If you access, visit or use this Site, you are agreeing to us collecting, storing, transferring or processing this data, as set out in this Policy.
- Information that you provide us with for marketing purposes may be used by us on mailing lists to inform you about our company’s products or services. Subscription to any of these is voluntary and you have the right to unsubscribe at any time.
- Any information that you provide us with in correspondence during any contact with us, will be kept as a record in order for us to be able to communicate with you. This includes but is not limited to correspondence regarding business cooperation, recruitment, advertising, etc.
- We may on occasion request you to complete a survey for research and statistical purposes. If you provide this information, it is voluntary and you are in no way obliged to provide this information.
- We may collect information about your visit to this Site and the areas that you visit. This can include, but is not limited to, location data, traffic data, communication data and weblogs. This does not identify a particular individual visiting our Site and we collect the information in order monitor how users are accessing our content and to ensure it is delivered effectively for you and your computer.
- Data transmitted by the system, including cookies and their usage, as well as personal data such as:
- Operating system
- Referrer URL (the page visited before)
- Host name of the accessing computer (IP address)
- Time of the server request
Information you provide us with is stored securely on our servers.
The transmission of information via the internet is unfortunately not completely secure. Although we will do our utmost to protect your personal data, we cannot guarantee the security of any data transmitted to our site; transmission of this is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorized access.
Data Protection Policy
SECTION ONE: INTRODUCTION
Btravel receive instructions from its clients. These instructions concern Btravel making hotel bookings which are part of the holiday packages. The tourist for whom the holiday is arranged is the end user. As Btravel is processing the end user’s requirements on behalf of the client and is accountable to the client, Btravel is proceeding on the basis that Btravelis the data processor and the client is the data controller. Btravel will have no dealings with the end user.
With effect from 25 May 2018 the General Data Protection Regulations (GDPR) will replace the outgoing 1998 Data Protection Act. When the Data Protection Bill becomes law that legislation will, post Brexit, enshrine the GDPR in UK law. Reference to the GDPR is also a reference to the applicable provision of the Data Protection Bill. Reference to an Article is a reference to an Article in the GDPR.
The GDPR places additional obligations and liabilities on data processors. The applicable points are set out below.
- Process personal data only according to the data controller's instructions under Article 29.
- Maintain a record of data processing activities that complies with Article 30(2).
- Implement appropriate technical and organizational measures in compliance with Article 32.
- Have written data controller authorization before engaging subcontractors under Article 28(2) and pass obligations down to any data processors it engages via contract as specified in Article 28(4).
- Notify the data controller of any security breach without undue delay in accordance with Article 33(2).
- Only transfer personal data internationally in accordance with Article 44, which requires the data processor to have a compliant data transfer mechanism.
- Make available to the data controller all information for the data controller to demonstrate compliance with its obligations under Article 28 (Processors), as set out in Article 28(3)(h).
Btravel is aware of these obligations. The purpose of this document is to outline the necessary contractual clauses and to disclose the relevant information pertaining to Tamla’s role as the data processor.
SECTION TWO: AUDIT
The GDPR requires data processors to confirm that they are GDPR compliant. To that end Btravel is happy to disclose certain information. Btravel confirms that, unless requested, personal data disclosed to Btravel will not be transferred outside the European Economic Area. If any such request is made then Btravel will insist that the transfer is done in accordance with the GDPR. Btravel will not “profile” people.
Btravel will be fully transparent. Btravel recognizes that its clients in their capacity as data controllers have to compile its own audits and assessments. Btravel will do what is reasonable to assist.