Privacy Policy – GDPR

Pilgrimage People

GDPR | Privacy Policy



Pilgrimage People does its utmost to protect your privacy. If you make a booking, request a quote, request an option, request a brochure or sign up to our e-newsletter this policy explains which data we collect, how we store this, how we use it and the conditions under which we may disclose it to others.

Core principles

The core principles of this policy are as follows.

  1. Pilgrimage People collects data and uses individual customer details only where there are legitimate business reasons to do so.
  2. Pilgrimage People collects data only when we are legally entitled to do so.
  3. We are clear with individuals as to what information we will collect and how it will be processed.
  4. We only use personal data for the purpose(s) in which it was collected.

Personal information we collect

When you contact us by email, telephone, website, letter, fax or in person to enquire about our tours, receive further information, make a booking or request a brochure we must collect personal details in order to fulfil your request.

How we use and retain your personal data

We may retain personal details for the following reasons.

  • To complete your booking.
  • To manage your booking.
  • To communicate updates relating to your booking.
  • To contact you with details of new tours.
  • To disclose to service providers in order to secure your booking.These can include but are not exclusive to overseas travel management companies, accommodation providers and transport suppliers. Please note that some may be located outside the UK/EEA.

We transmit data to WorldPay only for the purposes of processing any card payment related to your booking. Their privacy policy can be accessed at: WorldPay privacy policy (

Transferring information outside of the European Economic Area (EEA)

There may be circumstances in which personal data may be transferred to countries outside the European Economic Area (EEA). This will only be done to manage your booking. Data will not be retained for any longer than is required for the purpose of the booking and transfers will be protected by safeguards, namely the use of data protection clauses.

Your rights

Your rights under data protection law are:

a) The right to access;

You have the right to know what personal data we hold about you and an explanation of the categories of data being processed, purposes of such processing, categories of third parties to whom the data may be disclosed.

You have the right to a subject access request (SAR) to obtain a copy of your personal data. We will supply you with a copy of your personal data in a concise, transparent and easily accessible form. The first copy will be provided free of charge, but additional copies may be subject to a fee.

(b) The right to rectification;

You have the right to have any inaccurate personal data we hold about you rectified and, for the purposes of processing a booking, to have any incomplete details completed.

(c) The right to erasure;

You have the right to have your personal details erased without delay unless we have to comply with a legal obligation. This applies where the data is no longer needed for their original purpose, where the processing is based on consent and the data subject withdraws that consent.

(e) The right to object to processing;
You have the right to object to the processing of personal data.

If the processing is based on the justification ‘necessary for a public interest’ or ‘necessary for the purposes of the legitimate interests pursued by the controller’;If personal data is processed for marketing purposes; and

If personal data is processed for scientific, historical research or statistical purposes

(f) The right to data portability;

You have the right to request a copy of your personal data from the data controller in a commonly used format.

You have the right to request a transfer of your personal data from one controller to another.

(g) The right to complain to a supervisory authority;

If you feel that the way in which we process your personal data infringes data protection legislation you have the right to submit a complaint to the supervisory authority.

(h) The right to withdraw consent;

We can only process your personal information with your consent and you have the right to withdraw that consent at any time.

How to exercise your rights.

You may exercise any of your rights in relation to your personal data by contacting us.

How we protect your data

We ensure that we have physical and technological security measures to protect your personal information. Where processes are outsourced we only do so when a service provider has proven the necessary security credentials.

Information you provide is stored on our reservations systems. This data is located on the servers of our approved third party supplier Microsoft One Drive and our finance system supplied by SAGE. For further information please use the link below to view their privacy policy.

Microsoft One Drive privacy policy ( )

Sage privacy policy (

We do not share your personal information with others for the purpose of marketing.


To make this site work properly and to ensure you get the best experience when browsing we sometimes place small data files called cookies on your device. Consent to the use of cookies is provided by clicking the ‘Continue’ button on the banner that appears at the top of the page when you visit our website.

What are cookies?

A cookie is a small text file that a website saves on your computer or mobile device when you visit our site. It enables the Pilgrimage People website to remember your actions and preferences (such as login, language, font size and other display preferences) over a period of time, so you don’t have to keep re-entering them whenever you come back to the site or browse from one page to another. By using our website you accept our use of cookies.

Cookie types

Visiting a page on may generate the following cookie types:

  1. Persistent cookies.
    We may use cookies which are persistent, which means that they last beyond your session on our site. Persistent cookies help our website to remember you as a visitor, each time you use the same browser and device to visit us. Persistent cookies are stored for a predetermined period of time unless they are deleted. Information on how to do this manually is provided below.


  1. Session cookies.
    Session cookies are erased when a user closes the Web browser. The session cookie is stored in temporary memory and they do not collect information from a users computer. We use session cookies to make sure that certain elements of our site work seamlessly as you move from one page to another. Without session cookies, some elements of our site would not work.
  1. Anonymous analytics cookies.
    We use Google Analytics for statistical purposes. This provides us with information such as how many users we receive and how often these users visit our site. We also collect data on a users session such as their geographical region, how long they spend on our site and how frequently they visit.

You can opt out of Google Analytics tracking by visiting the link below:


How to control cookies

You can control and/or delete cookies as you wish – for details, see You can delete all cookies that are already on your computer and you can set most browsers to prevent them from being placed. If you do this, however, you may have to manually adjust some preferences every time you visit our site and some services and functionalities may not work.

Controlling cookies

The links below explain how to control cookies via your internet browser.

Chrome (

Safari    (

Firefox (

Opera   (

Internet Explorer  (

Samsung Internet (

Links to external websites

Our website does contains links to websites run by other organisations and we cannot be held responsible for the privacy policies of external companies.

Marketing communications

We will only contact you for marketing purposes if you have given us consent to do so. This may be on our Booking Form at the time of booking, by post or e-mail and you can change your marketing preferences at any time by contacting us.


If you are subscribed to our newsletters and marketing emails then we track whether you open the message and which links you engage with. Unless you have chosen not to download images automatically in your e-mail client, opening an email will report back to us that you have read the message.


You may unsubscribe at any time. Please use the link at the bottom of each email or contact us to update your preferences. Our e-marketing platform is MailChimp and their privacy policy can be found at the following address (

Our details

This website is owned and operated by Pilgrimage People Ltd.

We are registered as a company in England under the registration number 7180904.

We are registered as a charity in England under the registration number 1145830

Our registered office is Pilgrimage People Ltd, Stapleford Granary, Bury Road, Stapleford, Cambridge, CB22  5BP.


You can contact us:

Data Protection Officer

Our data protection officer is Rev Paul Maddison.

They can be contacted by e-mail at or by telephone on 0800 6123423.


The contents of are the property of Pilgrimage People Ltd and subject to intellectual property protection. No content of the website may be reproduced, copied, published, distributed or placed onto other websites without our consent.


This privacy policy is regularly reviewed and was last updated on the 11th April 2018. If you have any question regarding this policy or your data security please contact us.