Privacy Policy

The Williamsburg Tourism Council is committed to maintaining the trust and confidence of the visitors to both the region and our website. In this Privacy Policy, we’ve outlined how, why, and when we collect your personal information, how we use it, the limited conditions under which we may disclose it, and how we keep it secure. If you have questions about this policy, please contact us by email at info@visitwilliamsburg.com.

Williamsburg Tourism Council (“The Controller”) collects personal data from individual users of VisitWilliamsburg.com. Certain of this data may constitute protected “personal data” as that term is defined in the E.U. General Data Protection Regulation (“GDPR”).

The following disclosures concerning The Controller's compliance with GDPR are presented for informational and compliance purposes only. Nothing in these disclosures constitutes a representation that any particular data or service is governed or subject to GDPR, nor do these disclosures represent or constitute any contract or undertaking with any individual.

Effective Date of GDPR
GDPR took effect on May 25, 2018. On and after that date, The Controller will comply with GDPR to the extent applicable.

Utilization of Data
The Controllers utilize personal data including the information provided by you during usage of the website and submission of forms. The Controllers process this data for marketing purposes. This data may be used, for example, to send information electronically or physically that you request.

Basis for the Processing of Data
The Controller may seek your consent to send communications (marketing communications). The Controllers will seek separate consent to send these communications in certain cases which may be revoked by you at any time via email or by clicking unsubscribe on the pertinent email communication.

Recipients of Personal Data
Recipients of personal data may include fulfillment providers for physical mailing, email deployers, technical providers of data storage, and back end service providers. All employees of The Controllers who receive or review personal data have received training concerning maintaining the confidentiality of such data and committed themselves to confidentiality. Where appropriate, The Controllers will enter into written agreements governing the processing and confidentiality of personal data by third parties.

Storage of Data
The Controller will retain data only so long as is necessary.

Your Rights Under GDPR
If the GDPR applies the retention of your personal data, you have several rights including (i) the right to request access, rectification, or erasure of your data, (ii) the right to lodge a complaint with the appropriate European Union supervisory authority, and (iii) to the extent processing of data is based on consent, you have the right to withdraw your consent at any time.

A copy of the GDPR is available here.