Privacy Policy

Privacy Policy

Last updated on 18 Oct 2024

Wintergreen Advisors Limited, trading as ‘Trotter’ or ‘Trotter Concierge’ (“Trotter”, “we”, “our”, or “us”) is committed to protecting and respecting your privacy.

1. INTRODUCTION

Our policy is structured in a layered format, allowing you to navigate to specific sections for detailed information. This Privacy Policy outlines how Trotter collects and uses data that identifies or is associated with you (“personal information”) when you use our app(s) or any website operated by us (including https://jointrotter.com/) and any services such as bookings we provide (together the “Services”).

2. WHO WE ARE

Wintergreen Advisors Limited (company no. 15405574) is the data controller of the personal information we hold about you.

Our registered and postal address is 1 Berkley Street, London W1J 8DJ, United Kingdom.

We are registered as a data controller with the UK Information Commissioner’s Office under data protection registration number ZB677236.

Please contact us at support@jointrotter.com for any queries relating to this policy or your privacy rights.

3. WHAT PERSONAL DATA WE COLLECT AND HOW WE USE IT

We categorise the personal data we use as follows:

• Identity Data: This includes first name, last name, any previous names, username or similar identifier, date of birth and passport or visa information for travel documentation.
• Contact Data: Comprises billing address, email address, and the postal address and telephone numbers necessary for booking and customer service.
• Communication Data: Any communication that you send to us whether that be through the contact form on our website, through email, text, social media messaging, social media posting or any other communication that you send us.
• User Content Data: Any information or content you upload to the Services, our social media pages, or on your own social media page and tagging our social media pages, including your images, posts, comments, reviews, or commentary.
• Financial Data: Covers payment card details required for processing transactions which we may need to provide to third party providers of any third party services that we arrange for you.
• Transaction Data: Details about the Services (including bookings) that you have arranged through us.
• Technical and Usage Data: Information like IP address, login data, and device information for accessing our platform, including information on how you interact with our Services.
• Profile Data: Your usage preferences, feedback, and responses to surveys related to our Services.
• Marketing Data: Your preferences regarding receiving marketing from us.

Additionally, we may sometimes use aggregated data, such as statistical or demographic insights, which does not identify you directly but helps us enhance our Services.

Special categories of personal data

Some of the personal information you provide us, including race, ethnicity, and biometric data (like a passport image of your face) where used for identification purposes, and certain other information you may choose to provide as part of using the Services (such as information about your politics, philosophical beliefs, health, and sex orientation) will be treated as special category personal data to which additional protections apply under data protection law.

We process such special category personal data because you have chosen to submit that information to our Services. We will not share this data with anyone other than in accordance with this Privacy Policy.

We may collect your personal data through the following methods:

Direct interactions: You may provide us with your data by:

• Booking third-party services through us.
• Creating an account on our platform.
• Subscribing to any newsletters we publish or using the Services.
• Requesting marketing materials to be sent to you.
• Participating in a competition, promotion, or survey.
• Contacting us with feedback or queries.
• Automated technologies or interactions (as you use the Services, we automatically collect Technical and Usage Data about your browsing activities and patterns through cookies and other similar technologies).

Third parties: We may receive personal data about you from:

• Third-party service providers involved in facilitating the Services you have booked through us.
• Financial and Transaction data from payment processing services to complete your bookings.

The table at Appendix I summarises the categories of personal information we collect about you, how we use that information and the appropriate legal bases which we rely on to process the personal information.

Social media login

Please note that if you create your account using social media login details (e.g. Google or Apple), you give permission to that social media platform to share with us your name, profile picture and email address.

4. DATA RETENTION

We retain personal data only as long as necessary for the purposes it was collected or for as long as necessary to comply with our legal obligations. To determine the appropriate retention period for personal information, we consider the amount, nature and sensitivity of the personal information, the potential risk of harm from unauthorised use or disclosure of your personal information, the purposes for which we process your personal information and whether we can achieve those purposes through other means, as well as the applicable legal, regulatory, tax, accounting, or other requirements.

5. DIRECT MARKETING

From time to time, we may contact you with information about the Services, including sending you marketing messages and asking for your feedback on our Services.

Marketing messages we send will be by email, WhatsApp and in app messaging. For some marketing messages, we may use personal information we collect about you to help us determine the most relevant marketing information to share with you.

We will only send you marketing messages if we have your consent or, if consent is not required under applicable law, you have not opted out of receiving messages from us. You can withdraw your consent or opt out of receiving further communications at a later date, by clicking on the unsubscribe link at the bottom of our marketing emails, (in the case of WhatsApp) responding STOP to our message or, if you are logged in to the Services, toggling your preferences within your account settings.

Unsubscribing from marketing emails and WhatsApp will not unsubscribe you from system or legal notifications which we may need to send as part of the Services we provide. From time to time, we may need to contact you by email or via our support team.

6. COOKIES

Trotter uses essential cookies to ensure the efficient operation of our website and enhance your user experience. These cookies are necessary for technical reasons, such as keeping track of your current session and enabling secure transactions. We also include optional cookies for analytics and personalised content. Please refer to our Cookie Policy for more information as to the way in which we use cookies on our Services.

8. INTERNATIONAL TRANSFERS

In providing the Services to you or facilitating third party services between you and Trotter Partners, Trotter may need to transfer your personal data to countries outside the UK and EEA. If you are located in the UK, your personal information may be transferred outside of the UK and EEA respectively to a country which is not recognised by the UK or European Commission as ensuring an adequate level of protection for personal data. These international transfers of your personal information will be made pursuant to appropriate safeguards, such as standard contractual clauses adopted by the European Commission and UK government (as applicable).

If you wish to enquire further about the safeguards used, please contact us using the details set out at the end of this Privacy Policy.

9. DATA SECURITY

Trotter has implemented appropriate technical and organisational measures to protect your personal data against unauthorised access, disclosure, alteration, or loss. All personal information we collect will be stored on our secure servers. Where data processing is carried out on our behalf by a third party, we take steps to ensure that appropriate security measures are in place to prevent unauthorised disclosure of personal information.

Despite these precautions, however, we cannot guarantee the security of information transmitted over the internet or that unauthorised persons will not obtain access to personal information.

10. DATA RETENTION

Trotter retains your personal data only as long as necessary for the purposes it was collected, including for legal, regulatory, or tax requirements. We consider the data’s nature, sensitivity, and the risk of harm from unauthorised disclosure to determine retention periods. Legally, we must keep customer information for six years for tax purposes. You may request data deletion under specific conditions. Additionally, we may anonymise data for indefinite processing and service improvement without further notice.

11. YOUR LEGAL RIGHTS

You have a number of rights under data protection laws in relation to your personal data.

• Right of access. You have the right to obtain access to your personal information.
• Right to rectification. You have the right to obtain rectification of any inaccurate or incomplete personal information we hold about you without undue delay.
• Right to erasure. You have the right, in some circumstances, to require us to erase your personal information without undue delay if the continued processing of that personal information is not justified.
• Right of portability. You have the right, in certain circumstances, to receive a copy of the personal information you have provided to us in a structured, commonly used, machine-readable format that supports re-use, or to request the transfer of your personal information to another person.
• Right to restriction. You have the right, in some circumstances, to require us to limit the purposes for which we process your personal information if the continued processing of the personal information in this way is not justified, such as where the accuracy of the personal information is contested by you.
• Right to withdraw consent. If you have provided consent to any processing of your personal information, you have a right to withdraw that consent (without affecting the lawfulness of our processing prior to you having withdrawn your consent).

Right to object: you also have the right, in certain circumstances, to object to any processing based on our legitimate interests in certain circumstances. You can also object to our direct marketing activities for any reason by clicking the “unsubscribe” link set out in any marketing communication you receive or toggling your preferences in your account settings. See paragraph 5 for further details.

Please note that the above rights are not absolute, and we may be entitled to refuse requests, wholly or partly, where exceptions under the applicable law apply.

If you wish to exercise one of these rights, please contact us using the contact details at the end of this Privacy Policy. You may also review, remove, and edit some of the personal information you have submitted to us by logging into your account on the Services.

12. CHILDREN

The Services are not intended for children, and we do not knowingly collect data relating to children. You are not permitted to use the Services if you are under 18 years of age or residing outside of the UK.

If we learn we have collected or received personal information from an individual under 18, we will promptly delete that information. If you have any information from or about a child under 18, please contact support@jointrotter.com.

13. COMPLAINTS

You have the right to make a complaint at any time to the Information Commissioner’s Office (“ICO”), the UK regulator for data protection issues (www.ico.org.uk). We would, however, appreciate the chance to deal with your concerns before you approach the ICO so please contact us in the first instance. If you are located in the EU, further information about how to contact your local data protection authority is available at:

http://ec.europa.eu/justice/data-protection/bodies/authorities/index_en.htm.

14. CHANGES TO THE PRIVACY POLICY AND YOUR DUTY TO INFORM US OF CHANGES

We may update this Privacy Policy from time to time and so you should review this page periodically. When we change this Privacy Policy in a material way, we will update the “last updated” date at the top of this Privacy Policy. Changes to this Privacy Policy are effective when they are posted on this page.

It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your relationship with us, for example a new address or email address.

15. THIRD PARTIES

Our website and communications may, from time to time, direct you to third party sites and services, including those of our third-party service providers, business partners, advertisers, news publications and affiliates. If you follow a link to any of these websites, please note that Trotter does not control these third parties or their privacy practices, even when we facilitate your interaction with them. We do not accept any responsibility or liability for these third-party policies. We advise you to review the privacy policies of any third-party services before submitting any information to understand how they handle your data.

16. CONTACT DETAILS

For any questions regarding this Privacy Policy, the use of your personal data, or if you wish to exercise your privacy rights, please contact us through the following means:

Email address: support@jointrotter.com

Postal address: 1 Berkley Street, London W1J 8DJ, United Kingdom.

Our team is ready to assist you with any inquiries or requests related to your personal data.

APPENDIX I

Type of data	Purpose or activity	Lawful basis for processing
Contact Data Identity Data Profile Data Communications Data User Content Data Transaction Data Financial Data	To assist you in creating a profile.To register you with the Services.To enable you to use our Services.To administer your account (including sending you information regarding changes to our policies, other terms and other administrative information).	Such processing is all necessary to perform our contract with you.(See row below regarding special category data).
Special category personal data (race and ethnicity, and certain other information you may choose to provide as part of using the Services, such as information about your politics, health, and sexual orientation)	To enable you to use our Services.	Explicit consent (either via exercising options when completing the profile or voluntarily submitting such data to the Services).
Contact Data Technical and Usage Data	To verify your identity (including via SMS or email).	It is in our legitimate interests to verify the email address or phone number you have given during registration is yours to ensure the accuracy of the data and for security purposes.
Contact Data Marketing Data Communications Data User Content Data Technical and Usage Data Identity Data	Marketing and advertising (including sending you newsletters and measuring the effectiveness of our marketing).	Consent (if required by law).Where consent is not required by law, it is in our legitimate interests to study how users use our Services and to grow and market our business.
Contact Data Profile Data Communications Data User Content Data Marketing Data Transaction Data	To respond to queries and complaints and provide you with information and materials that you request from us.To carry out surveys and/or ask for feedback with a view to improving our Services.	It is in our legitimate interests to respond to your queries and provide any information and materials requested in order for you to have a positive experience with us and to maintain good customer relations.It is in our legitimate interests to understand how our users feel about our Service so we can take steps to improve this
Technical and Usage Data User Content Data Transaction Data	Analytics (such as analysing usage of the Services). Improve the Services to ensure that content is presented in the most effective manner for you.Marketing and advertising.To ascertain your preferences.	Consent (if required by law).Where consent is not required by law, it is in our legitimate interests to study how users use our Services and to grow and market our business.
Geographical location data	To enable users to facilitate meet ups.	Explicit consent (either via exercising options when completing the profile or voluntarily submitting such data to the Services)
Contact Data Profile Data User Content Data Marketing Data Technical and Usage Data	To administer and protect our business and our Services (including troubleshooting, fraud prevention, IT security, data analysis, testing, system maintenance, support, reporting and hosting of data)	It is in our legitimate interests to monitor the Services and resolve errors to ensure that everything functions properly.To comply with our legal and regulatory obligations under applicable law.It is also in our legitimate interests to protect systems and data and to prevent and detect criminal activity that could be damaging for you and/or us.