What is personal information?
Personal information is information which relates to an individual who can be identified from that information, or from that information and other information in a person’s possession, including any expression of opinion, whether true or not, and whether recorded in material form or not, about an identified or reasonably identified individual, and any indication of intention in respect of an individual.
How do we collect personal information?
Where practical, we will collect personal information directly from the individual. Generally, this collection will occur when the individual deals with us either in person, by telephone, letter, facsimile, email or when the individual visits our website. We may collect personal information about the individual when they purchase or make enquires about travel arrangements or other products and services, when the individual enter competitions, when they register for promotions, when they subscribe to receive marketing from us (e.g. e-newsletters) or when they request brochures or other information from The Ocean Endeavour Company. We may also collect the individual’s personal information when they complete surveys or provide us with feedback.
In some circumstances, it may be necessary for us to collect personal information about an individual from a third party. This includes where a person makes a travel booking on the individual’s behalf which includes travel arrangements to be used by the individual (e.g. a family or group booking). Where this occurs, The Ocean Endeavour Company will assume the individual has consented to their personal information being collected by us and to us handling it in accordance with this Policy. The individual should let us know immediately if they become aware that their personal information has been provided to us by another person without their consent
What personal information do we collect?
Generally, the type of personal information we collect about individuals is the information that is needed to facilitate their travel arrangements and bookings and to arrange travel-related services and products on their behalf. For example, we may collect details such as their name, residential address, mailing address, telephone number, email address, credit/debit card details (including card type, card number, security number and expiry date), passport details, frequent flyer details, information about their dietary requirements and health issues (if any), and other details relevant to their travel arrangements or required by the relevant travel service providers (e.g. airlines, accommodation or tour providers). When individuals make contact with us for other purposes, we may also collect personal information about them in relation to those purposes. For example, we may collect their personal information, so we can contact them about a competition they have entered (e.g. if they win) or to respond to an enquiry or feedback form they have sent to us. We also collect information that is required for use in the business activities of The Ocean Endeavour Company, including for example, financial details necessary in order to process various transactions, and any other relevant personal information they may elect to provide to us.
In some circumstances, we may collect personal information from an individual which is regarded as sensitive information. Sensitive information includes types of personal information such as their racial or ethnic origin, religious beliefs or affiliations, criminal record and health information. We will only collect sensitive information about an individual with their consent and where reasonably necessary for, or directly related to, one or more of our functions or activities (e.g. to make travel arrangements on their behalf). Where an individual provides sensitive information to us, they
consent to us using that sensitive information for the purpose for which it was collected.
How is personal information used?
Where an individual contacts us in relation to a travel booking or query, the primary purpose for which we collect an individual’s personal information is generally to provide them with travel advice and/or to assist them with booking travel and/or travel related products and services. However, the purpose for collection may differ depending on the particular circumstances as disclosed in this Policy.
By providing us, or otherwise allowing us to collect, an individual’s personal information, they consent to us using and disclosing their personal information for the purposes for which it was collected, and for related or ancillary purposes, such as any one or more of the following purposes:
- identification of fraud or error;
- regulatory reporting and compliance;
- developing, improving and marketing our products and services and those of our related entities;
- servicing our relationship with an individual by, among other things, providing updates on promotions and services we think may interest them;
- involving individuals in market research, gauging customer satisfaction and seeking feedback regarding our relationship with individuals;
- to facilitate individuals participation in loyalty programs;
- to analyse trends in sales and travel destinations;
- for marketing activities including but not limited to mail-outs, emails, e-newsletters and telephone calls;
- internal accounting and administration; and
- other purposes as permitted or required by law (e.g. to prevent a threat to life, health or safety).
We will only send e-newsletters or other promotional materials to an individual if they have opted in to receive them. We are only allowed to store an individual’s personal information for as long as necessary having regard to the purpose for which it was collected or a related or ancillary purpose. We may therefore delete their personal information after a reasonable period of time and, if the individual has not used our services for some time, they may have to re-enter or re-supply their personal information to us.
Is personal information disclosed to third parties?
Yes. Individual’s also consent to the personal information about them which we collect or receive being processed, transferred and/or disclosed by us in the following circumstances:
- in each of the circumstances set out in the previous section “How do we use personal information?”;
- as permitted or required by law;
- to various regulatory bodies and law enforcement officials and agencies, including to protect against fraud and for related security purposes;
- to third party suppliers of IT based solutions that assist us in providing products and services to the individual;
- to travel service providers such, tour operators, airlines, hotels, companies and other service providers for the purpose for which the information was collected or for a related purpose;
- to comply with our legal obligations and any applicable customs/immigration requirements relating to their travel;
- to comply with a request from a qualified government department if we are satisfied that they have the authority to make such request;
- where we suspect that unlawful activity has been or may be engaged in and the personal information is a necessary part of our investigation or reporting of the matter;
- to third parties who may involve an individual in market research for the purpose of servicing our relationship with them and improving the services we provide; and
- to third parties for the purpose of analysing trends in sales and travel destinations.
The third parties to whom we disclose their personal information may also be taken to have collected their personal information in their own right, for their internal use. For more information in relation to collection by travel service providers, see the heading above titled “When we act as agent”.
Where we engage travel service providers to perform services for us, those travel service providers may be required to handle their personal information. Where we disclose their personal information to such travel service providers, the individual agrees that we will not be required to ensure their compliance with applicable privacy laws or otherwise be liable or accountable for how they handle their personal information.
Other than the above, we will not disclose their personal information without their consent unless we reasonably believe that disclosure is necessary to lessen or prevent a threat to life, health or safety or for certain action to be undertaken by an enforcement body (e.g. prevention, detection, investigation, prosecution or punishment of criminal offences), disclosure is authorised or required by law or disclosure is otherwise permitted by applicable privacy laws.
When an individual provides, or otherwise allows us to collect, their personal information, they consent to their personal information being disclosed to certain overseas recipients, as set out below. Where we disclose their personal information to an overseas recipient, the individual agrees that we will not be required to ensure the recipient’s compliance with Australian privacy laws or otherwise be liable or accountable for how the recipient handles their personal information. If the individual has any objections to their personal information being disclosed to an overseas recipient, please let us know.
In providing our services to individuals, it may be necessary for us to disclose personal information to relevant overseas travel service providers.
For instance, where the individual requests travel to be booked with an overseas travel service provider, we will usually need to disclose their personal information to that provider for the purposes of arranging their booking with them.
We may also disclose the individual’s personal information to our overseas related entities and to travel service providers and other third parties who perform services for us overseas. Generally, we will only disclose their personal information to these overseas recipients in connection with facilitation of their travel booking and/or to enable the performance of administrative and technical services by them on our behalf.
Security of information
The Ocean Endeavour Company has implemented various physical, electronic and managerial security procedures in order to protect personal information from loss and misuse, and from unauthorized access, modification, disclosure and interference.
The Ocean Endeavour Company regularly reviews security and encryption technologies and will strive to protect their personal information as fully as we protect our own confidential information.
Access to and correction of personal information
Subject to any exceptions set out in applicable privacy laws, we invite individuals to access any personal information we may hold about them.
Where personal information we hold about individuals is not accurate, complete, up-to-date or relevant, they may ask us to correct that personal information, and we will respond to their request within a reasonable time. We reserve the right to confirm the identity of the person seeking access or correction to personal information before complying with such a request. If we deny access or correction, we will provide the individual with the reason for such denial. If individuals wish to access or seek correction of any personal information we hold about them, they are asked to please contact firstname.lastname@example.org
Individuals must always provide accurate information and agree to update it whenever necessary. They also agree that, in the absence of any update, we can assume that the information submitted to us is correct.
Should individuals no longer wish to receive e-newsletters or other promotional material, participate in market research or receive other types of communication from The Ocean Endeavour Company, they are asked to either unsubscribe using the applicable unsubscribe link on the electronic digital email or email email@example.com
A cookie is a small text file that is stored on a user’s computer for record-keeping purposes. We may link the information we store in cookies to any personal information the individual submits while on our website. Cookies save data about individual visitors to the website, such as the visitor’s name, password, username, screen preferences, the pages of a site viewed by the visitor, and the advertisements viewed or clicked by the visitor.
We use both session ID cookies and persistent cookies. A session ID cookie expires when individuals close their browser. A persistent cookie remains on their hard drive for an extended period of time. Individuals can remove persistent cookies by following directions provided in their Internet browser’s “help” file. If an individual rejects cookies, they may still have full access to our website.
Individuals may choose to opt-out of Google Analytics using the Google Analytics Opt-out Browser Add-on.
Behavioural Targeting / Re-Targeting
Feedback / Complaints / Contact
If individuals have any enquiries, comments or complaints about this Policy or our handling of their personal information, please contact their consultant or email us at firstname.lastname@example.org. We will respond to any complaints received as soon as practicable.
Changes to our Policy
From time to time it may be necessary for us to review and revise this Policy. We reserve the right to change our Policy at any time and for any reason. If we make a change to the Policy, the revised version will be posted on our website.
UPDATED 19 MARCH 2020