Family owned & run since 1920

Contiki Covid-19 Privacy Notice

Last updated: September 8 2020
This Privacy Notice supplements our standard Privacy Notice and should be read in conjunction with that Notice.  This Privacy Notice gives specific details about how we will deal with personal information in light of Covid-19.  
 
Due to the current public health situation, Contiki US Holdings, Inc. (referred to as Contiki) may temporarily collect additional information from customers, including health or biometric information. In some countries, such information is considered as “sensitive” or “special categories of personal data”.
 
Contiki will always treat the information we collect from customers, in particular health and biometric information, with the highest standards of care and in line with all applicable legal requirements and guidelines from public authorities. Contiki  comply with the EU General Data Protection Regulation 2016/679 (GDPR), the UK Data Protection Act 2018 and all amendments, any other legislation relating to personal data and all other local or national legislation and regulatory requirements in force from time to time which apply to us relating to the use of your personal data.
 
The purpose of this specific privacy notice is to inform our customers of what personal data Contiki collects, for which purposes and under which legal grounds we may process it during the SARS-CoV-2 pandemic.
 
Who are we?
Contiki is a company registered in Delaware under the registration number 330072021. Our registered address is 5551 Katella Ave. Cypress, CA, 90630.
All references to Contiki, 'we', 'us', 'our' are references to Contiki, its group, subsidiaries and sister companies. If you have any questions or concerns about this privacy notice, or Contiki ’s personal data policies or practices, please contact us either by e-mail to  info@contiki.com, telephone on (866) 266-8454, or by post to 5551 Katella Ave. Cypress, CA, 90630.
We are the Data Controller for the purposes of the matters detailed in this Privacy Notice.
 
What personal data do we collect?

Depending on the situation, we may collect the following information:

  • Your name and contact details.
  • Where you have accepted to take rapid SARS-CoV-2 medical testing, the date and time of the test. If it is negative, we will not record the result of the test, which will only be processed by a qualified health professional in accordance with local regulations. If the result is positive and results in us being unable to continue to provide you with our services, we will retain the information for as long as is necessary to demonstrate that our withdrawal of services was reasonable.
  • Where authorised by local regulations or where you agree, we may collect your temperature before giving you access to our services/premises or to a public area. On such occasions we do not record this information, which is deleted immediately, unless the readings are not within acceptable levels in which case we may refuse access and we may retain the data in order to demonstrate that our refusal of access was reasonable.
  • If you have agreed to the use of facial recognition, we may collect your biometric information to access certain areas. We will always offer an alternative, such as badges, to the use of facial recognition. Our facial recognition features are not implemented on our CCTV systems, and will always be offered as a separate system.
  • When you have accepted or where required by local regulations, we may collect your name, contact details, date, time and location of your presence in the premises we manage for contact tracing purposes. If you notify us that you have been tested positive, we will not record this information, but only the date, time and location of the risk in order for us be able to notify the relevant customers that may have been exposed, unless otherwise required by law.
  • Your information regarding pre-existing health conditions, when you choose to share this information with us. We will only record the existence of such pre-existing health condition, and no detail on your health condition itself. Any detailed information will be processed through a qualified health professional in accordance to local regulations.
  • Your medical insurance information, as required by tourism and travel regulations.
Why do we collect personal data?
Depending on the situation, we collect and process your personal data for the

Following purposes:

  • To offer to our customers, on a voluntary basis, rapid SARS-CoV-2 medical tests;
  • To check body temperature prior to giving access to public areas and our premises, to protect the health and safety of our customers, staff, contractors and suppliers;
  • To offer to our customers, on a voluntary basis, an alternative contact-less authentication method, such as facial recognition;
  • To record attendance in certain premises we manage, in order to notify our customers if they have been exposed to a risk and to recommend to self-isolate;
  • If you choose to share such information with us, to record if you have a particular risk to your health so we can take any additional measure appropriate to ensure your safety;
  • To record your medical insurance information as required by health regulations.
 
What are our legal grounds to collect and process your personal data?
We rely on the following legal bases to collect and process your personal data:
Your explicit consent.;
  • To perform the contract you have with us;
  • To comply with a legal obligation: when we are required to collect and process your information because we have a legal requirement to do so in some jurisdictions;
  • To protect your vital interest: when required by the circumstances, we may process your data to protect your vital interests or the vital interests of other individuals;
  • Our legitimate interests: we may process your data because it is our legitimate interests to do so, or the legitimate interests of others.
 
Special category data
Depending on the circumstances, we rely on the following legal bases to collect and process your health and information:
  • Your explicit consent;
  • To comply with a legal obligation: when we are required to collect and process your information because we have a legal requirement to do so in some jurisdictions, in particular to protect and safeguard public health;
  • To protect your vital interests, when you are not legally or physically able to give consent.
 
Who are we sharing your personal data with?
We will not share data with third parties other than as documented in our regular privacy notice. However, in some circumstances, your data may be shared with:
  • Public authorities, in particular health authorities, if we have a legal obligation to do so;
  • Our providers, including qualified health professionals in line with local regulations.
 
We will not share your data outside of the European Economic Area (EEA) except when:
  • It is necessary to perform your contract with us (for instance, because you are travelling outside the EEA);
  • We have the legal obligation to do so.
 
How long do we keep your data for?
We will endeavour to record your personal data, especially your health data, only for the time strictly necessary for the purposes set out in this privacy notice. This includes the following periods:
  • For the time of your tour or travel;
  • 15 days to one month after your visit to our premises, unless a longer period is required by law;
  • For as long as necessary to comply with our legal obligations, contractual requirements or the establishment, exercise or defence of legal claims;
 
We will delete/destroy your personal data immediately after the relevant retention period above is reached.
 
How do we protect your data?
We will always collect and process your data, in particular health and biometric information, with due care and we will keep this data separate from our other regular business processing activities.
 
The information you share with us under the scope of this Privacy Notice will be secured by additional technical and organisational measures and only staff required to see this information will be able to access it on a “need-to-know” basis.
 
Paper-based records will be kept securely in locked cabinets. Digital records will be kept in encrypted and separate databases or folders with strict access controls in place.
 
What are my rights and how do I exercise them?
You have the right to:
  • be informed of any data processing;
  • access to your personal data;
  • rectify your personal data;
  • erase your personal data, in some circumstances;
  • restrict processing of your personal data, in some applicable circumstances;
  • data portability, in applicable circumstances;
  • object to the processing of your personal data, in some circumstances;
  • to withdraw consent to the processing of your personal data, where applicable.
 
If you wish to exercise any of your rights, please contact us either 
by e-mail to  info@contiki.com, telephone on (866) 266-8454,or by post to 5551 Katella Ave. Cypress, CA, 90630.
 
You will not have to pay a fee to exercise any of your rights. However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances and we will explain the reasons in our response to you.
 
You also have the right to make a complaint at any time to the relevant supervisory authority, for example the Information Commissioner’s Office in the UK.
 
Further information about your rights is included in our standard Privacy Notice which this Notice supplements. 

Costsaver Covid-19 Privacy Notice

Last updated: October 07, 2020

 

Costsaver Covid-19 Privacy Notice

This Privacy Notice supplements our standard Privacy Notice and should be read in conjunction with that Notice.  This Privacy Notice gives specific details about how we will deal with personal information in light of Covid-19. 

Due to the current public health situation, Costsaver may temporarily collect additional information from customers, including health or biometric information. In some countries, such information is considered as “sensitive” or “special categories of personal data”.

Costsaver will always treat the information we collect from customers, in particular health and biometric information, with the highest standards of care and in line with all applicable legal requirements and guidelines from public authorities. Costsaver comply with the EU General Data Protection Regulation 2016/679 (GDPR), the UK Data Protection Act 2018 and all amendments, any other legislation relating to personal data and all other local or national legislation and regulatory requirements in force from time to time which apply to us relating to the use of your personal data.

The purpose of this specific privacy notice is to inform our customers of what personal data Costsaver collects, for which purposes and under which legal grounds we may process it during the SARS-CoV-2 pandemic.

 

Who are we?

TRAFALGAR TOURS OF CANADA LIMITED is a company registered in 33 Kern Road, Toronto, Ontario, CANADA M3B 1S9 under the registration number 0229915. Our registered address is 33 Kern Road, Toronto, Ontario, CANADA M3B 1S9. All references to Costsaver, 'we', 'us', 'our' are references to Trafalgar, its group, subsidiaries and sister companies. If you have any questions or concerns about this privacy notice, or Trafalgar’s personal data policies or practices, please contact us either by e-mail to privacy.officer@travcorp.ca, or by post to Attn: Privacy Officer, 33 Kern Road, Toronto, Ontario M3B 1S9.

We are the Data Controller for the purposes of the matters detailed in this Privacy Notice.

 

What personal data do we collect?

Depending on the situation, we may collect the following information:

  • Your name and contact details.
  • Where you have accepted to take rapid SARS-CoV-2 medical testing, the date and time of the test. If it is negative, we will not record the result of the test, which will only be processed by a qualified health professional in accordance with local regulations. If the result is positive and results in us being unable to continue to provide you with our services, we will retain the information for as long as is necessary to demonstrate that our withdrawal of services was reasonable.
  • Where authorized by local regulations or where you agree, we may collect your temperature before giving you access to our services/premises or to a public area. On such occasions we do not record this information, which is deleted immediately, unless the readings are not within acceptable levels in which case we may refuse access and we may retain the data in order to demonstrate that our refusal of access was reasonable.
  • If you have agreed to the use of facial recognition, we may collect your biometric information to access certain areas. We will always offer an alternative, such as badges, to the use of facial recognition. Our facial recognition features are not implemented on our CCTV systems, and will always be offered as a separate system.
  • When you have accepted or where required by local regulations, we may collect your name, contact details, date, time and location of your presence in the premises we manage for contact tracing purposes. If you notify us that you have been tested positive, we will not record this information, but only the date, time and location of the risk in order for us be able to notify the relevant customers that may have been exposed, unless otherwise required by law.
  • Your information regarding pre-existing health conditions, when you choose to share this information with us. We will only record the existence of such pre-existing health condition, and no detail on your health condition itself. Any detailed information will be processed through a qualified health professional in accordance to local regulations.
  • Your medical insurance information, as required by tourism and travel regulations.

 

Why do we collect personal data?

Depending on the situation, we collect and process your personal data for the

Following purposes:

  • To offer to our customers, on a voluntary basis, rapid SARS-CoV-2 medical tests;
  • To check body temperature prior to giving access to public areas and our premises, to protect the health and safety of our customers, staff, contractors and suppliers;
  • To offer to our customers, on a voluntary basis, an alternative contact-less authentication method, such as facial recognition;
  • To record attendance in certain premises we manage, in order to notify our customers if they have been exposed to a risk and to recommend to self-isolate;
  • If you choose to share such information with us, to record if you have a particular risk to your health so we can take any additional measure appropriate to ensure your safety;
  • To record your medical insurance information as required by health regulations.

 

What are our legal grounds to collect and process your personal data?

We rely on the following legal bases to collect and process your personal data:

  • Your explicit consent.;
  • To perform the contract you have with us;
  • To comply with a legal obligation: when we are required to collect and process your information because we have a legal requirement to do so in some jurisdictions;
  • To protect your vital interest: when required by the circumstances, we may process your data to protect your vital interests or the vital interests of other individuals;
  • Our legitimate interests: we may process your data because it is our legitimate interests to do so, or the legitimate interests of others.

 

Special category data

Depending on the circumstances, we rely on the following legal bases to collect and process your health and biometric data:

  • Your explicit consent;
  • To comply with a legal obligation: when we are required to collect and process your information because we have a legal requirement to do so in some jurisdictions, in particular to protect and safeguard public health;
  • To protect your vital interests, when you are not legally or physically able to give consent.

 

Who are we sharing your personal data with?

We will not share data with third parties other than as documented in our regular privacy notice. However, in some circumstances, your data may be shared with:

  • Public authorities, in particular health authorities, if we have a legal obligation to do so;
  • Our providers, including qualified health professionals in line with local regulations, and our biometric solutions providers.

We will not share your data outside of the European Economic Area (EEA) except when:

  • It is necessary to perform your contract with us (for instance, because you are travelling outside the EEA);
  • We have the legal obligation to do so.

 

How long do we keep your data for?

We will endeavour to record your personal data, especially your health data, only for the time strictly necessary for the purposes set out in this privacy notice. This includes the following periods:

  • For the time of your tour or travel;
  • 15 days to one month after your visit to our premises, unless a longer period is required by law;
  • For as long as necessary to comply with our legal obligations, contractual requirements or the establishment, exercise or defence of legal claims;
  • We will delete/destroy your personal data immediately after the relevant retention period above is reached.

 

How do we protect your data?

We will always collect and process your data, in particular health and biometric information, with due care and we will keep this data separate from our other regular business processing activities.

The information you share with us under the scope of this Privacy Notice will be secured by additional technical and organisational measures and only staff required to see this information will be able to access it on a “need-to-know” basis.

Paper-based records will be kept securely in locked cabinets. Digital records will be kept in encrypted and separate databases or folders with strict access controls in place.

 

What are my rights and how do I exercise them?

You have the right to:

  • be informed of any data processing;
  • access to your personal data;
  • rectify your personal data;
  • erase your personal data, in some circumstances;
  • restrict processing of your personal data, in some applicable circumstances;
  • data portability, in applicable circumstances;
  • object to the processing of your personal data, in some circumstances;
  • to withdraw consent to the processing of your personal data, where applicable.

If you wish to exercise any of your rights, please contact us either by e-mail to privacy.officer@travcorp.ca, or by post to Attn: Privacy Officer, 33 Kern Road, Toronto, Ontario M3B 1S9.

You will not have to pay a fee to exercise any of your rights. However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances and we will explain the reasons in our response to you.

You also have the right to make a complaint at any time to the relevant supervisory authority, for example the Information Commissioner’s Office in the UK.

Further information about your rights is included in our standard Privacy Notice which this Notice supplements.

Insight Vacations Covid-19 Privacy Notice

Last updated: 7 October 2020

 

Insight Vacations Covid-19 Privacy Notice

This Privacy Notice supplements our standard Privacy Notice and should be read in conjunction with that Notice. This Privacy Notice gives specific details about how we will deal with personal information in light of Covid-19.

Due to the current public health situation, Insight Vacations may temporarily collect additional information from customers, including health or biometric information. In some countries, such information is considered as “sensitive” or “special categories of personal data”.

Insight Vacations will always treat the information we collect from customers, in particular health and biometric information, with the highest standards of care and in line with all applicable legal requirements and guidelines from public authorities. Insight Vacations comply with the EU General Data Protection Regulation 2016/679 (GDPR), the UK Data Protection Act 2018 and all amendments, any other legislation relating to personal data and all other local or national legislation and regulatory requirements in force from time to time which apply to us relating to the use of your personal data.

The purpose of this specific privacy notice is to inform our customers of what personal data Insight Vacations collects, for which purposes and under which legal grounds we may process it during the SARS-CoV-2 pandemic.

 

WHO ARE WE?

Insight Vacations, Inc. is incorporated under the laws of Ontario, Canada. Our incorporation number is 0492198 and our incorporation address or registered office is 33 Kern Road, Toronto, Ontario, CANADA M3B 1S9. We are a member of TICO (Wholesale Registration # 1873715, Retail Registration # 50015871), ACTA, and CATO.. All references to Insight Vacations, 'we', 'us', 'our' are references to Insight Vacations (Canada) LTD., its group, subsidiaries and sister companies. If you have any questions or concerns about this privacy notice, or Insight Vacations’ personal data policies or practices, please contact us either by e-mail to compliance@ttc.com, or by post to 33 Kern Road, Toronto, Ontario, CANADA M3B 1S9.

 

WHAT ARE MY RIGHTS AND HOW DO I EXERCISE THEM?

If you wish to exercise any of your rights, please contact us either by e-mail to compliance@ttc.com, or by post to 33 Kern Road, Toronto, Ontario, CANADA M3B 1S0.

 

WHAT PERSONAL DATA DO WE COLLECT?

Depending on the situation, we may collect the following information:

  1. Your name and contact details.
  2. Where you have accepted to take rapid SARS-CoV-2 medical testing, the date and time of the test. If it is negative, we will not record the result of the test, which will only be processed by a qualified health professional in accordance with local regulations. If the result is positive and results in us being unable to continue to provide you with our services, we will retain the information for as long as is necessary to demonstrate that our withdrawal of services was reasonable.
  3. Where authorised by local regulations or where you agree, we may collect your temperature before giving you access to our services/premises or to a public area. On such occasions we do not record this information, which is deleted immediately, unless the readings are not within acceptable levels in which case we may refuse access and we may retain the data in order to demonstrate that our refusal of access was reasonable.
  4. If you have agreed to the use of facial recognition, we may collect your biometric information to access certain areas. We will always offer an alternative, such as badges, to the use of facial recognition. Our facial recognition features are not implemented on our CCTV systems, and will always be offered as a separate system.
  5. When you have accepted or where required by local regulations, we may collect your name, contact details, date, time and location of your presence in the premises we manage for contact tracing purposes. If you notify us that you have been tested positive, we will not record this information, but only the date, time and location of the risk in order for us be able to notify the relevant customers that may have been exposed, unless otherwise required by law.
  6. Your information regarding pre-existing health conditions, when you choose to share this information with us. We will only record the existence of such pre-existing health condition, and no detail on your health condition itself. Any detailed information will be processed through a qualified health professional in accordance to local regulations.
  7. Your medical insurance information, as required by tourism and travel regulations.

 

WHY DO WE COLLECT PERSONAL DATA?

Depending on the situation, we collect and process your personal data for the Following purposes:

  1. To offer to our customers, on a voluntary basis, rapid SARS-CoV-2 medical tests;
  2. To check body temperature prior to giving access to public areas and our premises, to protect the health and safety of our customers, staff, contractors and suppliers;
  3. To offer to our customers, on a voluntary basis, an alternative contact-less authentication method, such as facial recognition;
  4. To record attendance in certain premises we manage, in order to notify our customers if they have been exposed to a risk and to recommend to self-isolate;
  5. If you choose to share such information with us, to record if you have a particular risk to your health so we can take any additional measure appropriate to ensure your safety;
  6. To record your medical insurance information as required by health regulations.

 

WHAT ARE OUR LEGAL GROUNDS TO COLLECT AND PROCESS YOUR PERSONAL DATA?

We rely on the following legal bases to collect and process your personal data:

  1. Your explicit consent.;
  2. To perform the contract you have with us;
  3. To comply with a legal obligation: when we are required to collect and process your information because we have a legal requirement to do so in some jurisdictions;
  4. To protect your vital interest: when required by the circumstances, we may process your data to protect your vital interests or the vital interests of other individuals;
  5. Our legitimate interests: we may process your data because it is our legitimate interests to do so, or the legitimate interests of others.

 

SPECIAL CATEGORY DATA

Depending on the circumstances, we rely on the following legal bases to collect and process your health and biometric data:

  1. Your explicit consent;
  2. To comply with a legal obligation: when we are required to collect and process your information because we have a legal requirement to do so in some jurisdictions, in particular to protect and safeguard public health;
  3. To protect your vital interests, when you are not legally or physically able to give consent.

 

WHO ARE WE SHARING YOUR PERSONAL DATA WITH?

We will not share data with third parties other than as documented in our regular privacy notice. However, in some circumstances, your data may be shared with:

  1. Public authorities, in particular health authorities, if we have a legal obligation to do so;
  2. Our providers, including qualified health professionals in line with local regulations, and our biometric solutions providers.

We will not share your data outside of the European Economic Area (EEA) except when:

  1. It is necessary to perform your contract with us (for instance, because you are travelling outside the EEA);
  2. We have the legal obligation to do so.

 

HOW LONG DO WE KEEP YOUR DATA FOR?

We will endeavour to record your personal data, especially your health data, only for the time strictly necessary for the purposes set out in this privacy notice. This includes the following periods:

  1. For the time of your tour or travel;
  2. 15 days to one month after your visit to our premises, unless a longer period is required by law;
  3. For as long as necessary to comply with our legal obligations, contractual requirements or the establishment, exercise or defence of legal claims;

We will delete/destroy your personal data immediately after the relevant retention period above is reached.

 

HOW DO WE PROTECT YOUR DATA?

We will always collect and process your data, in particular health and biometric information, with due care and we will keep this data separate from our other regular business processing activities.

The information you share with us under the scope of this Privacy Notice will be secured by additional technical and organisational measures and only staff required to see this information will be able to access it on a “need-to-know” basis.

Paper-based records will be kept securely in locked cabinets. Digital records will be kept in encrypted and separate databases or folders with strict access controls in place.

 

WHAT ARE MY RIGHTS AND HOW DO I EXERCISE THEM?

You have the right to:

  1. be informed of any data processing;
  2. access to your personal data;
  3. rectify your personal data;
  4. erase your personal data, in some circumstances;
  5. restrict processing of your personal data, in some applicable circumstances;
  6. data portability, in applicable circumstances;
  7. object to the processing of your personal data, in some circumstances;
  8. to withdraw consent to the processing of your personal data, where applicable.

 

If you wish to exercise any of your rights, please contact us either by e-mail to compliance@ttc.com, or by post to 33 Kern Road, Toronto, Ontario, CANADA M3B 1S0.

You will not have to pay a fee to exercise any of your rights. However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances and we will explain the reasons in our response to you.

You also have the right to make a complaint at any time to the relevant supervisory authority, for example the Information Commissioner’s Office in the UK.

Further information about your rights is included in our standard Privacy Notice which this Notice supplements.

Lion World Travel Covid-19 Privacy Notice

Last Updated: September 2020
This Privacy Notice supplements our standard Privacy Notice and should be read in conjunction with that Notice. This Privacy Notice gives specific details about how we will deal with personal information in light of Covid-19.
 
Due to the current public health situation, Lion World Travel may temporarily collect additional information from customers, including health or biometric information. In some countries, such information is considered as “sensitive” or “special categories of personal data”.
 
Lion World Travel will always treat the information we collect from customers, in particular health and biometric information, with the highest standards of care and in line with all applicable legal requirements and guidelines from public authorities. Lion World Travel comply with the EU General Data Protection Regulation 2016/679 (GDPR), the UK Data Protection Act 2018 and all amendments, any other legislation relating to personal data and all other local or national legislation and regulatory requirements in force from time to time which apply to us relating to the use of your personal data.
 
The purpose of this specific privacy notice is to inform our customers of what personal data Lion World Travel collects, for which purposes and under which legal grounds we may process it during the SARS-CoV-2 pandemic.
 
WHO ARE WE?
Lion World Travel Limited is a company registered in Ontario, Canada under the incorporation number is 449471. Our registered address is 33 Kern Road, Toronto, Ontario, CANADA M3B 1S9. All references to Lion World Travel Limited, 'we', 'us', 'our' are references to Lion World Travel, its group, subsidiaries and sister companies. If you have any questions or concerns about this privacy notice, or Lion World Travel’s personal data policies or practices, please contact us either by e-mail to privacy.officer@travcorp.ca, telephone on 1 (416) 322-8468, or by post to 33 Kern Road, Toronto, Ontario, CANADA M3B 1S9.
 
We are the Data Controller for the purposes of the matters detailed in this Privacy Notice.
 
WHAT PERSONAL DATA DO WE COLLECT?
Depending on the situation, we may collect the following information:
 
  • Your name and contact details.
  • Where you have accepted to take rapid SARS-CoV-2 medical testing, the date and time of the test. If it is negative, we will not record the result of the test, which will only be processed by a qualified health professional in accordance with local regulations. If the result is positive and results in us being unable to continue to provide you with our services, we will retain the information for as long as is necessary to demonstrate that our withdrawal of services was reasonable.
  • Where authorised by local regulations or where you agree, we may collect your temperature before giving you access to our services/premises or to a public area. On such occasions we do not record this information, which is deleted immediately, unless the readings are not within acceptable levels in which case we may refuse access and we may retain the data in order to demonstrate that our refusal of access was reasonable.
  • If you have agreed to the use of facial recognition, we may collect your biometric information to access certain areas. We will always offer an alternative, such as badges, to the use of facial recognition. Our facial recognition features are not implemented on our CCTV systems, and will always be offered as a separate system.
  • When you have accepted or where required by local regulations, we may collect your name, contact details, date, time and location of your presence in the premises we manage for contact tracing purposes. If you notify us that you have been tested positive, we will not record this information, but only the date, time and location of the risk in order for us be able to notify the relevant customers that may have been exposed, unless otherwise required by law.
  • Your information regarding pre-existing health conditions, when you choose to share this information with us. We will only record the existence of such pre-existing health condition, and no detail on your health condition itself. Any detailed information will be processed through a qualified health professional in accordance to local regulations.
  • Your medical insurance information, as required by tourism and travel regulations.
 
WHY DO WE COLLECT PERSONAL DATA?
Depending on the situation, we collect and process your personal data for the following purposes:
 
  • To offer to our customers, on a voluntary basis, rapid SARS-CoV-2 medical tests;
  • To check body temperature prior to giving access to public areas and our premises, to protect the health and safety of our customers, staff, contractors and suppliers;
  • To offer to our customers, on a voluntary basis, an alternative contact-less authentication method, such as facial recognition;
  • To record attendance in certain premises we manage, in order to notify our customers if they have been exposed to a risk and to recommend to self-isolate;
  • If you choose to share such information with us, to record if you have a particular risk to your health so we can take any additional measure appropriate to ensure your safety;
  • To record your medical insurance information as required by health regulations.
 
WHAT ARE OUR LEGAL GROUNDS TO COLLECT AND PROCESS YOUR PERSONAL DATA?
We rely on the following legal bases to collect and process your personal data:
 
  • Your explicit consent.;
  • To perform the contract you have with us;
  • To comply with a legal obligation: when we are required to collect and process your information because we have a legal requirement to do so in some jurisdictions;
  • To protect your vital interest: when required by the circumstances, we may process your data to protect your vital interests or the vital interests of other individuals;
  • Our legitimate interests: we may process your data because it is our legitimate interests to do so, or the legitimate interests of others.
 
SPECIAL CATEGORY DATA
Depending on the circumstances, we rely on the following legal bases to collect and process your health and information:
 
  • Your explicit consent;
  • To comply with a legal obligation: when we are required to collect and process your information because we have a legal requirement to do so in some jurisdictions, in particular to protect and safeguard public health;
  • To protect your vital interests, when you are not legally or physically able to give consent.
 
WHO ARE WE SHARING YOUR PERSONAL DATA WITH?
We will not share data with third parties other than as documented in our regular privacy notice. However, in some circumstances, your data may be shared with:
 
  • Public authorities, in particular health authorities, if we have a legal obligation to do so;
  • Our providers, including qualified health professionals in line with local regulations.
 
We will not share your data outside of the European Economic Area (EEA) except when:
  • It is necessary to perform your contract with us (for instance, because you are travelling outside the EEA);
  • We have the legal obligation to do so.
HOW LONG DO WE KEEP YOUR DATA FOR?
We will endeavour to record your personal data, especially your health data, only for the time strictly necessary for the purposes set out in this privacy notice. This includes the following periods:
  • For the time of your tour or travel;
  • 15 days to one month after your visit to our premises, unless a longer period is required by law;
  • For as long as necessary to comply with our legal obligations, contractual requirements or the establishment, exercise or defence of legal claims;
 
We will delete/destroy your personal data immediately after the relevant retention period above is reached.
 
HOW DO WE PROTECT YOUR DATA?
We will always collect and process your data, in particular health and biometric information, with due care and we will keep this data separate from our other regular business processing activities.
 
The information you share with us under the scope of this Privacy Notice will be secured by additional technical and organisational measures and only staff required to see this information will be able to access it on a “need-to-know” basis.
 
Paper-based records will be kept securely in locked cabinets. Digital records will be kept in encrypted and separate databases or folders with strict access controls in place.
 
WHAT ARE MY RIGHTS AND HOW DO I EXERCISE THEM?
You have the right to:
  • be informed of any data processing;
  • access to your personal data;
  • rectify your personal data;
  • erase your personal data, in some circumstances;
  • restrict processing of your personal data, in some applicable circumstances;
  • data portability, in applicable circumstances;
  • object to the processing of your personal data, in some circumstances;
  • to withdraw consent to the processing of your personal data, where applicable.
 
If you wish to exercise any of your rights, please contact us either by e-mail to privacy.officer@travcorp.ca, telephone on 1 (416) 322-8468, or by post to 33 Kern Road, Toronto, Ontario, CANADA M3B 1S9.
 
You will not have to pay a fee to exercise any of your rights. However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances and we will explain the reasons in our response to you.
 
You also have the right to make a complaint at any time to the relevant supervisory authority, for example the Information Commissioner’s Office in the UK.
 
Further information about your rights is included in our standard Privacy Notice which this Notice supplements.
 
This document, and all content of our websites is Copyright© 2019 LION WORLD TRAVEL LIMITED. ALL RIGHTS RESERVED.

Luxury Gold Covid-19 Privacy Notice

Last updated: 7 October 2020

 

Luxury Gold Covid-19 Privacy Notice

This Privacy Notice supplements our standard Privacy Notice and should be read in conjunction with that Notice. This Privacy Notice gives specific details about how we will deal with personal information in light of Covid-19.

Due to the current public health situation, Luxury Gold may temporarily collect additional information from customers, including health or biometric information. In some countries, such information is considered as “sensitive” or “special categories of personal data”.

Luxury Gold will always treat the information we collect from customers, in particular health and biometric information, with the highest standards of care and in line with all applicable legal requirements and guidelines from public authorities. Luxury Gold comply with the EU General Data Protection Regulation 2016/679 (GDPR), the UK Data Protection Act 2018 and all amendments, any other legislation relating to personal data and all other local or national legislation and regulatory requirements in force from time to time which apply to us relating to the use of your personal data.

The purpose of this specific privacy notice is to inform our customers of what personal data Luxury Gold collects, for which purposes and under which legal grounds we may process it during the SARS-CoV-2 pandemic.

 

WHO ARE WE?

Luxury Gold, Inc. is incorporated under the laws of Ontario, Canada. Our incorporation number is 0492198 and our incorporation address or registered office is 33 Kern Road, Toronto, Ontario, CANADA M3B 1S9. We are a member of TICO (Wholesale Registration # 1873715, Retail Registration # 50015871), ACTA, and CATO.. All references to Luxury Gold, 'we', 'us', 'our' are references to Insight Vacations (Canada) LTD., its group, subsidiaries and sister companies. If you have any questions or concerns about this privacy notice, or Luxury Gold’ personal data policies or practices, please contact us either by e-mail to compliance@ttc.com, or by post to 33 Kern Road, Toronto, Ontario, CANADA M3B 1S9.

 

WHAT ARE MY RIGHTS AND HOW DO I EXERCISE THEM?

If you wish to exercise any of your rights, please contact us either by e-mail to compliance@ttc.com, or by post to 33 Kern Road, Toronto, Ontario, CANADA M3B 1S0.

 

WHAT PERSONAL DATA DO WE COLLECT?

Depending on the situation, we may collect the following information:

  1. Your name and contact details.
  2. Where you have accepted to take rapid SARS-CoV-2 medical testing, the date and time of the test. If it is negative, we will not record the result of the test, which will only be processed by a qualified health professional in accordance with local regulations. If the result is positive and results in us being unable to continue to provide you with our services, we will retain the information for as long as is necessary to demonstrate that our withdrawal of services was reasonable.
  3. Where authorised by local regulations or where you agree, we may collect your temperature before giving you access to our services/premises or to a public area. On such occasions we do not record this information, which is deleted immediately, unless the readings are not within acceptable levels in which case we may refuse access and we may retain the data in order to demonstrate that our refusal of access was reasonable.
  4. If you have agreed to the use of facial recognition, we may collect your biometric information to access certain areas. We will always offer an alternative, such as badges, to the use of facial recognition. Our facial recognition features are not implemented on our CCTV systems, and will always be offered as a separate system.
  5. When you have accepted or where required by local regulations, we may collect your name, contact details, date, time and location of your presence in the premises we manage for contact tracing purposes. If you notify us that you have been tested positive, we will not record this information, but only the date, time and location of the risk in order for us be able to notify the relevant customers that may have been exposed, unless otherwise required by law.
  6. Your information regarding pre-existing health conditions, when you choose to share this information with us. We will only record the existence of such pre-existing health condition, and no detail on your health condition itself. Any detailed information will be processed through a qualified health professional in accordance to local regulations.
  7. Your medical insurance information, as required by tourism and travel regulations.

 

WHY DO WE COLLECT PERSONAL DATA?

Depending on the situation, we collect and process your personal data for the Following purposes:

  1. To offer to our customers, on a voluntary basis, rapid SARS-CoV-2 medical tests;
  2. To check body temperature prior to giving access to public areas and our premises, to protect the health and safety of our customers, staff, contractors and suppliers;
  3. To offer to our customers, on a voluntary basis, an alternative contact-less authentication method, such as facial recognition;
  4. To record attendance in certain premises we manage, in order to notify our customers if they have been exposed to a risk and to recommend to self-isolate;
  5. If you choose to share such information with us, to record if you have a particular risk to your health so we can take any additional measure appropriate to ensure your safety;
  6. To record your medical insurance information as required by health regulations.

 

WHAT ARE OUR LEGAL GROUNDS TO COLLECT AND PROCESS YOUR PERSONAL DATA?

We rely on the following legal bases to collect and process your personal data:

  1. Your explicit consent.;
  2. To perform the contract you have with us;
  3. To comply with a legal obligation: when we are required to collect and process your information because we have a legal requirement to do so in some jurisdictions;
  4. To protect your vital interest: when required by the circumstances, we may process your data to protect your vital interests or the vital interests of other individuals;
  5. Our legitimate interests: we may process your data because it is our legitimate interests to do so, or the legitimate interests of others.

 

SPECIAL CATEGORY DATA

Depending on the circumstances, we rely on the following legal bases to collect and process your health and biometric data:

  1. Your explicit consent;
  2. To comply with a legal obligation: when we are required to collect and process your information because we have a legal requirement to do so in some jurisdictions, in particular to protect and safeguard public health;
  3. To protect your vital interests, when you are not legally or physically able to give consent.

 

WHO ARE WE SHARING YOUR PERSONAL DATA WITH?

We will not share data with third parties other than as documented in our regular privacy notice. However, in some circumstances, your data may be shared with:

  1. Public authorities, in particular health authorities, if we have a legal obligation to do so;
  2. Our providers, including qualified health professionals in line with local regulations, and our biometric solutions providers.

We will not share your data outside of the European Economic Area (EEA) except when:

  1. It is necessary to perform your contract with us (for instance, because you are travelling outside the EEA);
  2. We have the legal obligation to do so.

 

HOW LONG DO WE KEEP YOUR DATA FOR?

We will endeavour to record your personal data, especially your health data, only for the time strictly necessary for the purposes set out in this privacy notice. This includes the following periods:

  1. For the time of your tour or travel;
  2. 15 days to one month after your visit to our premises, unless a longer period is required by law;
  3. For as long as necessary to comply with our legal obligations, contractual requirements or the establishment, exercise or defence of legal claims;

We will delete/destroy your personal data immediately after the relevant retention period above is reached.

 

HOW DO WE PROTECT YOUR DATA?

We will always collect and process your data, in particular health and biometric information, with due care and we will keep this data separate from our other regular business processing activities.

The information you share with us under the scope of this Privacy Notice will be secured by additional technical and organisational measures and only staff required to see this information will be able to access it on a “need-to-know” basis.

Paper-based records will be kept securely in locked cabinets. Digital records will be kept in encrypted and separate databases or folders with strict access controls in place.

 

WHAT ARE MY RIGHTS AND HOW DO I EXERCISE THEM?

You have the right to:

  1. be informed of any data processing;
  2. access to your personal data;
  3. rectify your personal data;
  4. erase your personal data, in some circumstances;
  5. restrict processing of your personal data, in some applicable circumstances;
  6. data portability, in applicable circumstances;
  7. object to the processing of your personal data, in some circumstances;
  8. to withdraw consent to the processing of your personal data, where applicable.

If you wish to exercise any of your rights, please contact us either by e-mail to compliance@ttc.com, or by post to 33 Kern Road, Toronto, Ontario, CANADA M3B 1S0.

You will not have to pay a fee to exercise any of your rights. However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances and we will explain the reasons in our response to you.

You also have the right to make a complaint at any time to the relevant supervisory authority, for example the Information Commissioner’s Office in the UK.

Further information about your rights is included in our standard Privacy Notice which this Notice supplements.

Trafalgar Covid-19 Privacy Notice

Last updated: October 07, 2020

 

Trafalgar Covid-19 Privacy Notice

This Privacy Notice supplements our standard Privacy Notice and should be read in conjunction with that Notice.  This Privacy Notice gives specific details about how we will deal with personal information in light of Covid-19. 

Due to the current public health situation, Trafalgar may temporarily collect additional information from customers, including health or biometric information. In some countries, such information is considered as “sensitive” or “special categories of personal data”.

Trafalgar will always treat the information we collect from customers, in particular health and biometric information, with the highest standards of care and in line with all applicable legal requirements and guidelines from public authorities. Trafalgar comply with the EU General Data Protection Regulation 2016/679 (GDPR), the UK Data Protection Act 2018 and all amendments, any other legislation relating to personal data and all other local or national legislation and regulatory requirements in force from time to time which apply to us relating to the use of your personal data.

The purpose of this specific privacy notice is to inform our customers of what personal data Trafalgar collects, for which purposes and under which legal grounds we may process it during the SARS-CoV-2 pandemic.

 

Who are we?

TRAFALGAR TOURS OF CANADA LIMITED is a company registered in 33 Kern Road, Toronto, Ontario, CANADA M3B 1S9 under the registration number 0229915. Our registered address is 33 Kern Road, Toronto, Ontario, CANADA M3B 1S9. All references to Trafalgar, 'we', 'us', 'our' are references to Trafalgar, its group, subsidiaries and sister companies. If you have any questions or concerns about this privacy notice, or Trafalgar’s personal data policies or practices, please contact us either by e-mail to privacy.officer@travcorp.ca, or by post to Attn: Privacy Officer, 33 Kern Road, Toronto, Ontario M3B 1S9.

We are the Data Controller for the purposes of the matters detailed in this Privacy Notice.

 

What personal data do we collect?

Depending on the situation, we may collect the following information:

  • Your name and contact details.
  • Where you have accepted to take rapid SARS-CoV-2 medical testing, the date and time of the test. If it is negative, we will not record the result of the test, which will only be processed by a qualified health professional in accordance with local regulations. If the result is positive and results in us being unable to continue to provide you with our services, we will retain the information for as long as is necessary to demonstrate that our withdrawal of services was reasonable.
  • Where authorized by local regulations or where you agree, we may collect your temperature before giving you access to our services/premises or to a public area. On such occasions we do not record this information, which is deleted immediately, unless the readings are not within acceptable levels in which case we may refuse access and we may retain the data in order to demonstrate that our refusal of access was reasonable.
  • If you have agreed to the use of facial recognition, we may collect your biometric information to access certain areas. We will always offer an alternative, such as badges, to the use of facial recognition. Our facial recognition features are not implemented on our CCTV systems, and will always be offered as a separate system.
  • When you have accepted or where required by local regulations, we may collect your name, contact details, date, time and location of your presence in the premises we manage for contact tracing purposes. If you notify us that you have been tested positive, we will not record this information, but only the date, time and location of the risk in order for us be able to notify the relevant customers that may have been exposed, unless otherwise required by law.
  • Your information regarding pre-existing health conditions, when you choose to share this information with us. We will only record the existence of such pre-existing health condition, and no detail on your health condition itself. Any detailed information will be processed through a qualified health professional in accordance to local regulations.
  • Your medical insurance information, as required by tourism and travel regulations.

 

Why do we collect personal data?

Depending on the situation, we collect and process your personal data for the

Following purposes:

  • To offer to our customers, on a voluntary basis, rapid SARS-CoV-2 medical tests;
  • To check body temperature prior to giving access to public areas and our premises, to protect the health and safety of our customers, staff, contractors and suppliers;
  • To offer to our customers, on a voluntary basis, an alternative contact-less authentication method, such as facial recognition;
  • To record attendance in certain premises we manage, in order to notify our customers if they have been exposed to a risk and to recommend to self-isolate;
  • If you choose to share such information with us, to record if you have a particular risk to your health so we can take any additional measure appropriate to ensure your safety;
  • To record your medical insurance information as required by health regulations.

 

What are our legal grounds to collect and process your personal data?

We rely on the following legal bases to collect and process your personal data:

  • Your explicit consent.;
  • To perform the contract you have with us;
  • To comply with a legal obligation: when we are required to collect and process your information because we have a legal requirement to do so in some jurisdictions;
  • To protect your vital interest: when required by the circumstances, we may process your data to protect your vital interests or the vital interests of other individuals;
  • Our legitimate interests: we may process your data because it is our legitimate interests to do so, or the legitimate interests of others.

 

Special category data

Depending on the circumstances, we rely on the following legal bases to collect and process your health and biometric data:

  • Your explicit consent;
  • To comply with a legal obligation: when we are required to collect and process your information because we have a legal requirement to do so in some jurisdictions, in particular to protect and safeguard public health;
  • To protect your vital interests, when you are not legally or physically able to give consent.

 

Who are we sharing your personal data with?

We will not share data with third parties other than as documented in our regular privacy notice. However, in some circumstances, your data may be shared with:

  • Public authorities, in particular health authorities, if we have a legal obligation to do so;
  • Our providers, including qualified health professionals in line with local regulations, and our biometric solutions providers.

We will not share your data outside of the European Economic Area (EEA) except when:

  • It is necessary to perform your contract with us (for instance, because you are travelling outside the EEA);
  • We have the legal obligation to do so.

 

How long do we keep your data for?

We will endeavour to record your personal data, especially your health data, only for the time strictly necessary for the purposes set out in this privacy notice. This includes the following periods:

  • For the time of your tour or travel;
  • 15 days to one month after your visit to our premises, unless a longer period is required by law;
  • For as long as necessary to comply with our legal obligations, contractual requirements or the establishment, exercise or defence of legal claims;
  • We will delete/destroy your personal data immediately after the relevant retention period above is reached.

 

How do we protect your data?

We will always collect and process your data, in particular health and biometric information, with due care and we will keep this data separate from our other regular business processing activities.

The information you share with us under the scope of this Privacy Notice will be secured by additional technical and organisational measures and only staff required to see this information will be able to access it on a “need-to-know” basis.

Paper-based records will be kept securely in locked cabinets. Digital records will be kept in encrypted and separate databases or folders with strict access controls in place.

 

What are my rights and how do I exercise them?

You have the right to:

  • be informed of any data processing;
  • access to your personal data;
  • rectify your personal data;
  • erase your personal data, in some circumstances;
  • restrict processing of your personal data, in some applicable circumstances;
  • data portability, in applicable circumstances;
  • object to the processing of your personal data, in some circumstances;
  • to withdraw consent to the processing of your personal data, where applicable.

If you wish to exercise any of your rights, please contact us either by e-mail to privacy.officer@travcorp.ca, or by post to Attn: Privacy Officer, 33 Kern Road, Toronto, Ontario M3B 1S9.

You will not have to pay a fee to exercise any of your rights. However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances and we will explain the reasons in our response to you.

You also have the right to make a complaint at any time to the relevant supervisory authority, for example the Information Commissioner’s Office in the UK.

Further information about your rights is included in our standard Privacy Notice which this Notice supplements.

Uniworld River Cruises Covid-19 Privacy Notice

Last updated: September 8 2020
This Privacy Notice supplements our standard Privacy Policy and should be read in conjunction with that Policy. This Privacy Notice gives specific details about how we will deal with personal information in light of COVID-19. 
 
Due to the current public health situation, Uniworld may temporarily collect additional information from customers, including health or biometric information. In some countries, such information is considered as “sensitive” or “special categories of personal data.”
 
Uniworld will always treat the information we collect from customers, in particular health and biometric information, with the highest standards of care and in line with all applicable legal requirements and guidelines from public authorities. Uniworld complies with the EU General Data Protection Regulation 2016/679 (GDPR), the UK Data Protection Act 2018 and all amendments, any other legislation relating to personal data and all other local or national legislation and regulatory requirements in force from time to time which apply to us relating to the use of your personal data.
 
The purpose of this specific privacy notice is to inform our customers of what personal data Uniworld collects, for which purposes and under which legal grounds we may process it during the SARS-CoV-2 pandemic.
 
Who are we?
 
Uniworld River Cruises, Inc. is a company incorporated under the laws of California. Our incorporation address is 17323 Ventura Boulevard, 3rd Fl., Los Angeles, CA 91316. All references to Uniworld, 'we', 'us', 'our' are references to Uniworld, its group, subsidiaries and sister companies. If you have any questions or concerns about this privacy notice, or Uniworld’s personal data policies or practices, please contact us either by e-mail to compliance@ttc.com, telephone on (800) 687-1002, or by post to 5551 Katella Ave. Cypress, CA, 90630.
 
We are the Data Controller for the purposes of the matters detailed in this Privacy Notice.
What personal data do we collect?
Depending on the situation, we may collect the following information:
  • Your name and contact details.
  • Where you have accepted to take rapid SARS-CoV-2 medical testing, the date and time of the test. If it is negative, we will not record the result of the test, which will only be processed by a qualified health professional in accordance with local regulations. If the result is positive and results in us being unable to continue to provide you with our services, we will retain the information for as long as is necessary to demonstrate that our withdrawal of services was reasonable.
  • Where authorised by local regulations or where you agree, we may collect your temperature before giving you access to our services/premises or to a public area. On such occasions we do not record this information, which is deleted immediately, unless the readings are not within acceptable levels in which case we may refuse access and we may retain the data in order to demonstrate that our refusal of access was reasonable.
  • If you have agreed to the use of facial recognition, we may collect your biometric information to access certain areas. We will always offer an alternative, such as badges, to the use of facial recognition. Our facial recognition features are not implemented on our CCTV systems, and will always be offered as a separate system.
  • When you have accepted or where required by local regulations, we may collect your name, contact details, date, time and location of your presence in the premises we manage for contact tracing purposes. If you notify us that you have been tested positive, we will not record this information, but only the date, time and location of the risk in order for us be able to notify the relevant customers that may have been exposed, unless otherwise required by law.
  • Your information regarding pre-existing health conditions, when you choose to share this information with us. We will only record the existence of such pre-existing health condition, and no detail on your health condition itself. Any detailed information will be processed through a qualified health professional in accordance to local regulations.
  • Your medical insurance information, as required by tourism and travel regulations.

Why do we collect personal data?
Depending on the situation, we collect and process your personal data for the

Following purposes:

  • To offer to our customers, on a voluntary basis, rapid SARS-CoV-2 medical tests;
  • To check body temperature prior to giving access to public areas and our premises, to protect the health and safety of our customers, staff, contractors and suppliers;
  • To offer to our customers, on a voluntary basis, an alternative contact-less authentication method, such as facial recognition;
  • To record attendance in certain premises we manage, in order to notify our customers if they have been exposed to a risk and to recommend to self-isolate;
  • If you choose to share such information with us, to record if you have a particular risk to your health so we can take any additional measure appropriate to ensure your safety;
  • To record your medical insurance information as required by health regulations.
What are our legal grounds to collect and process your personal data?
 
We rely on the following legal bases to collect and process your personal data:
 
  • Your explicit consent.
  • To perform the contract you have with us.
  • To comply with a legal obligation: when we are required to collect and process your information because we have a legal requirement to do so in some jurisdictions.
  • To protect your vital interest: when required by the circumstances, we may process your data to protect your vital interests or the vital interests of other individuals.
  • Our legitimate interests: we may process your data because it is our legitimate interests to do so, or the legitimate interests of others.

Special category data

Depending on the circumstances, we rely on the following legal bases to collect and process your health and information:

  • Your explicit consent;
  • To comply with a legal obligation: when we are required to collect and process your information because we have a legal requirement to do so in some jurisdictions, in particular to protect and safeguard public health;
  • To protect your vital interests, when you are not legally or physically able to give consent.

Who are we sharing your personal data with?
We will not share data with third parties other than as documented in our regular privacy notice. However, in some circumstances, your data may be shared with:

  • Public authorities, in particular health authorities, if we have a legal obligation to do so;
  • Our providers, including qualified health professionals in line with local regulations.
  • We will not share your data outside of the European Economic Area (EEA) except when:
  • It is necessary to perform your contract with us (for instance, because you are travelling outside the EEA);
  • We have the legal obligation to do so.
How long do we keep your data for?
 
We will endeavour to record your personal data, especially your health data, only for the time strictly necessary for the purposes set out in this privacy notice. This includes the following periods:
 
  • For the time of your tour or travel.
  • 15 days to one month after your visit to our premises unless a longer period is required by law.
  • For as long as necessary to comply with our legal obligations, contractual requirements or the establishment, exercise or defence of legal claims.
  • We will delete/destroy your personal data immediately after the relevant retention period above is reached.
 
How do we protect your data?
 
We will always collect and process your data, in particular health and biometric information, with due care and we will keep this data separate from our other regular business processing activities.
 
The information you share with us under the scope of this Privacy Notice will be secured by additional technical and organisational measures and only staff required to see this information will be able to access it on a “need-to-know” basis.
 
Paper-based records will be kept securely in locked cabinets. Digital records will be kept in encrypted and separate databases or folders with strict access controls in place.
 
What are my rights and how do I exercise them?
 
You have the right to:
 
  • be informed of any data processing.
  • access to your personal data.
  • rectify your personal data.
  • erase your personal data, in some circumstances.
  • restrict processing of your personal data, in some applicable circumstances.
  • data portability, in applicable circumstances.
  • object to the processing of your personal data, in some circumstances.
  • to withdraw consent to the processing of your personal data, where applicable.
If you wish to exercise any of your rights, please contact us either by e-mail to compliance@ttc.com, telephone on (800) 687-1002, or by post to 5551 Katella Ave. Cypress, CA, 90630.
 
You will not have to pay a fee to exercise any of your rights. However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances and we will explain the reasons in our response to you.
 
You also have the right to make a complaint at any time to the relevant supervisory authority, for example the Information Commissioner’s Office in the UK.
 
Further information about your rights is included in our standard Privacy Policy which this Notice supplements.

Questions or Comments?

Contact us with any questions you may have. We're here to assist you!