HB Travel’s Privacy Policy
Your Gateway to Unforgettable Adventures and Seamless Business Travels!
Book a trip today!
Privacy Policy HB Travel’s Privacy Policy
HB Travel Services CC
PRIVACY POLICY
1. INTRODUCTION
1.1. HB Travel Services CC (“we”, “us”, “our”) strive to ensure that our use of the Personal Information of data subjects is lawful, reasonable, and relevant to our business activities, with the ultimate goal ofimproving your experience as a prospective or existing customer, Service Provider or employee of HB Travel.
2. CONTACT US
2.1. We have appointed an Information Officer responsible
for overseeing questions concerning this Privacy Policy. You may contact our
Information Officer, Heloise Le Roux on 066 222 2237 or [email protected]
to discuss this Privacy Policy, your rights under data protection laws
applicable to you, and to raise any complaints with us. Further contact
information and contact forms are available in our PAIA Manual.
3. OUR SERVICES
3.1. We offer (among others) the following services (“our
Services”):
3.1.1. travel, tourism and leisure-related products and
services;
3.2. We collect Personal Information about you when you:
3.2.1. contract with us for our Services;
3.2.2. book or inquire about any of our Services;
3.2.3. access our Website, mobile applications or related
software systems;
3.2.4. contact us, or otherwise interact with us;
and/or
3.2.5. join HB Travel as an employee.
4. WHO DOES THIS PRIVACY POLICY COVER
4.1. This Privacy Policy explains how we will treat your
Personal Information whether provided by you to us or collected by us through
other means in your ordinary use of our Services, and our Website. This Privacy
Policy describes our approach and practices in respect of your Personal
Information and our treatment thereof.
4.2. This Policy applies to all external parties with whom
we interact, including but not limited to:
4.2.1. applicants, individual customers, potential customers
and recipients of our Services (including individuals who book or enquire about
our Services with or through us or who are the recipients of any Services
booked with or through us);
4.2.2. representatives of customer organisations;
4.2.3. our suppliers and service providers;
4.2.4. visitors to our offices;
4.2.5. other users of our Services.
4.3. This Privacy Policy must be read together with our
Website terms and conditions and any other documents, agreements or privacy
notices that describe how we, in specific circumstances, collect or process
Personal Information about you. This will enable you to understand how HB Travel
will process your Personal Information.
4.4. This Privacy Policy supplements such other documents
and agreements, but shall not supersede them and in the event of a conflict,
the terms of the particular document or agreement will prevail.
5. YOUR CONSENT
5.1. By providing us with your Personal Information, you:
5.1.1. agree to this Privacy Policy and authorise us to
process such information as set out herein; and
5.1.2. authorise HB Travel, our Associates, our Service Providers
and other third parties to Process your Personal Information for the purposes
stated in this Privacy Policy.
6. WHAT PERSONAL INFORMATION DO WE COLLECT?
6.1. We may collect, acquire, receive, record, organise,
collate, store, update, change, retrieve, read, process, analyse, use and share
your Personal Information in the manner as set out in this Privacy Policy. When
we perform one or more of these actions, we are 'Processing' your Personal
Information.
6.2. “Personal Information' refers to private information
about an identifiable living natural or juristic person. Personal Information
does not include information that does not identify a person or anonymized
information.
6.3. The Personal Information we collect may differ
according to the Services you receive from HB Travel. We may process various
categories of Personal Information, such as:
6.3.1. Identity Information, when interacting with us as a
customer, including information concerning your name, company name, identity
and registration numbers, title, date of birth,
6.3.2. Contact Information, which includes your address,
service addresses, physical address, email address and telephone numbers, and
emergency contact details.
6.3.3. Credit Information in respect of our employees, to
assess our transactional risk and your creditworthiness, including credit
history reports from credit bureaus (with your consent where required by law);
6.3.4. Criminal behaviour history, where permitted in
respect of prospective employees and job applicants;
6.3.5. Financial Information, where permitted, including
bank account details, bank statements and financial statements;
6.3.6. Human Resources in respect of our own employees,
including leave records, job applications, medical aid information to
administer employment contracts and comply with our legal obligations;
6.3.7. Tax Information where permitted, which includes IRP5
records, PAYE records and VAT registration numbers;
6.3.8. Technical Information, which includes your internet
protocol (IP) address, browser type and version, time zone setting and
location, operating system and platform, on the devices you use to access our
Website, products or Services.
6.3.9. Enquiry and booking information, including
information concerning enquiries and bookings made with or through us for
tourism, travel, leisure or related services, including where you are making
the enquiry or booking or are the recipient of the travel services to which the
enquiry or booking relates. This information may include:
records of enquiries and searches for holiday and
travel products made by or on your behalf, details of your personal
preferences, needs and other relevant information;
quotes, proposals, estimates and other information given in response to enquiries; details of the holiday, accommodation, travel, car hire, and other tourism, travel, leisure or related services booked or enquired about; details of the passengers travelling and details of the provider of the travel services (such as tour operators); payment card details, passport information and visa information, foreign exchange requirements; and where required, special Personal Information such as health, medical, dietary, mobility, disability, religious or other special requirements.
6.3.10. Transaction Details concerning you as an individual,
which includes your name, age, gender, address, telephone, mobile, e-mail,
contact details, proof of identity and address, copies of passports, driving
licences, and utility bills, payment card details, and financial information,
health information relevant to your planned travel, and travel insurances held,
your preferences, frequent flyer or travel partner program affiliation and
member number, and any other information provided to us by or in relation to
you which concern you as an individual.
6.3.11. Business-related information, if you are an
individual associated with a business or other organisation that is our
customer, then your Personal Information may include the following information
that we link to you:
business or organisation details (such as name, address, telephone numbers, payment arrangements, financial information, etc.) your relationship with that business or organisation (such as owner, partner, director, shareholder, employee, or agent); your contact details within that business (such as work address, work telephone and mobile numbers, work fax number, and work e-mail address.
6.3.12. Correspondence, including messages between you and
us, and between us and third parties, including correspondence relating to any
booking or enquiry, or performance of any contract.
6.3.13. Competition information, including Personal
Information collected during any competitions or promotions held by us or our
Associates.
6.3.14. Account, Registration, Membership and Loyalty Information,
including your participation in any loyalty program.
6.3.15. Usage Information, which includes information as to
your access to and use of our Website, products and Services.
6.3.16. Marketing and Communications Information, which
includes your preferences in respect of receiving marketing information from us
and your communication preferences.
6.4. We also process, collect, store and/or use aggregated
data, which may include historical or statistical data (“Aggregated Data”) for
any purpose. Aggregated Data is not considered Personal Information as this
data does not directly or indirectly reveal your identity. However, if we
combine or connect Aggregated Data with your Personal Information in a manner
that can identify you, we will treat the combined data as Personal Information,
which will be managed per this Privacy Policy.
7. SPECIAL PERSONAL INFORMATION
7.1. Where we need to process your Special Personal
Information, we will do so in the ordinary course of our business, for a
legitimate purpose, and per applicable laws.
8. HOW WE COLLECT PERSONAL INFORMATION?
8.1. You directly provide HB Travel with most of the
Personal Information we process. We collect and process Personal Information in
the following ways, namely:
8.1.1. through direct or active interactions with you;
8.1.2. through passive or automated collections;
8.1.3. in the course of providing our Services to you or
your organisation, including where you register as a customer to use any of our
Services or you opt-in to receiving any direct marketing from us;
8.1.4. in evaluating job applicants and onboarding
Employees;
8.1.5. from third parties, where permitted.
8.2. Direct or active collection
8.2.1. We may require that you submit certain information to
enable you to access portions of our Website, to make use of our Services, to
facilitate the negotiation and conclusion of an agreement with us, or that is
necessary for our compliance with our statutory, professional or regulatory
obligations.
8.2.2. We also collect Personal Information when you
communicate directly with us. For example:
Via email, meetings and telephone calls; When you fill in forms or registers, or make a purchase with us; When you voluntarily complete a customer survey, provide feedback or ask for marketing information to be sent to you.
8.2.3. If you contact us, we reserve the right to retain a
record of that correspondence or telephone call, which may include Personal
Information.
8.2.4. The Personal Information we collect from you may
include any of the categories listed in the paragraph above depending on what
will be necessary to perform the Services.
8.3. Passive (automated) collection
8.3.1. We may passively collect certain categories of your
Personal Information from the devices that you use to access and navigate our
Website or to make use of our Services (“Access Devices”) using server logs and
your browser’s cookies.
8.3.2. The categories of Personal Information we passively
collect from your Access Device may include your:
Technical Information; Usage Information; and/or Any other Personal Information which you expressly permit us, from time to time, to passively collect from your Access Device.
8.4. Indirect collection (from third parties)
8.4.1. We may also receive your Personal Information indirectly
from, among others, the following sources (including public parties):
a) our information technology suppliers;
b) law enforcement;
c) credit bureaus (with your consent, where required by
law).
d) from other Responsible Parties where we act as contracted
outsourced processors (“Operators”) in performing our Services, including:
providers of any holidays, accommodation, and other tourism, travel, leisure or related services which are enquired about or booked, and their intermediaries; Banks and other financial institutions; Telecommunications providers; Insurers.
8.4.2. When we collect your Personal Information from third
parties it is either because you have given us express consent to do so, your
consent was implied by your actions, or because you provided consent, either
explicit or implicit, to the third party that provided this information to us.
9. HOW WE USE YOUR PERSONAL INFORMATION
9.1. We Process your Personal Information in the ordinary
course of the business of providing our Services.
9.2. We also use the Personal Information we collect to
maintain and improve our Website and to improve the experience of its users, to
facilitate the provision of our Services to you, and to comply with our
statutory and regulatory obligations.
9.3. We use your Personal Information only for the purpose
for which it was originally collected by the relevant Responsible Party and
strictly in accordance with their instructions. We only use your Personal
Information for a secondary purpose only if such a purpose constitutes a
legitimate interest and is closely related to the original purpose and
instructions for which the Personal Information was collected.
9.4. We may process your Personal Information during the
course of various activities, including but not limited to, the following:
9.4.1. providing our Services at your request;
9.4.2. processing, collecting and administering payments for
our Services rendered;
9.4.3. providing customer support and responding to and
communicating with you about your requests, questions and comments (including
responding to booking enquiries and searches for holidays and corporate
travel);
9.4.4. transfer of limited and necessary information to our
Service Providers and other third parties where required to perform our
obligations to you (including providers of any holidays, accommodation, and
other tourism, travel, leisure or related services which are enquired about or
booked, and their intermediaries);
9.4.5. with your consent (where required by law), for
relationship management and marketing purposes in relation to our Services,
including, but not limited to, the development and improvement of our Services,
marketing activities (promotions and special offerings), and for accounts
management to establish, maintain and/or improve our relationship with you;
9.4.6. to keep internal records and maintain reasonable
archives, including enquiries, bookings, contracts, travel services, and
complaints;
9.4.7. to carry out direct marketing to you (see Direct
Marketing section below for further information);
9.4.8. to detect, prevent, manage and protect against actual
or alleged fraud, security breaches, misuse, and other prohibited or illegal
activity, claims and other liabilities;
9.4.9. to protect our rights in any litigation that may involve
you;
9.4.10. to comply with our regulatory reporting obligations,
including submissions to the South African Reserve Bank, Financial Intelligence
Centre, South African Revenue Services, Information Regulator and/or other
authorities;
9.4.11. for other lawful and legitimate purposes that are
relevant to our business operations or regulatory functions.
9.4.12. conduct our recruitment and hiring process, which
includes, referrals, capturing job applicant’s details and providing status
updates to job applicants to protect our legitimate interest in ensuring a safe
working environment.
9.4.13. operate, evaluate and improve our business units,
including:
(a) developing new products and services;
(b) managing our communications;
(c) determining the effectiveness of our sales, marketing
and advertising;
(d) analysing and enhancing our products, Services, websites
and apps;
(e) maintaining the safety, security and integrity of our
Website, products and Services, databases, networks and other technology assets,
and business;
(f) performing accounting, auditing, invoicing, procurement,
reconciliation and collection activities; and
(g) improving and maintaining the quality of our customer
service;
9.4.14. for the purpose otherwise described to you when collecting
your Personal Information, or as otherwise outlined in POPIA.
9.5. HB Travel will not collect additional categories of
Personal Information or use the Personal Information we collected for
materially different, unrelated, or incompatible purposes without providing you
notice.
10. DIRECT MARKETING (ELECTRONIC)
10.1. HB Travel would like to send you information about our
product and service offerings we believe may be of interest to you.
10.2. We may send marketing materials to our customers’
email addresses or cellphone numbers via SMS or WhatsApp marketing (including
individuals who book or enquire about our Services with or through us or who
are the recipients of any Services booked with or through us) as permitted by
POPIA, provided that:
10.2.1. your name and contact details were obtained in the
context of the sale of our products or Services (including any inquiries,
requests or bookings concerning our products and Services);
10.2.2. we contact you to market our similar products or
Services.
10.2.3. you may opt-out at any time and free of charge on
any of our marketing communications or by emailing [email protected]
10.3. If you are not our customer, we may send marketing
materials where you give us your express “opt-in” consent (either digitally or
in-person) to send you marketing materials through your preferred electronic
channels of communication, provided that we shall keep a record of your consent
and you may opt-out any time and free of charge on any of our subsequent
marketing communications.
10.4. Once you have chosen to opt-out, we may send you
written confirmation of receipt of your opt-out request (which may be in
electronic form), and we will thereafter not send any further direct marketing
communication to you. However, you may continue to receive communication from
us on matters of a regulatory nature, which are not marketing related.
11. LEGAL BASIS FOR COLLECTING AND PROCESSING INFORMATION
11.1. We will only collect and process your Personal
Information where:
11.1.1. You have provided us with your consent (as permitted
by law);
11.1.2. To perform in terms of a contract with you;
11.1.3. To protect your legitimate interests;
11.1.4. To pursue our legitimate interests and our
customers’ legitimate interests which include:
(a) providing Services to and managing our relationship with
existing customers;
(b) fraud and financial crime detection and prevention;
(c) information, system, network, and cybersecurity;
(d) general corporate operations, due diligence and risk
assessment;
(e) complying with a legal obligation, and/or enforcing and
defending legal claims.
12. COMPULSORY PERSONAL INFORMATION AND CONSEQUENCES OF NOT SHARING WITH US
12.1. Where we are required to process certain Personal
Information by law, or in terms of a contract that we have entered into with
you, and you fail to provide such Personal Information when requested to do so,
we may be unable to perform in terms of the contract in place or are trying to
enter into with you. In such a case, we may be required to terminate the
contract and/or relationship with you, upon due notice to you, which
termination shall be done in accordance with the terms of that contract and any
applicable legislation.
13. DISCLOSURE OF PERSONAL INFORMATION
13.1. We will not intentionally disclose your Personal
Information, whether for commercial gain or otherwise, other than with your
permission or in accordance with this Privacy Policy.
13.2. We may disclose your Personal Information to our
contracted Responsible Parties, Service Providers and Associates for legitimate
business purposes, in accordance with applicable law and subject to applicable
professional and regulatory requirements regarding confidentiality and
appropriate data protection measures.
13.3. In addition, we may disclose your Personal
Information:
13.3.1. where it is necessary for the purposes of, or in
connection with, actual or threatened legal proceedings or establishment,
exercise or defence of legal rights;
13.3.2. With our contracted agents, advisers, auditors,
consultants, service providers, suppliers, banking partners and other Operators
who process Personal Information on our behalf and whose assistance we require
to conduct our business operations and that:
(a) have agreed to be bound by this Privacy Policy and our
Data Protection Policy or by similar terms offering a similar level of
protection;
(b) where such Personal Information is necessary for the
performance of their obligations to or on behalf of HB Travel (i.e., records
storage, payroll, server hosts); and
(c) based on our instructions, are not authorised by us to
use or disclose the information except as strictly necessary to perform the
services on our behalf as instructed or to comply with legal requirements.
13.3.3. With third party Operators to the extent that they
require such specific Personal Information in the provision of services for or
to us, which include hosting, development and administration, technical support
and other support services relating to our Website and/or the operation of our
business divisions. We will only authorise the processing of any Personal
Information by a third-party Operator on our behalf by, among others, entering
into agreements with those third parties governing our relationship with them
and highlighting instructions, confidentiality, security and non-disclosure
obligations.
13.3.4. to enable us to enforce, implement, or apply any
other contract between you and us, or any contract where we act as an agent of
the principal contracted with you;
13.3.5. to mitigate any actual or reasonably perceived risk
to us, our customers, employees, contractors, agents, brokers or any other
third party;
13.3.6. to any relevant third party acquirer(s), in the
event that we sell or transfer all or any portion of our business or assets
(including, but not limited to, in the event of a reorganization, dissolution
or liquidation);
13.3.7. With governmental agencies, exchanges and other
regulatory or self-regulatory bodies, if required to do so by law or there is a
reasonable belief that such is necessary for:
(a) compliance with the law or with any legal process;
(b) the protection and defence of the rights, property or
safety of HB Travel, our customers, employees, contractors, suppliers, service
providers, agents, brokers or any third party;
(c) the detection, prevention and management of actual or
alleged fraud, security breaches, technical issues, or the misuse or
unauthorised use of the Website and any other contravention of this Privacy
Policy;
(d) the protection of the rights, property or safety of
members of the public (if you provide false or deceptive information or make
misrepresentations, we may proactively disclose such information to appropriate
regulatory bodies).
13.4. While providing our Services we may obtain, use, and
disclose Personal Information about our customer’s customers. In these
instances, we process the Personal Information in accordance with this Privacy
Policy unless specifically agreed otherwise with our customer.
13.5. Performance of contract, bookings and suppliers
(foreign countries)
13.5.1. We will disclose your Personal Information
(particularly your name and date of birth) to third parties (including
intermediaries) as strictly necessary to deal with your booking enquiry, to
make any booking requested by or for you, to perform and administer any booking
for you or contract in respect of you. This may include applying for
visas on your behalf, collecting payments made by you, investigating and
responding to complaints, and enforcing any booking or other contract with you.
Categories of third-party recipients may include any incoming travel agencies,
accommodation facilities, airline, coach, cruise, ferry or train operators, car
hire companies, tour operators, etc.).
13.5.2. In this context, the said Personal Information must
also be forwarded to companies domiciled in foreign countries, (e.g. an
airline) or if the booked trip goes to a foreign country. We expressly draw
your attention to the fact that there is often not a level of data protection
in foreign countries that is equivalent to that of South Africa and, therefore,
there is the risk that the information may not be protected accordingly.
Personal Information is transmitted to these foreign countries usually on the
basis of Section 72(1)(c) and/or Section 72(1)(d) and/or Section 72(1)(e) of
POPIA. In the individual case, we cannot inform the customer that and to whom
we transmit the information, as this frequently proves to be impossible or
would require a disproportionate effort.
13.6. Travel Insurance
13.6.1. If any application is made through us to pass
onto the Insurers, for any travel or other insurance to cover you, we will pass
your Personal Information on to the insurer. Information provided by you
may be put on to a register of claims and shared with other insurers to prevent
fraudulent claims.
14. STORAGE AND TRANSFER OF PERSONAL INFORMATION
14.1. We have engaged reputable and trusted organisations as
outsourced processors (Operators), and in some cases, as sub-processors to
provide data storage and cloud services to securely store your
information.
Our servers and cloud storage run in secure premises located in South Africa and abroad.
14.2. We reserve the right to generally transfer to and/or
store your Personal Information on servers in a jurisdiction other than where
it was collected, or outside of South Africa in a jurisdiction that may not
have comparable data protection legislation; Provided that if the location does
not have substantially similar laws to those of South Africa, we will take
reasonably practicable steps, including the imposing of suitable contractual
terms to ensure that your Personal Information is adequately protected in that
jurisdiction.
15. SECURITY AND INTEGRITY
15.1. We take all reasonable technical and organisational
measures to secure the integrity of retained information and protect it from
misuse, loss, alteration, and destruction through the use of accepted
technological standards that prevent unauthorised access to or disclosure of
your Personal Information. Unfortunately, despite our best efforts, no data
transmission or storage can be guaranteed to be 100% secure. Therefore, we do
not make any warranties or guarantees that content shall be entirely 100%
secure nor do we accept any liability of whatsoever nature for loss of privacy
resulting from any unauthorised disclosure and/or use of your Personal
Information, unless such disclosure and/or misuse is because of our gross
negligence. However, we are subject to the Protection of Personal Information
Act 4 of 2013, which we comply with.
15.2. Our servers are protected by firewalls and access to
Personal Information is limited to minimal authorised personnel of HB Travel.
The security of our Website and IT systems is also tested regularly, and every
effort is made to ensure that security is at an optimum level at all times.
15.3. When processing payment card details, we comply with
the applicable Payment Card Industry Data Security Standard (PCI-DSS standard).
15.4. We periodically review our Personal Information collection,
storage and processing practices, including physical and digital security
measures.
15.5. We have established and implemented data breach management procedures to address actual and suspected data breaches and will notify you and the relevant regulatory authorities of breaches where we are legally required to do so and within the period in which such notification is necessary.
16. RETENTION AND DELETION
16.1. We may retain and process some or all of your Personal
Information if and for as long as:
16.1.1. we are required or permitted by law, or contract
with you, to do so;
16.1.2. it is for lawful purposes that are related to our
performance of our obligations and activities; or
16.1.3. you agree to us retaining it for a specified further
period.
16.2. Unless there is a lawful purpose for us to continue
processing or storing your Personal Information, we will destroy your Personal
Information in the following circumstances:
16.2.1. the Personal Information is no longer necessary for
the purpose for which it was collected or processed; or
16.2.2. you withdraw your consent to the processing of your
Personal Information; or
16.2.3. you object to the processing of your Personal
Information; and
16.2.4. there are no other lawful grounds for us to continue
processing your Personal Information.
16.3. We determine the appropriate retention period for
Personal Information by considering, among other things, the nature and
sensitivity of the Personal Information, the potential risks or harm that may
result from its unauthorised use or disclosure, the purposes for which we
process it and whether those purposes may be achieved through other means. We
will always comply with applicable legal, regulatory, tax, accounting, labour,
or other requirements as they apply to the retention of Personal Information.
16.4. We will destroy your data using effective methods
including, among others, shredding.
17. MAINTENANCE, CORRECTIONS AND ACCESS
17.1. We are required to take all necessary steps to ensure
that your Personal Information is accurate, complete, not misleading and up to
date.
17.2. Anyone about whom we maintain Personal Information may
request to inspect and, if appropriate, correct the Personal Information held
by us. It is your responsibility to inform us, or the persons responsible for
the maintenance of your Personal Information, should your Personal Information
be incorrect, incomplete, misleading or out-of-date by notifying us at contact
details in paragraph 2.1 above. We may require additional information from the
requesting party to assure itself of the legitimate basis for the request and
the identity and authority of the requestor. Upon receipt and verification of
the corrected Personal Information, we will adjust our data or records
accordingly.
17.3. A request for correction/deletion of Personal
Information or destruction/deletion of a record of Personal Information must be
submitted
using this form
. The
completed form should be sent to the contact details mentioned in paragraph 2.1
above.
18. DATA MINIMISATION
18.1. We have service level agreements with third parties
who send us Personal Information (either in our capacity as a Responsible Party
or Operator). These state that only relevant and necessary information is to be
provided as it relates to the processing activity we are carrying out.
18.2. We have destruction procedures in place where a data
subject or third party provides us with Personal Information that is surplus to
our requirements.
19. YOUR DATA PROTECTION RIGHTS
19.1. Data protection laws may grant you, among others, the
following rights:
19.1.1. Request access to your Personal Information –
enabling you to receive a copy of the Personal Information retained about you;
19.1.2. Request the correction of your Personal Information
– to ensure any incomplete or inaccurate Personal Information is corrected;
19.1.3. Request erasure of your Personal Information – where
there is no lawful basis for the retention or continued processing of your
Personal Information;
19.1.4. Object to the processing of your Personal Information
for a legitimate interest (or those of a third party) - under certain
conditions where you feel it impacts your fundamental rights and freedoms;
19.1.5. Request restriction of processing of your Personal
Information – to restrict or suspend the processing of your Personal
Information to limited circumstances;
19.1.6. Withdraw consent given in respect of the processing
of your Personal Information at any time – withdrawal of consent will not
affect the lawfulness of any processing carried out before your withdrawal
notice. But may not affect the continued processing of your Personal
Information in instances where your consent is not required.
19.2. If an above request/objection is to be made, please
use the contact information in paragraph 2.1 above and we will revert within 30
calendar days.
20. CHILDREN
20.1. Our Website and our Services are not targeted at
people under the age of 18. We will not knowingly collect Personal Information
in respect of persons in this age group without express permission to do so,
unless permitted by law.
21. THIRD PARTY SUB-PROCESSORS/OPERATORS
21.1. We use external processors (“Operators”) for certain
processing activities and to assist in the delivery of Services. We reserve the
right to change our Operators at any time without further notice to you, but we
will ensure our Operators are bound by this Privacy Policy and our Data
Protection Policy or similar terms providing the same or higher level of
protection. Such external processing activities include, but are not limited
to:
21.1.1. IT systems and infrastructure;
21.1.2. Human resources;
21.1.3. Payroll;
21.1.4. Hosting and email infrastructure;
21.1.5. Credit reference agencies;
21.1.6. Direct marketing / mailing services.
21.2. We conduct due diligence in respect of our external
Operators before forming a business relationship. We obtain company documents
and references to ensure the Operator is adequate, appropriate and effective
for the task we employ them for.
22. COOKIES
22.1. We may place small text files called “cookies” on your
device when you visit our Website. Cookies do not contain Personal Information,
but they do contain a personal identifier allowing us to associate your
Personal Information with a certain device. Cookies serve useful purposes for
you, including:
22.1.1. Remembering who you are as a user of our Website to
remember any preferences you may have selected on our Website, such as saving
your username and password, or settings (“functional cookies”);
22.1.2. allowing our Website to perform its essential
functions. Without these cookies, some parts of our Website would stop working
(“essential cookies”). For example, information on error messages displayed to
users will be collected and the developer team will assess and solve it.
22.1.3. monitoring how our Website is performing, and how
you interact with it to understand how to improve our website or Services
(“site analytics”).
22.2. Your internet browser may accept cookies automatically
and you can delete cookies manually. However, no longer accepting cookies or
deleting them may prevent you from accessing certain aspects of our Website
where cookies are necessary.
22.3. As cookies are stored in the web browser used to
access our Website, to disable cookies users need to change the settings pertaining
to that browser in particular.
22.4. Many websites use cookies and more information is
available at: www.allaboutcookies.org.
23. PRIVACY POLICIES OF OTHER WEBSITES
23.1. Our Website may contain links to other websites, apps,
tools, widgets and plug-ins that are run by third parties. If you visit a
third-party website or social media site, you should read that website/ social
media’s privacy notice, terms and conditions, and their other policies. We are
not responsible for the policies and practices of third parties and social
media sites. Any Personal Information you give to those organizations is dealt
with under their privacy notice, terms and conditions, and other policies.
23.2. If YOU disclose your Personal Information directly to
any third party other than HB Travel, HB TRAVEL SHALL NOT BE LIABLE FOR ANY
LOSS OR DAMAGE, HOWSOEVER ARISING, SUFFERED BY YOU AS A RESULT OF YOUR
DISCLOSURE OF YOUR PERSONAL INFORMATION TO SUCH THIRD PARTIES.
24. GOVERNING LAW
24.1. This Privacy Policy is governed by South African law.
24.2. If any provision of this Privacy Policy is determined
to be illegal, void or unenforceable due to applicable law or by order of a
court, it shall be deemed to be deleted and the continuation in full force and
effect of the remaining provisions shall not be prejudiced.
25. CHANGES TO THIS POLICY
25.1. We may amend this Privacy Policy from time to time and
we will take reasonably practicable steps to inform you when changes are made.
Without limiting how we may inform you, we may notify you by email, “pop-up”
notification on our Website, or notification when you access our Website.
26. QUERIES, COMPLAINTS, AND INFORMATION REGULATOR
26.1. If you have any questions or complaints about your
privacy rights or this Privacy Policy, please address your concerns to our
Information Officer. If you feel our attempts at resolving the matter have been
inadequate, you may lodge a complaint with the South African Information
Regulator through their website, https://www.justice.gov.za/inforeg/.
26.2. If you are located outside of South Africa, you may
contact the appropriate regulatory authority in your country of domicile.
ANNEXURE – DEFINITIONS
'Associates' means HB Travel Services CC, subsidiaries and
the directors, employees and consultants of HB Travel Services CC or any of its
group companies or subsidiaries;
“Operator' means any person or entity that Processes
Personal Information on behalf of a Responsible Party.
“Personal Information” means information or data relating to
an identifiable, living, natural person, and where it is applicable, an
identifiable, existing juristic person, including, but not limited to
information relating to -
• race, gender, sex, pregnancy, marital status, national,
ethnic or social origin, colour, sexual orientation, age, physical or mental
health, well-being, disability, religion, conscience, belief, culture, language
and birth of the person;
• education or the medical, financial, criminal or
employment history of the person;
• any identifying number, symbol, e-mail address, physical
address, telephone number, location information, online identifier or other
particular assignment to the person;
• the biometric information of the person;
'Responsible Party' means the entity that decides how and
why Personal Information is Processed. Responsible Parties may instruct
Operators to processes Personal Information on their behalf.
“Service Provider” means third party providers of various
services with whom HB Travel Services CC engages, including, but not limited
to, software licensors, developers and suppliers of software, providers of
information technology, communication, file storage, data storage, copying,
printing, distribution/logistics, accounting or auditing services, counsel,
investigators, attorneys, and employee provident/pension fund administrators,
and our insurers and professional advisors;
“Special Personal Information” means Personal Information
about race or ethnicity, political opinions, religious or philosophical
beliefs, trade union membership, physical or mental health, sexual life, any
actual or alleged criminal offences or penalties, national identification
number, or any other information that may be deemed to be sensitive under
applicable law.
Book a trip today!