Arctic Inbound AB Privacy Statement
Privacy is important to Arctic Inbound AB. We follow tight security procedures on how your personal information is used and stored: we limit who sees it and we have a number of processes in place to stop unauthorised access to it. This privacy statement details how we do this:
We are committed to safeguarding the privacy of our clients (travel agents, tour operators) under the General Data Protection Regulation (GDPR) – Regulation (EU) 2016/679, we have a legal duty to protect your personal data. Arctic Inbound AB is will act as both a Data Controller.
INFORMATION WE COLLECT AND WHY:
Arctic Inbound AB may collect personal information in a variety of circumstances in order to carry out our business activities effectively. Such information may be provided to us in the following ways:
- You as a agent make a booking, enquiry or subscribe to receive information through the website form, email or by phone.
- You make amendments or changes to a booking or enquiry as above.
- You consent and take part in a survey or provide us with feedback.
- You subscribe to receiving more information about our services.
- You accept cookie usage on one of our Websites allowing us to track information about your computer or device, and your visits to and use of our services
- You send us any other information which is pertinent to the fulfilment of your customers travel booking, in particular this may extend to personal information about your clients
- You give us personal details when you are invited on a familiarisation trip
- You enquire or place a booking through an external travel agent
- You have applied for a job vacancy
- In other forms of correspondence such as email, letter, and telephone which pertain to the activities of the business
All email correspondence is stored locally and backed-up and can be accessed for quality and regulatory purposes. Access to emails and systems is secured via two step authentication so that only authorised staff can access personal data. Travel profiles are held while you or your client remain an active client/traveller, and can be reviewed at any time at your request providing this does not prevent the company from carrying out its business activities.
Any marketing materials we send you will be sent to you in electronic format or communicated by telephone. Should you wish to remove your details from our email marketing list, then you will need to email [email protected].
SENSITIVE PERSONAL INFORMATION:
If you wish, you may provide us with some special categories of Personal Information in order for Arctic Inbound to provide you with a better standard of service. For example, when attending a familiarisation trip with us you may provide us with information about your dietary or medical requirements, which may reveal details about your mental or physical health or condition. The provision of this information is entirely voluntary. If you do not consent to our processing of this type on the familiarisation trip.
A cookie is a small file which asks permission to be placed on your computer’s hard drive. Once you agree, the file is added and the cookie helps analyse web traffic or lets you know when you visit a particular site. Cookies allow web applications to respond to you as an individual. The web application can tailor its operations to your needs, likes and dislikes by gathering and remembering information about your preferences.
Overall, cookies help us provide you with a better website by enabling us to monitor which pages you find useful and which you do not. A cookie in no way gives us access to your computer or any information about you, other than the data you choose to share with us.
You can choose to accept or decline cookies. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. This may prevent you from using our website to its full potential.
Arctic Inbound AB will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.
To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.
Save as stated below, your personal information is not disclosed to third parties unless this is indicated by our sales agents, or is indicated on our Websites or as required or allowed by law.
Your personal information may be passed to a third party in order to fulfil your travel requirements or certain processes necessary for the operation of our website and marketing activities.
We may disclose your personal information to any member of our Group, which means our subsidiaries, our ultimate holding company and its subsidiaries.
HOW WE PROTECT YOUR INFORMATION:
At Arctic Inbound AB, security is of paramount importance. To give you confidence, all our systems are encrypted with two-step authentication and this is managed by the Data Protection officer and ultimately the Managing Director.
Please note, however, that the transmission of information via the internet is never completely secure and, although we will take steps to protect your Personal Information, we cannot guarantee the security of your Personal Information transmitted via the Website or email – any transmission is therefore at your own risk.
All Arctic Inbound AB employees and data processors, who have access to or are associated with the processing of personal information, are obliged to respect the confidentiality of that information. Access to our systems is secured by password and staff are encouraged to update their passwords on a regular basis. Should Arctic Inbound AB receive any complaint, notice, request or communication which relates directly to the processing of your personal information by a third party supplier (whether travel principal or technology supplier) and the supplier’s compliance with Data Protection laws, we shall notify you as soon as possible of any breach or suspected breach of personal information.
Email security – All Arctic Inbound AB outbound emails are encrypted, but please note that unless encrypted an email sent from you to us via the internet may not be secure and could be intercepted and read by someone else. Please keep this in mind when deciding whether to include personal information in any email you intend to send us.
Links – Our Websites may contain links to and from other websites, including those of our suppliers. If you follow a link to any of these websites, please note that these websites will have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check external websites policies before you submit any personal information to these websites.
ACCESSING YOUR PERSONAL INFORMATION AND DATA FROM ARCTIC INBOUND AB:
Arctic Inbound AB will process any personal information that it collects in accordance with the General Data Protection Regulation (GDPR) – Regulation (EU) 2016/679.If you wish to access personal information collected from you or you have an enquiry or concern regarding the processing of personal data by Arctic Inbound AB, please make an individual information request to:
Under the General Data Protection Regulation (GDPR) – Regulation (EU) 2016/679 you can request a copy of your personal information. Arctic Inbound AB will provide you with a legible copy of the personal information it holds and to which you are entitled via electronic format. This will be sent to you within 30 days of your request. Please note Arctic Inbound AB requires proof of your identity before supplying the information and may ask you for further information to assist in locating your personal information. Individual traveller requests are free of charge most of the time unless the requests are repetitive or excessive.
Unless otherwise agreed, no delay, act or omission by us or you in exercising any right or remedy will be deemed a waiver of that, or any other, right or remedy.
This policy will be governed by and interpreted according to the laws of Sweden. All disputes arising under this policy will be subject to the exclusive jurisdiction of Sweden.
Arctic Inbound | May 2018