How we use your personal data
Luna Enterprises Ltd takes your privacy seriously. We will only use your personal information to provide you with relevant information you have requested from us or to support your bookings and related logistics.
The information we collect from you:
Date of Birth
Name and contact number for next of kin
Passport details and/or passport scan
Medical issues that may affect diving
Medical or food allergies
We collect this information on the lawful basis for entering into or performance of a contract.
In order to service you, we need to share your information with:
Other parties who are providing services as part of the agreed contract
Our accountancy firm Gordon’s Knight & Co Ltd, Wimbledon, London
In the unfortunate event of debt recovery or legal action, we reserve the right to pass on your information to our representatives
If any medical information is required for health and safety reasons this will rely on explicit consent being given by the individual. This information will be stored separately and only shared with people who may require it to protect your safety, i.e. Trained medical professionals who may need to treat you or (with your permission) our trained First Aiders.
Contacting you and keeping you informed
We would like to keep you updated on products and services from Luna Enterprises Ltd. Personal details provided by you, such as your address, e-mail address, or telephone number will be processed and used for booking or product related marketing communications. To make this possible, methods of data analysis are used (profiling) to ensure you receive customised marketing messages (such as special offers, service reminders etc).
Under the UK Data Protection laws individual have the following rights:
– Right to access – you have the right to request a copy of all data we hold about you;
– Right to rectification – where any data we hold is incorrect, you have the right to ensure it is correct;
– Right to be forgotten – if you no longer wish for us to hold your data, we will delete it unless we have a lawful reason not to;
– Right to portability – you can ask us to provide your data to a third party in machine-readable format;
– Right to restrict processing – since we only use this to contact you, there is no processing to restrict, we would simply delete the information wherever possible and in keeping with our own obligations.
If you change your mind about your marketing preferences or would like us to update/amend any of your personal data, please contact us via email: firstname.lastname@example.org
In certain circumstances, we may have to abide by a legal obligation which we may be subject to, including, but not limited to, sharing data with the HMRC or law enforcement agencies. Where we do this, and we are legally permitted to, we will clearly inform you.
People who email us
Any email sent to us, including any attachments, may be monitored and used by us for reasons of legitimate business, security and for monitoring compliance within office policy. Please be aware that you have a responsibility to ensure that any email you send to us is within the bounds of the law.
The storage location of information
All data is stored within the U but may be accessed from outside the European Economic Area (EEA) for us to be able to provide the required service of the contract.
At times we will need to share your personal data with third parties and suppliers outside the EEA. If we do this, we ensure your data receives the same protection as if it were being processed inside the EEA.
Where we use providers based in the United States, we may transfer data to them if they are part of the EU-US Privacy Shield, which requires them to provide similar protection to personal data shared between the Europe and the US.
Retention of information
We will retain client data for six years after the contract has ended to enable us to:
– To comply with our regulatory obligations, tax, health and safety etc.
– To protect ourselves in case of any legal claims against Luna Enterprises Ltd
All data will be removed following security best practices to ensure the data is fully deleted and unrecoverable.