This Privacy notice was last updated on 7th May 2018 in accordance with the General Data Protection Regulations (GDPR) requirements.



This Privacy notice explains what information the Lucketts Group* (‘the Group’, ‘we’, ‘us’, and ‘our’) gather about you, what we use that information for, and who we give that information to.


It also sets out your rights in relation to your information and who you can contact for more information or queries. Click on the links to take you to more detailed sections of this Privacy notice.


The Lucketts Group* comprises:


  • H Luckett & Co Limited
  • Lucketts Holdings Limited
  • Lucketts Travel
  • Worthing Coaches
  • Mortons Travel
  • Coliseum Coaches
  • Solent Coaches



We take data protection very seriously and we are committed to protecting your personal information. This Privacy notice describes how we handle personal information collected by any means, including through our websites:



It is our policy to collect only the minimum information required from you. If you believe we havecollected excessive information about you, please contact us to raise any concerns you may have.


In this Privacy notice your personal information is sometimes called “personal data”. We sometimes collectively refer to handling, collecting, protecting or storing your personal information as ‘processing’.


Although you do not have to provide any of your personal information to us, if we ask you to do so and you refuse, we may be unable to provide you with the information, goods or services you want from us.


Personal information Personal information is anything that enables you to be identified or identifiable, e.g. your name, postal address, email address and telephone number.



Below are some examples of how you may provide personal information to us:


  • Calling us by telephone to:
  • Hire a coach
  • Book an excursion, trip or holiday
  • Searching and browsing our websites for content
  • Requesting a brochure
  • Subscribing to our newsletter
  • Entering or responding to our surveys or competitions
  • Submitting CVs or work history information
  • Contacting us for further information
  • Providing us with business cards or other contact information



When you provide your personal information to us, we may use it for any of the purposes described in this Privacy notice or as stated at the point of collection (or as obvious from the context of collection), including:


  1. To provide a service to you that you have requested
  2. To administer and manage our websites
  3. To develop our businesses and services
  4. To conduct quality and risk management reviews
  5. To monitor and enforce compliance with our Terms of Business; and
  6. Any other purposes for which you provided the information to us, including any of the purposes given in the ‘Collection of personal information’ section above.


We do not collect personally identifying information for sale to others.



We rely on one or more of the following processing conditions:

To perform our contractual obligations to you; or


  • To perform our contractual obligations to you; or
  • If necessary for the purposes of our legitimate interests
  • To satisfy any legal and regulatory obligations to which we are subject
  • (Where no other condition for processing is available) if you have agreed to us processing your personal information


To satisfy any legal and regulatory obligations to which we are subject

(Where no other condition for processing is available) if you have agreed to us processing your personal information



We have implemented generally accepted standards of technology and operational security to protect personally identifiable information from loss, misuse, alteration or destruction.


Only authorised persons are provided access to personally identifiable information we have collected, and such individuals have agreed to maintain the confidentiality of this information.


Although we use appropriate security measures once we have received your personal data, the transmission of data over the internet (including by e-mail) is never completely secure.


We endeavour to protect personal data, but we cannot guarantee the security of data transmitted to or by us.



We may transfer, share or disclose the personal data we collect from you to other organisations for:


  • The purposes listed above under use of personal information (e.g. to facilitate your trip or holiday by passing on your personal information to hotels, ferry companies etc.).
  • The administration and maintenance of our websites and/or
  • Other internal or administrative purposes


We also may transfer share or disclose your personal information to providers of website hosting and management, data analysis, data backup, security and storage services.


These other organisations may use subcontractors that have access to your personal data. It is our policy to use other organisations that will provide appropriate levels of security and confidentiality and will process personal information only as instructed by us, and to impose those same obligations down to their sub-processors.



Your personal information may be transferred to and stored outside the European Economic Area (EEA).

Transfer outside the EEA will be only:


  • To a recipient located in a country which provides an adequate level of protection for your personal information; and/or
  • Under an agreement which satisfies EU requirements for the transfer of personal data to data processors or data controllers outside the EEA.



We may also disclose personal information to other organisations under the following circumstances:


  • When explicitly requested by you
  • When required to deliver publications or reference materials as requested by you
  • When required to facilitate accommodation or transport provided by another organisation
  • As otherwise set out in this privacy notice


We may also disclose your personal information to law enforcement, regulatory and other government agencies and to professional bodies and others, as required by and/or in accordance with applicable law or regulation.



We will retain your personal information only for as long as we need it, given the purposes for which it was collected, or as required to do so by law.

Normally, this means we will retain your personal information for 6 years. For more information please see our Retention of Records Policy.



Where we are legally required to obtain your consent to provide you with marketing materials, we will only provide you with such marketing materials if you have provided consent for us to do so.


If you opt into any newsletters, you will receive emails known as newsletters.


If you want to unsubscribe from our newsletter(s), you should look for and follow the instructions we have provided to you on the email.


If you choose to unsubscribe from any or all mailings, we may retain information sufficient to identify you so that we can honour your request.



You have certain rights in relation to the personal information we hold about you. You have the right to:


  • Request a copy of personal information we hold about you;
  • Ask that we update the personal information we hold about you, or correct such personal information that you think is incorrect or incomplete;
  • Ask that we delete personal information that we hold about you, or restrict the way in which we use such personal information;
  • Object to our processing of your personal information; and/or
  • Withdraw your consent to our processing of your personal information (to the extent such processing is based on consent and consent is the only permissible basis for processing).


If you would like to exercise these rights or understand if these rights apply to you, please contact us.



We will not use your personal information for automated decision making or profiling.



We understand the importance of protecting children’s privacy and we never knowingly collect personal information about individuals under the age of 18.



Our Websites may link to other sites not controlled by us and which do not operate under our privacy practices. When you link to other sites, our privacy practices no longer apply. We encourage you to review each other site’s privacy policy before disclosing any personally identifiable information.



Please see our Cookie Policy.



If you have any questions or complaints about this Privacy notice or the way your personal information is processed by us, or would like to exercise one of your rights set out above, please contact us by one of the following means:

or by Post: Broadcut, Wallington, Fareham PO16 8TB


You also have the right to lodge a complaint with your local data protection regulator, which in the UK is the Information Commissioner Office (ICO). The ICO can be contacted by the following means:




Telephone: 0303 123 1113 0303 123 1113 (local rate – calls to this number cost the same as calls to 01 or 02 numbers). If you’re calling from outside the UK please call +44 1625 545 700 +44 1625 545 700 .

Post: Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF


We may update this Privacy notice at any time by publishing an updated version here. So that you know when we make changes to this Privacy statement, we will amend the revision date at the top of this page. The new modified or amended Privacy notice will apply from that revision date. Therefore, we encourage you to review this Privacy notice periodically to be informed about how we are protecting your information.


Cookie Policy

Our website uses cookies to help provide you with the best experience we can. Cookies are small text files that are stored on your computer, tablet, mobile phone or other device when you browse websites. The cookies in use on this website help us to make the website work as you would expect and they also improve the security of the site. We do not use cookies that:-


  • Collect any personally identifiable information (without your express permission)
  • Collect any sensitive information (without your express permission)
  • Pass personally identifiable data to third parties


Strictly necessary cookies

This website uses cookies that are classed as strictly necessary. We use these cookies to make our website function correctly. Such functionality includes:-


  • Determining if you are logged in or not (session cookie)
  • Making our online booking process work (session cookie)
  • Storing your cookie preferences (persistent cookie, expires after 2 years)


Session cookies expire at the end of your browsing session, when you close your web browser. Persistent cookies have a set expiry date and will remain stored on your computer, tablet, mobile phone or other device until either that date is reached or you manually delete your cookies using your browser settings.


Cookie Permissions

Unless disabled in your website browser the strictly necessary cookies cannot be disabled in any other way. If you continue to use our website we take this as acceptance of their use.


Google Analytics cookies

Google Analytics is a web analytics tool that helps us understand how visitors engage with our website. It allows us to view a variety of reports about how you interact with our website. Google Analytics collects information anonymously. It reports website trends without identifying individual visitors.


Google Analytics uses cookies to track visitor interactions. These cookies are used to store information, such as the time that the current visit occurred, whether the visitor has been to the website before and what website referred the visitor to the web page. If you wish to disable Google Analytics you can do so here.


Disabling or deleting cookies in your browser

It is usually possible to disable cookies by changing settings in your browser settings. However doing so will limit the functionality of our website (along with many others). It may also be possible to delete cookies that have previously been stored. For information how do either of these procedures please consult the help files for your chosen browser.

Record Retention

Policy and Procedure



The Lucketts Group* (‘the Group”, ‘we’, ‘us’, and ‘our’) is committed to:

  1. Fully complying with all the requirements of the General Data Protection Regulation (GDPR).
  2. The efficient management of its records for the effective delivery of our services.

The Lucketts Group* comprises:

  • H Luckett & Co Limited
  • Lucketts Holdings Limited
  • Lucketts Travel
  • Worthing Coaches
  • Mortons Travel
  • Coliseum Coaches
  • Solent Coaches



This policy explains how we will comply with its responsibilities and obligations under the GDPR and its principles relating to the storage and destruction of personal data.

This policy gives guidance about disposing, deleting and retaining the personal data for which we have a responsibility and/or obligation under the GDPR.

This policy applies to:

  • All personal data that is stored by us whether kept on paper, electronically and/or digitally.
  • All staff of the Group

This policy should be read and used in conjunction with our other following policies:

  • Data protection
  • Privacy



The objectives of this policy are to:

  • Ensure we follow the GDPR and its principles relating to the storage, disposal and destruction of personal data
  • Ensure we comply with all applicable legal and regulatory requirements
  • Ensue personal data is stored securely
  • Ensure that personal data is not out of date
  • Keep personal data accurate
  • Assist with responding to subject access requests
  • Ensure personal data that has been placed in storage can be found and retrieved quickly and efficiently
  • Ensure the storage, disposal and destruction of personal data is carried out in a consistent and controlled manner.
  • Assist with audits
  • Minimise storage requirements and costs
  • Assist in the identification of the location of personal data
  • Clarify responsibilities for implementing, complying and monitoring this policy



Personal data means any information relating to an identified or identifiable person (‘data subject’) such as a name, postal/email address, telephone number or identification number.


Special categories of personal data mean personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade-union membership, and the processing of genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person’s sex life or sexual orientation and data concerning criminal convictions or offences


Data subject means any individual whose personal data is processed by the Group


Processing means any use of personal data such as the collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure, dissemination, erasure and destruction. (This means that virtually anything the Group does with personal data will be processing).


Data controller means the organisation which decides the purposes and means of the processing of personal data


NB: The data controller for the purposes of this policy is the Lucketts Group

Data processor means an individual or organisation that processes personal data on behalf of a data controller


Personal data breach means a breach of security leading to the accidental, or unlawful, destruction, loss, alteration, unauthorised disclosure of, or access to, personal data transmitted, stored or otherwise processed.


Consent means any freely given, specific, informed and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data.


Staff means anyone working at or for us on a permanent or temporary basis, including, Directors and permanent, interim and temporary employees.



The relevant data protection principles for the purposes of this policy are that personal data must be:

  • Adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed (‘data minimisation’)
  • Accurate and, where necessary, kept up to date; every reasonable step must be taken to ensure that personal data that are inaccurate, having regard to the purposes for which they are processed, are erased or rectified without delay (‘accuracy’)
  • Kept in a form which permits identification of data subjects for no longer than is necessaryfor the purposes for which the personal data are processed; personal data may be stored for longer periods insofar as the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, subject to implementation of the appropriate technical and organisational measures in order to safeguard the rights and freedoms of the data subject (‘storage limitation’)
  • Processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures (‘integrity and confidentiality’).
  • NB: Keeping personal data unnecessarily may use up valuable storage space, incur unnecessary costs and impose on us a significant liability risk.
  • The Lucketts Directors Group have ultimate responsibility for ensuring compliance with the GDPR, the data protection principles and this policy;
  • The Managing Director has overall responsibility for ensuring the Group’s compliance with the GDPR, the data protection principles.
  • The HR Director has responsibility for the HR Department ensuring we comply with the GDPR, the data protection principles and this policy in respect of the personal data of staff held by the HR Department. The HR Director contact details on located on the company communications list.
  • The Operations Director has responsibility for Operations ensuring we comply with the GDPR, the data protection principles and this policy in respect of the personal data of customers and operations staff held by the Operations Department. The Operations Director contact details on located on the company communications list.
  • The Sales and Marketing Director has operational responsibility for Sales and Marketing ensuring we comply with the GDPR, the data protection principles and this policy in respect of the personal data of customers and sales & marketing staff held by the Sales and Marketing department. The Operations Director contact details on located on the company communications list.
  • The Engineering Director has operational responsibility for Engineering ensuring we comply with the GDPR, the data protection principles and this policy in respect of the personal data of customers and engineering staff held by the Engineering Department. The Engineering Director contact details on located on the company communication list
  • The Finance Controller has operational responsibility for Finance ensuring we comply with the GDPR, the data protection principles and this policy in respect of the personal data of customers and staff held by the Finance department. The Finance Controller contact details on located on the company communications list


The Data Protection Officer (DPO) has responsibility to remind the Directors Group of their responsibility for ensuring compliance with the GDPR, the principles of data protection and this policy. The DPO can be contacted via the Human Resources department


Management and Staff

Line managers are responsible for operational day to day adhering to the GDPR requirements and the Group’s requirements, and ensuring staff’s adherence with this policy.

All staff have a responsibility to comply with the GDPR, the data protection principles, the requirements of the Lucketts Group and this policy when carrying out their duties.


Important – Failure to comply with this policy may result in legal and/or disciplinary action.


Staff Training

All staff are required to attend/undertake training and failure to do so could result in disciplinary action

Record Retention Schedule

Appendix A sets out the periods of how long personal data will be kept.



When the retention periods expire we must dispose of and destroy all personal data unless either the Managing Director, HR Director or the Operations Director authorises that such data should be retained.


Any decision to retain personal data passed the expiry date must be logged and recorded on the Personal Data Retention Register held centrally.


IMPORTANT: Retaining or destroying personal data in breach of this policy may be considered serious gross misconduct and lead to dismissal.


Destruction and Deletion Process


Paper Records

Paper Records/personal data must be shredded, and the shredding placed in the confidential waste bags, immediately tied with secure tags, and taken to the secure storage with limited authorised access. A third party confidential waste provider is contracted by the Group to securely shred the confidential information on site, and then remove the shredded material for secure disposal.


Electronic Records

The Group’s IT provider will delete all electronic records.



The Lucketts Group policies and procedures aim to ensure that employees are aware of, and confident that, the employer is complying with current legislation and is protecting the interests of both the needs of the business and the employee. In this respect, it may be appropriate to modify existing policies and/or procedures from time to time to reflect changes as appropriate, and this policy will be reviewed as necessary by designated Group Directors, and/or by personnel as delegated by the Directors Group.



Equality Impact Assessment – initial screening

Relevant Equality Area:

Does the Policy or its implementation?

Does the Company need to proceed to full EIA if in doubt then progress to full screening)

Breach Equalities


Affect different

groups in different ways (both positive and negative)

Promote equality/good relations?
















Sexual Orientation





Religion and Beliefs







Record Retention Schedule

NB. Records are kept for at least 6 years in accordance with the UK Limitation Act 1980


Retention Period

Images including video, CCTV, photographs

CCTV will not be retained for longer than 30 days unless images are to be held for evidential purposes, and will then be kept in a secure place with limited access to authorised personnel only and kept for the period which is deemed necessary to achieve the evidential purposes.

Staff photographs are taken for identification purposes e.g. personnel record and organisation structure charts. The images will be kept only for the duration of their employment. Staff photographic images will be kept securely electronically on the HR personnel software for the individual’s personnel record. Photographs may also be used for security passes and identification uses to deliver customer services and to meet MOD security requirements.

Marketing images will only be used with express written consent from the individual. Images will only be kept for the period of time necessary to achieve the purposes of use.

Audio recording

Audio recording is not undertaken by the Lucketts Group.

Regarding voicemail messages left on employee company telephones and mobiles these will be deleted immediately once recording has been listened to.


  • Company House records
  • Governance documentation
  • Board documentation; Meeting Meetings Resolutions

Director information;


6 years – consideration must be given to the storing of sensitive data in line with GDPR requirements

Registration and Statutory Returns

Annual Returns to a regulator as applicable

Audited Company Returns and financial statements

Declarations of Interest

Registers of directors and secretaries

Register of Seals

Register of Shareholding Members as applicable

Register of share certificates

5 years


6 years





Strategic Management

Business Strategy & Plans, and Support documentation e.g. organisation structures, aims, objectives

5 years after plan completion


Current and former policies

Annual Insurance Schedule

Claims and related correspondence

Indemnities and Guarantees

Group Health policies

Employer’s liability Insurance Certificate


6 years

3 years after settlement

6 years after expiry

12 years after cessation of benefit

40 years

Finance Accounting, Tax Records, Bank Records

Accounting Records;

Balance sheets and supporting documents

Loan account control reports

Budgets and Financial reports

Tax Returns and records

VAT Records as applicable

Order and delivery notes

Copy invoices

Credit and debit notes

Cash records

Journal Transfer documents

Creditors, debtors and cash income control documents.

VAT related correspondence as applicable


Paying in counterfoils

Bank statements and reconciliations

Instructions to bank

6 years

6 to 10 years


10 years

10 years

10 years

6 years

6 years

6 years

6 years

6 years

6 years

6 years

6 years

6 years

Contracts and Agreements

Planning consents and permissions

Property maintenance records

Professional opinions

Contracts under seal and/or executed as a Deed

Contracts for supply of goods/services including professional services

Documentation relating to one off purchases

Loan agreements

Licensing agreements

Rental and hire purchase agreements

Indemnities and guarantees

Documents relating to successful tenders

Documents relating to unsuccessful tenders

Forms of tender as applicable

12 years after interest ceases

6 years

6 years

12 years after complication including any defects liability period

6 years after completion including any defects liability period

3 years

12 years after last payment

6 years after expiry

6 years after expiry

6 years after expiry

6 years after contract ends

2 years after notification

6 years


Subject to the Transport Commission and vehicle safety requirements

Mileage records

Maintenance records including MOT tests

Copy registrations

2 years after disposal

2 years after disposal

2 years after disposal

Capital Assets

Fixed Asset Register


Income Tax and Social Security

Record of taxable payments

Record of tax deducted or refunded

Record of earnings on which NI contributions payable

Record of employers and employees NI contributions

NIC contracted out agreements

Copies of notices to employees i.e. P45 and P60

Inland revenue notice of code changes

Expenses claims

Record of sickness payments

Record of maternity payments

Income TAX PAYE and NI Returns

Redundancy payment details

Inland Revenue Approvals

Annual earnings summary

Employee Pension Schemes;

Actuarial Valuation Reports

Detailed return of pension fund contributions

Annual conciliation of fund contributions

Money purchase details

Qualifying service details

Investment policies

Pension records

Records relating to retirement benefits

6 years

6 years

6 years

6 years

6 years

6 years

6 years

12 years


12 years




6 years after transfer or value taken

12 years from end of benefits payable under policy

6 years after year of retirement

Employee Records

Application Forms and Interview notes for unsuccessful candidates

At least 6 months and not more than 1 year – consideration for the varying time limits of discrimination claims and time limits.

Salary and Wages records including overtime, bonus, expenses

Income tax, and NI returns and correspondence with HMRC

6 years

Not less than years after the end of the financial year to which they relate

National Minimum Wage records

3 years after the end of the pay reference period following the one that the records cover

Personal records and training records – including disciplinary and working time records

6 years after employment ceases

Statutory sick pay records, calculations, certificates self-certificates

6 years after employment ceases – consideration for sensitive date under the GDPR requirements

Parental Leave

5 years from birth/adoption of the child or 18 years if child receives a disability allowance

Retirement Benefits

6 years from the end of the scheme year in which event took place

Redundancy details, calculations of payment, refunds, notification to the Secretary of State

6 years from the date of redundancy

Time sheets

2 years after audit

Trade Union Agreements

10 years after ceasing to be effective.

Staff Works Council Minutes


Health and Safety

Medical Records relating to: *

Control of asbestos

Control of substances hazardous to health

Under the Ionising Radiations

Biological tests under the control of lead

Accident books, Accident records and reporting including RIDDOR

40 years from the last date of last entry

3 years from the date of the last entry – (if accident involving a child then until that person reaches age 21)

Subject to incidents involving hazardous substances. *

Website Usage Policy

Welcome to our website. If you continue to browse and use this website you are agreeing to comply with and be bound by the following terms and conditions of use, which together with our privacy policy govern Lucketts Travel Ltd’s relationship with you in relation to this website.


The term Lucketts Travel Ltd or ‘us’ or ‘we’ refers to the owner of the website whose registered office is Broadcut, Wallington, Fareham, Hants. PO16 8TB. Our company registration number is Registered in England 3625281. The term ‘you’ refers to the user or viewer of our website.


The use of this website is subject to the following terms of use:

  • The content of the pages of this website is for your general information and use only. It is subject to change without notice.
  • Neither we nor any third parties provide any warranty or guarantee as to the accuracy, timeliness, performance, completeness or suitability of the information and materials found or offered on this website for any particular purpose. You acknowledge that such information and materials may contain inaccuracies or errors and we expressly exclude liability for any such inaccuracies or errors to the fullest extent permitted by law.
  • Your use of any information or materials on this website is entirely at your own risk, for which we shall not be liable. It shall be your own responsibility to ensure that any products, services or information available through this website meet your specific requirements.
  • This website contains material which is owned by or licensed to us. This material includes, but is not limited to, the design, layout, look, appearance and graphics. Reproduction is prohibited other than in accordance with the copyright notice, which forms part of these terms and conditions.
  • All trademarks reproduced in this website, which are not the property of, or licensed to the operator, are acknowledged on the website.
  • Unauthorised use of this website may give rise to a claim for damages and/or be a criminal offence.
  • From time to time this website may also include links to other websites. These links are provided for your convenience to provide further information. They do not signify that we endorse the website(s). We have no responsibility for the content of the linked website(s).
  • You may not create a link to this website from another website or document without Lucketts Travel’s prior written consent.
  • Your use of this website and any dispute arising out of such use of the website is subject to the laws of England, Scotland and Wales.



This website and its content is copyright of Lucketts Travel Ltd – © 2009. All rights reserved.


Any redistribution or reproduction of part or all of the contents in any form is prohibited other than the following:

  • You may print or download to a local hard disk extracts for your personal and non-commercial use only
  • You may copy the content to individual third parties for their personal use, but only if you acknowledge the website as the source of the material
  • You may not, except with our express written permission, distribute or commercially exploit the content. Nor may you transmit it or store it in any other website or other form of electronic retrieval system.