Welcome to the privacy notice for the eTravel Authorization
eTravel Authorization respects your privacy and is committed to protecting your personal data. This privacy notice will inform you as to how we look after your personal data when you visit our website (regardless of where you visit it from) or when you otherwise provide personal data to us via other means (such as over the telephone) (regardless of where you visit it from) and tell you about your privacy rights and how the law protects you
- Companies and websites within scope
The following companie and website is within the scope of this privacy notice.
- Important information and who we are
Purpose of this privacy notice
This privacy notice aims to give you information on how the eTravel Authorization collects, manages and processes your personal data, including any data you may provide through this website or via any other means (such as over the telephone) when you purchase travel arrangements through us or otherwise provide personal data to us.
This website is not intended for children and the only circumstances in which we collect data relating to children is where you make a booking of arrangements and you have children in your party.
It is important that you read this privacy notice together with any other privacy notice or fair processing notice we may provide on specific occasions when we are collecting or processing personal data about you so that you are fully aware of how and why we are using your data. This privacy notice supplements the other notices and is not intended to override them.
Data Controller/Data Processor
eTravel Authorization can be considered both a controller and a processor and remains responsible for your personal data (collectively referred to as “eTravel Authorization”, “we”, “us” or “our” in this privacy notice).
When we work with agents to process itinerary requests, travel bookings or travel services on behalf of their clients, we are be considered the data processor. This is because we act on the instruction of the agent and process their client’s personal data in order to provide services that the agent requests on behalf of their client.
When we work with other companies, such as our GetYourGuide and Trip.com, we are considered to be an affiliate, as we are able to determine and manage the means and purpose of processing a guest’s personal data.
We have appointed a data protection compliance manager who is responsible for overseeing questions in relation to this privacy notice. If you have any questions about this privacy notice, including any requests to exercise your legal rights, please contact the data protection compliance manager using the details set out below.
Right to complain
You have the right to make a complaint at any time. There are many data protection supervisory bodies around the world and we would suggest that you make any complaints to the relevant supervisory body (details above).
We would, however, appreciate the opportunity to deal with your concerns before you approach a supervisory body, so please contact us in the first instance.
Changes to the privacy notice and your duty to inform us of changes
It is important that the personal data we hold about you is accurate and current. Please keep us informed if any of the details you provide to us should change, during the course of your relationship with us.
This website may include links to third-party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements. When you leave our website, we encourage you to read the privacy notice of every website you visit.
- The data we collect about you or your clients
Personal data, or personal information, means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data).
We may collect, use, store and transfer different kinds of personal data about you which we have grouped together as follows:
(A) Identity Data
This includes data relating specifically to your identity, such as your first name, maiden name, last name or similar identifier, marital status, title, date of birth and gender
(B) Contact Data
This includes data relating to how you may be contacted, such as your home address, business address, email address and telephone numbers.
(C) Financial Data
This includes data relating to your means and methods of payment, such as your bank account and payment card details. We don’t retain or store credit card details unless as authorised to retain as a security deposit and we will obtain your express authority to store these for this purpose.
(D) Transaction Data
This includes data relating to the transactions you have carried out with us, such as details about payments to and from you and other details of products and services you have purchased from us.
(E) Technical Data
This includes more technical data that we may obtain when you make use of our website, such as your internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access this website.
(F) Profile Data
This includes the data that we receive if and when you create a profile on our website and make use of that profile, such as your username and password, purchases or orders made by you, your interests, preferences, feedback and survey responses.
If you are happy to consent to our use of your sensitive information, you will also be able to withdraw your consent at any time. However, as this will prevent us from providing your holiday, we will be required to treat any withdrawal of consent as a cancellation of your booking and the cancellation charges in the Booking Terms and Conditions for your booking will become payable
5.How Your Personal Data is Collected
We use different methods to collect data from and about you including through:
You may give us your Identity, Contact and Financial Data by filling in forms or by corresponding with us by post, phone, email or otherwise. This includes personal data you provide when you:
- make a booking of arrangements;
- request a quote for arrangements;
- subscribe to our newsletter or other publications;
- request marketing;
- enter a competition, promotion or survey;
- give us some feedback; or
- use our online payment and client portals.
Automated technologies or interactions
As you interact with our website, we may automatically collect Technical Data about your equipment, browsing actions and patterns.
We may receive personal data about you from various third parties as set out below:
Technical Data from the following parties
- analytics providers such as Google; and
- advertising networks based around the world.
We strive to provide you with choices regarding certain personal data uses, particularly around marketing and advertising.
Promotional offers from us
We may use your Identity, Contact, Technical, Usage and Profile Data to form a view on what we think you may want or need, or what may be of interest to you. This is how we decide which products, services and offers may be relevant for you (we call this marketing).
You will receive marketing communications from us if you have made a booking with us and, in each case, you have opted in to receive that marketing.
Where you have not made a booking with us but you are interested in receiving marketing communications from us about products, services and offers, we will get your express opt-in consent.
We will get your express opt-in consent before we share your personal data with any third party for marketing purposes.
We may monitor, record, store and use any [telephone,] email or other communication with you in order to check any instructions given to us, for training purposes, for crime prevention and to improve the quality of our customer service.
- International transfers
We do transfer your personal data to different countries around the world to the suppliers fulfilling or providing your travel arrangements in order to satisfy our contract with you and for those suppliers to be able to provide you with the travel arrangements you have booked if you are travelling outside of your country of residence.
Whenever we transfer your personal data, we ensure a similar or more extensive degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented:
- We will only transfer your personal data to countries that have been deemed to provide an adequate level of protection for personal data.
- Where we use certain service providers, we may use specific contracts which give personal data the same protection, or an increased amount of protection as it has in your country of residence.
Please contact us if you want further information on the specific mechanism used by us when transferring your personal data to other countries.
- Data security
We have put in place appropriate technical and operational security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.
We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
- Data retention
How long will you use my personal data for?
We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.
To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.
In addition to the above, by law we have to keep basic information about our customers (including Contact, Identity, Financial and Transaction Data) for six years after they cease being customers for tax purposes.
In some circumstances you can ask us to delete your data: see Request erasure below for further information.
In some circumstances we may anonymise your personal data (so that it can no longer be associated with you) for research or statistical purposes in which case we may use this information indefinitely without further notice to you.