This Privacy Policy sets out the basis on which any personal data that you provide to us or we collect from you will be processed by us. Any collected personal information is processed and stored in Company records in accordance with the Data Protection Act (Chapter 400 of the Laws of Malta) and the General Data Protection Regulation (GDPR) - Regulation (EU) 2016/679 of the European Parliament and the Council. For the purpose of GDPR, Compass Travel Ltd is regarded as the Data Controller.
By requesting a quotation, securing a booking or submitting your personal data, you agree to the transfer, storing or processing of it as set out below. We will take all reasonable steps necessary to ensure that your data is treated securely and in accordance with this privacy policy. If you do not agree to our processing of your personal data as set out below, we cannot accept your request for quotation or booking.
In case of a request for a group quotation or booking, you are responsible for ensuring that the other members of your party are aware of the content of this Privacy Policy and are in agreement with you supplying their personal data to us to provide a quotation or make a booking on their behalf.
THE DATA WE COLLECT
When you make a request for quotation or a booking, we will collect certain personal data about you and about any other person you include on your request for quotation or booking. Personal data is data that identifies an individual, including but not limited to the name, surname, address, email address, date of birth, contact numbers, next of kin contact details, personal travel preferences and wedding date (if applicable).
This information is required to make the travel arrangement that you are requesting. In some cases, we may also need to collect more sensitive personal data such as the ID card number, Passport details, information concerning medical conditions, disabilities and special requirements, so as to be able to consider your particular needs in relation to a booking. Data will be stored only until it is considered necessary for operational, marketing, research and/or legal purposes. We shall only store data until it is absolutely necessary.
THIRD PARTIES RECEIVING DATA
When you make a travel booking, some of the personal data you provide will need to be passed to, processed and stored by relevant third parties, such as airlines, hoteliers, insurance companies and ground handling agents, so that they can provide you with the arrangements you require. Some of these third parties may be based outside of the European Economic Area (EEA). Organisations that are based outside of the EEA may not be subject to the same level of controls in regard to data protection as exist within the EEA.
In order for you to travel overseas, we may be required to disclose personal data to government bodies or other authorities in Malta and other countries, such as those responsible for immigration, border control, security and anti-terrorism. Even if it is not obligatory for us to provide information to such entities, we may exercise our discretion to assist them where appropriate.
USE OF YOUR INFORMATION
We use information stored about you for the following purposes:
To carry out our obligations arising in connection with any booking
To communicate with you regarding your booking
To notify you about changes to our service
For improving the quality of our service and the products offered
For internal analysis and customer profiling
For resolving complaints and dealing with disputes
For preventing and detecting fraudulent or criminal activity
For debt collection or credit vetting
MARKETING USE
If you have made a request for quotation or booking, your personal data may be used by us to contact you by post and/or by electronic means with information and offers relating to products or services similar to those about which you enquired or which you purchased. We may use your data for marketing purposes of travel and travel related products and services. We will only do this if you did not opt out of such marketing at the point where we collected your contact details.
We will not pass your contact details to a third party outside of Compass Travel Ltd. for marketing purposes unless you have explicitly agreed that we may do so.
You have the right at any time to ask us not to process your personal data for marketing purposes. You can exercise your right to prevent such processing by ticking/un-ticking certain boxes on the forms we use to collect your data. You can also exercise the right at any time by sending your request to:
The Data Protection Officer,
Compass Travel Ltd.,
The Peak Business Centre,
Triq il-Kappella tal-Mirakli,
Attard ATD 2691
YOUR SUBJECT ACCESS RIGHT
The General Data Protection Regulation (GDPR) gives you the right to check that your personal data is being processed lawfully. Your subject access right can be exercised in accordance with the Regulation. Any subject access request must be made in writing to:
The Data Protection Officer,
Compass Travel Ltd.,
The Peak Business Centre,
Triq il-Kappella tal-Mirakli,
Attard ATD 2691
or by e-mail to info@compasstravel.com.mt
YOUR RIGHT TO BE FORGOTTEN
The General Data Protection Regulation (GDPR) gives you the ‘right to be forgotten’. You have the right to erase your personal data at any time, subject it that doesn’t compromise the ability to research and any legal requirements can be exercised in accordance with the regulation. Any such request must be made in writing to:
The Data Protection Officer,
Compass Travel Ltd.,
The Peak Business Centre,
Triq il-Kappella tal-Mirakli,
Attard ATD 2691
or by e-mail to info@compasstravel.com.mt
DATA SECURITY AND RETENTION
Once we receive your information, we will take all reasonable steps to keep your personal data secure and to try to prevent any unauthorised access to it. All information you provide to us is stored on our secure data systems.
Your sensitive personal data is retained for a period of six calendar months following your return from your booking. Other personal data will be kept for a period of five calendar years.
LINKS TO THIRD PARTY WEBSITES
Our site contains links to websites of third parties. These websites have their own privacy policies and therefore we do not accept any responsibility or liability for these policies or for these third-party websites. If you follow the links to these websites, you should check these policies before you submit any personal data to these websites.
FUTURE CHANGES TO OUR PRIVACY POLICY
We reserve the right to update or alter this Privacy Policy without prior notice.