Privacy Policy
We are committed to safeguarding the privacy of our website visitors; this policy sets out how we will treat your personal information.
What information do we collect?
We may collect, store and use the following kinds of personal data: (a) information about your visits to and use of this website; (b) information about any bookings made using the website and other transactions carried out between you and us on or in relation to this website (which may include your name, address, email address, telephone number and credit/debit card details); (c) information that you provide to us for the purpose of registering with us and/or subscribing to our website or email services.
Information about website visits
We may collect information about you computer and your visits to this website such as your IP address, geographical location, browser type, referral source, length of visit and number of page views. We may use this information in the administration of this website, to improve the website's usability, and for marketing purposes.
Using your personal data
Personal data submitted on this website will be used for the purposes specified in this privacy policy or in relevant parts of the website. In addition to the uses identified elsewhere in this privacy policy, we may use your personal information to: (a) improve your browsing experience by personalising the website; (b) enable your use of the services offered on this website; (c) carry out transactions between you and us on or in relation to this website; (d) send to you marketing communications relating to our business or the businesses of carefully-selected third parties which we think may be of interest to you by post or, where you have specifically agreed to this, by email or similar technology (you can inform us at any time if you no longer require marketing communications to be sent by emailing us at res@ctplus.co.uk); We will not without your express consent provide your personal information to any third parties for the purpose of direct marketing.
Other disclosures
In addition to the disclosures reasonably necessary for the purposes identified elsewhere in this privacy policy, we may disclose information about you: (a) to the extent that we are required to do so by law; (b) in connection with any legal proceedings or prospective legal proceedings; (c) in order to establish, exercise or defend our legal rights (including providing information to others for the purposes of fraud prevention and reducing credit risk); and (d) to the purchaser or seller (or prospective purchaser or seller) of any business or asset which we are (or are contemplating) selling or purchasing. Except as provided in this privacy policy, we will not provide your information to third parties.
Security of your personal data
We will take reasonable precautions to prevent the loss, misuse or alteration of your personal information. Of course, data transmission over the internet is inherently insecure, and we cannot guarantee the security of data sent over the internet. We will store all the personal information you provide on our secure servers. All electronic transactions you make to or receive from us will be encrypted using SSL technology. You are responsible for keeping your password confidential. We will not ask you for your password.
Policy amendments
We may update this privacy policy from time-to-time by posting a new version on our website. You should check this page occasionally to ensure you are happy with any changes.
Your rights
You may instruct us to provide you with any personal information we hold about you. Provision of such information may be subject to the payment of a fee (currently fixed at £10.00). You may instruct us not to process your personal data for marketing purposes. In practice, you will usually either expressly agree in advance to our use of your personal data for marketing purposes, or we will provide you with an opportunity to opt-out of the use of your personal data for marketing purposes. You can also instruct us not to use your personal data for marketing purposes by email (to res@ctplus.co.uk) at any time.
Third party websites
The website contains links to other websites. We are not responsible for the privacy policies or practices of third party websites.
Galileo's position on Data Protection
When you lodge a Traveller Profile with us, your data is copied and also stored in the mainframe computer of Galileo – our computer reservation system (CRS). The following is a statement of Galileo's position on Data Protection.
As a provider of a computer reservation system (CRS), Galileo considers itself to be a data processor for the purposes of the European Data Protection Directive 95/46 (the Directive). Galileo processes data received from travel agents by sending a passenger name record (PNR) to airline reservation systems via the Galileo CRS, solely for the purposes of fulfilling the individual passenger's booking requirements. Galileo considers Travel agents collating and disseminating booking data through the Galileo CRS, together with the airline carriers who receive such data, as data controllers for the purposes of the Directive. As such, both subscribers and carriers must also comply with all of the obligations contained within the Directive.
For the purposes of business administration (e.g., human resources), Galileo is registered with the various data protection authorities in Europe as being a data controller on the basis that a Galileo employee's personal data may be transferred outside of the European Economic Area (EEA).
The Galileo CRS data centre is based in Denver, Colorado. In complying with the Directive and national data protection legislation in relation to those obligations on the transfer of personal data outside of the EEA, Galileo has in place certain inter company data transfer agreements which incorporate the European Commission's approved model clauses for the transfer of data outside of the EEA.
As per the standard agreements currently in place with Galileo's subscribers, the subscriber retains the right to use the data placed on the Galileo System and therefore the manner and purpose for which it is used.
Galileo is committed to taking all appropriate technical and organisational measures against unauthorised or unlawful processing of personal data and against any accidental loss or destruction of, or damage to, personal data contained within the Galileo System.
Besides having to comply with the Directive (and each EU Member State's own national laws arising there under), as a CRS provider, Galileo is also obliged to comply with the European Code of Conduct for Computer Reservation Systems Regulations (the CRS Regulations). Under the CRS Regulations, Galileo has to meet further stringent technical and organisational security requirements, some of which go beyond those measures required under the Directive, not least, an annual audit which takes into consideration, the underlying principles of the Directive.
Legal Department – Galileo EMEA Region January 2007
Contact
If you have any questions about this privacy policy or our treatment of your personal data, please write to us by email to res@ctplus.co.uk or by post to Corporate Travel Plus Ltd, 57 Main Street, Alrewas, Burton on Trent, Staffs, DE13 7AE, United Kingdom.