Privacy policy

Keys For Limited is committed to respecting your privacy and will protect your Personal Information.

Key summary

We collect, process and store your Personal Information:

  • if you visit our website
  • if you submit your Personal Information on our website; or
  • if you call, email or write to us.

Some of services that we offer as part of Keys For Recognition Scheme are provided by third parties that third party will process Personal Information about you.

We share your Personal Information with third party service. Examples are companies that provide the hosting and collection of other information as part of a service that Keys For provides.

We use cookies, which are text files containing small amounts of information that are downloaded to your computer or mobile device. To find out more click here.

This Privacy Policy explains what Personal Information we process, why we process it, how it is legal and your rights.

1. Introduction

We are Keys For Limited (having company number 12751336) of Travel Chapter House, Gammon Road, Bideford, North Devon, EX39 4DF.

We are a Controller under Data Protection Law and take your privacy seriously. We ask that you read this Privacy Policy very carefully because it contains important information about how we process your Personal Information and your rights.

If you would like this Policy in another format (for example, audio, large print, braille) please contact our Data Protection Team using the contact details provided below.

2. What is the purpose of the privacy policy?

This Privacy Policy sets out the basis on which any Personal Information we collect from you, or that is provided to us by a third party, will be processed by us.

3. Our data protection team

We have appointed a Data Protection Team who is responsible for overseeing any questions you may have in relation to this Privacy Policy.

If you have any questions about this Privacy Policy or Personal Information that we hold about you, including any requests to exercise your rights, please contact our Data Protection Team using the details set out below:

Controller Keys For Limited
Address Travel Chapter House, Gammon Road, Bideford, North Devon, EX39 4DF
Email [email protected]
Telephone Number 01237 426758

In addition, you have the right to make a complaint at any time to the Information Commissioner’s Office, the UK supervisory authority for data protection issues (www.ico.org.uk).

4. Changes to this privacy policy

This version of the Privacy Policy was last updated on 7th August 2020 and historic versions can be obtained by contacting our Data Protection Team using the contact details provided above.

This Privacy Policy may be updated from time to time. If the change impacts you or your Personal Information, we will inform you of changes made to this Privacy Policy.

5. The personal information we collect about you

We collect or store Personal Information about you at different points in our relationship with you:

  • if you visit our website
  • if you submit your Personal Information on our website; or
  • if you call, email or write to us.

When donating or providing a holiday as part of the Recognition Scheme, through a third party (for example ‘Just Giving’ an online donation company), then that third party may send us Personal Information about you that we will use to provide and administer the Scheme.

5.1 Personal information

We collect the following Personal Information from Nominators:

Identity Data
  • First Name
  • Surname
  • Email Address
  • Phone Number
Technical Data
  • internet protocol (IP) address
  • browser type and version
  • time zone setting and location
  • browser plug-in types and versions
  • operating system and platform
  • other technology on the devices you use to access our website or our app
Usage Data
  • information about how you use our website, app, flights and services

We collect the following Personal Information from Donators:

Identity Data
  • First Name
  • Surname
  • Address
  • Country
  • Post Code
  • Email Address
  • Phone Number
Technical Data
  • internet protocol (IP) address
  • browser type and version
  • time zone setting and location
  • browser plug-in types and versions
  • operating system and platform
  • other technology on the devices you use to access our website or our app
Usage Data
  • information about how you use our website, app, flights and services

5.2 Personal information of your nominee

If you are successful at being allocated a reward for your nominee, you will need to provide identity data as described in section 5.1. You must get the Nominees consent to provide us with such Personal Information.

5.3 Our processors

When using the Keys For website, we may provide Personal Information about you to the following third parties, who will process your Personal Information as our processor:

Processor The Travel Chapter Limited Description Hosting of the website and data centre Data Location Inside EU (UK) Type of Personal Information
  • Identity Data
  • Technical Data
  • Usage Data
 Processor's privacy policy Privacy policy

6. How we use your personal data

We are required to tell you what we use your Personal Information for and the lawful basis on which we can process your Personal Information:

Purpose To monitor browsing on our website or use our app Type of Personal Information
  • Technical Data
  • Usage Data
 Lawful basis for processing
  • Consent
  • Legitimate interest
 Details To improve the functionality and content of our website or our app. For more information please see our Cookie Policy.
Purpose To manage and protect our business and our website (including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data) Type of Personal Information
  • Technical Data
 Lawful basis for processing
  • Legitimate interest
  • Necessary to comply with a legal obligation
 Details To manage our business and ensure the effective provision of administration and IT services, network security and to prevent fraud.
Purpose To send operational communications Type of Personal Information
  • Identity Data
 Lawful basis for processing
  • Consent
  • Legitimate interest
 Details To contact by email for administrative or operational reasons related to the recognition scheme. NOTE: These communications are not made for marketing purposes.
Purpose To enable you to participate in the recognition scheme Type of Personal Information
  • Identity Data
 Lawful basis for processing
  • Performance of the recognition scheme terms and conditions
  • Consent
 Details We will process your data as part of your entry to the recognition scheme

We may process your Personal Information for more than one lawful ground depending on the specific purpose for which we are using your Personal Information. Please contact us if you need details about the specific legal grounds, we are relying on to process your Personal Information where more than one ground has been set out in the table above.

7. Who do we share your personal information with?

We will not share your information with any other third party, only the processors or potentially the suppliers in:

  • Section 5.3 our Processors
  • Section 7.1 our Suppliers.

7.1 Our suppliers

As part of the Keys For recognition scheme we use the following Service Providers:

Processor Giving.com Trading as Just Giving (May share some personal data with Keys For Limited) Description Collects basic contact information about you to set up your account so you can make donations as part of the Keys For recognition scheme. (Giving.com may share some personal data with Keys For Limited as part of the donation) Data location Inside EU (UK) Privacy Policy Privacy Policy
Processor The Travel Chapter Description Administration of the Keys For recognition scheme. Data location Inside EU (UK) Privacy Policy Privacy policy

We require all processors to respect the security of your Personal Information and to treat it in accordance with the law.

8. Data security

We use technical and organisational measures to safeguard your Personal Information, for example, when using our website and use secure connections on our website to ensure that your Personal Information is encrypted. In terms of the latter, this means that we convert your Personal Information into a computer code, which will make it harder for hackers to access your Personal Information on our website. If you want to know how we are keeping your data secure, please contact our Data Protection Team who can provide more details.

While we will use all reasonable efforts to safeguard your Personal Information, you acknowledge that the use of the internet is not entirely secure and for this reason we cannot guarantee the security or integrity of any Personal Information that are transferred from you or to you via the internet. If you have any particular concerns about your Personal Information, please contact our Data Protection Team using the contact details provided below.

9. Data retention

We will only retain your Personal Information for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.

To determine the appropriate retention period for Personal Information, we consider the amount, nature, and sensitivity of the Personal Information, the potential risk of harm from unauthorised use or disclosure of your Personal Information, the purposes for which we process your Personal Information and whether we can achieve those purposes through other means, and the applicable legal requirements.

Details of retention periods for different aspects of your Personal Information are available from us on request to our Data Protection Team.

10. your legal rights

You have rights, as a Data Subject, under the Data Protection Law in relation to your Personal Information. You have the right to:

  1. Request access to your Personal Information
  2. Request correction of your Personal Information
  3. Request erasure of your Personal Information
  4. Object to processing of your Personal Information
  5. Request restriction of processing your Personal Information
  6. Request transfer of your Personal Information
  7. Right to withdraw consent

These rights are explained in more detail below. If you wish to exercise any of the rights set out above, please contact our Data Protection Team using the contact details provided in section 3. We will respond to any rights that you want to exercise within a month of receiving your request, unless your request is complex, in which case we will communicate how long this will potentially take.

Request access to your Personal Information This enables you to receive a copy of the Personal Information we hold about you and to check that we are lawfully processing it.
Request correction of the Personal Information that we hold about you You can require us to correct any mistakes in your information which we hold free of charge. If you would like to do this, please let us have enough information to identify you (e.g. account number, user name, registration details) and let us know the information that is incorrect and what it should be replaced with.
Request erasure of your Personal Information This enables you to ask us to delete or remove Personal Information where there is no good reason for us continuing to process it. You can ask us to erase your Personal Information where:
  • you do not believe that we need your Personal Information in order to process it for the purposes set out in this Privacy Policy;
  • if you had given us consent to process your Personal Information, you withdraw that consent and we cannot otherwise legally process your Personal Information;
  • you object to our processing and we do not have any legitimate interests that mean we can continue to process your Personal Information; or
  • your Personal Information has been processed unlawfully or have not been erased when it should have been.
Object to processing of your Personal Information Where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground as you feel it impacts on your fundamental rights and freedoms. You also have the right to object where we are processing your Personal Information for direct marketing purposes. In some cases, we may demonstrate that we have compelling legitimate grounds to process your information which override your rights and freedoms.
Request restriction of processing of your Personal Information This enables you to ask us to suspend the processing of your Personal Information in the following scenarios:
  • if you want us to establish the Personal Information’s accuracy;
  • where our use of the Personal Information is unlawful but you do not want us to erase it;
  • where you need us to hold the Personal Information even if we no longer require it as you need it to establish, exercise or defend legal claims; or
  • you have objected to our use of your Personal Information but we need to verify whether we have overriding legitimate grounds to use it.
Request the transfer of your Personal Information to you or to a third party We will provide to you, or a third party you have chosen, your Personal Information in a structured, commonly used, machine-readable format. This right only applies to automated information which you initially provided consent for us to use or where we used the information to perform a contract with you.
Withdraw consent at any time where we are relying on consent to process your Personal Information. This will not affect the lawfulness of any processing carried out before you withdraw your consent. If you withdraw your consent, we may not be able to provide certain flights or services to you. We will advise you if this is the case at the time you withdraw your consent.

Please be aware that there are exceptions and exemptions that apply to some of the rights, which we will apply in accordance with UK Data Protection Law.