Outlook Expeditions Limited (“Outlook”, “we”, “us” or “our”) are committed to protecting your privacy on all platforms.
This Notice sets out the basis on which any personal information or personal data (any information about you which is personally identifiable) that Outlook collects from you or that you provide to Outlook, will be processed by us. Please read the following carefully to understand our practices regarding your personal information.

Amendments and updates to this Privacy Notice may be made from time-to-time. Any revisions will be posted on our website, so you will always be aware of what information we collect and how we use that information. Please review this page regularly so that you are aware of any changes.

You will find information relating to the following below:

  1. Who we are
  2. The information we collect and process
  3. How we collect information
  4. What we use this information for
  5. How we collect and process information from minors
  6. Where we store this information
  7. Who we disclose this information to
  8. Our marketing practices
  9. Our retention policy
  10. Your rights
  11. Website, cookies and links
  12. Telephone recording
  13. How to request your personal data
  14. Key contacts

Who we are

For the purpose of data protection legislation, the data controller is Outlook Expeditions Limited, a company registered in England and Wales (Company number 4271147) whose registered office is at Head Office, 20 St Johns Road, Penn, High Wycombe, HP10 8HW.

The information we collect and process

The information we collect is dependent on the interaction and the type of relationship you have with us. For example, we require more in-depth information if you are participating on one of our expeditions than if you are a teacher simply enquiring about the possibility of organising an expedition. Similarly, if you are an applicant for a job at Outlook or an employee, we will collect and process different sets of data.

For the purposes of operating our business, we may collect the following information:

Contact details
title, name, gender, email address, telephone number, address (business/residential), date of birth, preferences

details from meetings to discuss possible or booked expeditions, or from calls to our customer service line

Banking & ID
your bank or card details in relation to payments. Passport number, expiry, country of origin and date of issue, as required by airlines for flight confirmation

CV, previous employment, qualifications, driving license details, references

Booking details
itinerary, airport and flight numbers and times, dietary or special assistances requirements

Digital interactions
how you use our online platforms such as website, Basecamp portal, social media and email communications.

Special data types
due to the nature of our business, it is sometimes necessary for us to collect information from Participants, Expedition Leaders and School Leaders, that is deemed sensitive. These include health and fitness, medical conditions, medications taken and previous medical history.

How we collect information

We collect data in a number of different ways, depending on the interaction and relationship we have with you.

you may give us your contact details or other personal information over the phone or in person in relation to a possible expedition or a live booking.

you may give us your contact details by filling in an online form, by email, interacting with our digital marketing activities, visiting our website (automated technologies such as Cookies) or logging into our customer portal – Basecamp.

By giving us your personal data by the methods above, you are consenting to being contacted by Outlook Expeditions either for the purposes of fulfilling a contract or for future business endeavours. In relation to email marketing communications, you will be given the opportunity to manage your preferences and unsubscribe at any time should you wish to no longer receive them.

Third parties
travel partners, airlines or other parties we work with may provide us with information about you as part of our travel contract.

What we use this information for

For the purposes of fulfilling our contractual obligations:

Where our relationship with you is as customer and provider, we will need to process your information to deliver a successful expedition experience, as detailed in our contract. Similarly, as a member of staff, we will need to collect information to enter into and fulfil our obligations of your employment contract. Here are some of the ways in which we use this information.

Managing your booking: to fulfil all logistical requirements including booking flights, transport, accommodation, activities, projects, and to track and handle payments. We may also use your information to meet our legal obligations, to deal with any complaints and for the enforcement of our terms and conditions.

Customer support: communicating with teachers, parents and participants on a regular basis to support their build up programme and inform them of specific details related to their booking. We will also send e-newsletters including content such as news, helpful advice and support, travel stories and competitions.

Operations: health data and other special data is used to inform our risk assessments to assess your suitability to participate in an expedition or UK training event and ensure your wellbeing. Next of kin information is used when a situation requires us to contact family whilst participants are on expedition.
HR: we will use banking information in order to pay your salary and tax information in order to manage your tax and national insurance.

For the purposes of legitimate interest:

We may also use your information for legitimate business interests which include sales and promotion activity such as direct/email marketing communications, improving and developing our products and services, processing job applications and optimising our website. As required by data protection laws, we carry out ‘legitimate interest’ assessments on our data.

We will not process data on the grounds of legitimate interest, where our interests are outweighed by your interests, rights and freedoms.

How we collect and process information from minors

When collecting information about participants under the age of eighteen, we will seek the consent of a parent or guardian. Thirteen is the legal age for giving consent to collect and process personal data under data protection law, so we do allow children of thirteen years or over to complete online questionnaires and participate in other data collection activity. However, procedures are in place that ensure all minors we interact with are represented by a parent and guardian who have visibility of this information and the opportunity to edit or remove it.

Where we store this information

Outlook will take all reasonable steps to ensure that your information is treated securely and in accordance with this Privacy Notice.

We use a number of CRM (customer relationships management) booking and communications systems to store and manage our data. Where a CRM system is an externally purchased system, we ensure that our supplier is compliant with data protection laws and has all the relevant measures in place to protect personal data.

Where we have given you (or you have chosen) a username and password which enables you to access our services, you are responsible for keeping these confidential and you must not disclose them to a third party.

Who we disclose this information to

We will not sell your information, however for the purpose of providing you with our services, including your flight, in-country bookings, incident management or insurance services, we may disclose your information, including Health Data, to third-parties outside the United Kingdom or European Economic Area. We do so on lawful grounds as outlined in the previous section.

Circumstances in which we may share your data include:

To manage your booking effectively: we may share your information with booking agents, flight operators, accommodation providers, activity providers, in-country guides, border immigration and any other third-party partner or suppliers that we work with. Where third parties are outside the EEA (European Economic Area), we will take steps to ensure your data is treated with a similar level of protection.

We will only share your details with third-party providers that are directly related to the booking of your expedition, and not for marketing purposes.

Ensuring your wellbeing on expedition: we may share your health or special data with Outlook staff, school leaders, expedition leaders, external professional advisors, overseas activity providers, insurance/assistance providers, and medical service providers in order to tailor our service to suit your specific requirements.

Email communications: we may share your information with third party email marketing software providers, in order to send and manage our digital communications. All providers are vetted to ensure they are fully compliant with data protection laws.

In addition, we may share your data in the following ways (as appropriate):

  • to comply with any legal obligation or as otherwise permitted by law;
  • in the conduct or defence of legal claims or to enforce our agreements;
  • for debt collection purposes;
  • for security purposes or to protect our rights or those of a third party; and
  • for the purposes of the prevention or detection of offences, and/or the apprehension or prosecution of offenders, we may share any information that we collect with the police, other public or private sector agencies, governmental or representative bodies in accordance with the relevant legislation. This will include public authorities, insurance companies, finance companies and/or other agencies.
  • with any actual or prospective seller or buyer of our business and/or any assets. Information held by us about our customers and any users will be one of the transferred assets.

Our marketing practices

We use a number of recognised marketing communication practices to communicate with our customers and potential customers. These include direct mail, email marketing, web leads and analytics and market research.

Our data is continually evaluated, updated and segmented to ensure that we tailor our activity and content according to the audience. This means that we only send targeted, timely communications and offers that suit the needs and requirements of our customers and prospects.

We will only contact you in this way if you have expressed an interest in our company and signed up to receive email communications (by way of online form or other data collection activity) or if we have entered into some sort of contract by way of an expedition booking.

You can request not to be contacted in this way, either at the point of data collection, by contacting us directly or by unsubscribing on an email you receive.

Occasionally, we may include information about some of our partners in these communications, if we believe it is of interest or benefit to you. We will not share your information with third parties for marketing purposes. Should we wish to in the future, we will seek your permission first.

Our retention policy

We will hold onto your information only for as long as is necessary and for the purpose for which it was provided to us or collected e.g. fulfilling our contractual obligations in the delivery of an expedition or communicating in relation to future expedition sales or to satisfy any legal, accounting or reporting requirements. When data has expired it’s given retention date, we delete it from all our data and business management systems.

For legal claims and tax purposes, we have to keep some information about our business activity for up to eight years. These will include customer information, bookings, and dealings with partners and providers.

Where processing is based on your consent, we shall only process it until such time as you withdraw your consent. Please let us know if any of your contact details change so that we can ensure we only hold accurate and up to date information.

Your rights

You have a number of rights in relation to your personal information. You have the right to:

  • request information regarding the personal data that we hold about you and the source(s) of that information. You can request a copy of any personal data we hold about you. This service is usually free of charge, although we have the right to charge a ‘reasonable fee’ in some circumstances;
  • request that we rectify any inaccuracies in relation to the personal data we hold;
  • in some circumstances, request the erasure of your personal data or object to the processing of your data;
  • object to any direct marketing;
  • in some circumstances, request that your personal data be transferred to you or a new provider if the data is processed automatically;
  • withdraw consent to us processing your personal data. This will not affect the processing already carried out with your consent;
  • lodge a complaint with a supervisory authority. In the UK, this is the Information Commissioner’s Office;

If you want to exercise you rights as detailed above or have any questions, please contact us either by email GDPR@outlookexpeditions.com or by post to the Data Protection Officer, Outlook Expeditions, 20 St Johns Road, Penn, High Wycombe, HP10 8HW.

Website, cookies & links

Our website uses cookies to distinguish you from other users. Details of the cookies we use are set out here:

We may collect information about your computer, including where available your IP address, operating system and browser type, for system administration purposes. This is statistical data about our users’ browsing actions and patterns and does not identify any individual.

We may also obtain information about your general internet usage by using technology such as “cookies”, which store information on the hard drive of your computer. This type of technology helps us to improve our site and to deliver a better and more personalised service for Public Users and our customers. They enable us to:

  • understand visitor numbers;
  • store information about a user’s preferences, and so allow us to customise our site and offer goods or services in which we believe they will be interested;
  • speed up searches; and
  • recognise you when you return to our site.

You may refuse to accept some technologies such as cookies by activating settings on your browser which allows you to refuse the setting of technologies such as cookies. If you refuse all cookies you may be unable to access certain parts of our site. If you do not activate these settings on your browser then you will be taken to have consented to the use of these technologies.

We use Google Analytics and other monitoring software on our site. These types of technologies also allow the proprietor of the technology e.g. Google to also access your information, we have no action over how your information is processed by third parties such as Google. Please read the privacy packages to understand how your information may be used by these third parties.

Some pages of our website include external links to third party websites. We have no control over and are not responsible for these websites or the use of your information by third parties. You should check the privacy notices on any third-party websites to ensure that you are satisfied regarding their privacy practices, prior to sharing any personal information.

Telephone recording

We use a VOIP telephone system that is capable of recording telephone calls. We may record both inbound and outbound calls for the purposes of quality monitoring, training, compliance and security purposes.

We will retain the recordings for a period not exceeding eight years. The recordings will only be used for the purposes specified in this Privacy Notice. We shall ensure that the recording of telephone calls is done in accordance with all applicable laws. Details of the third-party provider of the VOIP telephone system are available on request.

How to request your personal data

Questions, comments and requests regarding this Notice are welcomed and should be sent by email to GDPR@outlookexpeditions.com or by post:

Data Protection Officer
Outlook Expeditions
20 St Johns Road
High Wycombe
HP10 8HW

Key contacts

Data Controller: Outlook Expeditions
Data Controller representative: Trevor Carter – GDPR@outlookexpeditions.com
Data Protection Officer: DPO – GDPR@outlookexpeditions.com