The Walt Disney Company has acquired certain 21st Century Fox businesses, including those providing the services described below. This Policy has been updated to reflect that transaction.
Effective 20 March 2019
1. SCOPE AND APPLICATION
We do not knowingly collect, use or disclose personal information about users under age 13, except as permitted by law.
2. COLLECTION OF INFORMATION
Information You Provide Directly to Us
If you are interested in obtaining information, products or services from us, or participating in certain activities through the Website, you may provide us with information about yourself when you use the ‘contact us’ facility.
Information We May Collect Automatically
In addition to information you choose to provide to us, we also use standard technologies to automatically collect certain additional information. For example:
a. Activity Information. When you access and interact with our Website, we may collect information about your visits in order to permit you to connect to and obtain the Website and to understand the frequency with which specific visitors visit various parts of our Website. For example, we may collect your Internet Protocol (“IP”) address, which identifies the computer or service provider that you use to access the Website, or information about your browser type, authentication identifiers, and other software and hardware information. If you access the Website through a mobile or other device we may collect your mobile device identifier, geolocation data (including your precise location), or other transactional information for that device. We may combine this information with other information that we have collected to make our Website and our communications to you more targeted to your interests.
b. Social Media Information and Content. If you access or log into this Website through a social media service or connect the Website to a social media service, the information we collect may also include your user name associated with that social media service, any information or content you have permitted the social media service to share with us, such as your profile picture, email address or friends lists, and any information you have made public in connection with that social media service.
c. Cookies and Other Tracking Technologies. Please visit our Cookies Policy for more information at https://www.nationalgeographicexpeditions.co.uk/cookies-policy/.
3. USE AND DISCLOSURE
We may use information that we collect from and about you for a variety of business purposes, including:
a. to provide you with access to and use of the Website; or
b. to improve the Website and enhance your experience on our Website;
c. to respond to your inquiries or comments about the content and/or Website and/or other products, content or services in which you may be interested, or to respond to your inquiries or comments;
d. to perform business analysis or for other purposes to improve the quality of our business, the Website, and the products and services we offer; or
f. Comply with applicable laws or legal process and/or respond to requests from public and government authorities; or
g. Complete a corporate transaction, such as a proposed or actual reorganization, merger, sale, joint venture, assignment, transfer or other disposition of all or any portion of NGC business, assets or stock (including in connection with any bankruptcy or similar proceedings). For example, if NGC is involved in a merger or transfer of all or a material part of its business, NGC may disclose and transfer your personal data to the party or parties involved in the transaction as part of that transaction; or
a. with entities that help us to manage and provide the Website, including development of our websites and applications, maintenance and support, personalization, fulfilment, and operation of travel services and products, and promotions management, only to the extent that these entities need the information to perform their services or as required by law;
with our business partners, such as Fred Olsen Travel Ltd. 2nd Floor 64-65 Vincent Square, London United Kingdom, SW1P 2NU and other travel operators. Their use of your personal information will be governed by their own privacy policies. When information we collect is anonymized and cannot be combined to identify you, we may use that information for any purpose or share it with third parties, to the extent permitted by applicable law.
4. ON WHAT LEGAL BASIS DO WE PROCESS YOUR PERSONAL DATA?
The processing of your personal data for the purposes of:
On the contrary, the processing of your personal data for the other purposes of:
• Section 3, letter h), is discretionary, but, without your consent, it is impossible to connect a social media service account with the Website so that you will have to log to the Website using a different mechanism.
5. INFORMATION SECURITY
We take a number of adequate administrative, technical, personnel and physical measures to safeguard information in our possession from loss, theft and unauthorized use, disclosure or modification.
6. IS YOUR PERSONAL DATA TRANSFERRED ABROAD?
Your personal data may be transferred to countries within and outside the European Economic Area, in particular in the United States. Some non-EEA countries are recognized by the European Commission as providing an adequate level of data protection according to EEA standards. The full list of these countries is available at http://ec.europa.eu/justice/data-protection/international-transfers/adequacy/index_en.htm. For transfers from the EEA to countries not considered adequate by the European Commission, we have put in place appropriate and suitable safeguards designed to protect your personal data and the transfer of your personal data in compliance with applicable data protection laws, such as standard contractual clauses adopted by the European Commission as per Articles 45 and 46 of the EU General Data Protection Regulation 2016/679 (the “Privacy Regulation”).
7. WHAT ARE YOUR RIGHTS WITH REGARD TO YOUR PERSONAL DATA?
You have the right, in any given time, to:
a) Obtain confirmation as to whether or not your personal data exists and to be informed of its content and source, verify its accuracy and request its rectification, update or amendment;
b) Request the deletion, anonymization or restriction of the processing of your personal data processed in breach of applicable law;
c) Object to the processing, in all cases, of your personal data for legitimate reasons.
You may send your request at the address indicated under Section 9 below. In your request, please include your email address, name, address, and telephone number and specify clearly what information you would like to access, change, update, suppress, or delete.
On May 25, 2018, the Privacy Regulation will become effective and the following provisions will apply:
A. Retention periods applying to your personal data
At the end of the retention period your personal data will be either cancelled, anonymized or aggregated.
B. Additional rights
a) Request NGC to limit the processing of your personal data where:
• You contest the accuracy of the personal data until we have taken sufficient steps to correct or verify its accuracy;
• The processing is unlawful but you do not want us to erase your personal data;
• We no longer need your personal data for the purposes of the processing, but you require the personal data for the establishment, exercise or defense of legal claims; or
• You have objected to processing justified on legitimate interests, pending verification as to whether NGC has compelling legitimate grounds to continue processing.
b) Object to the processing of your personal data;
c) Request the erasure of your personal data without undue delay;
Receive an electronic copy of your personal data, if you would like to port your personal data, that you have provided to us, to yourself or to a different provider (“data portability”), when the personal data is processed by automatic means and the processing is either (i) based upon your consent or (ii) necessary for the provision of the Website and related services and features; and
d) Lodge a complaint with the relevant data protection supervisory authority. The UK supervisory authority for data protection issues is the Information Commissioner’s Office (www.ico.org.uk).
8. OTHER IMPORTANT INFORMATION
Third Party Sites
9. CONTACT US