Privacy Policy

This version was last updated in July 2024. However, the Privacy Policy can change over time, for example to comply with legal requirements or to meet changing business needs. In case there is an important change that we want to highlight to you, we will also inform you in another appropriate way (for example via a pop-up notice or statement of changes on our website).

1. INTRODUCTION

Hunt ADR is an independent arbitration, mediation and training provider used to resolve disputes. We sometimes trade as Travel Arbitration and any mention of Hunt ADR from hereon includes reference to Travel Arbitration. CDRL (“CDRL”, “we”, “us”, “our”) has partnered with Hunt ADR to provide the arbitration and conciliation scheme for disputes between consumers and members of ABTA, The Travel Association. CDRL provides the case management system and admin staff for the Travel Arbitration Scheme and acts as the Data Controller in respect of your personal data. Hunt ADR and CDRL are dedicated to safeguarding and protecting your privacy and personal data when you interact with us. 

This Privacy Policy, alongside our Cookies Policy, explains how we obtain and utilise your personal data. All your personal data shall be held and used in accordance with data protection laws and any other legislation relating to the protection of personal data. 

As used in this Privacy Policy, ‘personal data’ means information that relates to an identified individual or to an identifiable individual. For example, this could include among other things your name, address, email address, business contact details, or information gathered through your interactions with us via our websites. 

Please read this Privacy Statement carefully as it applies when you visit our site or use our service. 

This Statement is applicable exclusively to our site, and not to other websites that may be viewed by users via links present on the site.

2. PERSONAL DATA WE COLLECT

Hunt ADR and CDRL collect personal data in order to provide and operate our service effectively. We also aim to enhance the service we offer to you. We will only collect the minimum personal information needed to complete a task and will not collect information just in case. The personal data we collect includes: 

  • Information you put into forms or surveys on our site at any time (e.g. full name, full address, email address, mobile and/or landline telephone number)
  • A record of any correspondence between us
  • Details of transactions you carry out through our site
  • Details of your visits to our site and the resources you use
  • Information received from your device or software may also be collected and stored. This information can include an IP address, browser type, domain names, access times and website address. This information is used by Hunt ADR and CDRL for the operation of our service and to maintain the quality of our service.

We also collect business contact information from our clients and potential clients.

3. HOW WE OBTAIN PERSONAL DATA

At points in our site, we invite or request you to submit your contact details or other information about yourself or your organisation, or to send us emails which will, of course, also identify you.

We collect personal data via electronic webforms or via phone or face to face contact.

We do record our telephone calls for quality and training purposes.

4. HOW WE USE PERSONAL DATA

We only use this data during the course of providing our services to you for legitimate business purposes.

For example, we will use the information to:

  • Present site content effectively to you
  • Process your application
  • Carry out our contracts with you

5. HOW LONG WILL WE HOLD YOUR PERSONAL DATA

We only retain your personal data for as long as it is reasonably necessary dependent on the circumstances. The period of holding this information takes into account the purpose for which the information was provided to us and the legal and regulatory requirements. 

We will keep personal data contained in arbitration files for six months from the date the case is closed. 

If we are required to hold this data for longer than stated, we will explain our reasons and expressly ask for your consent to do so.

6. SECURITY OF PERSONAL DATA

The website secures your personal data from unauthorised access, use or disclosure. All personal data we obtain is stored on a secure database in a controlled, safe environment.

7. WHO WE WILL SHARE YOUR DATA WITH

In order to provide our service to you, there may be times where we will share your personal data with certain trusted parties in accordance with our contractual arrangements. These parties will use this data to perform tasks required to complete a service. All such parties are required to maintain the confidentiality of your information by agreeing to provide adequate protections for personal data in line with data protection laws.

Examples of the types of third parties we will engage with to provide our service are; 

a) Appointed arbitrators and mediators in accordance with the arbitration or mediation agreement

b) Web developers who are specifically engaged in, the development of World Wide Web applications, or applications that are run over HTTP from a web server to a web browser. Developers also assist in updating the software we use to process complaints. 

c) Phone system software and service providers who supply our telephone systems.

d) Cyber security services, which complete checks and maintain our cyber security system.

e) Printing services whom supply our printing machines and maintenance.

f) Website hosts provide our server space and web services.

8. HOW TO ACCESS AND CONTROL YOUR PERSONAL DATA

Data subjects have the right to access information held about them to ensure that such personal data is accurate and relevant for the business purposes for which it was collected. 

We invite requests to be made electronically in writing to adr@huntadr.com. However, this is not compulsory, and we shall also accept a Subject Access Request verbally or in writing through an alternative method. We have one month from receipt of the request within which to provide the information you request and will provide you a copy of the information free of charge (unless we deem your request to be manifestly unfounded or excessive, in which we will charge a reasonable fee for the administrative costs of complying with your request).

9. OUR LEGAL BASIS FOR PROCESSING INFORMATION

Under data protection laws, the grounds which we rely upon to process your personal data are:

  • You may voluntarily provide us with your consent to process your data for a particular purpose.
  • It may be necessary for compliance with our legal or contractual obligations.
  • It may be necessary for the purposes of legitimate business – either we, or a third party, will need to process your information for the purposes of our (or a third party’s) legitimate interests, provided we have established that those interests are not overridden by your rights and freedoms, including your right to have your personal data secured.

10. INCIDENT HANDLING

We will report all serious data breaches to the Information Commissioner’s Office (“ICO”) within 72 hours which result in the loss, release or corruption of personal data. 

The definition of a serious breach is where Hunt ADR and/or CDRL’s data security has been compromised resulting in the loss or disclosure of a client’s personal or sensitive data which could prove detrimental to the individual’s financial, physical or emotional well-being. Detrimental effect would include information leading to; 

  • Identify theft
  • Financial hardship
  • Insurance exclusion
  • Volume affected – 10 individuals

A non-reportable breach will be the compromise of Hunt ADR and/or CDRL’s data security resulting in the loss or disclosure of staff members’ personal data where there is no particular sensitivity and would not result in an individual being adversely affected. 

All breaches are recordable and will be documented in our Personal Data Security Breach Log.

11. YOUR RIGHTS

Under data protection laws, you may have rights as an individual in relation to the personal data we hold about you. These rights include:

  • The right to be informed about how your personal data is being used (as per this Statement).
  • The right to access the personal data we hold on you for free.
  • The right to request we rectify any incorrect personal data we hold about you.
  • The right to request we delete your data, or stop processing it, in some circumstances.
  • The right to stop any unauthorised transfer of your data to a third party.
  • The right to complain to your data protection regulator with regards to the way in which we process your persona data — in the UK, the Information Commissioner’s Office.
  • The right to withdraw your consent. If you object to us processing your personal data, or if you have provided your consent to processing and you later decide to withdraw it, we will respect your choice in accordance with our legal obligations. Should you wish to exercise this right, please contact adr@huntadr.com. Your objection (or withdrawal of any previously given consent) could mean that we are unable to perform the actions necessary to achieve a purpose. Please note you may also not be able to make use of our services without such information. After your consent has been withdrawn, we may still be able to process your personal data, only to the extent required or otherwise permitted by law. This is particularly in connection with exercising or defending our legal rights and/or meeting our legal and regulatory responsibilities.

12. CHANGES TO THIS PRIVACY STATEMENT

We will update this privacy statement when necessary to reflect any legal or regulatory changes. Individuals should visit this website from time to time to review the latest version. If any significant changes are made, we will make every effort to contact you with the updated version by the contact details provided.