We highly value your trust in choosing Innstant Travel for your online hotel reservation. Therefore, we will duly and diligently safeguard and protect the privacy and confidentiality of your personal details (including your credit card details). This policy is in compliance with the General Data Protection Regulation, Regulation (EU) 2016/679, articles 28 and 29 of the aforementioned legislation (hereinafter “GDPR”).
When you make a reservation for a hotel (or any other type of accommodation), you will be asked to complete online forms providing for: your name, (home or office) address, (business or private) email address, (mobile, home or office) telephone number, credit card details (i.e. credit card type and number, CVC code, expiration date, credit card holder name) and to the extent available, reservation preferences and smoking preference. This information is required to process, book and complete your reservation (including the sending of a confirmation email of the booking to you).
For our services, we shall collect for the following purposes the following information:
Reservation orders: For the purposes of completing your booking and save for disclosures required by law, criminal investigations, subpoenas or court orders, we will only disclose your name and the credit card details to the relevant hotel with which a booking is made. However, please note that from time to time, we may use third party distributors which provide certain services and functions for and on our behalf. These third party distributors may have access to (part of your) personal information in order to perform their services and functions, but are subject to a confidentiality obligation pursuant to which they cannot use, share or disclose the information for any other purpose.
Surveys: By completing a booking, you agree to receive an invitation email to complete our guest review form which we will promptly send to you after your stay of the hotel, which review can also be completed anonymously. By completing the guest review, you agree that the completed guest review can be uploaded to our website at the relevant hotel information page for the sole purpose of informing (future) customers on the service (level) and quality of the relevant hotel. We reserve the right to adjust, refuse or remove review forms at our sole discretion. The guest review form should be regarded as a survey and does not include any (further commercial) offers, invitations or incentives whatsoever. If you no longer wish to receive a survey request email, you can simply click on the unsubscribe link or reply (with “unsubscribe” in the subject line).
Newsletters and other information: we may offer you to subscribe to newsletters, hot-deals notification and other information, if you wish to subscribe for our newsletter or wish to receive other information from us (in respect of our, our affiliated companies’ or business partners’ products or services), we offer you the option to “Opt in” for this service. If you no longer wish to receive our newsletter and other promotional communications, you can simply click on the unsubscribe link or reply (with “unsubscribe” in the subject line). Visitor’s registration and “cookies”: For (improvement of) our service and product, we use (temporary and persistent) cookies to track browsing behavior and monitor and record the visits and use of our website(s). Cookies are text files stored at your computer, either temporary or persistent on your hard drive. Cookies are used for authenticating, session tracking (state maintenance), and maintaining specific information about the users of our website, such as site preferences or the contents of their electronic shopping carts. Furthermore, we will record your IP address, browser type, Internet Service Provider (ISP) for fraud, misuse and criminal investigation purposes.
Please note that, in accordance with European personal data protection laws, and the aforementioned GDPR, strict security procedures are observed within Innstant Travel to prevent personal data misuse and unauthorized access. Log files: For marketing analysis and quality improvement purposes, we collect on an anonymous basis various information with respect to the total amount of transactions, referring/exit pages, platform type, date/time stamp information and the number and location of clicks on a given page. Please note that from time to time, we may use third party service providers to collect, monitor and report on this anonymous data. In any case, personal data may not be used by Innstant Travel for its own purposes.
Innstant Travel will notify you when the GDPR or other data protection local laws have been infringed.
Under the guidances of the GDPR, we will ensure that any person acting under its authority who has access to personal data shall not process those data except on instructions from the customer, unless required to do so by European Economic Area (“EEA”) or EEA member state law.
In the event of any transfer of Customer Data to a party outside the European Economic Area (“EEA”), we will make sure that this is made subject to appropriate safeguards which include, without limitation, the European Commission Standard Contractual Clauses for the Transfer of Personal Data to Third Countries (2004/915/EC) (“EU Model Clauses”) (or equivalent clauses, as and when mandated by the relevant authorities), which incorporated herein by reference, the EU-U.S. Privacy Shield Framework, binding corporate rules and/or approved codes of conduct. In the event the parties rely on the EU Model Clauses, the Partner is the “data exporter,” Agoda shall be the “data importer,” and the description of the transfer in Annex B to the EU Model Clauses shall be such activities as described in the Agreement.
In order to protect and safeguard the personal data provided to us, we have implemented and use appropriate business systems and procedures. For example, your credit card information is transmitted to us through a secure server protocol, which encrypts all your personal and credit card details. The encryption method used is the industry standard “Secure Socket Layer” (SSL) technology. Furthermore, we have implemented and use security procedures and technical and physical restrictions for accessing and using personal information. Only authorized employees are permitted to access personal information for performing their duties in respect of our services.
Our server and network are protected by firewalls against unauthorized access and we have intrusion detection systems that monitor and detect unauthorized (attempts to) access to or misuse of our servers.
Your credit card details will be kept by us up to maximum 10 days after a booking is made. After that period, your credit card data will be deleted.
You always have the right to review the personal data you have stored with us. You can request your personal data by emailing us at firstname.lastname@example.org. Please state ‘request personal data’ in the subject line of your email.
If your personal data is incorrect, we will change it upon your request. You can also ask Innstant Travel to remove your personal data from its database by sending us an email to the aforementioned email address.
To the extent required by applicable Privacy Laws, we agree to provide reasonable assistance to you with any request to access, change, delete, correct, or exercise related rights to Customer Data, taking into account the nature of Processing and Customer Data available to you.
After you have made a booking, you will receive a confirmation message with all the information about your booking. You may take this confirmation to the hotel as proof of the reservation. Furthermore, after your stay at the hotel, we will send you the guest review survey, which we appreciate to be filled in by you. Your completed guest review form may be uploaded onto the relevant hotel’s information page on our website for the sole purpose of informing (future) customers of your opinion of the service (level) and quality of the hotel. To the extent that you have “Opted in” you may receive from us and from time to time our newsletter or other information.
If you have any suggestions or remarks about this privacy statement, please send an email to email@example.com.
We are at all times entitled to change the way we collect, transmit and process the personal information and such other information as we may deem necessary. This Privacy Statement may therefore be amended from time to time in order to reflect the latest changes.