4. How we use this Information
Under the GDPR, we must always have a lawful basis for using your personal data. In each case, the purpose for which you are invited to give us information will be clear. We will not use your information for purposes that are not clear when you provide your details, and we will not disclose it to anyone other than to our Service Providers. We may disclose information in other very limited circumstances, for example, with your agreement or where we are legally obliged to do so.
We may use your personal data for the following purposes (unless otherwise specified):
- Account opening and customer services, where you request any support regarding your account, as instructed by you or your organisation.
- For the purpose of facilitating your participation in any tours.
- Administering and managing your account including processing payments using our payment service provider Adyen, accounting, auditing, and taking other steps linked to the performance of our business relationship.
- Promoting, tailoring and personalising our services for you or your organisation including analysing and improving our services and communications, also monitoring compliance with our policies and business practices. This may also include sending marketing publications and details of events.
- To prevent and detect security threats, frauds or other criminal or malicious activities to our communications and other systems.
- For insurance purposes.
- To allow you to participate in interactive features of our Site for example the forums, when you choose to do so.
- In order for you to travel or go on tours overseas, we may be required to disclose your personal data to government bodies or other authorities in the EU and in other countries, such as those responsible for immigration, border control, security and anti-terrorism. Even if it is not mandatory for us to provide information to such authorities, we may exercise our discretion to assist them where appropriate.
- For the purposes of recruitment.
- To conduct compliance checks in accordance with our legal obligations (for example anti-money laundering, financial and credit checks, fraud and crime prevention and detection) and to fulfil our regulatory and risk management obligations.
- For any other purposes related to and/or ancillary to any of the above or any other purposes for which your personal data was provided to us.
With your permission and/or where permitted by law, we may also use your personal data for marketing purposes, which may include contacting you to send you information from us about events or special offers and promotions which we believe may be of interest to you (other than information that you have specifically requested).
We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, taking into account legal, accounting and regulatory requirements to retain the information for a minimum period, limitation periods for taking legal action, good practice and our business purposes.
The criteria we use to determine the appropriate period of retention for other data, will be considered balancing the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.
Upon expiry of the applicable retention period we will securely destroy your personal data in accordance with applicable laws and regulations.