Your privacy is very important to us and the purpose of this policy is to clearly explain how we will collect, process and store your information, so that you can feel secure about what happens to your data.
Vulkan Travels personal data policy in accordance with GDPR
The General Data Protection Regulation (GDPR) entails new procedures and restrictions for the processing of personal data.
The entity responsible for your personal data is Vulkan Travel LTD. Telephone: 020 - 3630 1199 E-mail: [email protected]
Address: Vulkan Travel Ltd, 5 Upper Montagu Street London, W1H 2AG, UK
(Administration only, not sales office.)
Personal data that we need
In order to help you as our customer, we will ask you for the following information: Names of all travellers, as well as the postal address, telephone number and e-mail address of the lead traveller. If children are travelling, we will need to ask for their dates of birth in order to make sure you are charged the right price. For certain activities, such as diving or horseback riding, our suppliers will need to know your height and weight. We may also need additional information from you in certain cases, such as any special needs or requests, for example.
Processing of personal data
Personal data is processed in accordance with applicable and relevant legislation, and in accordance with the general data protection regulation. Personal data is used only for business purposes in order to provide our customers with the best possible service and to meet our obligations to you prior to and when entering into an agreement, and for marketing purposes.
Transfer of personal data
In order for us to meet our obligations to you as our customer, we will need to forward your personal data to our sub-contractors, such as airlines, hotels and activity providers, so that the right person receives plane tickets, accommodation and anything else including in their booking. Our subcontractors and partners are also subject to the applicable data protection regulation and act as data controllers or data processors in accordance with a valid data processing agreement. We make use of a number of different IT systems in our business, which are used to process your personal data. Some of these systems are cloud-based or installed on the premises of our supplier, who acts in accordance with our instructions and in compliance with a personal data processing agreement. Your personal data may therefore be transferred to a third country in cases where cloud services or servers are located in such a country.
Protection of personal data
Personal data is protected against unauthorised use, disclosure, deletion or alteration by physical, technical or organisational measures which are adopted in proportion to the risk, such as accidental loss or damage or unauthorised access in the course of data processing.
Storage period for personal data
Vulkan Travel will store your personal data for two years or in accordance with applicable legislation. Once you have signed up to our newsletter and promotional emails, or if you already receive our newsletter and promotional emails from a previous trip, then we will store your personal data for this purpose until further notice.
Implementation of this policy
Staff at Vulkan Travel have been made aware of this policy and are instructed to follow it, alongside other applicable data protection laws.
Access to data/deletion requests/data portability
Following written request and to the extent required under applicable law, Vulkan Travel will provide you with information regarding the personal data that we process. If any of this data is incorrect, we will correct or delete the data upon request. We also facilitate the portability(transfer) of your data upon request.
Payments with credit/debit card
When making a card payment, you are only required to provide your name, card number, card type, card validity and CVC code (digits on the back of your card). Vulkan Travel will not save any card details; instead, we work with DIBS AB, which processes your information. Both Vulkan Travel and DIBS use SSL encryption to safeguard user security. Vulkan Travel is certified in accordance with PCI DSS.
Verified By Visa och Mastercard SecureCode - the latest standard for card security
Verified by Visa and MasterCard SecureCode is the latest standard for the secure identification of card customers when making online purchases (known as 3D Secure). Card issuers which offer this service to their customers will be able to identify and verify the identity of their customers in a secure manner. The customer is linked to their card issuer and asked to give a user name and password.
About session cookies
In order to ensure that certain functions on vulkantravel.co.uk work correctly and to make sure that the right pages are shown to the right people, the website uses so-called session IDs. When you visit vulkantravel.co.uk, our technical partner VISIT (https://www.visit.com) places a unique ID number on your computer for this specific visit – this is a so-called ‘session cookie’.
Questions/concerns about your privacy
If you believe that our processing of your personal data is not compliant with applicable regulations, you are welcome to contact the Swedish Data Protection Authority (Datainspektionen) by email at [email protected] or by telephone on: (+46) 08- 657 61 00.