Introduction
CruiseFly Travel ((link unavailable)) is committed to protecting the privacy and security of personal data of our customers, employees, and partners. This General Data Protection Regulation (GDPR) compliance policy outlines how we collect, process, and protect personal data in accordance with the European Union's GDPR.
Scope
This policy applies to all personal data collected and processed by CruiseFly Travel, including but not limited to:
-
Customer information (name, email, phone number, address, etc.)
-
Employee information (name, email, phone number, address, etc.)
-
Partner information (name, email, phone number, address, etc.)
-
Website usage data (IP addresses, cookies, browsing history, etc.)
Data Protection Principles
-
Lawfulness, Fairness, and Transparency: We will only collect and process personal data for specified, explicit, and legitimate purposes.
-
Data Minimization: We will only collect and process the minimum amount of personal data necessary for our purposes.
-
Accuracy: We will ensure that personal data is accurate and up-to-date.
-
Storage Limitation: We will only store personal data for as long as necessary for our purposes.
-
Integrity and Confidentiality: We will protect personal data from unauthorized access, disclosure, or destruction.
-
Accountability: We will be accountable for our data protection practices.
Data Subject Rights
-
Right to Access: Individuals have the right to access their personal data.
-
Right to Rectification: Individuals have the right to correct inaccurate personal data.
-
Right to Erasure: Individuals have the right to request deletion of their personal data.
-
Right to Restriction of Processing: Individuals have the right to restrict processing of their personal data.
-
Right to Data Portability: Individuals have the right to transfer their personal data to another controller.
-
Right to Object: Individuals have the right to object to processing of their personal data.
Data Breach Notification
In the event of a data breach, we will notify the relevant supervisory authority and affected individuals within 72 hours.
Data Protection Officer
We have appointed a Data Protection Officer (DPO) to oversee our data protection practices. The DPO can be contacted at dpo@cruiseflytravel.com.
Cookies and Website Usage
We use cookies to enhance user experience and track website usage. By using our website, you consent to our use of cookies.
Third-Party Processing
We may share personal data with third-party processors, who will be subject to contractual obligations to protect personal data.
International Data Transfers
We will ensure that personal data is transferred securely and in accordance with GDPR requirements.
Compliance
We will regularly review and update this policy to ensure compliance with GDPR.
Contact
Effective Date: September 12, 2024
Please note that this is a general template and should be reviewed and customized according to your company's specific needs and practices.