Privacy policy
Effective date: February 2020
1. WHO WE ARE
When used in this Privacy Policy:
“Triptease”, “us” and “we” refers to Triptease Ltd, Triptease Inc. and Triptease Pte Ltd, collectively the “Triptease Group”.
“Services” include without limitation Triptease’s Direct Booking Platform and its on-site technology, applications and services (including events and content), in each case in whatever format they may be offered now or in the future.
“Websites” means Triptease’s websites (including without limitation www.triptease.com, app.triptease.io, www.directbookingsummit.com and any successor URLs, mobile or localized versions and related domains and subdomains).
“Offerings” means both the Websites and Services.
“Personal data”, or “personal information”, means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data).
2. INTRODUCTION
If you are a visitor to a Triptease Website or a customer of a Triptease Service, then except as expressly set forth below, this Privacy Policy applies to your use of such Website or Service.
If you are a visitor to a third-party website (“Third-Party Property”) that utilizes any Triptease analytics, targeted messages or chat services, then any information you submit to such Third-Party Property (including via the Triptease product) is collected under the privacy policy of the owner of such Third-Party Property, and you should contact such owner with any related requests or inquiries you may have. If you have any inquiries specifically directed towards Triptease, please email us at data-privacy@triptease.com.
At Triptease we respect the privacy rights of our users and recognize the importance of protecting the personal information we collect about you. Our Privacy Policy is designed to help you understand what information we collect and how we use and share that information. This Privacy Policy applies to our Websites and Services.
If you have any questions about your personal information email us at data-privacy@triptease.com, or write to us at Triptease, 3rd Floor, 33 Broadwick Street, London, W1F 0DQ.
We’re registered with the Information Commissioner’s Office under number ZA377297.
3. GENERAL TERMS
Purpose of this Privacy Policy
This Privacy Policy aims to give you information on how Triptease collects and processes your personal data through your use of the Offerings, including any data you may provide through the Websites or in person. The Websites are not intended for children and we do not knowingly collect data relating to children. It is important that you read this Privacy Policy together with any other Privacy Policy or fair processing notice we may provide on specific occasions when we are collecting or processing personal data about you so that you are fully aware of how and why we are using your data. This Privacy Policy supplements the other notices and is not intended to override them.
Third-party links
The Websites may include links to third-party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements. When you leave our website, we encourage you to read the Privacy Policy of every website you visit.
4. THE INFORMATION WE COLLECT
We may collect, use, store and transfer different kinds of personal data about you which we have grouped together follows:
A. Information related to your interaction with Triptease and the Offerings
Registration and contact information. We collect information about you when you (a) register to use the Services and (b) otherwise provide contact information to us via email, mail or through our Offerings. This information you provide may include without limitation your username, first and last name, job title, email address, mailing address or phone number.
Payment information. When you purchase the Services, we will also collect transaction information, which may include without limitation your credit card information, billing and mailing address, and other payment-related information (“Payment Information”). We describe how Payment Information may be collected and processed in Section 7.
Technical, usage and location information. We automatically collect information on how you interact with the Offerings, such as IP address from which you accessed the Websites, date and time, information about your browser, operating system and computer or device, pages viewed and items clicked. We may also collect location information, including location information automatically provided by your computer or device. We use cookies and similar technologies to collect some of this information.
Third party platforms. We may collect information when you interact with our advertisement and other content on third-party sites or platforms, such as social networking sites. This may include information gathered from social networking profiles (such as Linkedin based outside the EU) or the fact that you viewed or interacted with our content.
Marketing and Communications information. We collect your preferences in receiving marketing from us and our third parties and your communication preferences.
We also collect, use and share aggregated data such as statistical or demographic data for any purpose. Aggregated data may be derived from your personal data but is not considered personal data in law as this data does not directly or indirectly reveal your identity. For example, we may aggregate your Usage Data to calculate the percentage of users accessing a specific website feature. However, if we combine or connect aggregated data with your personal data so that it can directly or indirectly identify you, we treat the combined data as personal data which will be used in accordance with this Privacy Policy.
We do not collect any Special Categories of personal data about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic and biometric data). Nor do we collect any information about criminal convictions and offences.
Where we need to collect personal data by law, or under the terms of a contract we have with you and you fail to provide that data when requested, we may not be able to perform the contract we have or are trying to enter into with you (for example, to provide you with goods or services). In this case, we may have to cancel a product or service you have with us but we will notify you if this is the case at the time.
5. HOW WE USE THE INFORMATION WE COLLECT
Under data protection law, we can only use your personal data if we have a proper reason for doing so. In order to use your personal data, we rely on the following legal bases:
Where it is necessary to perform a contract we are about to enter into or have entered into with you;
Where it is necessary to enable us to comply with our legal obligations;
Where you have provided your consent; and/or
Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests as described further below.
We use your information in the following ways:
To provide, maintain and improve the Offerings and our other products and services, including to operate certain features and functionality of the Offerings;
To process your inquiries and otherwise deliver customer service;
To process your payments, we share and use Payment Information as described in Section 7 (Payment Information);
To control unauthorized use or abuse of the Offerings and our other products and services, or otherwise detect, investigate or prevent activities that may violate our policies or be illegal;
To analyze, administer or optimize the use and performance of the Offerings, monitor usage or traffic patterns (including to track users’ movements around the Offerings) and gather demographic information about our user base as a whole;
To communicate directly with you regarding changes to the contract, to the T&Cs and to this policy; and
To communicate directly with you, including by sending you newsletters, promotions and special offers or information about new products, services and events. Your opt-out options for promotional communications are described in the following paragraph “Marketing & promotional communication”.
Marketing & promotional communication
Our promotional communications are split in the following categories:
Newsletter: updates from the blog (industry news and insights, and tips to boost your direct bookings) plus highlights from the below categories
Product updates: recent updates and enhancements of the Triptease platform
Events: information about the Direct Booking Summit, our main event series, plus upcoming events or webinars where you can meet us or hear from us
These communications may be sent via email, in-app messages or direct mail. You can opt out at any time and adjust your preferences as described in Section 9.
6. SHARING THE INFORMATION WITH THIRD PARTIES
We do not sell, trade, share or transfer your personal information to third parties except in the following limited circumstances:
We may share your personal information with third-party service providers to permit such parties to provide services that help us with our business activities, which may include assisting us with marketing, advertising our product/service offerings, or providing, maintaining and improving the features and functionality of the Offerings, among other things. For example, we may provide personal information to our service providers for direct emailing of our newsletter or notification of our product/service offerings;
We may share your personal information when we have a good faith belief that access, use, preservation or disclosure of such information is reasonably necessary to (a) satisfy any applicable law, regulation, legal process or enforceable governmental request, (b) enforce a Customer Agreement, including investigation of potential violations thereof, or (c) protect against imminent harm to our rights, property or safety, or that of our users or the public as required or permitted by law;
We may share your personal information with third parties (including our service providers and government entities) to detect, prevent, or otherwise address fraud or security or technical issues;
We may share your personal information with our business partners who offer a service to you jointly with us, for example when running a cross-promotion;
We may share your Payment Information to process your payments, as further described in Section 7 (Payment Information);
We may share and/or transfer your personal information if we become involved in a merger, acquisition, bankruptcy, or any form of sale of some or all of our assets;
We may share information with third-party analytics services to help understand your usage of our services; and
We may share your personal information to a third party if we have your consent to do so.
We may also share aggregated or anonymised information with third parties for other purposes. Such information does not identify you individually but may include usage, viewing and technical information such as the types of Offering our customers and users generally use, the configuration of their computers, and performance metrics related to the use of Offerings which we collect throughout our technology. If we require under applicable law to treat such information as personal information, then we will only disclose it as described above. Otherwise we may disclose such information for any reason.
7. INFORMATION RETENTION
We will not retain your personal data for longer than necessary for the purposes set out in this Policy. We will not retain your personal data for longer than necessary for the purposes set out in this policy. Different retention periods apply for different types of personal data. Further details on this are available on request using the contact details set out in Section 16 below.
8. PAYMENT INFORMATION
When you make payment of a Triptease Group invoice by credit card, any credit card information you provide as part of your Payment Information is processed directly by our payment processor Go Cardless and Stripe. We never store your full credit card information. Go Cardless and Stripe commit to complying with the Payment Card Industry Data Security Standard (PCI-DSS) and using industry standard security. Go Cardless and Stripe may use your Payment Information in accordance with their own privacy policy.
As part of our Offerings, we allow clients to take payment information through the Convert Chat feature. We use a third party service, PCI-Booking, to perform this service, for more information about their use of data, please consult their privacy policy.
9. OTHER ACCESS TO DISCLOSURE OF YOUR INFORMATION
The Offerings may also contain links to third party websites. This Privacy Policy applies solely to information collected by us. Even if the third party is affiliated with us through a business partnership or otherwise, we are not responsible for the privacy practices of such third party. We encourage you to familiarise yourself with the privacy policies of such third parties to determine how they handle any information they separately collect from you. Please be aware that we do not warn you when you choose to click through to another website when using the Offerings.
10. YOUR CONTROL AND CHOICES
Communication preferences. If you no longer wish to receive our newsletter and the promotional communications described in Section 5, you may opt-out of receiving them by following the instructions included on such communications (by heading to the Preference Centre) or on the Offerings. Please note, however, that you may be unable to opt-out of certain service-related communications.
Blocking cookies. You can remove or block certain cookies using the settings in your browser but the Offerings may cease to function properly if you do so. For more information about our use of cookies please see our Cookie Policy.
How we respond to do not track signals. Your web browser may have a “do not track” setting which, when enables, causes your browser to send a do not track HTTP header file or “signal” to each site you visit. At present, the Offering do not respond to this type of signal.
11. YOUR RIGHTS
By law, you have a number of rights when it comes to your personal data. Further information and advice about your rights can be obtained from the data protection regulator in your country.
Rights
What does this mean?
The right to be informed
You have the right to be provided with clear, transparent and easily understandable information about how we use your information and your rights. This is why we’re providing you with the information in this Privacy Policy.
The right of access
You have the right to obtain access to your information (if we’re processing it), and certain other information (similar to that provided in this Privacy Policy). This is so you’re aware and can check that we’re using your information in accordance with data protection law.
The right to rectification
You are entitled to have your information corrected if it’s inaccurate or incomplete.
The right to erasure
This is also known as ‘the right to be forgotten’ and, in simple terms, enables you to request the deletion or removal of your information where there’s no compelling reason for us to keep using it. This is not a general right to erasure; there are exceptions.
The right to restrict processing
You have rights to ‘block’ or suppress further use of your information. When processing is restricted, we can still store your information, but may not use it further. We keep lists of people who have asked for further use of their information to be ‘blocked’ to make sure the restriction is respected in future.
The right to data portability
You have rights to obtain and reuse your personal data for your own purposes across different services. For example, if you decide to switch to a new provider, this enables you to move, copy or transfer your information easily between our IT systems and theirs safely and securely, without affecting its usability.
The right to object to processing
You have the right to object to certain types of processing, including processing based on our legitimate interests and processing for direct marketing (i.e. if you no longer want to be contacted with potential opportunities).
The right to lodge a complaint
You have the right to lodge a complaint about the way we handle or process your personal data with your national data protection regulator.
The right to withdraw consent
If you have given your consent to anything we do with your personal data, you have the right to withdraw your consent at any time (although if you do so, it does not mean that anything we have done with your personal data with your consent up to that point is unlawful). This includes your right to withdraw consent to us using your personal data for marketing purposes.
To exercise any of the rights above, or to ask a question, contact us at data-privacy@triptease.com. We’ll respond as soon as we can. Generally, this will be within one month from when we receive your request but, if the request is going to take longer to deal with, we’ll come back to you and let you know.
We usually act on requests and provide information free of charge, but may charge a reasonable fee to cover our administrative costs of providing the information for:
baseless or excessive/repeated requests, or
further copies of the same information.
Alternatively, the law may allow us to refuse to act on the request.
12. CHANGES TO THE PRIVACY POLICY
We reserve the right to change our Privacy Policy at any time. If we make changes, we will post them and will indicate on this page the policy’s new effective date and where applicable we will notify you by email or through notice on the Offerings.
13. CHILDREN UNDER THE AGE OF 13
The Offerings are not intended for use by anyone under the age of 13, nor does Triptease knowingly collect or solicit personal information from anyone under the age of 13. If you are under 13, you may not attempt to register for the Offerings or send any information about yourself to us, including your name, address, telephone number, or email address. In the event that we confirm that we have collected personal information from someone under the age of 13 without verification of parental consent, we will delete that information promptly. If you are a parent or legal guardian of a child under 13 and believe that we might have any information from or about such a child, please contact us at the email or mailing address provided at the end of this Privacy Policy.
14. CALIFORNIA PRIVACY RIGHTS AND DISCLOSURES
California Shine the Light Law. If you are a California resident and we disclose your personally identifiable information to third parties for such third parties’ direct marketing purposes, California’s Shine the Light Law (CA Civil Code Section 1798.83) allows you to request certain information from us about such disclosures. To make a request under the Shine the Light Law, please contact us at data-privacy@triptease.com. Please note that under California law, businesses are not required to respond to such requests more than once during any calendar year.
California Minors. At any time, you can delete or remove your posts using the same deletion or removal procedures described in Section 11 above, or otherwise through the Offerings. If you have questions about how to remove your posts or if you would like additional assistance with deletion you can contact our support team at data-privacy@triptease.com. Although we offer deletion capability for our Offerings, you should be aware that the removal of posts may not ensure complete or comprehensive removal of that content or information posted through the Offerings.
The California Consumer Privacy Act (CCPA). Triptease is not a business, as defined by the CCPA, to which the law applies. If you are a California resident and have concerns about how your personal data may be processed, please contact our data support team at data-privacy@triptease.com. Triptease serves as a service provider, as defined by the CCPA, to businesses to which the CCPA applies. Such business can refer to our Data Processing Agreement for information about compliance with the CCPA, or contact our data support team at data-privacy@triptease.com.
15. SECURITY
The security of your personal information is important to us. We maintain a variety of appropriate technical and organizational safeguards to protect your personal information. We limit access to personal information about you to employees who we believe reasonably need to come into contact with that information to provide products or services to you or in order to do their jobs. Further, we have implemented reasonable physical, electronic, and procedural safeguards designed to protect personal information about you. When you enter sensitive information (such as your password), we encrypt that information in transit using industry-standard Transport Layer Security (TLS) encryption technology. No method of transmission over the Internet, method of electronic storage or other security methods are one hundred percent secure. Therefore, while we strive to use reasonable efforts to protect your personal information, we cannot guarantee its absolute security.
16. INTERNATIONAL TRANSFER OF DATA
Where possible, we try to only process your information within the UK and European Economic Area (“EEA”). If we or our service providers transfer personal data outside of the UK or EEA, we always require that appropriate safeguards are in place to protect the information when it is processed. You can obtain a copy of the safeguards in place for such transfers by contacting us using the details set out in Section 16 of this Privacy Policy.
17. CONTACT US ABOUT THIS PRIVACY POLICY
If you have questions or need to contact us about this Privacy Policy, please email us at data-privacy@triptease.com. Effective date: February 2020