Looking for a mix of land and water based activities? Visit our sister site on Cornwall’s south coast, Porthpean.com

Privacy Policy

At First Wave Adventures, we are committed to not only an awesome stay, but a fair and transparent process for booking with us and the subsequent retention of your personal data.

We hope to have prepared a privacy policy that is written in non-legalise English which can be easily understood and clearly defines the ways in which your personal data is used.

This privacy policy sets out how First Wave Adventures uses and protects any information that you give us when you use this website.  This policy has been made in accordance with GDPR guidance.

First Wave Adventures is committed to ensuring that your privacy is protected. Should we ask you to provide certain information, then you can be assured that it will only be used in accordance with this privacy statement.

Given the nature of what we do, with the arrangement of activities and overnight accommodation, the need to ask for personal data often forms part of our own statutory requirements.  We always work to ensure trust and engagement with our guests and ask that you trust us with your data.

We may change this policy from time to time by updating this page. You should check this page from time to time to ensure that you are happy with any changes. This policy is effective from 20 May 2018.  No automated decision making, i.e. profiling, is in existence.

What We Collect

We may collect the following categories of personal data:

  • Full name
  • Home address/card-registered address
  • Nationality
  • Telephone number
  • Email address
  • Reservation details (dates of stay and payment details)
  • Additional group member names/information
  • Age of guests
  • Dietary information/requests
  • Health/medical information
  • Business details (name of school/company making the booking)
  • Information collected from telephone recording systems or CCTV systems
  • Information regarding your previous stay with First Wave Adventures
  • Information regarding future holiday preferences and interests
  • Other information relevant to customer surveys and/or offers

We may collect this data in writing, electronically, or via oral format.  The source of the personal data may include:

  • Our website, firstwaveadventures.com
  • Online Travel Agents

Personal data will not originate from publicly accessible sources.

When you supply information on other guests/group members, you must only do so when you have their explicit consent to do so.

The personal data we retain is generally information that you or someone acting on your behalf has consented to provide to us during the booking process.  However, we may also process personal information that we are able to infer about you based on other information you provide to us or during our interactions with you, or personal information about you that we receive from a third party. This policy also applies to the personal information about you that we receive from a third party, unless specifically covered by such third party’s privacy policy.

Purpose Of The Processing

We require your personal information to process your booking and your payment and to ensure you enjoy a pleasurable stay.  We may request information regarding your previous stay with us/school trip preference and interests/other information to understand your needs and provide you/others with a better service in the future.

Specifically, we may process and retain data for the reasons as below:

  • The provision of hotel accommodation, activities, and related services
  • To charge for hotel accommodation, activities, and related services
  • To pass to our listed sister companies for the provision of activities and meals, to include (but not limited to):
    • NQY Surf School
    • Hotel Sunnyside
    • Reef Surf Lodge
    • Newquay Adventure
  • To send booking-related communications including payment reminders and a post-stay survey
  • When you have opted in to our newsletter, marketing purposes. To send promotional emails about new products, special offers or other information which we think you may find interesting using the email address which you have provided
  • To improve our products and services
  • To provide a safe and secure environment for staff and guests
  • To comply with industry regulation
  • To comply with local authority directives i.e. Police and Fire Service re Resident List
  • To fulfil contractual agreements from 3rd party partners
  • For market research purposes

We have deemed it reasonable to retain all personal data within a booking for a period of 12 months.

The above forms a legal basis for the processing to allow us to fulfil our duties as a tour operator.


We are committed to ensuring that your information is secure. To prevent unauthorised access or disclosure, we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the information we collect online.

All efforts are made to ensure the security of personal data, however in the event of a breach of data the appropriate supervisory authorities shall be informed within 72 hours of the breach.


Our website does not sell products or services for purchase by children (under the age of 18) and we do not knowingly solicit or collect personal information from children.


We will only keep the details of those applicants who are unsuccessful with prior consent.  For employees please see our separate employer’s privacy policy as detailed in the Staff Handbook.

How We Use Cookies

A cookie is a small file which asks permission to be placed on your computer’s hard drive. Once you agree, the file is added and the cookie helps analyse web traffic or lets you know when you visit a particular site. Cookies allow web applications to respond to you as an individual. The web application can tailor its operations to your needs, likes and dislikes by gathering and remembering information about your preferences.

We use traffic log cookies to identify which pages are being used. This helps us analyse data about web page traffic and improve our website in order to tailor it to customer needs. We only use this information for statistical analysis purposes and then the data is removed from the system.

Overall, cookies help us provide you with a better website, by enabling us to monitor which pages you find useful and which you do not. A cookie in no way gives us access to your computer or any information about you, other than the data you choose to share with us.

You can choose to accept or decline cookies. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. This may prevent you from taking full advantage of the website.

Links To Other Websites

Our website may contain links to other websites of interest. However, once you have used these links to leave our site, you should note that we do not have any control over that other website. Therefore, we cannot be responsible for the protection and privacy of any information which you provide whilst visiting such sites and such sites are not governed by this privacy statement. You should exercise caution and look at the privacy statement applicable to the website in question.

Controlling Your Personal Information

We will not sell, distribute or lease your personal information to third parties unless we have your permission or are required by law to do so.  If you have booked accommodation/an activity/meal through us, we will pass on your details to the relevant operator to facilitate the booking but will ask your explicit consent before doing so.

We will only send you direct marketing material regarding our own services if you have opted in to our mailing list.  You may opt out at any time.

Your Right To Ask

You have a legal right to ask what information we are holding on your and why.  You may request details of personal information which we hold about you at any time.  We will respond to your request within 30 days.

If you believe that any information we are holding on you is incorrect or incomplete, please contact us as soon as possible.  We will promptly correct any information found to be incorrect.

Annie-May Roberts, Data Controller, First Wave Adventures, 7 The Crescent, Newquay, Cornwall TR7 1DT


01637 879614

We deem that Annie-May Roberts has a legitimate interest to retain the information as above for to fulfil her duties as Director at First Wave Adventures.

Your Right To Complain

You have the right to lodge a complaint with the supervisory authority: https://ico.org.uk/concerns/


If you have any privacy related concerns please don’t hesitate to contact us.

Further Information:

Policy formed in accordance with guidance from the ico.  Document dated: 20 May 2018