Privacy Policy
reTravel Technology Ltd. and its affiliates (collectively “reTravel”, “we” and “us”) takes your privacy, its protection and care in its use very seriously. This Privacy Policy describes the types of Personal Data we collect through our services (“Services”) and via our online websites, domains and other services, which include our main website at reTravel.io, various landing pages which we offer our clients, as well as services, web and mobile applications and websites that we enable our users and our customer’s users to access, such as landing pages, booking pages, offer pages and others (collectively, our “Sites”). This policy does not apply to third-party websites, products, or services, even if they link to our Services or Sites or are linked from our Services or Sites, and you should consider the privacy policies of those third-parties carefully.
This Privacy Policy describes and details all of the following:
- Overview
- Personal Information we Collect
- Use of Personal Information
- Sharing Personal information
- Your Rights and Choices
- Cookies Trackers and Beacons
- Use by Minors
- International Data Transfer
- Contacting You
- Complaints and Reports
- Security
- Updates to this Privacy Policy
- Links to Other Websites
- Contact us
- Jurisdiction Specific Provisions
1. OVERVIEW
reTravel is a service which offers ancillaries services for travelers. Providing us with personal data is purely consensual. You are not obligated under any laws to provide us with any personal data, but please take careful note: without providing such personal data, we may not be able to provide you with our Services.
reTravel obtains Personal Data about you from various sources to provide you with the Services and to manage our Sites. “You” may be a visitor to one of our Sites, a client of one of our commercial customers referring you to our Sites, customer of one or more of our Services (“Customer”), or our user or a user of a Customer (“user”). If you are a User, reTravel may collect your Personal Data directly from you or the data from our Customer (i.e. our commercial customer). Your agreement with the relevant Customer should explain how the User shares your Personal Data with Us, and if you have questions about this sharing, then you should direct those questions to the Customer.
2. PERSONAL INFORMATION WE COLLECT
-
- Personal Data that we collect about You. “Personal Data” is any information that relates to an identified or identifiable individual. The Personal Data that You provide directly to Us through our Sites and Services will be apparent from the context in which you provide the data. In particular:
- When you register to Our Services we collect your full name, email address, and account. log-in credentials.
- When you fill-in our online forms We collect your full name, email, country, and anything else you tell us about your needs, specific requirements and timeline.
- We may also retain the information you provide us if you click the “Remember Me” feature (or any similar notice which we may provide from time to time) in order to streamline Your use of our service, your log-in process or other services available.
- User booking information:
- which products were booked: flight, hotel, car hire and etc.
- Detailed information on the booking including flight fare class, meal requests, car type and etc.
- The source of the booking (If there was a booking prior to reTravel, where was it executed)
- The products suppliers and providers
- Date of purchase and dates of the trips
- User information, including but not limited to Name, Email, Phone number and Corporate name.
- When you respond to Our emails, or other digital correspondence, We collect your email address, name and any other information you choose to include in the body of your email or responses.
- If you are a Customer, you will provide your contact details and corporate details, such as name, address, telephone number, and email address. As part of Your business relationship with Us, we may also receive financial and personal information about You, such as your date of birth and government identifiers associated with You and Your organization (such as your ID #, social security number, tax number, Employer Identification Number and the like).
- If you are a User of a Customer, when you make payments or conduct transactions through a Customer’s website, application or service We provide, we will receive your transaction information. Depending on how the Customer implements our Services, we may receive this information directly from You, or from the Customer or from third parties. The information that we collect will include payment method information, nature and dates of the applicable transaction and such other information which is pertinent to the execution of the Service or purchase. The Customer will determine the payment methods that it enables you to use, and the payment method information that we collect will depend upon the payment method that you choose to use from the list of available payment methods that are offered to you by the Customer. When you make a transaction, we may also receive your name, email, billing or shipping address and in some cases your transaction history to authenticate you.
- Personal Data that we collect about You. “Personal Data” is any information that relates to an identified or identifiable individual. The Personal Data that You provide directly to Us through our Sites and Services will be apparent from the context in which you provide the data. In particular:
You may also choose to submit information to us via other methods, including: (i) in response to marketing or other communications, (ii) through social media or online forums, (iii) through participation in an offer, program or promotion, (iv) in connection with an actual or potential business relationship with us, or (v) by giving us your contact details at trade shows or other events.
- Information that we collect automatically on our Sites. Our Sites use cookies and other technologies to function effectively. These technologies record information about your use of our Sites, including:
- Browser and device data, such as IP address, device type, operating system and Internet browser type, screen resolution, operating system name and version, device manufacturer and model, language, plug-ins, add-ons and the language version of the Sites you are visiting;
- Pages that led or referred you to our Sites, Usage data, such as time spent on the Sites, pages visited, links clicked and language preferences.
- We also collect information about your online activities on websites and connected devices over time and across third-party websites, devices, apps and other online features and services. We use Google Analytics on our Sites to help us analyze Your use of our Sites and diagnose technical issues. To learn more about how You can control our use of cookies and third-party analytics, please see Section 6 below as well as your browser’s applicable tutorial or help link.
3. USE OF PERSONAL INFORMATION
-
- Our products and services.
We rely upon a number of legal grounds to ensure that our use of your Personal Data is compliant with applicable law. We use Personal Data to facilitate the business relationships we have with our Customers, to provide you with our services and the requests and bookings you wish to make, to comply with our regulatory and other legal obligations and to pursue our legitimate business interests. We also use Personal Data to complete transactions and to provide Our Services to our Customers which they in turn provide to their Users.
-
- Marketing and events-related communications.
We may send you email marketing communications about Our products and Services, invite you to participate in our events or surveys, or otherwise communicate with You for marketing purposes, provided that we do so in accordance with the consent requirements that are imposed by applicable law. For example, when we collect Your business contact details through our participation at trade shows or other events, We may use the information to follow-up with you regarding an event, send you information that You have requested on our Services and, with Your permission, include You on our marketing information campaigns.
-
- Advertising
When you visit our Sites, we (and our service providers) may use Personal Data collected from You and Your device to target advertisements for Services to You on Our Sites and other sites you visit (“interest-based advertising”), where allowed by applicable law. For example, when You visit our Site, we will use cookies to identify your device and direct ads for our Services to you. You have choices and control over our cookies (or similar technologies) we use to advertise to you. Please see the Cookie section above for more information. At present, there is no industry standard for recognizing Do Not Track browser signals, so we do not respond to them. We do not use, share, rent or sell the Personal Data of our Users’ and Customers for interest-based advertising. We do not sell or rent the Personal Data of our Users, their Customers or our Site visitors.
4. SHARING PERSONAL INFORMATION
reTravel does not sell or rent Personal Data to marketers or unaffiliated third parties. We share your Personal Data with trusted entities, as outlined below.
-
- reTravel Entities
We share Personal Data with other reTravel entities in order to provide our Services and for internal administration purposes.
-
- Service Providers.
We share Personal Data with a limited number of our service providers. We have service providers that provide services on our behalf, such as identity verification services, booking and execution of the purchased services (e.g. hotels, car rentals, transportation etc.), aggregators which compile the required information and assist with execution of bookings, website hosting, data analysis, information technology and related infrastructure, customer service, email delivery, direct purchasing of services or products from the relevant service provider or vendor site (e.g. via API), etc. These service providers may need to access Personal Data to perform their services. We authorize such service providers to use or disclose the Personal Data only as necessary to perform services on our behalf or comply with legal requirements. We require such service providers to contractually commit to protect the security and confidentiality of Personal Data they process on our behalf. Our service providers are predominantly located in the European Union and the United States of America.
-
- Business partners.
We share Personal Data with third party business partners when this is necessary to provide our Services to our Customers and Users. Examples of third parties to whom we may disclose Personal Data for this purpose are payment method providers (such as credit card networks) when we provide payment processing services, and the professional services firms that we partner with to deliver our Services.
-
- Our Customers and third parties authorized by our Customers.
In the event that We enter into, or intend to enter into, a transaction that alters the structure of Our business, such as a reorganization, merger, sale, joint venture, assignment, transfer, change of control, or other disposition of all or any portion of Our business, assets or stock, we may share Personal Data with third parties in connection with such transaction. Any other entity which buys Us or part of Our business will have the right to continue to use your Personal Data, but only in the manner set out in this Privacy Policy unless You agree otherwise.
-
- Compliance and harm prevention.
In the event that We enter into, or intend to enter into, a transaction that alters the structure of Our business, such as a reorganization, merger, sale, joint venture, assignment, transfer, change of control, or other disposition of all or any portion of Our business, assets or stock, we may share Personal Data with third parties in connection with such transaction. Any other entity which buys Us or part of Our business will have the right to continue to use your Personal Data, but only in the manner set out in this Privacy Policy unless You agree otherwise.
-
- Compliance and harm prevention.
Compliance and harm prevention.
5. YOUR RIGHTS AND CHOICES
-
- Right of Access and Rectification.
You have the right to know what Personal Data we collect about you and to ensure that such data is accurate and relevant for the purposes for which we collected it. You can receive a copy of your Personal Data, and to rectify such personal data if it is not accurate, complete, or updated. However, we may first ask you to provide us with certain credentials to permit us to identify you before rectifying, deleting, or reviewing.
-
- Right to Delete Personal Data or Restrict Processing
You have the right to delete your Personal Data or restrict its processing by ourselves and third parties. We may postpone or deny your request if your personal data is in current use for the purposes for which it was collected or for other legitimate purposes such as compliance with legal obligations.
-
- Right to Withdraw Consent
You have the right to withdraw your consent to the processing of your Personal Data. Exercising this right will not affect the lawfulness of processing your Personal Data based on your consent before its withdrawal.
-
- Right of Data Portability
Where technically feasible, you have the right to ask to transfer your personal data to a third party provided Our legitimate business interests and trade secrets are not harmed.
6. COOKIES TRACKERS AND BEACONS
- In order to collect the data described herein, we may use temporary cookies that remain on your browser for a limited period of time. We may also use persistent cookies that remain on your browser for the duration we provide the services.
- A cookie is a small piece of information which is sent to and stored on your browser. Cookies by themselves cannot be used to discover your identity. Cookies do not damage your browser.
- Most browsers may allow you to block cookies, but you may not be able to use some features on the Services if you block them.
- You may set most browsers to notify you if you receive a cookie (this enables you to decide if you want to accept it or not).
- We may also use web beacons via the Services to collect information. Web beacons or “gifs,” are electronic images that may be used in our Services or in our emails. We use Web beacons to deliver cookies, count visits, and to tell if an email has been opened and acted upon.
- We also use third-party technologies, such as cookies and web beacons and various third-party providers (e.g., Google, Facebook, etc.) to process and analyze your personal data, profile end-user activities and provide targeted ads, including without limitation tracking Your use of the Services and third-party services and sites.
7. USE BY MINORS
We will not knowingly contact or engage with minors under the age of 16. If You have reason to believe that a minor under the age of 16 has provided us with their personal data, please contact Us, and We will act in accordance with the applicable law.
8. INTERNATIONAL DATA TRANSFER
- We are a global business. Personal Data may be stored and processed in any country where we have operations or where we engage service providers. We may transfer Personal Data that we maintain about you to recipients in countries other than the country in which the Personal Data was originally collected, including to the United States. Those countries may have data protection rules that are different from those of Your country. However, we will take measures to ensure that any such transfers comply with applicable data protection laws and that Your Personal Data remains protected to the standards described in this Privacy Policy. In certain circumstances, courts, law enforcement agencies, regulatory agencies or security authorities in those other countries may be entitled to access your Personal Data.
- If you are located in the European Economic Area (“EEA”), the UK or Switzerland, we comply with applicable laws to provide an adequate level of data protection for the transfer of your Personal Data to the US. reTravel follows the EU-U.S. and the Swiss-U.S. Privacy Shield Framework and adheres to the Privacy Shield Principles in connection with personal data transfers from the EEA, the UK and Switzerland.
- Where applicable law requires us to ensure that an international data transfer is governed by a data transfer mechanism, we use one or more of the following mechanisms: EU Standard Contractual Clauses with a data recipient outside the EEA or the UK, verification that the recipient has implemented Binding Corporate Rules, or verification that the recipient adheres to the EU-US and Swiss-US Privacy Shield Framework.
Also the data transfer may be made as part of compliance with legal authorities as descried above.
We may transfer data in the event of M&A as provided above.
9. CONTACTING YOU
We may send you periodic notifications in relation to the Services. We will also send you our newsletter or updates, which you may opt-out of this service at any time by clicking the “Unsubscribe” button at the bottom of each promotional communication we send you.
10. COMPLAINTS AND REPORTS
We regularly review our compliance with this Privacy Policy. Please feel free to direct any questions or concerns regarding this Privacy Policy or our treatment of personal data by contacting us as provided above. When we receive formal written complaints, we will contact you regarding your concerns. We will cooperate with the appropriate regulatory authorities, including local data protection authorities, to resolve any complaints regarding the transfer of personal data that cannot be resolved between the Company and an individual.
11. SECURITY
- We make reasonable efforts to ensure a level of security appropriate to the risk associated with the processing of Personal Data. We maintain organizational, technical and administrative measures designed to protect Personal Data within our organization against unauthorized access, destruction, loss, alteration or misuse. Your Personal Data is only accessible to a limited number of personnel who need access to the information to perform their duties. Unfortunately, no data transmission or storage system can be guaranteed to be 100% secure. If you have reason to believe that your interaction with us is no longer secure (for example, if you feel that the security of your account has been compromised), please contact us immediately.
- We retain your Personal Data as long as we are providing the Services to you. We retain Personal Data after we cease providing Services directly or indirectly to you, even if you close your account or complete a transaction with a User, to the extent necessary to comply with our legal, contractual and regulatory obligations. We also retain Personal Data to comply with our tax, accounting, and financial reporting obligations, where we are required to retain the data by our contractual commitments to our partners. Where we retain data, we do so in accordance with any limitation periods and records retention obligations that are imposed by applicable law.
12. UPDATES TO THIS PRIVACY POLICY
We may change this Privacy Policy from time to time to reflect new services, changes in our Personal Data practices or relevant laws. The “Last updated” notice at the top of this Privacy Policy indicates when this Privacy Policy was last revised. Any changes are effective when we post the revised Privacy Policy on the Services.
13. LINKS TO OTHER WEBSITES
The Services may provide the ability to connect to other websites. These websites may operate independently from Us and may have their own privacy notices or policies, which We strongly suggest you review.
14. CONTACT US
If You have any questions or complaints about this Privacy Policy, please contact us electronically to: [email protected]
15. JURISDICTION SPECIFIC PROVISIONS
-
- Residents of the European Economic Area (EEA), the UK and Switzerland. The entity responsible for the collection and processing of Personal Data for residents of the EEA, the UK and Switzerland is reTravel Technologies Ltd., a company incorporated in Israel. To exercise your rights, the Data Protection Officer may be contacted via [email protected]
If you are a resident of the EEA and believe we process your information in scope of the General Data Protection Regulation (GDPR), you may direct your questions or complaints to the Office of the Data Protection Commissioner. If you are a resident of the UK you may direct your questions or concerns to the UK Information Commissioner’s Office.
\r\nIf there is a transfer of your personal data outside the EEA we will, in the absence of an EC Adequacy decision relevant to the destination country or the transfer, seek to rely on appropriate safeguards such as a valid Privacy Shield certification, or enter into appropriate EC approved standard contractual clauses (see http://ec.europa.eu/justice/data-protection/international-transfers/transfer/index_en.htm ). - United States – California residents
This section provides additional details about the personal information we collect about California consumers as well as the rights of California consumers under the California Consumer Privacy Act (CCPA).- How We Collect, Use, and Disclose your Personal Information. The Personal Data We Collect section describes the personal information we may have collected over the last 48 months, including the categories of sources of that information. We save the information to get to know your travel habits . We collect this information for the purposes described in the How We Use Personal Data section. We share this information as described in the How We Disclose Personal Data section. reTravel uses cookies, including advertising cookies, as described in Section 6 above.
- Your CCPA Rights and Choices. As a California consumer and subject to certain limitations under the CCPA, you have choices regarding our use and disclosure of your personal information:
- Exercising the right to know. You may request, up to twice in a 12-month period, the following information about the personal information we have collected about you during the past 12 months:
- the categories and specific pieces of personal information we have collected about you.
- the business or commercial purpose for which we collected the personal information.
- the categories and specific pieces of personal information we have collected about you.
- the categories of personal information about you that we disclosed for a business purpose, and the categories of third parties to whom we disclosed that information for a business purpose.
- Exercising the right to delete. You may request that we delete the personal information we have collected from you, subject to certain limitations under applicable law.
- Exercising the right to opt-out from a sale. You may request to opt out of any “sale” of your personal information that may take place. As described in Advertising, we do not use, share, rent or sell the Personal Data of our Users’ Customers for interest-based advertising. We do not sell or rent the Personal Data of our Users, their Customers or our Site visitors.
- Non-discrimination. The CCPA provides that you may not be discriminated against for exercising these rights.
- Exercising the right to know. You may request, up to twice in a 12-month period, the following information about the personal information we have collected about you during the past 12 months:
- Residents of the European Economic Area (EEA), the UK and Switzerland. The entity responsible for the collection and processing of Personal Data for residents of the EEA, the UK and Switzerland is reTravel Technologies Ltd., a company incorporated in Israel. To exercise your rights, the Data Protection Officer may be contacted via [email protected]
To submit a request to exercise any of the rights described above, you may contact Retravel at [email protected]