About this websiteRVGTOURS.COMPrivacy policy content

1. Relating to the contents of this policy

This document (our “Privacy Policy”) describes how we use personal information about the people with whom we interact, such as customers and website users. It expresses our commitment to protecting your personal information. It is important that you read this Privacy Policy and any other privacy statements that we may provide to you on all occasions when we collect and process personal data so that you are fully aware of how and why we use your data.

2.Our Commitment

We respect your privacy, and our goal is to ensure that you have a trustworthy experience with us, both when using our website or shop and when booking with or through us. We understand that you are concerned about how we use your personal data and we would like to share with you the policies and practices we have adopted. In this way you can be confident in how we handle your personal data.

3.Legal Basis for Our Processing

We will process your personal data in accordance with all applicable laws and applicable contractual obligations. More specifically, we will not process personal data unless at least one of the following requirements is met:

you have consented to the processing of your personal data for one or more specific purposes;

The processing is necessary for the performance of a contract to which you are a party (e.g. a booking you have made) or to take steps at your request prior to entering into a contract (e.g. when you ask us for a quote);

Processing necessary to fulfil a legal obligation to which we are subject (for example, a visa application);</p

Processing necessary to protect your or any other individual's interests (for example, if you experience any problems while travelling);

Processing is necessary for the legitimate interests pursued by us or by third parties (for example, to protect our customers, our employees and other individuals and to safeguard their safety, health and welfare); to promote, market and advertise our products and services; to understand our customers“ behaviours, activities, preferences and needs; to improve our existing products and services and to develop new ones; to prevent, investigate and detect crime, fraud or anti-social behaviour and prosecute breaches of the law; to provide you with information about our products and services; to provide you with information about our products and services; to provide you with information about our products and services; to provide you with information about our services and our customers” needs; to provide you with information about our products and services; to provide you with information about our services and the services we offer to you. anti-social behaviour and prosecute offenders, including by cooperating with law enforcement agencies; handling customer contacts, enquiries, complaints or disputes; administering customers“ insurance claims; protecting us, our employees and our customers by taking appropriate legal action against parties who have committed crimes or breached their legal obligations to us; dealing effectively with any legal claims or regulatory enforcement actions against us; and fulfilling our obligations to our customers, colleagues, shareholders and other stakeholders). other stakeholders). The following is an indicative, non-exhaustive list of disposal activities on which we may rely for our legitimate interests:

Processing activities based on a legitimate interest</p

Direct marketing activities, including tracking, analysing, segmenting and communicating across multiple channels, see section 8.8 Legitimate Interests Based on Your Relationship and Interactions with Us to Promote Relevant Services and Products

.

Record keeping and reporting, see section 8.6 Legitimate interest in understanding and improving our business

.

Statistical analysis of customer data, see sections 8.7 and 8.9 Legitimate interest in understanding and responding to customer behaviour and preferences

Provision of customer data to insurers, border authorities and other law enforcement agencies, see sections 11.4 and 11.7 Legitimate interest in protecting and safeguarding the safety of guests and staff; legitimate interest in taking appropriate legal action in the event of disputes

.

Processing guest preferences and other information voluntarily provided by guests prior to travel, see section 8.3 Legitimate Interests in Personalising and Improving Our Services and Product Delivery

.

Processing customer data as part of prize draws, competitions, sweepstakes and surveys, see sections 6.4 and 6.5 Legitimate interest in interacting with customers and promoting our products

Processing customer data in the course of administering and maintaining our website and systems, see sections 6.8 and 8.7 Legitimate interest in running our business and improving our systems

.

4. Change of Purpose

We will only use your personal information for the purposes for which we obtained it. If we reasonably need to re-use your personal information, we will ensure that the reason for doing so is consistent with the original purpose. If you need an explanation of how the processing for the new purpose is compatible with the original purpose, please contact us. We may process your personal data for unrelated purposes where it is in our legitimate interests to do so. </p

• In some cases, personal data may be processed for a purpose other than the original purpose for which it was collected. Where this is likely to be the case, we will endeavour to inform you in advance and seek your consent where appropriate.
• We process existing data you provide as part of a contract, such as booking information, where we may have other secondary purposes. Further processing purposes may include carrying out market insights and data analysis to better understand our customers.
• We will use aggregate data modelling to enable us to obtain aggregate data from your personal information. By law, aggregate data is not considered personal data because you are not directly or indirectly identifiable. For example, we may use Aggregate Data to view performance statistics of our travel affiliates/consultants and to gain insight into customer demographics to improve marketing and customer service.
• However, if we merge or link Aggregate Data with your personal data to identify you directly or indirectly, we will treat the merged data as personal data and will process it in accordance with the strict guidelines of the Australian GDPR.
• We will not re-use sensitive or special category data without a legitimate basis for doing so and we rely on legitimate interests; will ensure that we carry out a Legitimate Interests Assessment (see section 3) and a Data Protection Impact Assessment under the AUS DPIA before carrying out the proposed processing activities.

5. Who is covered by our privacy policy

5.1 Our Customers</p

Our Privacy Policy sets out how we handle the personal data of the following people:

• Book or enquire about booking travel services through us; or
• the recipient of any travel service booked with or through us (for example, if you are the passenger who made the booking or someone else who made the booking enquiry for you); or
• A customer or potential customer or recipient of travel services that may be booked with us or through us.
</ul

We understand personal data to mean any information relating directly or indirectly to an identified or identifiable individual, in particular information relating to identifiers such as name, identification number, location data, online identifiers, services received or considered, or one or more factors relating to the physical, physiological, genetic, mental, economic, cultural or social identity of that individual.

</p

5.2 Examples of who is covered by this policy</p

We include in this Privacy Policy personal data that we process in relation to:

<ol
• Individuals who make any enquiry or booking with or through us, and individuals in respect of whom any enquiry or booking is made (e.g. friends, family, tour members, officials and employees of businesses and organisations who make bookings with or through us);
• Individuals who make enquiries or bookings with us by an agent;</li
• If our client is a business or organisation, employees or individuals acting on behalf of, and individuals connected with, that business or other organisation, such as owners, partners, shareholders and directors;
• Individuals who have received personal data from other companies in the Group (for example, where you have consented to your personal data being disclosed to other Group companies for marketing purposes).
</ol

5.3 When we are only the data processor</p

Please note, however, that this Privacy Policy does not apply to us as a sub-contractor or data processor processing personal data strictly on behalf of third parties other than our own accounts. In such cases, you should check with that third party and their privacy policy, and they will be responsible for how we process your personal data under their instructions.

</p

5.4 Terminology used in this Policy</p

When we refer to ”you“ and ”your“ in this Privacy Policy, we mean you and any such individual whose personal data we process from time to time. </p

When we refer to ”processing“ your personal data, this includes obtaining, recording, storing or holding your personal data and anything we do with it, such as organising, adapting or altering it, retrieving, consulting or using it, disclosing it or otherwise making it available to others, combining it with other data, and blocking, deleting or destroying it.

When we refer to ”travel services“ it covers all products and services that can be booked with or through us, such as tailor-made holidays, package holidays, accommodation, tours, transport and transfers (whether by air, long-distance bus, bus, train, ferry, hire car or otherwise), car hire, cruises, and charters, including: Travel services, Travel services, Travel services, Travel services and Travel services, including: Travel services and Travel services. and charters, including:

1. all such products and services which we provide or operate ourselves (including those which we sub-contract); and
2. any such products and services provided by a third party which we have booked for you (as an agent for you or for that third party). Travel Services also include any services provided by us or a third party in connection with travelling, such as obtaining visas, foreign exchange, providing local representation and support.

6.What types of personal data we may process

This section provides an overview of the types of personal data we process about you:</p

6.1 Data relating to you as an individual</p

We may collect the following data:

• Name,
• Age,</li
• Gender,</li
• Address,</li
• Telephone,</li
• Movement,</li
• Fax,</li
• E-mail,</li
• Social networking, your social posts about any of our trips and travel experiences. </li
• Photographs,</li
• Proof of identity and address, a copy of your passport, driver's licence and utility bills;</li
• Credit card and other payment details, as well as financial information.
• Health information relating to your planned travels and travel insurance holdings;</li
• Results of searches conducted on you (e.g., to verify your identity, address, and creditworthiness);</li
• your preferences;</li
• Frequent flyer or travel companion programme affiliation and membership number.
</ul

You may withdraw your consent to this at any time by contacting us as detailed in this Privacy Policy or in any direct marketing you receive. We will ask you to insert ”unsubscribe“ as the subject line in any email you send. </p

6.2 Business-related information</p

If you are an individual associated with one of our customers” businesses or other organisations, then your personal data may include the following information that we link to you:

• Details of the business or organisation (e.g. name, address, telephone number, payment arrangements, financial information, etc.);





• Your relationship with the business or organisation.
• your relationship to the business or organisation (e.g. owner, partner, director, shareholder, employee or agent), and
• Your contact details at that business (e.g. work address, work telephone and mobile phone numbers, work fax number and work email address).
</ul

6.2 Business-related information</p

If you are an individual associated with one of our client businesses or other organisations, then your personal data may include the following information which we link to you:

• Details of the business or organisation (e.g. name, address, telephone number, payment arrangements, financial information, etc.);





• Your relationship with the business or organisation.
• your relationship to the business or organisation (e.g. owner, partner, director, shareholder, employee or agent), and
• Your contact details at that business (e.g. work address, work telephone and mobile phone numbers, work fax number and work email address).

6.3 Enquiry and Booking Information</p

Information relating to enquiries and bookings for travel services made to or through us, including where you made the enquiry or booking or that you are the recipient of the travel service to which the enquiry or booking relates. This information may include:

• records of enquiries and searches for holiday and travel products made by or on behalf of you;
• detailed information about your personal interests;</li
• Requirements and other data relating to your enquiry;</li
• Details of results, quotations, recommendations, estimates and other information in response to your enquiry;</li
• Details of holidays, accommodation, tours, car hire and other travel services booked or enquired about;</li
• Details of travellers/holiday makers;</li
• Details of travel service providers (e.g. travel agents);
• Travelling dates and times;</li
• Prices;</li
• Payment details (including credit card details);
• Passport information and visa information;</li
• Foreign exchange requirements and arrangements; and
• Sensitive information such as health, medical, dietary, mobility, disability or other requirements relating to the services you have enquired about or the contract you have entered into with us.

6.4 Survey Information

Information collected or generated from any surveys conducted by us.

6.5 Competition Information

Information collected or generated from any competitions or promotions we run.

6.6 Account, Registration and Loyalty Information

Information about any of our accounts, registrations or memberships, or participation in any loyalty programme.

6.7 Communication

Correspondence, communications and information, including between you and us and between us and third parties, in relation to any booking or booking enquiry or the performance of any contract.

6.8 Website Usage Information

We may collect information about your access, browsing and use of our Website, unless your web browser blocks this information. The extent of the data we collect will depend on how you interact with our site.

This information may include:

• Your IP address (a unique identifier assigned to your computer to connect to the Internet);
• Your computer device's IP address (a unique identifier assigned to your computer to connect to the Internet);</li
• Details of your computer device (PC, tablet, smartphone, watch, etc.);</li
• The brand and version of web browser you are using (e.g. Internet Explorer, Firefox, Safari, Opera, Chrome);
• Your operating system (e.g. Windows, Windows Phone, OSX, iOS, Android, Linux, etc.);
• Your time zone;</li
• Your browser plug-in;</li
• Any web page you come from that your web browser recognises as a referring web page address;
• cookies (in accordance with our cookie policy)</li
• identifiers assigned to you by third-party advertisers and web beacons with which you interact;</li
• Page Response Times;</li
• Download Errors;</li
• Pages and sections of pages you visit;</li
• Your use of the Site, including queries and searches, as well as registering for accounts, forums, etc.;
• Services and products you visit;</li
• The length of time you visit sites and pages;</li
• Page interaction information (such as scrolling, keystrokes, mouse clicks, touches, and mouse hovers).

In general, this information will be collected and used anonymously and aggregated for analysis, your name and any characteristics that identify you will remain anonymous, but our privacy policy will apply and if this information relates to you personally in any way, it will be treated as your personal data.

This information may also include:

• Data entry into forms and fields; </li
• Registration for any account;</li
• Forums,</li
• Feedback mechanism;
• Socialisation features;</li
• Newsletters or other features of our site;
• User name and password;</li
• Login/Exit History and Settings;</li
• Actions taken on any account or other registration, including viewing, updating and changing settings; and posting on any forums, feedback, comments or other social features on our site.

Such information will be treated as personal data and processed in accordance with this Privacy Policy.

7.How we collect or generate your personal data

This section sets out the ways in which we collect or generate personal data about you.

7.1 Visiting Our Website

By visiting and using our website, you or your computer may provide personal information. This includes: information that your browser automatically provides to our servers; information recorded on our web servers about your interactions with our site and the pages you visit; information that we capture or place on your computer or generate using cookies or other technologies on our site; and information that you enter in forms and fields on our site. This is described in more detail in our cookie policy

7.2 Information You Provide

Your personal data will include information that you provide (or later amend), whether:

• Correspondence with you;</li
• Informing us by telephone or verbally in person;</li
• Filling in any fields or forms on the website;</li
• by completing any printed form we provide to you;
• by e-mail;
• from documents that you provide to us; and
• Updates to any information you provide to us from time to time.

This includes when you:

• register or subscribe to any service, account, membership or loyalty programme;
• enquire or book a holiday or other travel service in person, by telephone, through our website or otherwise;
• Send us your comments or suggestions;</li
• Subscribing to any newsletter or other publication;</li </ul

  Request sales and advertising information, including brochures.

  7.3 User-Generated Content

  We may process information or content that you provide in connection with your past, present or future feedback or experiences travelling with us. We will only use content and images that you submit to our social media channels or websites if you have consented to allow RVG TOURS and its subsidiaries to process this information in connection with various activities. This may include any marketing activities such as:</p

  • Printing of materials</li
  • On our web site</li
  • Email campaigns</li
  • Social posts</li
  • Images from our travels</li
  • Providing images to our trading partners for use on their websites, email marketing and other marketing campaigns
  • Provide them in our content feeds</li
  • We will share images in our content feeds, image galleries via email and with our trading partners via these methods
  • any other information that you provide to us or that relates to you personally.

  7.4 Data obtained from third parties

  We may obtain personal data about you from third parties, including:

  • Providers of any holiday, accommodation and other travel services and their intermediaries who are enquired about or booked;
  • Credit, fraud, identity and other searches that we may conduct, including searches of public records, regulatory authorities and private organisations;</li
  • Any business or organisation with which you are associated; telephone numbers identified from telephone systems when you call us. </li </ul

    7.5 The data we generate</p

    We and any suppliers or sub-contractors working for us may generate personal data relating to you including:

    • Responding to and processing any enquiry, booking or complaint; or
    • to fulfil any booking or other contract entered into with you; or
    • by analysing your personal data; or
    • by data obtained from your use of our website in accordance with our cookie policy.
    </ul

    We may record telephone calls with you for training and quality purposes.

    8.What do we use your personal data for?

    This section sets out the purposes for which we use your personal data and the legal basis on which we do so.

    8.1 Operating our Website</p

    Operate and provide search, booking, accounts, reviews, forums and other services, facilities and features of our Website. This includes administering any account or registration you may have with us on our Website, and changing your settings and personal information as requested by you.

    8.2 Providing Information and Responding to Enquiries

    To provide you with information about our website, systems and services, including responding to booking enquiries and holiday and travel searches, and to keep you up to date. We process your data because you have asked us to take the relevant steps to enter into a contract or because we carry out a service you have asked us to provide.

    8.3 Reservations and other contracts</p

    To enable you to make bookings and to fulfil, provide, carry out, administer, manage and enforce all bookings, orders and other contracts relating to you (including if you are a passenger booked by someone else) and to process any transactions relating to you that are authorised by us or entered into with us. We process your data because you have asked us to take the relevant steps to enter into a contract or because we are performing a service that you have asked us to provide.

    8.4 Payment

    Collecting and paying amounts due and managing our account. This is necessary to prepare any contract between us.

    8.4 Payment

    8.5 Communicating with Customers</p

    Communicate with you about any enquiries, bookings, travel services offered, problems and complaints and respond to any submissions, enquiries or requests you make. We process your data because you have asked us to take the relevant steps to enter into a contract or because we are performing a service you have asked us to provide.

    8.6 Record Keeping

    Maintain internal records and reasonable files including enquiries, bookings, contracts, travel services and complaints. This is either because we have a legitimate interest in doing so, to ensure the protection or effective operation of our business, or because we are legally obliged to do so.

    8.7 Managing and improving our business</p

    Analyse, audit, provide, operate, manage, maintain and improve our business, websites, systems and services;

    • Conducting surveys and analysing the results;</li
    • Organising promotional events and competitions;</li
    • Responsible for product or customer research/development;</li
    • Assisting and helping us to improve our sales performance;</li
    • Carry out other business development and improvement activities;</li
    • providing training for our staff, subcontractors and suppliers;</li
    • Editing, advertising and marketing processes, including sharing photographs that you volunteer to take during your trip with us. These photos may be shared on our social media channels such as Facebook, Instagram, Twitter or LinkedIn. these images will not be shared for any purpose other than to promote our travel experience. If you do not wish to be photographed, please remove yourself from the Travel Guide Organisation's group photos;
    </ul

    For example, we may use your personal data to help us understand how customers use our website and book travel services through us. We may also use this information to identify interests so that we can better tailor our business offerings. This is based on our legitimate interest in ensuring the efficient operation of our business. </p

    </p

    8.8 Direct Marketing</p

    Direct marketing to you, in particular to identify you as a customer, to recognise your product and service preferences and to provide personalised content and advertisements to inform you of new or additional products, services and/or promotions that may be of interest to you. Depending on the details you provide to us, we may carry out direct marketing by: text messages, telephone calls, targeting you on social media platforms on your PC and mobile device, direct mail, post, online adverts, third party applications, our applications. Please see section 10.1 for the types of products we may market to you in this way.

    8.9 Advertising

    Report to our advertisers aggregate information about the use of our websites. We generally create anonymous statistics about browsing behaviour and patterns and do not identify any individuals. </p

    8.10 Any matters to which you have expressly consented</p

    We have your consent for any purpose. We will only do this where you have a choice whether or not to consent, where you have control over the data, and where you have taken positive steps to give your consent on an informed basis. If you wish, we will ensure that you can withdraw your consent at any time by providing a simple mechanism.

    8.11 Consequences of failing to provide data</p

    You are under no obligation to provide your personal information, however, if it is necessary for us to provide you with our services

    </p

    9.How long we keep your data

    We will only retain your personal data for as long as is necessary to fulfil the purposes for which we collected it, including meeting any legal, accounting or reporting requirements.

    To determine the appropriate retention period for personal data, we will consider the amount, nature and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes by other means, and applicable legal requirements.

    For further information about our data retention policy, please ask us.

    10.Use of your personal data for direct marketing purposes

    We will not use or disclose your personal data for direct marketing purposes unless:

    Use of your personal data for direct marketing purposes
    • We have obtained your consent, for example, through an opt-in box on any of our forms or websites; and/or
    • You have placed a booking with us and we have a legitimate business interest in placing a booking for a similar product or service.

    If you no longer wish to receive direct marketing, you may manage your communication preferences by contacting us as detailed in this Privacy Policy or in any direct marketing you receive, or by unsubscribing via the link at the end of each of our electronic communications.

    If we use your personal information for direct marketing purposes, in addition to data protection laws, we may be subject to other rules governing direct marketing, such as the Australian Electronic Transactions Act 1999, where the term “direct marketing” essentially means direct marketing materials or adverts directed at specific individuals. </p

    10.1 Our direct marketing</p

    We will use your personal data to send you marketing information (including adverts and promotional details) about our travel services:

    1. provided by us;
    2. Can be booked with third parties through us;
    3. Can be booked with other companies within the Group (i.e. the Travel Agent Group); and
    4. provided by a third party of our choice. However, we will not pass on any of your details to third parties without your express prior consent.

    Where applicable, we will only send you marketing information about the type of travel service you have selected. In addition, we will only contact you in ways that you have consented to (e.g. by email or SMS, WHATSAPP, WeChat, LINE...... etc.).

    </p

    10.2 Third Party Direct Marketing

    We may from time to time disclose your contact details (i.e. your name, email address, postal address, telephone number, mobile number, fax number and preferences) to:

    1. Other companies in our travel group, subject to the same requirements set out in this Privacy Policy; and
    2. other companies that provide services that may enhance your travel experience or that may help you with your travel arrangements (“Third Parties”). These Third Parties may then contact you directly with marketing information about the services and products they offer. These Third Parties are not part of The Travel Company and are not bound by this Privacy Policy. However, we ensure that our partners will only contact you by means you have agreed to (e.g. email, SMS) when you have given your consent.

    10.3 Withdrawal from Direct Marketing

    You can stop receiving marketing communications from us at any time by contacting us in the ways detailed in this Privacy Statement or by following the instructions in our marketing communications. If you send an email requesting to withdraw your consent, please put the word “unsubscribe” in the subject of the email. </p

    When you opt out of receiving marketing communications, we will no longer share your information with any other third parties from that point on.

    You may also notify any third party to whom we have previously passed your contact details that you no longer wish to receive marketing communications from them at any time.

    11.Disclosure of your personal data to third parties

    We will transfer your personal information to third parties in the following circumstances:

    11.1 Credit checks etc.

    We may disclose your personal data to third parties (including intermediaries) if necessary to carry out any checks on your financial situation. The identity of these parties may change from time to time. They may include credit reference agencies and other companies for credit decision making, fraud prevention and debtor tracing.

    11.2 Booking and performance of contracts

    We may disclose your personal data to third parties (including intermediaries) where necessary to process any booking enquiry made by or on behalf of you, to carry out any booking requested by or on behalf of you, to fulfil and administer any booking for you or other contract entered into by or in relation to you. This may include;

    • Applying for visas on your behalf;</li
    • collecting payments made by you;</li
    • Investigating and responding to complaints</li
    • Enforcing any booking or other contract with you.

    Such third parties may include any suppliers or sub-contractors and their agents (e.g. airlines, long distance carriers, ferry or train companies, hotel operators, rental companies, cruise lines, tour operators etc.). The identity of these parties may change from time to time so that we can provide our services to you. We ensure that these third parties perform their tasks with the same level of protection for your personal data as you would expect from us.

    </p

    11.3 Providers of travel and other services

    We may use your personal data for the purposes of the Services.

    We may disclose your personal data to any third parties (e.g. suppliers, contractors, sub-contractors) with whom we make any enquiries or with whom we commission or sub-contract the performance of any booking or other contract, including the provision of any travel, tourism or other products or services that we have agreed to provide to you in order to fulfil our contract with you.

    We may disclose your personal data to any supplier, such as a travel agent, for whom we act as an agent (whether as your agent, a person acting on your behalf or a supplier) for the purposes of making any enquiries or booking any travel or other products and services for you. Details of any third party travel agents or other third parties who are responsible for or provide you with the travel services booked or enquired about are available from us on request and can be stated in any travel or other brochures provided by us.

    11.4 Insurance

    If you apply for any travel or other insurance through us, we will pass your personal data to the insurance company. The information you provide may be entered into a claims register and shared with other insurers to prevent fraudulent claims. </p

    11.5 Outsourcing of business functions

    When we use a third party to host, provide, operate or supply any part of our website, database, systems, business or services, or to perform any of our business functions or actions on our behalf (including sending mailings, processing payments, providing marketing assistance, providing customer and advertising analytics through third party advertising technology providers, and providing customer service), we may then, as necessary, provide We may then provide them with your personal data as required for or as part of the processing of these purposes. We ensure that these third parties treat your personal data with the same care and responsibility as we do. </p

    11.6 Public forums etc.

    If any facility on our Website is expressly designed to make your personal data publicly available (for example, your postings on any public forum or commenting facility), then any personal data provided by you in connection with that forum or other facility, which is provided with the express intention of publication, will be disclosed to the public accordingly, subject to our review and the terms of this Privacy Policy.

    11.7 Legal Requirements

    We may provide personal data to governmental agencies or regulatory bodies if required to:

    • comply with legal requirements;
    • as required by the administration of justice or public law enforcement agencies; or
    • For customs, visa and immigration purposes.

    We may disclose your personal information when otherwise required or permitted by law.

    11.8 Third Party Direct Marketing

    We may disclose your personal data to third parties for the purpose of direct marketing to you with your prior consent. Please refer to the Direct Marketing section above for more information.

    11.9 Corporate Customers (Non-Individuals)

    If you are a business or organisation (“Business Customer”) and we hold personal data about any authorised representatives (such as staff agents, employees, managers, owners, partners or directors) then we may disclose such personal data to them.

    If a business customer makes a booking or booking enquiry on behalf of an individual and is authorised by that individual, then we may disclose that individual's personal data to our business customers as reasonably required for the purposes of that booking or enquiry or subsequent fulfilment.

    12.How third parties may handle your personal data

    When we provide your personal data to third parties, one of the following two circumstances will apply:

    12.1 Processing on our behalf

    In some cases, your personal data may be held and processed by others on our behalf. We have not included the names of our service partners as these will change over time. We will continue to be responsible for their processing of your personal data and they will only hold and process your personal data in accordance with our instructions and this Privacy Policy. Sharing your data is necessary to fulfil any contract with you and to provide our services effectively.

    12.2 Self-processing

    In other circumstances, it may be necessary for your personal data to be provided to them to be held and processed by them in their own right and in their own name. In such cases, they will have their own responsibility for your personal data in accordance with their own privacy policy and we will not be responsible for what they do with such data after disclosure. This will only be done for the performance of a contract. When this happens, the third party will notify you and they will provide you with their privacy policy.

    13.Where your personal data is stored

    We (and any associated companies, sub-contractors or others who process your personal data on our behalf) may transfer, store or otherwise process your personal data in the Australian Exclusive Economic Zone (“EEZ”).

    We will only send your EEZ personal data to companies within our group or to parties with whom we have a contract. We require all our group companies to follow the same rules when processing your personal data to ensure that your personal data is protected. This means that within our group and other organisations with whom we have contracts, we ensure that we have adequate safeguards in place for such transfers in the EEZ. You can find out whether these safeguards are adequate by contacting us using the details provided in section 16 of this privacy statement.

    14.Keeping your data safe

    14.1 Our security measures

    We take appropriate technical and organisational measures to protect your information against unauthorised or unlawful use and accidental loss or destruction, including:

    • Sharing and providing access to your information only to the minimum extent necessary and, where appropriate, observing confidentiality restrictions and, where possible, in an anonymised manner;</li
    • Use secure servers to store your information;</li
    • Verify the identity of individuals who access your information before granting them access to it</li
    • Encrypt your personal and payment transactions using Secure Socket Layer (SSL) and Transport Layer Security (TLS) software or other similar encryption technologies.

    Unfortunately, the transmission of information via email is not secure, and if you submit any information to us via email over the Internet, we will use our best endeavours to protect your personal data and enter into contractual procedures with our service providers to protect your personal data. Once we have received your information, we will use procedures and appropriate security measures to prevent unauthorised access.

    </p

    To protect your own privacy, we encourage you to maintain anti-virus and other malware protection software on your computers and other devices, and to maintain your own measures to protect your personal data. Please do not include sensitive personal information, including payment card information, in any emails you send us.

    We also encourage you to be careful about who you give your personal data to. We will never contact you to ask for payment card information or sensitive personal data, such as passport numbers or login details, and we will only do so in person or via our website, or over the phone in relation to a booking you are making or have made. Please let us know if you have been contacted by someone claiming to be on our behalf.

    15.Your rights

    You have certain rights under the Data Protection Act, which we summarise below. If you contact us in relation to these rights, we may ask you for proof of identity before we can act on any request, and we may refuse to act if you do not provide such proof or if your identity is not established by you. This is to ensure that your data is protected and remains secure. More information about your rights and our obligations can be found on the Australian website at https://www.oaic.gov.au/privacy-law/privacy-act/. </p

    To exercise any of the following rights, please email your request to admin@www.rvgtours.com.au. You may request that the following information be provided to you:

    • Whether we are processing your personal data;
    • What personal data we are processing, including requests for a copy of your data;
    • The purposes for which we process data;
    • The sources from which we collect data;
    • Who we disclose the data to;

    We will act on a valid request within one month of receiving it (i.e. when we are able to identify you as the data subject). If your request is complex, or if we have a high volume of requests, we may extend this period by a further two months. We will let you know if this is the case.

    The law does allow us to refuse your request or charge a reasonable administrative fee in certain circumstances where we estimate that your request is manifestly unfounded or excessive. If this is the case, we will notify you at that time, as well as the possibility of you lodging a complaint with the regulator and seeking a judicial remedy.

    15.1 Rectification

    You have the right to request rectification of your personal data if it is inaccurate or incomplete.

    15.2 Right to object

    You have the right to object to the use of your personal information for direct marketing purposes or where we claim that we have a legitimate interest in using it.

    15.3 Erasure

    You have the right to request erasure or removal of your personal information if:

    • The data is no longer necessary for the purposes for which it was originally collected or otherwise processed;
    • Consent is used as a legal basis for processing where you have withdrawn your consent;
    • when personal data are processed unlawfully;
    • When you object to processing and we have no overriding legitimate interest in continuing to process;
    • when erasure is necessary to comply with legal requirements; or
    • To collect data relating to the provision of online services to children.

    When a request for erasure is valid, we will take reasonable steps to notify the third party who is processing the personal data you have asked us to erase.

    We have the right to refuse a data erasure request if the data is necessary for the following purposes:

    • Exercise of the right to freedom of expression and information;</li
    • Compliance with legal obligations;</li
    • Establishment, exercise or defence of legal claims;
    </ul

    15.4 Portability

    You have the right to receive the personal data you provide to us in a structured, commonly used and machine-readable format and to transmit this data to another controller if:

    • Processing is based on consent or contract; and
    • Processing is carried out by automated means.

    15.5 Restrictions on Processing

    You have the right to ask us to restrict the processing of your personal data in the following cases:

    • You challenge the accuracy of the personal data and for a period of time to enable us to verify the accuracy of the personal data;
    • The processing was unlawful and you objected to the deletion of the personal data and requested a restriction on its use;
    • We no longer require the personal data for the purposes of the processing, but the data is necessary for you to establish, exercise or defend legal claims;</li
    • You object to processing before verifying whether our legitimate grounds override yours.
    </ul

    Where there are restrictions on the processing of your personal data (other than storage), we will only process your personal data with your consent in order to establish, exercise or defend a legal claim, to protect the rights of another person or organisation, or because the law requires us to do so.

    We will notify you before we remove the processing restriction.

    15.6 Right to withdraw consent

    You may withdraw your consent at any time and we use your consent as the legal basis for processing. Please contact us using the details set out in section 16 of this policy. For more information on how to object to our direct marketing communications, please see section 10.3.

    15.7 Right to complain to a regulator

    Our compliance with the Law is regulated by the Australian Information Commissioner (GPO Box 5218 Sydney NSW 2001) or an independent regulator overseeing the application of the Law in other member states by calling 1300 363 992 or online at https://www.oaic.gov.au/privacy/privacy-complaints/. independent regulator responsible for overseeing the application of the Regulation. In addition to your rights set out above, if you have a complaint or concern, you may seek assistance from that regulator, which has the power to compel us to comply with applicable laws and to fine us for non-compliance. However, before you do so, we ask that you contact us to discuss any complaints or concerns you may have. You can do this by contacting us using the details provided in Section 16 of this Privacy Statement. </p

    Changes to this privacy policy</p

    We regularly review our Privacy Statement to ensure that it is up to date and accurate. When we make any changes, we will notify you by email. You can view the latest valid version at the top of the document. </p

    Applicable Laws and Disputes</p

    Our Privacy Policy is governed by Australian law and disputes may be determined by the Australian courts.

    16.Contacting us

    If you have any questions about our privacy policy or how we handle your personal data, including any requests or complaints, please contact us by email (info@rvgtours.com), by phone (02-9880 2888) or by post at 1/F 774 Pacific Highway, GordonNSW 2072 Australia

    17.About Us

    This is the privacy policy of Ran Deng Yuan ( AUSTRALIA ) PTY LTD Trading as RVG TOURS (“we”, “us” or “our”). “Privacy Policy. We are incorporated under the laws of Australia. Our ABN is 74639327450 and our business address or registered office is 1F 774 Pacific Hwy Gordon NSW 2072 Australia. We are a member of ATAS. We are also a member of the International Air Transport Association. Please see our About Us page for more information.

    18.Copyright Notice

    This document and all content on our website is copyright © RVG Tours. All rights reserved. </p

    19. NetworkCookie policy

    About this policy

    This is the privacy policy of Ran Deng Yuan ( AUSTRALIA ) PTY LTD Trading as RVG TOURS (”we“, ”us" or "our"). Our") Privacy Policy. We are incorporated under the laws of Australia. Our company number is 639327450 and our company address or registered office is 1/F 774 Pacific Hwy Gordon NSW 2072 Australia.

    Web Cookie Laws

    Australia does not have any specific regulatory guidance on cookie requirements. However, the Australian Privacy Act 1988 imposes certain notification and consent obligations that organisations should comply with in order to deploy cookie consent banners that comply with the law.

    Types and uses of cookies

    Cookies can be categorised in a number of ways, one of which relates to their lifetime, i.e. how long they are stored in your browser. According to this categorisation, a cookie can be:

    1. -Session cookies: temporary cookies that are used to identify and track users on our site; this information is automatically deleted by your browser when you close the browser or end the session; and
    2. -Persistent cookies: cookies that allow our site to "remember" who you are and what your preferences are on our site; these cookies are stored in your browser for a period of time (the exact location depends on the browser and version).

    How do I disable cookies?

    Since cookies are stored in the web browser used to access a site, users need to change the settings of their particular browser. Below are some of the most popular browsers, and links to the corresponding vendor guidelines for disabling cookies:</p

    - ie browser:https://support.microsoft.com/en-gb/help/17442/windows-internet-explorer-delete-manage-cookies

    https://support.microsoft.com/en-gb/help/17442/windows-internet-explorer-delete-manage-cookies https://support.microsoft.com/en- gb/help/278835/how-to-delete-cookie-files-in-internet-explorer

    - Firefox browser:https://support.mozilla.org/en-US/kb/how-do-i-turn-do-not-track-feature

    - Chrome browser:https://support.google.com/chrome/answer/95647?hl=en-GB

    - Safari browser:https://support.apple.com/kb/PH5042?locale=en_GB

    - Opera: https://www.opera.com/help/tutorials/security/privacy/

    In addition, Google Analytics gives you the option of installing the Opt-Out Browser plugin for Internet Explorer 11, Firefox, Chrome, Safari and Opera:https://tools.google.com/dlpage/gaoptout

    Rejecting cookies

    Please note that disabling or refusing cookies on our website may result in certain pages being inaccessible or not functioning properly.

    Further information

    There are several websites that explain how cookies work and provide more details, such as www.aboutcookies.org和www.allaboutcookies.org. (We are not affiliated with these sites.).