Protecting Your Privacy | Unique Tours Ireland

Privacy & Cookie Policy

Last Updated: 15 January 2026
Effective Date: 01 January 2024

1. INTRODUCTION

Unique Tours Ireland Limited (“we”, “us”, “our”, or the “Company”) is committed to protecting and respecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal data when you interact with our services, visit our website, or book tours with us.

This Privacy Policy is issued in accordance with the General Data Protection Regulation (EU) 2016/679 (“GDPR”), the Data Protection Act 2018, and the European Communities (Electronic Communications Networks and Services) (Privacy and Electronic Communications) Regulations 2011 (S.I. No. 336/2011) (“ePrivacy Regulations”).

By using our services or providing us with your personal data, you acknowledge that you have read and understood this Privacy Policy. If you do not agree with this Privacy Policy, please do not use our services or provide us with your personal data.

2. DATA CONTROLLER

Unique Tours Ireland Limited is the data controller responsible for your personal data. Our contact details are:

Unique Tours Ireland Limited
46 Doon Heights
Ballyconnell
Co. Cavan
Ireland

Email: info@unique-tours-ireland.com
Telephone: +353879875225

For any queries regarding data protection or to exercise your rights under data protection law, please contact us using the details above.

3. PERSONAL DATA WE COLLECT

We collect and process the following categories of personal data:

3.1 Information You Provide Directly

Booking and Enquiry Information:

- - Full name
  - Email address
  - Postal address
  - Telephone number
  - Date of birth (where required for tour purposes)
  - Passport details (where required for tour bookings)
  - Nationality
  - Emergency contact details
  - Dietary requirements and allergies
  - Accessibility requirements and mobility information
  - Medical conditions relevant to tour participation
  - Special requests or preferences

Payment Information:

- - Payment card details (processed securely via third-party payment processors)
  - Billing address
  - Transaction history

Communication Records:

- - Correspondence via email, telephone, contact forms, or other communication channels
  - Feedback, reviews, and survey responses
  - Customer service enquiries and complaints

Marketing Preferences:

- - Consent to receive marketing communications
  - Communication preferences

Account Information (if applicable):

- - Username and password
  - Account preferences and settings

Employment Information (Job Applicants):

- - Curriculum vitae (CV)
  - Cover letter
  - Educational qualifications
  - Employment history
  - References
  - Right to work documentation

3.2 Information We Collect Automatically

Technical Information:

- - Internet Protocol (IP) address
  - Browser type and version
  - Operating system
  - Time zone setting
  - Device type
  - Geographic location (where you access our website from)
  - Pages visited on our website
  - Time and date of visits
  - Referring website addresses

Cookies and Tracking Technologies:

We use cookies and similar tracking technologies. Please refer to Section 9 (Cookies and Tracking Technologies) for detailed information.

4. HOW WE USE YOUR PERSONAL DATA

We process your personal data for the following purposes:

4.1 Contract Performance

To fulfil our contractual obligations to you when you book a tour or service with us:

- Processing and managing your booking
- Providing tour services and arranging travel itineraries
- Communicating with you about your booking
- Arranging accommodation, transport, activities, and other tour-related services
- Providing customer support
- Processing payments and issuing invoices
- Ensuring your safety and wellbeing during tours

Legal Basis: Processing is necessary for the performance of a contract with you (Article 6(1)(b) GDPR).

4.2 Legal Obligations

To comply with legal and regulatory requirements:

- Maintaining accounting and tax records
- Responding to lawful requests from authorities
- Preventing and detecting fraud
- Complying with health and safety legislation

Legal Basis: Processing is necessary for compliance with legal obligations (Article 6(1)(c) GDPR).

4.3 Legitimate Interests

To pursue our legitimate business interests:

- Improving our services and website functionality
- Conducting market research and customer satisfaction surveys
- Analysing website usage and customer behaviour
- Administering and protecting our business and website (including troubleshooting, data analysis, testing, system maintenance)
- Preventing fraud and ensuring security
- Establishing, exercising, or defending legal claims

Legal Basis: Processing is necessary for our legitimate interests or those of third parties, provided your interests and fundamental rights do not override those interests (Article 6(1)(f) GDPR).

4.4 Consent

Where we have obtained your explicit consent:

- Sending you marketing communications about our services, special offers, and promotions
- Using non-essential cookies and tracking technologies
- Processing special category data (e.g., health information) beyond what is necessary for tour provision

Legal Basis: You have given consent to the processing (Article 6(1)(a) GDPR). You have the right to withdraw your consent at any time.

4.5 Special Category Data

We may process special category personal data (such as health information, dietary requirements indicating religious beliefs, or accessibility needs) where necessary for:

- The provision of tour services where you have made information public or provided explicit consent
- Compliance with health and safety obligations

Legal Basis: Processing is necessary for reasons of substantial public interest (Article 9(2)(g) GDPR), explicit consent (Article 9(2)(a) GDPR), or where you have manifestly made the data public (Article 9(2)(e) GDPR).

5.DATA SHARING AND DISCLOSURE

We may share your personal data with the following categories of recipients:

5.1 Service Providers

Third-party service providers who assist us in delivering our services:

- Accommodation providers (hotels, guesthouses, B&Bs)
- Transport providers (coach companies, vehicle hire companies)
- Tour guides and drivers
- Activity and attraction providers
- Restaurants and catering services
- Payment processors and banking institutions
- IT service providers and website hosting companies
- Marketing and advertising platforms
- Customer relationship management (CRM) systems

All service providers are required to respect the security of your personal data and process it only in accordance with our instructions and applicable data protection law.

5.2 Professional Advisers

Lawyers, accountants, auditors, insurers, and other professional advisers who provide services to us.

5.3 Regulatory and Law Enforcement Authorities

Where required by law or to comply with legal obligations:

- Irish Data Protection Commission
- Revenue Commissioners
- An Garda Síochána or other law enforcement agencies
- Courts and tribunals

5.4 Business Transfers

In the event of a sale, merger, acquisition, reorganisation, or transfer of all or part of our business or assets, your personal data may be transferred to the acquiring entity, subject to the same level of protection.

5.5 Third Parties with Your Consent

Any other third parties where you have provided explicit consent for disclosure.

We do not sell, rent, or trade your personal data to third parties for their marketing purposes.

6. INTERNATIONAL DATA TRANSFERS

Your personal data is primarily processed within the European Economic Area (EEA). However, we may transfer personal data to third parties located outside the EEA, including service providers in countries that may not provide the same level of data protection as Ireland.

For example, this may include our hosting provider in the United States, email services (Google Workspace), payment processors (Stripe), CRM systems, and other third-party service providers.

Where we transfer personal data outside the EEA, we ensure appropriate safeguards are in place:

- Adequacy Decisions: Transfers to countries deemed by the European Commission to provide an adequate level of protection
- Standard Contractual Clauses (SCCs): Using European Commission-approved Standard Contractual Clauses with recipients
- Appropriate Supplementary Measures: Implementing technical and organisational measures to ensure data protection

For further information about international transfers or to obtain a copy of the safeguards we have put in place, please contact us using the details in Section 2.

7. DATA RETENTION

We retain your personal data only for as long as necessary to fulfil the purposes for which it was collected and to comply with legal, regulatory, tax, accounting, or reporting requirements.

7.1 Retention Periods

Booking and Customer Data:

- Retained for the duration of our contractual relationship and for seven (7) years thereafter to comply with accounting and tax obligations

Marketing Communications:

- Retained until you withdraw consent or we no longer have a legitimate interest in contacting you

Website Usage Data and Cookies:

- Retained in accordance with our Cookie Policy (see Section 9)

Job Applications:

- Retained for twelve (12) months following the conclusion of the recruitment process, unless you consent to longer retention

Legal Claims:

- Where necessary to establish, exercise, or defend legal claims, data may be retained for the duration of the limitation period applicable to such claims

In determining retention periods, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure, the purposes for which we process your data, and applicable legal requirements.

8. DATA SECURITY

We implement appropriate technical and organisational measures to protect your personal data against unauthorised or unlawful processing, accidental loss, destruction, damage, alteration, or disclosure.

8.1 Security Measures

- Secure Socket Layer (SSL) encryption for data transmitted via our website
- Secure payment gateways with PCI DSS compliance for processing card payments
- Access controls and authentication mechanisms
- Regular security assessments and updates
- Staff training on data protection and confidentiality obligations
- Secure data storage and backup procedures

Whilst we take reasonable steps to protect your personal data, please be aware that no method of transmission over the internet or electronic storage is completely secure. We cannot guarantee absolute security.

8.2 Data Breach Notification

In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, we will notify the Data Protection Commission within 72 hours of becoming aware of the breach. Where the breach is likely to result in a high risk to you, we will also notify you without undue delay, unless certain exceptions apply.

9. COOKIES AND TRACKING TECHNOLOGIES

Our website uses cookies and similar tracking technologies to enhance your user experience, analyse website usage, and deliver targeted advertising.

9.1 What Are Cookies?

Cookies are small text files placed on your device (computer, smartphone, or tablet) when you visit a website. They allow the website to recognise your device and store information about your preferences or past actions.

9.2 Types of Cookies We Use

Strictly Necessary Cookies:

These cookies are essential for the operation of our website and enable you to navigate and use its features. They include cookies that remember your cookie consent preferences.

- Legal Basis: These cookies are exempt from consent requirements under Regulation 5(5) of the ePrivacy Regulations as they are strictly necessary to provide a service explicitly requested by you.

Performance and Analytics Cookies:

These cookies collect information about how visitors use our website, such as which pages are visited most often and whether error messages are received. This helps us improve website performance.

Examples include:

- Google Analytics
- Microsoft Clarity
- Legal Basis: Consent (Regulation 5(3) of the ePrivacy Regulations).

Functionality Cookies:

These cookies allow our website to remember choices you make (such as language or region) and provide enhanced, personalised features.

- Legal Basis: Consent (Regulation 5(3) of the ePrivacy Regulations).

Targeting/Advertising Cookies:

These cookies are used to deliver advertisements relevant to your interests. They may be placed by third-party advertising networks with our permission and track your browsing activity across multiple websites.

Examples include:

- Google Ads
- Meta (Facebook) Pixel
- Other social media advertising platforms
- Legal Basis: Consent (Regulation 5(3) of the ePrivacy Regulations).

9.3 Third-Party Cookies

Our website may contain links to third-party websites, plug-ins, and applications operated by third parties (such as social media platforms). These third parties may set their own cookies when you visit our website or click on their links. We do not control these cookies, and you should review the relevant third party’s privacy and cookie policies.

9.4 Cookie Lifespan

The lifespan of cookies varies:

- Session Cookies: Temporary cookies that expire when you close your browser
- Persistent Cookies: Remain on your device for a set period or until you delete them

We ensure that cookie lifespans are proportionate to their purpose. Consent for non-essential cookies will be requested again every six (6) months in accordance with guidance from the Data Protection Commission.

9.5 Managing Cookies

You can manage your cookie preferences through:

- Our Cookie Consent Banner when you first visit our website
- Your Browser Settings: Most browsers allow you to refuse or delete cookies. Methods vary depending on the browser you use. Please consult your browser’s help function for instructions.

Please note: Disabling strictly necessary cookies may affect the functionality of our website.

9.6 Do Not Track Signals

Some browsers have a “Do Not Track” feature. Our website does not currently respond to Do Not Track signals.

10. YOUR DATA PROTECTION RIGHTS

Under the GDPR and Data Protection Act 2018, you have the following rights regarding your personal data:

10.1 Right of Access (Article 15 GDPR)

You have the right to obtain confirmation as to whether we process your personal data and, if so, to request access to that data, together with certain additional information (such as the purposes of processing and categories of data).

10.2 Right to Rectification (Article 16 GDPR)

You have the right to have inaccurate personal data corrected and incomplete personal data completed.

10.3 Right to Erasure (“Right to be Forgotten”) (Article 17 GDPR)

You have the right to request the deletion of your personal data in certain circumstances, including:

- Where the data is no longer necessary for the purposes for which it was collected
- Where you withdraw consent (and there is no other legal basis for processing)
- Where you object to processing and there are no overriding legitimate grounds
- Where the data has been unlawfully processed
- Where erasure is necessary to comply with a legal obligation

This right is not absolute and may be subject to exemptions (e.g., where we are required to retain data for legal compliance).

10.4 Right to Restriction of Processing (Article 18 GDPR)

You have the right to request that we restrict processing of your personal data in certain circumstances, including:

- Where you contest the accuracy of the data (until we verify its accuracy)
- Where processing is unlawful, but you do not want the data erased
- Where we no longer need the data, but you require it to establish, exercise, or defend legal claims
- Where you have objected to processing (pending verification of our legitimate grounds)

10.5 Right to Data Portability (Article 20 GDPR)

Where processing is based on consent or contract performance and is carried out by automated means, you have the right to receive your personal data in a structured, commonly used, machine-readable format and to transmit it to another controller.

10.6 Right to Object (Article 21 GDPR)

You have the right to object to:

- Processing based on legitimate interests: You may object at any time, and we will cease processing unless we can demonstrate compelling legitimate grounds that override your interests, rights, and freedoms or for the establishment, exercise, or defence of legal claims.
- Direct marketing: You have an absolute right to object to processing for direct marketing purposes at any time. We will cease such processing immediately upon receipt of your objection.

10.7 Right to Withdraw Consent (Article 7(3) GDPR)

Where processing is based on your consent, you have the right to withdraw that consent at any time. Withdrawal does not affect the lawfulness of processing based on consent before its withdrawal.

10.8 Right Not to Be Subject to Automated Decision-Making (Article 22 GDPR)

You have the right not to be subject to decisions based solely on automated processing, including profiling, which produce legal effects concerning you or similarly significantly affect you. We do not currently engage in automated decision-making.

10.9 Exercising Your Rights

To exercise any of the above rights, please contact us using the details in Section 2. We may request specific information from you to verify your identity and ensure that your personal data is not disclosed to unauthorised parties.

We will respond to your request without undue delay and, in any event, within one month of receipt. This period may be extended by two further months where necessary, taking into account the complexity and number of requests. We will inform you of any such extension and the reasons for delay.

There is no fee for exercising your rights, unless your request is manifestly unfounded or excessive, in which case we may charge a reasonable fee or refuse to act on the request.

11. CHILDREN'S PRIVACY

We do not knowingly collect or process personal data from children under the age of 18 without obtaining verifiable parental consent. Where we are aware that a child under 18 has provided personal data, we will take steps to verify that such data has been provided with appropriate parental or guardian consent.

If you are a parent or guardian and believe that your child has provided us with personal data without your consent, please contact us immediately, and we will take steps to delete such information.

For the purposes of GDPR, individuals under the age of 16 are considered children for consent purposes in Ireland, and parental consent is required for the processing of their personal data.

12. DIRECT MARKETING

We may send you marketing communications about our services, special offers, promotions, and news where:

- You have given consent to receive such communications, or
- You are an existing customer, and the communications relate to similar services to those you have previously purchased from us, and you have not opted out

12.1 Opting Out

You may opt out of receiving marketing communications at any time by:

- Clicking the “unsubscribe” link in any marketing email we send
- Contacting us using the details in Section 2
- Updating your preferences in your account settings (if applicable)

We will action your opt-out request without undue delay and will cease sending marketing communications within a reasonable timeframe (generally within 48 hours, but may take up to five working days to update all systems).

Please note: Even if you opt out of marketing communications, we may still send you non-marketing communications, such as booking confirmations, service updates, and administrative messages.

13. THIRD-PARTY WEBSITES AND LINKS

Our website may contain links to third-party websites, applications, or services that are not operated or controlled by us. This Privacy Policy applies only to our services and does not extend to third-party websites.

We are not responsible for the privacy practices of third-party websites. We encourage you to review the privacy policies of any third-party websites you visit.

When you click on third-party links or interact with third-party content, those third parties may collect information about you in accordance with their own privacy policies.

14. CHANGES TO THIS PRIVACY POLICY

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or for other operational, legal, or regulatory reasons.

When we make material changes to this Privacy Policy, we will:

- Update the “Last Updated” date at the top of this Privacy Policy
- Notify you by email (where we have your email address) or by posting a prominent notice on our website
- Where required by law, obtain your consent to the updated Privacy Policy

We encourage you to review this Privacy Policy periodically to stay informed about how we are protecting your personal data.

Continued use of our services following any changes constitutes your acceptance of the revised Privacy Policy, unless the changes require your explicit consent, in which case we will seek such consent before the changes take effect.

15.Disclosure

We do not disclose or share any of your information with third parties.

16. CONTACT US

If you have any questions or concerns about this Privacy Policy, please do not hesitate to contact us.

This Privacy Policy was prepared in accordance with Irish and EU data protection law and represents the Company’s commitment to transparency and data protection compliance as at the effective date stated above.