PlanetBlueTravel Privacy and Confidentiality Policies

 

Introduction

At PlanetBlueTravel, we are committed to protecting the privacy and confidentiality of our clients’ personal information. This Privacy Policy outlines how we collect, use, store, and protect client details, and it incorporates and references the privacy policies of our service providers: Tramada, Amadeus, and Google.

1. Information Collection

We collect personal information that is necessary for the provision of our travel services. This may include, but is not limited to:

  • Names

  • Contact information (email addresses, phone numbers)

  • Travel preferences and history

  • Passport and visa details

  • Payment information

2. Use of Information

The personal information we collect is used for the following purposes:

  • To provide travel-related services and fulfil booking requests

  • To communicate with clients regarding their travel plans and any changes or updates

  • To process payments and manage billing

  • To improve our services and tailor them to client preferences

3. Information Sharing

We do not share personal information with third parties except in the following circumstances:

  • When it is necessary to provide the services requested (e.g., sharing information with airlines, hotels, and other travel service providers)

  • When required by law or to protect the rights, property, or safety of our company or others

4. Data Storage and Security

Tramada Systems:

We use Tramada Systems for storing client details such as date of birth, frequent flyer numbers, invoices, and passport details. Tramada Systems is committed to ensuring the security and confidentiality of personal information. For more details, please refer to the Tramada Privacy Policy here.

Amadeus:

We use Amadeus for booking travel. Amadeus processes personal data in the Global Distribution System (GDS) in accordance with their privacy practices. For more information, please refer to the Amadeus Privacy Policy here.

Google Drive:

We store and back up emails and other data on Google Drive. Google’s comprehensive privacy practices and data protection policies are applied to ensure the safety and confidentiality of our data. For more details, please refer to the Google Privacy Policy here.

5. PCI Compliance

We are fully compliant with the Payment Card Industry Data Security Standard (PCI DSS). This means we adhere to the highest standards for securing payment card information. We take the following measures to ensure PCI compliance:

  • Regularly monitoring and testing networks

  • Maintaining secure systems and applications

  • Protecting cardholder data through encryption and other security measures

  • Implementing strong access control measures

  • Regularly auditing our practices to ensure ongoing compliance with PCI DSS

6. Data Retention

We retain personal information for as long as necessary to provide our services and fulfil the purposes outlined in this policy. When personal information is no longer needed, we take steps to securely delete or destroy it. Our service providers, such as Tramada and Amadeus, also have their own data retention policies which ensure compliance with relevant laws and regulations.

7. Client Rights

Clients have the right to:

  • Access the personal information we hold about them

  • Request corrections to any inaccurate or incomplete information

  • Withdraw consent for the use of their personal information (subject to legal or contractual obligations)

8. Protecting Your Information

We are committed to protecting the security of your personal information. We use a variety of security technologies and procedures to help protect your personal information from unauthorised access, use, or disclosure. Our service providers also use robust security measures to protect data. For instance:

  • Tramada uses encryption, firewalls, and access controls to protect data.

  • Amadeus implements technical and organisational measures to protect data, including secure data centres and encryption.

  • Google Drive provides secure data storage solutions and applies strict data protection policies.

9. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. We will notify clients of any significant changes and provide an updated policy on our website.

10. Contact Us

If you have any questions or concerns about this Privacy Policy or our data practices, please contact us at:

PlanetBlueTravel
Suite 2/849 South Dowling St, Waterloo NSW 2017
travel@pbt.com.au
1300 567 772

Acknowledgement

By using our services, you acknowledge that you have read and understood this Privacy Policy and agree to the collection, use, and storage of your personal information as described herein.

This version includes a specific section on PCI compliance, outlining your adherence to PCI DSS standards and the measures you take to protect payment card information. This addition helps reassure clients that their payment information is handled securely and in compliance with industry standards.