetuity about subscribers – even when they unsubscribe – in order to resolve any disputes with regards to spam emails. We can, on request, list or delete any data held by searching for an email address using MailChimp’s search tools.

We maintain 4 lists on Mailchimp:

Pilot Cutter Amelie Rose Newsletter List.

This contains subscriber details for subscribers to our irregular email newsletters (which contain excerpts and links to articles on our website).

The data that are stored are; First Name, Last Name, Email Address, IP address from which the subscription was made, and the date of the subscription. The name details and email address are used to personalise the newsletters, the IP address is used to comply with anti-spam policies.

Additional meta-data is recorded and stored detailing subscriber interactions with the emails that we send (which emails are opened, which links are clicked). These data are used to help us to identify what content is of most interest to our subscribers.

These data are used ONLY to send out newsletters to subscribers and are not shared with any organisation other than Topsail Adventures and MailChimp.

Tools to unsubscribe or view subscriptions to our Mailchimp lists are available on the MailChimp website and links to these are included in every email newsletter that we send.

Standby Specials Club List

This contains subscriber details for subscribers to our Standby Specials scheme. We email these subscribers with last minute deals on our adventures.

The data that are stored are; First Name, Last Name, Email Address, IP address from which the subscription was made, and the date of the subscription. The name details and email address are used to personalise the newsletters, the IP address is used to comply with anti-spam policies.

Additional meta-data is recorded and stored detailing subscriber interactions with the emails that we send (which emails are opened, which links are clicked). These data are used to help us to identify which adventures are of most interest to our Standby Special subscribers.

These data are used ONLY to send out Standby Special Emails to subscribers and are not shared with any organisation other than Topsail Adventures and MailChimp.

Tools to unsubscribe or view subscriptions to our Mailchimp lists are available on the MailChimp website and links to these are included in every email newsletter that we send.

Newsletter/Classic Boat List

This list contains subscriber details for subscribers to our Email Newsletter that have selected to receive the free Classic Boat Article PDF download from our website. Subscribers on this list are automatically sent a welcome email with a link to the PDF download and are then added to the main Newsletter list before we send out the next Newsletter.

Amelie Rose Sale List

This list contains subscriber details for people who have asked to download the Amelie Rose Sale Specification Details PDF from our website. Subscribers on this list are automatically sent a welcome email with a link to the PDF download.

The data that are stored are; First Name, Last Name, Email Address, IP address from which the subscription was made, and the date of the subscription. These data are stored in order to communicate with people who are interested in buying the boat and/or the business. The IP address/subscription date is used to comply with anti-spam policies.

Additional meta-data is recorded and stored detailing subscriber interactions with the automated email that we send (is the email opened, is the link clicked).

These data are not shared with any organisation other than Topsail Adventures and MailChimp.

Tools to unsubscribe or view subscriptions to our Mailchimp lists are available on the MailChimp website and links to these are included in every email newsletter that we send.

Website Forms

There are several data capture / contact forms that we use on our website in order to facilitate contact with website users and/or potential/actual clients. Some of these forms may store data temporarily or for a defined period in the database that underpins our website. We can, on request, search for/delete data stored in the database using an email address as the search term.

Contact Request Form

The data entered into our Contact Request Form are emailed to our ahoy@topsail-adventures.co.uk email account (and then onwards as detailed elsewhere).

These data are used to facilitate contact between website users and Topsail Adventures.

A copy of the content of this email is stored on the website’s database in case the email goes missing or is accidentally deleted. Once the request email is received and handled the copy on the website is deleted within the next month.

The data that are recorded includes name, contact details (email and phone), and any message entered in the message section of the form. Additional meta data is recorded by the website as per standard with http requests (browser details, IP address, referring page etc.) – these data are deleted when the database entry is deleted as noted above.

Booking Enquiry Forms

The data entered into our booking enquiry forms are emailed to our ahoy@topsail-adventures.co.uk email account (and then onwards as detailed elsewhere).

These data are used to facilitate contact between website users and Topsail Adventures with regards to the user enquiring as to availability of berths on a given trip and progressing a booking with us.

A copy of the content of this email is stored on the website’s database in case the email goes missing or is accidentally deleted. Once the enquiry email is received and handled the copy on the website is deleted within the next month.

The data that are recorded include name, contact details (email and phone), trip details (number of berths required and trip code/name) and any comments entered in the comments section of the form. Additional meta data is recorded by the website as per standard with http requests (browser details, IP address, referring page etc.) – these data are deleted when the database entry is deleted as noted above.

Email Newsletter Subscription Form

The data entered on this form are passed via API to our MailChimp email service as described elsewhere.

Referral Code Application Form

The data entered into our referral code application form are emailed to our ahoy@topsail-adventures.co.uk email account (and then onwards as detailed elsewhere).

These data are used to facilitate contact between website users and Topsail Adventures with regards to the user acquiring a referral code for use with our referrals scheme.

A copy of the content of this email is stored on the website’s database in case the email goes missing or is accidentally deleted. Once the referral request email is received and handled the copy on the website is deleted within the next month.

The data that are recorded include name and email address. Additional meta data is recorded by the website as per standard with http requests (browser details, IP address, referring page etc.) – these data are deleted when the database entry is deleted as noted above.

Some of these data will be recorded in perpetuity on our offline systems to assist in administering use of the referral code and for tax/legal sales reporting purposes. For further details about the data stored on our offline systems see the section elsewhere in this document.

Standby Specials Club Application Form

The data entered on this form are passed via API to our MailChimp email service as described elsewhere.

Gift Voucher Order Form

The data entered into our gift voucher order form are emailed to our ahoy@topsail-adventures.co.uk email account (and then onwards as detailed elsewhere).

These data are used to facilitate contact between website users and Topsail Adventures with regards to the user ordering a Topsail Adventures/Pilot Cutter Amelie Rose gift voucher.

A copy of the content of this email is stored on the website’s database in case the email goes missing or is accidentally deleted. Once the Gift Voucher Order email is received and handled the copy on the website is deleted within the next month.

The data that are recorded includes name and contact details (email and phone) of the person ordering the voucher, recipients name and delivery details (either email address or postal address), any message to be printed on the voucher, voucher value and any other instructions or comments entered in the that section of the form. Additional meta data is recorded by the website as per standard with http requests (browser details, IP address, referring page etc.) – these data are deleted when the database entry is deleted as noted above.

Some of these data will be recorded in perpetuity on our offline systems to assist in administering use of the voucher and for tax/legal sales reporting purposes. For further details about the data stored on our offline systems see the section elsewhere in this document.

Newsletter Signup / FREE Classic Boat Download Form

The data entered on this form are passed via API to our MailChimp email service as described elsewhere.

Amelie Rose’s Full (Sale) Specification Form

The data entered on this form are passed via API to our MailChimp email service as described elsewhere.

Primary Booking Form

The data entered into our Primary Booking Form are stored in a database accessible via our webserver. An email containing the trip code/name, booker’s name, and booker’s email address is sent to our ahoy@topsail-adventures.co.uk address to notify us of the form submission.

If the form user selects “Yes” on the field “Would you like to subscribe to Amelie Rose’s email newsletter?” then our MailChimp API will add the First Name, Last Name and Email Address shown on the form to our Pilot Cutter Amelie Rose Newsletter List on MailChimp as detailed elsewhere in this document.

Some of these data will be recorded in perpetuity on our offline systems to assist in administering the booking and for tax/legal sales reporting purposes. For further details about the data stored in our offline systems see the section elsewhere in this document.

These data are used to facilitate a booking aboard the boat and record information that we are required by law to hold about people who will be aboard the vessel as well as certain other data that we use for contact or marketing purposes.

The data that are recorded include:

Adventure Details (Code/Name and number of berths booked) – Required for Coastguard reporting, admin, Skipper’s Information/Safety Management.

Name & contact details (email, phone(s) and postal address) – Required for Coastguard reporting, admin contact before, during and after the voyage.

Date of Birth – Required for Coastguard reporting and for the Skipper’s Information/Safety Management.

Previous Sailing Experience – Required for the Skipper’s Information/Safety Management.

Food Allergies / Issues – Required for the Skipper’s Information/Safety Management.

Medical Conditions – Required for Coastguard reporting, Skipper’s Information/Safety Management.

Capability Affirmation – Required for the Skipper’s Information/Safety Management/Insurance.

Emergency Contact Details (Name, Contact Phone & Relationship to booker) – Required for Coastguard reporting, Incident Handling/Safety Management.

Additional Requirements (Wet Weather Gear Preference) – Required for admin, Skipper’s Information.

Marketing Information (How did the booker find us, Newsletter Subscription Preference) – Used to improve our marketing and communications)

Declaration – Legal declaration of acceptance of Terms and Conditions of Booking.

All of these data are stored in the database until the end of the year in which the booker sails with us. The entries are then deleted from the online database, though, as noted elsewhere, a subset of these data are stored in our offline systems in perpetuity (see section on offline systems for more details).

Additional meta data is recorded by the website as per standard with http requests (browser details, IP address, referring page etc.) – these data are deleted when the database entry is deleted as noted above.

Additional Crew Booking Form

The data entered into our Additional Crew Booking Form are stored in a database accessible via our webserver. An email containing the trip code/name, primary booker’s name, booker’s name, and booker’s email address is sent to our ahoy@topsail-adventures.co.uk address to notify us of the form submission.

If the form user selects “Yes” on the field “Would you like to subscribe to Amelie Rose’s email newsletter?” then our MailChimp API will add the First Name, Last Name and Email Address shown on the form to our Pilot Cutter Amelie Rose Newsletter List on MailChimp as detailed elsewhere in this document.

Some of these data will be recorded in perpetuity on our offline systems to assist in administering the booking and for tax/legal sales reporting purposes. For further details about the data stored in our offline systems see the section elsewhere in this document.

These data are used to facilitate a booking aboard the boat and record information that we are required by law to hold about people who will be aboard the vessel as well as certain other data that we use for contact or marketing purposes.

The data that are recorded include:

Adventure Details (Code/Name and name of the primary booker) – Required for Coastguard reporting, admin, Skipper’s Information/Safety Management.

Name & contact details (email, phone(s) and postal address) – Required for Coastguard reporting, admin contact before, during and after the voyage.

Date of Birth – Required for Coastguard reporting and for the Skipper’s Information/Safety Management.

Previous Sailing Experience – Required for the Skipper’s Information/Safety Management.

Food Allergies / Issues – Required for the Skipper’s Information/Safety Management.

Medical Conditions – Required for Coastguard reporting, Skipper’s Information/Safety Management.

Capability Affirmation – Required for the Skipper’s Information/Safety Management/Insurance.

Emergency Contact Details (Name, Contact Phone & Relationship to booker) – Required for Coastguard reporting, Incident Handling/Safety Management.

Additional Requirements (Wet Weather Gear Preference) – Required for admin, Skipper’s Information.

Marketing Information (Newsletter Subscription Preference) – Used for communications)

Declaration – Legal declaration of acceptance of Terms and Conditions of Booking.

All of these data are stored in the database until the end of the year in which the booker sails with us. The entries are then deleted from the online database, though, as noted elsewhere, a subset of these data are stored in our offline systems in perpetuity (see section on offline systems for more details).

Additional meta data is recorded by the website as per standard with http requests (browser details, IP address, referring page etc.) – these data are deleted when the database entry is deleted as noted above.

“Offline” Systems Data

We store all of our bookings tracking data in a spreadsheet which is stored in our Google Drive “cloud” service.

The data we store are used to track, administer and record; new bookings, historical bookings, communications, and other sales, for both our own use and for legal and tax recording purposes.

These data are retained in perpetuity for the purposes of legal record, dispute management and better communication/marketing.

We can, on request, search for and list data stored in our “offline” systems using an email address as the search term.

The following data are stored:

New Bookings:

Name, email address, trip code, # in party, booking status, total price, tracking meta data (dates of various actions), deposit paid & method of payment, # of forms received, marketing information (from booking form), invoice/receipt numbers, additional items required (from booking form), food preferences (from booking form), health issues (from booking form), balance paid & method of payment, post trip actions, notes.

These data are maintained during the year of the booking and then archived to a secured space on our Google Drive “cloud” service.

Vouchers & Referrals

Name, email address, voucher/referral type, voucher/referral value, issue date, valid until date, receipt/invoice number, redemption date, notes.

These data are maintained until the voucher/referral expires or is redeemed. At the end of the year that this happens they are archived as per “New Bookings”.

Other Sales Data

Name, email address, item description and quantity, price, payment details, receipt/invoice number, dispatch date.

These data are maintained until the end of the year and then they are archived as per “New Bookings”

Historical booking data

Name, email address, previous bookings (trip codes, # of berths, year)

These data are maintained in perpetuity.

Receipts and Invoices

Copies of all receipts and invoices issued by Topsail Adventures Ltd are stored in perpetuity on our Google Drive “cloud” service for legal and tax recording and reporting purposes.

The data that are recorded on our receipts and invoices may include name, address, trip code, payment type, and amounts invoiced or paid.

Paypal Payments

Any payments made to Topsail Adventures Ltd via our Paypal Account will be recorded on Paypal’s Systems. More information about Paypal’s data use, retention and privacy policies can be found here: https://www.paypal.com/uk/webapps/mpp/ua/privacy-full.

Bank Payments

Some identifiable information will be shared with our Bank (Santander UK plc) when payments are mode direct to our bank account. More information about Santander’s data use, retention and privacy policies can be found here: https://www.santander.co.uk/uk/security.

Comments

When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.

An anonymised string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here: https://automattic.com/privacy/. After approval of your comment, your profile picture is visible to the public in the context of your comment.

Media

If you upload images to comments or posts on this website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.

Comment Cookies

If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.

If you have an account and you log in to this site, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.

When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.

If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.

How long we retain your comment data

If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognise and approve any follow-up comments automatically instead of holding them in a moderation queue.

For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.

What rights you have over your comment data

If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.

Where we send your comments data

Visitor comments may be checked through an automated spam detection service.

Social Media Data

Our Posts

We regularly record pictures and video whilst on our adventure and training trips. These may include identifiable images of our guest crews and trainees.

These images may be posted to our website or social media platforms which are: www.topsail-adventures.co.uk, Facebook (https://www.facebook.com/PilotCutterAmelieRose/), Twitter (https://twitter.com/theamelierose), Instagram (https://www.instagram.com/pilotcutteramelierose/), Youtube (https://www.youtube.com/channel/UCSGczTLmLO5WR68K9z4bUSw), and Pinterest (https://www.pinterest.co.uk/pilotcutteramelierose/).

We do not identify people in these posts using full names (first names only). We do not identify under 18’s at all without express permission of their parent or guardian. We do not “tag” people in the posts (though we do not stop others from tagging).

Posts that we make are often shared, both on the platform of the original post and across other social media platforms. We may have no access to control, list or delete these shared posts.

All of our platforms have their own privacy and data policies available on their websites including mechanisms for searching for content and requesting content removal.

We will, if requested to by the person shown in a post, remove the original of any post from our website or social media platforms using the tools and mechanisms available on those platforms.

Sharing our Posts on Social Media

We enable social media sharing of some of the posts on our website (including News, Adventures, and Special Offers). Any posts shared by website users to any of social media platforms are transferred to the domains of these services. We do not display the number of shares or the identities of any sharers although this information may be recorded on our webserver. More information about the data use, retention and privacy policies of the various social media platforms can be found on their respective websites.

Facebook, Twitter, Instagram, Youtube and Pinterest Comments and Messages.

Any messages or comments that are sent to or shared with us via any of these platforms remain in the domains of these services. More information about their data use, retention and privacy policies can be found on their respective websites.

Mobile Phone and Text Data

Topsail Adventures Ltd does not provide “work” phones to employees. Any voice or SMS messages sent to the mobile phones of any Topsail Adventures representative are delivered to their private device and are not considered by Topsail Adventures to be covered by our data or privacy policies.