When you access our website at https://yomira.com (the “Website”), engage us to provide you with our services, communicate with us via our online, electronic, telephone, or any social media channels we make available, this Policy will apply to you.
Our Website may contain links to other websites that provide services on our behalf or advertise their products and services on our website. These third-party organisations will have their own privacy policies which you should read carefully before providing any of your personal data via those links as we do not accept any responsibility or liability for such websites of other organisations.
This Policy was last updated on 20th December 2020.
You will know us as Yomira, but as a legal entity we are Capital Yachting Limited, a company registered in England and Wales (“we”, “our”, “us”) and are the data controller. We decide what personal data is collected from you and how this data will be used.
When you visit our Website, we may collect (Technical, Usage data):
- Information about your online browsing behaviour on our Website
- Information including the make, model and operating system, IP address, and browser type about any devices you have used to access our Website
Upon Request or Inquiring about our Services, you may provide us with (Identity, Contact, Financial data):
- Your personal details, including your name, title, postal and billing addresses, email addresses, phone numbers, travel interests and travel preferences
- Your financial details such as the name of your bank and bank account details
When we communicate with each other or you sign up for our newsletters or take part in our surveys about our Services, we may collect (Identity, Contact, Communication data):
- Personal data you provide about yourself anytime you contact us about our services, (for example, your name, contact details, information about your travel partners, travel history, travel interests, travel preferences) including by phone, email, or when you speak with us through social media channels that we make available
- Details of the emails and other digital communications we send to you that you open, including any links in them that you click on
- Your responses to customer surveys and questionnaires
When you share information on Social Medial Platforms, to the extent via control of your social media privacy settings, you make information publicly available, we may collect (Social Media data):
- Pictures, videos, comments, social media handle/username, number of followers, email addresses, names, geographical location, products you support; other information you make public; and
- Social media channel statistics
Our references to “lawful bases” are explained below, and in the table that follows we set out the purposes for using your personal data and the lawful bases for those uses.
In addition to the lawful bases explained, we will also be able to rely on your consent which we will only ever seek if there are no other lawful bases available to us for our use of your personal data. This will be the case if we ever need to process sensitive personal data about you such as your racial or ethnic origin, religious belief, health conditions, or information about your sex life or sexual orientation in order to provide the services you have requested. You will always be able to withdraw your consent at any time and we will promptly stop our use of any data that required your consent.
Performance of a Contract with you
- When we refer to performance of a contract with you as a legal basis, we refer to those circumstances where we need to use your personal data to comply with our contractual obligations to deliver the services you have engaged us to provide.
- When we refer to legitimate interest as a legal basis, we refer to those interests we have in running our business, developing our products and services, delivering and improving our products and services, and ensuring an excellent customer experience in a way which may reasonably be expected and don’t infringe on your rights and freedoms.
- When we refer to legal compliance as a legal basis, we refer to those instances where we must use your personal data to satisfy a legal requirement such as identifying and reporting criminal activity or communicating regulatory notices to you.
|Purpose||Type of data||Lawful base for processing|
|To establish a mailing list for the purposes of sharing news and updates about our products and services where you have elected to receive our updates.
To respond to queries raised by prospective customers via submissions to the Website.
|To set up new customer contracts, customer files, and establish our customer database which may include verifying the identity of a customer and fulfilling applicable financial regulation checks for certain high net transactions.||(a) Identity
|(a) Performance of a contract with you
(b) Legitimate interest
(c) Legal Compliance
| To process and deliver your order and requirements for our services, including:
(a) Managing disbursement of fees and payments and settling account balances
(b) sharing travel profile, passport information, trip details, and customer preferences with service providers and charter owners
(c) establishing records of preferences for future provision of services
|(a) Performance of a contract with you
(b) Legitimate Interests
|To manage our relationship with our customers which will include:
(b) Asking customers to leave a review or take a survey
(c) Responding to complaints and queries
|(a) Performance of a contract with you
(b) Legal Compliance
(c) Legitimate Interests
|To administer and protect our Website (including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data)||(a) Identity
|(b) Legal Compliance
(c) Legitimate Interests
|To use data analytics to improve our website, services, marketing, customer relationships and experiences||(a) Technical
|To identify and assess how our services are being considered on social media platforms||Social Media data||Legitimate Interests|
We work with Service Providers that carry out certain functions on our behalf. These include, for example, companies that help us with network and technology services, storing data, analysing data, and managing mailing campaigns. We only share personal data that enable our Service Providers to provide their services to us.
Sharing personal data with other Organisations
We may share personal data with other organisations in the following circumstances:
- When required to deliver the services that you have engaged us to provide, this includes sharing with owners and the crew of any charters or providers of any of the experiential services you have specified under a contract with us.
- if the law or a public authority says we must share the personal data;
- if we need to share personal data in order to establish, exercise or defend our legal rights (this includes providing personal data to our professional advisors); or
- to an organisation we sell or transfer (or enter into negotiations to sell or transfer) any of our businesses or any of our rights or obligations under any agreement we may have with you. If the transfer or sale goes ahead, the organisation receiving your personal data can use your personal data in the same way as us.
We have electronic, and procedural safeguards that comply with good industry practice to protect personal information about you. We also ensure that all of our Service Providers have in place industry recognised safeguards. However, data transmissions over the internet cannot be guaranteed to be 100% secure. Consequently, we cannot ensure or warrant the security of information you over the internet to us.
The Personal data we collect is stored on and processed on computers situated in the United Kingdom. This personal data may be transferred to a supplier of services that is located outside the United Kingdom or the European Economic Area (“EEA”). If such a transfer or storage outside of the EEA was to happen, this would only be done subject to the implementation of adequate contractual safeguards (e.g., the EU’s Standard Contractual Clauses).
Your personal data won’t be kept longer than necessary, giving due regard to: initial purpose of collection; age of data; any legal/regulatory reason for us to keep it; and whether needed to protect you or us. We will readily make information available about our data retention policy.
Below, we set out the rights you have under the GDPR in relation to your personal data. Should you wish to exercise any of these rights, please write to us using the information provided under the “How to contact us” section of this Policy.
Subject Access Rights —You have a right to see the personal data we hold about you and the circumstances of our processing activities.
Right to have inaccurate information corrected — if you believe we hold inaccurate or missing information, please let us know and we will correct it.
Right to object to our use of your personal data — We will consider your objection to our use of your personal data. If on balance, your rights outweigh our interests in using your personal data, then we will at your request either restrict our use of it or delete it.
Right to object to direct marketing – where we engage in direct marketing activities (after getting your consent), if you make such an objection, we will stop using your personal data for direct marketing purposes.
Right to restrict our use of your personal data — you can restrict our use of your personal data, if you have successfully made a general objection, you are challenging the accuracy of the personal data we hold, or we have used your personal data unlawfully — but you do not want us to delete it.
Right to have your personal data deleted — you can have us delete your personal data when: we no longer need to keep your personal data; you have successfully made a general objection; or we have unlawfully processed your personal data.
Right to complain to the data protection regulator
We’d like the chance to resolve any complaints you have; however, you also have the right to complain to the data protection regulator in the UK about our use of your personal data. In the UK, the data protection regulator is the ICO and their website is at https://ico.org.uk.
If you have any questions about how we collect, store and use personal data or to exercise any of your rights set out above, please contact us at:
Capital Yachting Ltd
20 St. Dunstan’s Hill
London EC3R 8HL
You can also email us at firstname.lastname@example.org