THIRD PARTY PRIVACY POLICY
1 INTRODUCTION
Welcome to the third party privacy policy of Travel Plus NV (“Travel Plus” / “we” / “us” / “our”).
We take your privacy seriously and we are committed to protecting personal data that we receive from you.
This privacy policy explains Travel Plus’ policies and practices regarding its processing of your personal data,
and explains your privacy rights under applicable privacy and security laws, even though you are not a member or
employed with a member of the Exmar group of companies.
This privacy policy is effective as of May 25th, 2018. We review our privacy practices on an ongoing basis,
and as such we may change this privacy policy from time to time. If such change includes any significant, material
changes, we will provide clear notice of the update on the homepage of our website. Please check this policy
frequently to ensure that you are familiar with its current content.
If you are an EU national and reside in the EU, or are non-EU national residing in the EU, the data controller
(as defined under EU data protection law) will be the TravelPlus relevant entity that you engage with.
2 CONTACTING US
If you would like additional information on anything in or related to this privacy policy, or you would like
to exercise any rights that you may have in relation to your personal data, please contact us at dpc@exmar.be
3 WHAT PERSONAL DATA MAY WE PROCESS?
The types of personal data relating to you that we may “process” (such as collect, use and store) depends on your
interaction with us. The key types of personal data that we may process are set out below.
* Note that the legal bases in the table below are required to be specified under EU data protection law, but are
not required, or required to be specified, if you are not an EU citizen/do not reside in the EU.
4 PERSONAL DATA THAT YOU GIVE US
Activity | Types of personal data that we may process | Our legal bases* for processing |
---|---|---|
Your general use of our website |
|
Legitimate interests:
|
Your request for our legal services |
|
Legitimate interests:
Contract
|
Your wish to receive event invitations, updates, or other marketing materials |
|
Legitimate interests:
Consent
|
Your application for a job, internship, freelancer position or consultant role at TravelPlus |
|
Legitimate interests:
Consent
Legal obligation
PLEASE NOTE: If you are applying to work at TravePlus—whether as an employee, intern, vacation student, legal consultant, freelancer, or in any other |
5 PERSONAL DATA THAT WE MAY COLLECT THROUGH COOKIES
“Cookies” are small pieces of information that are stored by your browser on your computer’s hard-drive for record-keeping purposes.
TravelPlus uses cookies on its website for the following reasons:
a) Analysis – to obtain web analytics from third-party vendors. These third parties use cookies to help analyze how users use
the website. The information generated by the cookie about your use of the website (including your IP address) will be transferred to and
stored by third-party vendors on servers in the United States. These vendors will use this information for the purposes of analyzing your
use of the website, creating reports on the website activity, and providing other services relating to the website activity. These
vendors may also transfer this information to other third parties where required to do so by law, or where such third parties process the
information on the vendor’s behalf.
b) Enhanced website functionality – for instance to provide account log-in prompts and to record preferences that you
input on areas of the website so that you do not have to keep re-entering information.
You can refuse the use of cookies by selecting the appropriate settings on your browser, though please note that if you do so,
you may not be able to use the full functionality of the TravePlus website.
6 PERSONAL DATA FROM MINORS
TravelPlus’ services, including its website, are directed solely at adults. If you are under the age of thirteen (or if being a
‘minor’ is defined as a younger age in your relevant jurisdiction, that relevant age), please do not provide us with any of your
personal data, including your email address.
7 OTHER INFORMATION THAT WE MAY COLLECT AUTOMATICALLY
We collect the following information relating to our website visitors automatically: domain name, IP address, and type of
browser used and type of operating system used. We use this information for internal statistical analysis, such as to see where
our website is being used geographically. However, we do not link this information with any personal data.
8 HOW AND WHY MAY WE PROCESS YOUR PERSONAL DATA?
We may process your personal data in the following ways (depending upon your interaction with us):
a) Collecting your personal data that you input on our website, or provide to us in conversations, emails, or
meetings with us.
b) Recording your personal data, such as through electronic or handwritten notes that we make.
c) Organising and storing your personal data on our servers, in our case management system, in our electronic
HR filing system, in our employee’s email inbox folders, or in hard copy files.
d) Using your personal data to provide our services to you, and address any preferences, complaints, or
comments that you have.
e) Disclosing your personal data to third parties, where necessary, appropriate and/or as required by law
(see section 5 providing more information on this below).
We may process your personal data for the following purposes:
a) To process and manage your purchase and use of our services.
b) To respond to your questions, comments, complaints, or requests.
c) To follow up with you on a job application.
d) To create and deliver personalized communications that are relevant to your preferences.
e) To further our business purposes, such as to perform data analysis, audits, fraud monitoring, and prevention; enhance,
improve, or modify our website or services; identify client trends; determine the effectiveness of our promotional campaigns;
and operate and expand our business activities.
9 HOW WILL WE PROTECT YOUR PERSONAL DATA?
We have implemented security policies and technical measures to protect the personal data that we collect, consistent with
applicable privacy and security laws. These security measures are designed to prevent unauthorized access, improper use or
disclosure, unauthorized modification, and unlawful destruction or accidental loss of your personal data.
We update and test our personal data privacy and security measures on an ongoing basis. We also provide training to our
employees on privacy laws and how to comply with them, and have disciplinary procedures in place that may be imposed on
employees if they do not comply with our standards. We ensure that only employees who need to know your personal data to
fulfill the purposes of processing that personal data (as described in this privacy policy) have access to it.
10 WITH WHOM MAY WE SHARE YOUR PERSONAL DATA?
We take your privacy seriously and will not share your personal data with others, except in the following circumstances:
a) Service providers – we may disclose your personal data to third-party service providers to provide us
with services such as website hosting and professional services, including information technology services, payroll services,
auditing services, consultancy services, regulatory services, and legal services in other countries.
b) Our other group entities – we may disclose your personal data to our other group entities in order to
provide you with tailored services and communications, or in accordance with our business administrative practices.
c) To fulfill your option to share our website content with third parties – using the sharing features
on our website (to share content with Facebook, LinkedIn, or Twitter, for example).
d) Corporate transactions or events – we may disclose your personal data to a third party in connection
with a corporate reorganization, merger, joint venture, sale, transfer, or other disposition of all or any portion
of our business or shares.
e) Legal reasons – we may use or disclose your personal data as we deem necessary or appropriate under
applicable laws; to respond to requests from public, governmental; and regulatory authorities; to comply with court
orders, litigation procedures, and other legal processes; to obtain legal remedies or limit our damages; to protect the
operations of our group entities; and to protect the rights, safety, or property of our employees, you, or others.
11 INTERNATIONAL TRANSFERS OF PERSONAL DATA
Some of our group entities and service providers are located in the United States. Accordingly, if you are an EU
citizen/resident in the EU, please note that we will transfer your personal data to the United States in accordance with EU
data protection law requirements by using standard contractual clauses that have been approved by the European Commission.
Such a transfer may also be necessary in order to perform a contract with you/fulfill your request and/or through obtaining
your explicit consent.
12 WHAT RIGHTS DO YOU HAVE WITH RESPECT TO YOUR PERSONAL DATA?
If you are an EU citizen and reside in the EU, or are non-EU national residing in the EU, you may have the following
rights with respect to the personal data you provide to us, to the extent permitted by applicable data protection laws:
a) To withdraw any consent that you have provided to us to process your personal data.
b) To access or rectify your personal data.
c) To have your personal data erased if it is no longer necessary for the purposes for which it was processed, you
have withdrawn your consent to, or object to, its processing and there is no other legitimate grounds for processing it
or you consider it has been unlawfully processed.
d) To have the processing of your personal data restricted if you contest its accuracy, its processing is unlawful, we no
longer need it but you need it for a legal claim, or you have objected to its processing and await verification of our
legitimate grounds for processing it.
e) To have your personal data transferred to another company under certain circumstances.
f) To complain to your national data protection regulator if you feel that your personal data has been unlawfully processed.
13 FOR HOW LONG DO WE RETAIN YOUR PERSONAL DATA?
We retain your personal data only for as long as is necessary for our relationship with you, in accordance with our
retention policies, and in accordance with applicable laws. We do not collect more personal data than we need to fulfill
our purposes stated in this privacy policy, and we will not retain it for longer than is necessary.
14 LINKS TO THIRD-PARTY SITES
Our website may include links to other sites operated by third parties. We are not responsible for information on
these sites, nor for services or products offered by them. Use of such sites, including transmitting your personal
data to them, is at your own risk. You should check the privacy policies (and other applicable terms and conditions)
of these third-party sites.