Introduction
This website is operated by Trippboplus. Trippboplus handle various types of personal data, such as names, e-mail addresses and other travel-related information in their daily operations. That is why we take data security and compliance with data protection legislation very seriously. This Privacy Policy explains how we collect, store, use and disclose personal information that we collect about you when you use this website and how we protect the privacy and confidentiality of your personal information. Your privacy is important to us, so whether you are a new or existing user of our services, take the time to get to know our practice - and contact us if you have any questions.
Trippboplus ("we", "us" or "our") is the so-called "personal data controller" for your personal data and is thus responsible for what we do with your personal data is legal.
Data security is important to us
For us, responsible handling of personal data collected as part of the operation of our business is crucial to our business goals and reputation. This Personal Data Policy explains how your personal data is collected and used when you are a customer, supplier, or partner at Trippboplus and how you can gain insight into your own personal data.
What is personal data?
Personal data is any information about an identified or identifiable natural person. An identifiable natural person means a person who can be identified directly or indirectly, including an identification number or one or more elements specific to the identity of a given person.
Why do we collect your personal data and what legal basis do we rely on?
Booking. During the purchase process, we ask you only for the personal data that we need to provide you with our mediation services to contract travel products. This includes completing and managing your booking, sending you communications by email, call or SMS in relation to your booking (e.g. confirmations, modifications and reminders), allowing us to respond to your queries. Such communications could be managed by us or by our travel partners. The booking process can be done on our website, our customer service. We endeavor to show you the most relevant travel information and help you in a personalized manner with your booking and post-booking.
Please bear in mind that the identification data we use is going to be your email that you introduce in your booking / account.
Legal basis: This processing is necessary for the performance of the contract (e.g. to finalize and manage your booking).
User account. Our users can create a user account on our websites or apps. We use such information you give us to manage your account and with the objective to show you the most relevant travel booking and post-booking experience, allowing you to do several useful things. For more information about any of our services, please go to our General terms and conditions.
Legal basis: This processing is necessary for the performance of the contract (e.g. to manage your account and offer you a more personalized service).
Other services. We may offer you other travel-related services based on our role as a travel agent. This Privacy Policy shall apply to such data processing based on other travel related services. During the contracting process, prior to or when filling in the data, we will inform you if there is any specific information that you should know apart from the one already covered in this Privacy Policy.
Legal basis: This processing is necessary for the performance of the contract, to provide you with our services, or consent.
Communications with you. There could be several reasons for various kinds of communications that we process where we contact you:
a. To respond to any query or request from you or any travel provider and handle it.
b. To contact you in a personalized manner and help you to finish your booking, if you are still interested, in case you have not finalized a booking online (as we believe that this additional service benefits you as it allows you to carry on with a booking without having to fill in your reservation details again). We also keep it to recognize you when you visit our website again, to improve your user experience.
To invite you to provide a review of your experience with us or the travel provider when you use our services. Please bear in mind that this feedback may be available to other customers to help them make decisions about a product or a service.
d. To inform you how to contact us if you need assistance while you are away or other information that we feel might be useful to you in your planning or getting the best of your trip, or information of upcoming trips or a summary of previous bookings you made with us.
e. We may need to send you other administrative messages, which may include security alerts.
Legal basis: This processing may rely on the necessity for the performance of the contract, on our legitimate commercial business interest to provide our services or on your consent.
Marketing activities. We use your information for marketing purposes, such as for:
To send you regular news of travel-related products and services, which you can unsubscribe from email marketing communications easily and at any moment, just by clicking on the unsubscribe link included in each newsletter or other communication.
To show you individualized offers on our website, or third-party platforms (including social media sites) and the content of the site displayed to you may be personalized. Such offers can be booked on our site, on co-branded sites, or other third-party offers or products we think you might find interesting.
To administer any promotional activity where you participate.
When you book with us, we subscribe you to our newsletters, unless you say otherwise before confirming your booking. Anyway, remember that you will be able to unsubscribe at any moment.
Legal basis: This processing relies on our legitimate commercial business interest to provide our services or on your consent.
Customers polls and surveys. You may be invited to submit a review on a trip you have booked with us or to take part in market research. In this last case, we will explain the personal data collected and how it would be used further.
Legal basis: This processing relies on our legitimate commercial business interest to improve our services or on your consent.
Call & chat monitoring. In the event of contacting our customer service
Categories of personal data that we collect
When you use our platform, or associated tools or services, we may collect the following kinds of personal information from you as needed:
- Name, email address, telephone number and home, business, and billing addresses
- Government-issued identification required for booking, or identity verification such as passport, driving license and government redress numbers, and for holiday property owners, their tax identification number
- Payment information such as payment card number, expiry date and billing address
- Travel-related preferences and requests such as favorite destination and accommodation types, and special dietary and accessibility needs, as available
- Birth date and gender
- Geolocation
- Images, videos and other recordings
- Social media account ID and other publicly available information
- Communications with us (such as recordings of calls with customer service representatives for quality assurance and training purposes)
- Searches that you conduct, transactions and other interactions with you on our online services.
- Other communications that occur through the platform among partners and holidaymakers, and in-group chat and collaboration tools for holidaymakers
- The searches and transactions that are conducted through the platform
- Data that you give us about other people, such as your travel companions or others for whom you are making a booking
- companies and third parties, such as our business and affiliate partners and authorized service providers, which may include updated contact information, demographic information, interests, and purchase history, and which we may add to your account or profile and use for market research and analysis
When you use our platform, we automatically collect the following types of information from your device:
- IP address
- Device type
- Unique device identification numbers
- Internet browser type (such as Firefox, Safari, Chrome, and Internet Explorer)
- Internet service provider
- Operating system
- Mobile network
- How your device has interacted with our online services, including the pages accessed, links clicked, trips viewed, and features used, along with associated dates and times
- Details of any referring website or exit pages, as well as general geographic location (such as at the country or city level)
Our
Cookie Statement further explains how we use cookies and similar tracking technology.
Sharing of personal information
In certain circumstances, we will share your personal data with third parties:
I. Travel partners (e.g. the airline which has to issue your ticket and / or operate your flight, the hotel you have booked, the car rental company you have contracted with us, etc.). To provide you with our services, we need to communicate your personal data to the Travel Providers involved, in order that they can provide you with the products or services you have requested, as well as those other parties to which it is necessary to disclose your personal data to provide you with the requested services in a diligent manner. These third parties will be operating as autonomous data controllers. Please note that these partners may also contact you as necessary to obtain additional information about you in accordance with their own independent privacy policy.
II. Our group companies may process your personal information, as previously referred to, for internal purposes relating to management centralization. In any case, they will follow practices that are at least as restrictive as the practices described in this Privacy Policy.
III. Third party service providers (eg those providing us with IT and hosting services, customer support, analytics, payment and financial service providers for chargeback, fraud detection, prevention purposes, etc.) process your personal data on our behalf and under our instructions for the purposes described hereinabove, acting as data processors or acting as autonomous data controllers. Where third-party service providers have access to data, they will only collect information as needed to perform their functions. They are not permitted to share or use the information for any other incompatible purpose.
IV. Business partners. Some of our website or app services could be fully or partially provided by our business partners and certain personal data that you give us (eg name, email address payment details and other relevant information) will be forwarded to our Business Partner to finalize and manage the service. The relevant information may be shared for necessary customer service support or for the purposes referred to above. As Business Partners will be operating as autonomous data controllers, their independent privacy policy, or a specific version of it that shall also apply. You may find the link before booking the services.
V. Social media providers. When logging in with your social media, clicking on a social media “like” button integrated in our website or app by plugins, or using any social media services to interact with us, personal data can be shared between us and the social media providers (eg your user names, email address, profile pictures, your contacts…). As the Social media providers will be operating as autonomous data controllers, their independent privacy policy shall also apply. Furthermore, you can manage your privacy settings on your Social media accounts.
WE. Competent authorities. We disclose personal data to law enforcement insofar as it is required by law or is strictly necessary for the prevention, detection or prosecution of criminal acts and fraud or if we are otherwise legally obliged to do so. We may need to further disclose personal data to competent authorities to protect and defend our rights or properties, or the rights and properties of third parties.
VII. Others, with your consent to the disclosure.
How do we protect your personal data?
Among other measures (e.g., protocols, internal policies, awareness, etc.), we can regroup the main protection actions we take:
I. Security measures. While no online service can guarantee absolute security, we implement reasonable procedures to protect your personal data's confidentiality, integrity and availability (eg preventing unauthorized access or misuse of your data, employing technical and physical restrictions for accessing and using personal data, using firewalls, etc.).
If you know or have a reason to believe that your account credentials have been lost, stolen, or otherwise compromised or in case of any actual or suspected unauthorized use of your account, or any security matter you consider relevant, please contact us by clicking here.
II. Retention procedures. We will keep your personal data for as long as we deem it necessary to enable you to use our services, to provide our services to you, to comply with the applicable laws, resolve disputes with any parties and otherwise as necessary to allow us to conduct our business (including, to detect and prevent fraud or other illegal activities). All personal data we retain will be subject to this Privacy Policy. If you have any question about a specific retention period for certain types of personal data, we process about you, please contact us.
For instance, if you provide us with your contact email address, but then you are unable to finish your booking, we will keep your email address only temporarily and, in any case, for a maximum period of seven days to help you with the booking if you are still interested.
III. International data transfers. Our servers are located within the European Union. However, to facilitate our global operations (ie by means of third party service providers) the transmission of personal data to the recipients described above may include overseas transfers of personal data to countries whose data protection laws are not as comprehensive as those of the countries within the European Union. In these situations, as may be required, we make contractual arrangements to ensure that your personal data is still protected in line with European standards.
International transfers of your personal data
Due to the nature of Trippboplus AB's business, your personal data will be transferable to countries outside the EU/EEA in connection with booking a trip with us. To provide our services to you, we may need to use partners and suppliers outside the EU/EEA.
Without the ability to transfer your information to recipients outside the EU/EEA, Atlantis Travel will be unable to deliver the desired journey to you. This applies if booking your trip requires that information is transferred to recipients outside the EU/EEA, e.g., to book flights, hotels, etc. at your travel destination.
Data protection legislation in these countries may be more lenient than it is in Sweden and in the rest of the EU/EEA, as in the majority of cases these will be countries where the EU Commission has assessed that the level of data protection is not in line with the level of data protection within the EU/EEA.
Where practicable for us, the transfer of your personal data will be based on the standard transfer contracts drawn up by the European Commission specially designed for this purpose. As far as transfers to the United States are concerned, these will, as far as possible, be made based on Privacy Shield. Privacy Shield is an AGREEMENT between the EU and the US that provides, among other things, for a strong set of data protection rules and security measures that US companies that join the scheme are obliged to comply with when processing personal data.
However, in some cases, it will not be practicable for Trippboplus to enter a standard transfer contract or use Privacy Shield as a legal transfer basis. In such cases, the transfer of the data will be based on Article 49,1(b) of the Data Protection Regulation, as the transfer of your personal data to that country is necessary for the performance of the contract between you and Trippboplus (the booking of your trip) or for the implementation of measures taken at your request prior to the conclusion of such a contract (e.g. in connection with the submission of a qualified offer as mentioned above section 7).
It is therefore important that you are aware that the transfer of your personal data to countries outside the EU/EEA when booking a trip with Trippboplus means that your personal data will not enjoy the same protection as under Swdeish or EU law.
There is an obvious risk that there are no clear, precise, and accessible rules on the access of the country's authorities to the use of your personal data in the country concerned; that there are no rules that the country's authorities' access to your information must be necessary and proportionate; that the country does not have an independent and effective supervisory authority and that it does not have available and effective remedies for data subjects.
If you do not want Trippboplus to send your personal data to recipients outside the EU/EEA when booking your trip, please let us know no later than when booking your trip.
Trippboplus does not in any case disclose your personal data to recipients outside the EU/EEA unless this is necessary to carry out our business and meet your needs by, for example, providing you with the desired journey.
Your rights
Personal data processing necessary for us to fulfill an agreement with you or for us to fulfill a legal obligation is permitted without consent. However, if we are to collect and manage your personal data for another purpose, you are required to accept the processing. You consent to the processing of your personal data when you use our services in AtlantisRejser.dk, by contacting our travel consultants or with a business partner.
You have the right to assert your rights under the data protection legislation in force at any time. Among other things, you may request access to the personal data held by Trippboplus and object to the processing of the data, including objecting to automated decisions and profiling or to the use of your personal data for direct marketing. In addition, you may request rectification or deletion of any incorrect information about yourself, withdraw consent to the processing of your personal data and assert your right to data portability.
If you wish to assert one or more of your rights, please contact us at info@trippboplus.com. Your request will be processed within 30 days in accordance with the data protection laws in force at any time.
Updates
Trippboplus continuously evaluates and updates this Privacy Policy. You should therefore regularly check this Privacy Policy for any changes that may affect our processing of your personal data.