Privacy Policy
When a user creates a profile or makes a reservation via our website (“Website“) and or mobile application (“App“), We collect and process information about that user of our services (“User“). In this regard, we act as a data controller.The protection of the User’s personal data is very important to us and in the following the User finds a description of the personal data which we gather, for which purpose we uses the information, how long and how we store the information and if such information is shared with others.
We are compliant to GDPR. Read more on our GDPR compliance here
1. What kind of personal data do we collect?
We gather information about the User’s name, email address, telephone number and payment details, which the User provides to us via the Website and/or App.Furthermore, the User accepts that information on the User´s route, length and duration in connection with use of our services registered for:
- Improving service by understanding the average amount of time a User spends on our site;
- Learning about Users’ popular destinations, which we may choose to engage in a commercial relation with, based on the popularity of the destination; and
- Learning about popular destinations for planning of new locations to be available.
The User also accepts that we are entitled to contact the User regarding payment issues and operational issues regarding the use of our services, Website and App.
2. For which purposes do we use the user’s personal data?
The User’s personal data will be processed for the following purposes:
- to process the User’s request
- to handle feedback
- to send newsletters to the User (if agree and or sign up),
- to contact the User if so requested or need be in certain circumstances (i.e. tour cancelled or change in timing),
- to answer any inquiries,
- to improve the contents of the Website and App,
- for statistical purposes about the Users’ use of the Website and App,
- to charge and invoice the User for the use of our services, and
- to communicate to the User the starting time, reference number and charges made to the User’s reservation.
3. Do we pass on the user’s personal data to others?
We do not pass on any user data, transfer or handover any user personal data to any other parties except if you are notified ahead of time and user grants us the pwer to do so.
4. For how long do we store the user’s personal data?
The User’s personal data is stored for as long as the User has an active reservation and then 180 days from the reservation completion date.
5. What kind of precautionary measures do we take?
We take precautionary measures of technical and organizational nature to protect the User’s personal data from manipulation, loss, destruction or access from unauthorized persons. The precautionary measures are revised on a regular basis in accordance with the technological development and up to date technical equipment.
6. What rights does the user have according to the General Data Protection Regulation (GDPR)?
Our compliance with GDPR, including User’s rights are described here.
7. Contact details
Absolute Tours Group
reservations@absolutetours.com
Phone: +1 (360) 975-3861
If you have any concern about your personal data, please contact us.
We value your privacy!
GDPR Compliance
Dear valued customer and user of our site. Please note we have always made data and privacy a priority. We only collect the data we need to help us improve our product, customer support and communications.
So there are some updates to our Privacy Policy, and a new overview of exactly how we collect and use data in accordance with the General Data Protection Regulation.
Here are the main points you need to know:
- You own the data we collect from you. You have the rights to have your data: Deleted, Rectified and Returned.
- We limit the data we collect to a minimum and only collect data that has a specific purpose. The main purposes are:
- Providing better customer support.
- Improving our services and products.
- We are hosted in the US but also uses third party data processors which are located both in the US and Australia. We have Data Processor Agreements (DPA) with all the external data processors we use. That ensures that the data processors also live up to GDPR regardless of where they run their businesses.
- We collect your consent to process your data when you sign up, make a reservation and or review our site.
- We are obliged to notify you in case we have any breach of your data.
If you have any questions about your data or our policies then please reach out to reservations@absolutetours.com
General Data Protection Regulation (GDPR)
Keeping our participates data safe has always been a core concern for us. This page describes what data we collect and what we use it for.
Breakdown:
- You own the data we collect from you. You have the rights to have your data: Deleted , Rectified and Returned.
- The personal data we collect concerns: Name, telephone number, email address, location, IP address. When we collect it and how we process it is described below. We limit the data we collect to a minimum and only collect data that has a specific purpose. The main purposes are:
- Providing better customer support.
- Improving our services and products.
- We are hosted in the US but also use third-party data processors which are located both in EU, Australia and the US. An example of that is PayPal which we use to collect payments for our services and products and therefore they processes: Email address and / or phone number as well as details provided by the purchaser such as their name or location, payment details and info. We have Data Processor Agreements (DPA) with all the external data processors we use. That ensures that the data processors also live up to GDPR regardless of where they run their business.
- We collect your consent to process your data when you make a reservation.
- We are obliged to notify you in case we have any breach of your data.
What the GDPR is
GDPR is a new comprehensive data protection law in the EU which replaces the many different national legislations currently in place. It strengthens the protection of personal data and gives EU residents a greater say in how, why, when and where their personal data is processed. It f.x. Introduces the right to be forgotten. Any organization that works with data of EU residents has obligations to protect the data regardless where it is stored and whether the processor is a third party data processor.We fully understand this, so we collect as little personal data as possible and safeguard it as well as we can.More information on GDPR is available here: https://ec.europa.eu/ino/law/law-topic/data-protection_en
Who the GDPR applies to
The GDPR applies to all organizations operating in the EU that process personal data or processing personal data from EU and Swiss residents.
What data the GDPR applies to
GDPR applies to all personal data. The concept of personal data covers everything that can be used to identify a person in a larger group. That includes name, address, email, ip address, cookies, location, unique identifiers, etc.
What personal data we collect and why
When you make a reservation
- We collect email addresses for the calendar and customer contacting system. Every account is unique due to the uniqueness of the email address, which is used to identify you as a participant using our services and products.
- We collect names so that we know what to call you and anyone else participating under your reservation.
- We collect phone numbers to contact you if needed. We use the country code of your phone number to estimate your country of residence.
- We collect IP addresses and location information in order to detect the misuse of the system, combat abuse, statistical analysis and for logging purposes.
- We do not collect your payment information as this is sent directly to our payment provider in encrypted form. We are a PCI compliant service.
When you make a reservation and during your time with us:
- We collect the location and timestamp of some actions you took using the website. They include some page views, some actions on the pages. We aggregate the information at various cities and periods, analyze the resulting data to drive our strategic and operations decisions.
- We never sell or transfer or profit from any of your personal data.
When you’re on our website:
- We use Google Analytics to track user behaviour. This helps us understand how our website visitors get to / find us, and what web pages are most relevant to them. Google Analytics sets web browser cookies to identify users returning to the website, optimize performance, and to provide information about our Google AdWords campaigns you have interacted with.
- You can read more about cookie usage here:
https://developers.google.com/
analytics/devguides/collection/analyticsjs/cookie-usage - We have a data processing agreement with Google Analytics which obliges its data processing practice to follow GDPR.
- You can read more about cookie usage here:
- We set web browser cookies on our site to improve the user experience on the website.
This includes:- Identification of the visitor by a translation plugin to remember what language you prefer to view the website in.
- Serving assets e.g. images from a server cache to make the website load faster.
- Identification of the visitor by a security plugin to prevent attacks on the web.
You can delete any cookies set on your web browser by our site in your browser settings.
- We collect user information sent through contact forms on our site. This information is stored on the website for 90 days and then deleted. However, the information is forwarded securely to internal email addresses and customer support systems.
Where your personal data is stored
We store all user data in data centers in both U.S. and EU countries. Additionally, we use data processors which may be hosted outside of EU mainly in the US and Australia. We have data processing agreements with all data processors that we use which oblige the data processors to follow GDPR. Most of these providers have additionally chosen to be certified in the EU-US Privacy Shield which is an agreement between EU and US that describes data protection rules required to store data in the US.
You have the right to:
- Access your data. You can contact us here and ask for a copy of your personal data.
- Update your data. You can contact us here and ask us to update your personal data such as phone number , name and email address.
- Delete your data (“The right to be forgotten”). You can achieve that by contacting us here. We do not keep your personal information after your account is deleted. We will also ensure that your personal data is removed from third-party services. Removal of data will be done as soon as reasonably practicable and within a maximum period of 180 days, unless EU or EU Member State law requires storage.
3rd parties with whom personal information may be shared
Party name | Personal data disclosed | Purpose | Compliance | EU-US Privacy Shield | DPA |
PayPal | Name, Email, Phone number, payment card, IP Address and user location (only in case of dispute) | Process payments | yes | yes | |
Fat Cow | Name, Email, Phone number, Location, IP Address | Website Server | yes | yes | |
No personal data shared.
We share conversion events with Facebook Ads. |
Marketing activities | Link | Yes | No | |
Google Analytics | No personal data shared.
We share conversion events and website traffic with Google Analytics |
Marketing activities | Yes | Yes | |
Mailchimp | Name, email, phone number.
Rental data – first and most recent rental pickup location and date User data – member status, app language, user id |
Marketing and Support | Link | Yes |
Social Media
We kindly ask you not to share any personal information when contacting us on social media platforms like Facebook, Instagram and Twitter.
Internal Policies
We have internal policies in place that prohibits employees from sharing and personal user data in internal communication tool.
Agreements with third parties on data processing
We limit the data we share with the above third parties to the absolute minimum to ensure your details and privacy are kept to a minimum. We have Data processor agreements in place where necessary, limiting the third party use of data.
Changes to this policy
We reserve the right to make changes to this policy at any time by giving notice on this page. It is strongly recommended to check this page often, referring to the date of the last modification listed at the top. If you object to any of the changes to this policy, you must cease using this service and can request removal of the personal data.
Get in touch with us
If you have any concern about your personal data, please contact us.