Fit4Expeditions LLP Data Protection Policy 

1. Introduction 

FIT4Expeditions LLP recognises the importance of protecting the personal data of our  customers and clients. This Data Protection Policy outlines our commitment to ensuring that  all personal data is handled responsibly, securely, and in compliance with relevant data  protection laws, including but not limited to the General Data Protection Regulation (GDPR)  and the Data Protection Act 2018, which governs data protection in the United Kingdom. 

2. Scope 

This policy applies to all personal data collected, processed, and stored by Fit4Expeditions,  including data obtained from customers, clients, employees, and any other individuals or  entities associated with our business operations. 

3. Principles of Data Protection 

● Lawfulness, Fairness, and Transparency: We will only collect and process personal  data when we have a lawful basis for doing so, and we will ensure transparency  regarding the purposes for which the data is collected and processed. 

● Purpose Limitation: Personal data will only be collected for specified, explicit, and  legitimate purposes, and will not be processed in any manner incompatible with those  purposes. 

● Data Minimisation: We will only collect personal data that is adequate, relevant, and  necessary for the purposes for which it is processed. 

● Accuracy: We will take reasonable steps to ensure that personal data is accurate and,  where necessary, kept up to date. 

● Storage Limitation: Personal data will be kept in a form that permits identification of  data subjects for no longer than is necessary for the purposes for which the data is  processed. 

● Integrity and Confidentiality: We will implement appropriate technical and  organisational measures to ensure the security of personal data and protect it from  unauthorised or unlawful processing, accidental loss, destruction, or damage. 

4. Data Collection and Processing 

Fit4Expeditions may collect and process personal data for the following purposes: 

● Booking and managing trips. 

● Communicating with customers and clients. 

● Providing relevant updates, information, and marketing materials. 

● Managing customer accounts and preferences. 

● Conducting surveys, research, and analysis to improve our services.

● Sending newsletters and promotional materials to subscribers.

5. Types of Personal Data Collected 

The types of personal data collected and processed by Fit4Expeditions may include: 

● Name, address, email address, and phone number. 

● Date of birth, nationality, passport details, and emergency contact information.

● Health and medical information relevant to participation in mountaineering trips.

● Payment and billing information. 

● Photographs and videos taken during trips (with consent given on booking form).

6. Data Retention 

Personal data will be retained for no longer than is necessary for the purposes for which it was collected and processed, or as required by applicable law. We will regularly review the data  we hold and securely dispose of any data that is no longer needed. 

7. Newsletter Subscriptions 

Individuals who subscribe to Fit4Expeditions' newsletter have the right to unsubscribe at any  time. Unsubscribe requests can be made by clicking the "unsubscribe" link provided in the  newsletter or by contacting us via email. Once unsubscribed, personal data related to  newsletter subscriptions will be promptly deleted from our records. 

8. Data Subject Rights 

Individuals whose personal data is processed by Fit4Expeditions have certain rights under  data protection law, including the right to access, rectify, erase, restrict processing, and object  to processing of their personal data. Requests to exercise these rights should be submitted in  writing and sent to our email as found on our website.  

8. Data Security 

Fit4Expeditions will implement appropriate technical and organisational measures to ensure  the security of personal data, including measures to protect against unauthorised or unlawful  processing and accidental loss, destruction, or damage. 

9. Data Sharing and Transfers 

Personal data may be shared with third-party service providers, partners, or regulatory  authorities as necessary for the purposes described in this policy. We will ensure that any  such transfers are made in compliance with applicable data protection laws and with  appropriate safeguards in place. 

10. Policy Review and Updates

This Data Protection Policy will be reviewed regularly and updated as necessary to ensure  ongoing compliance with relevant data protection laws and best practices. 

11. Contact Information 

For questions or concerns regarding this Data Protection Policy or our data protection practices, please contact: Laura Mitchell by email.