Load Bar

Palm Coast Travel Global Privacy Policy

EFFECTIVE DATE: May 25, 2018



I. INTRODUCTION

Palm Coast Travel (“Palm Coast Travel” or “we”) recognizes the importance of protecting the privacy of all information provided by users of Smartcruiser.com (the “Site”) or Palm Coast Travel in general. We created the following policy guidelines with a fundamental respect for our users' right to privacy and because we value our relationships with our users.



Palm Coast Travel acts as a controller with respect to the collection, use, and other processing of certain individually identifiable information about website visitors (“personal data”) in connection with the customer relationship, as described in more detail in this Palm Coast Travel Global Privacy Policy (“Policy”).

For other key definitions please refer to the Appendix A- Key Terms section of this Policy.



II. HOW DATA IS COLLECTED

Information you provide to us


Palm Coast Travel will collect personal data from you when you interact with our Site(s), contact our Agents, use our services, or purchase our products, as further described below.



Information we obtain indirectly


We may receive personal data about you from our third-party affiliates or partners and from marketing companies that provide us with such information as a part of their relationship with us. More information is set out below.



We may combine this with data that we already have collected about you. Such collected data could include contact details (such as email address) and previous purchase history or interests.




Information collected automatically


When you use our Site we collect certain information about you automatically through our use of cookies and similar technologies. Please see below for more information, as well as our cookie policy.

 
Children’s Privacy


Palm Coast Travel feels strongly about protecting the privacy of children. No personal data should be submitted to Palm Coast Travel by users under the age of 13. Children under the age 13 may not access those sections of the Site that require registration.



III. CATEGORIES OF USER PERSONAL DATA AND PURPOSE FOR PROCESSING


Palm Coast Travel collects and processes the following categories of personal data, for the purposes specified below:

  1. Personal name and initials (e.g. First Name, Last Name) used to communicate, interact and identify you and customize the content, products and services that are offered to you, verify your authority to enter and use our Services and comply with legal requirements.

  2. Personal characteristics (e.g., age, date of birth, gender, marital status, nationality) and personal preferences (product preferences, online preferences, interests) to conduct our business and improve our Site and services, develop new products and services, provide information and support, to better understand your needs and interests, personalize communications and advertising, and generally promote a quality experience for you and to process, fulfill and follow up on transactions and requests for products, services, support, and information.

  3. Financial information (e.g., credit card number, financial institution information and number) to process transactions you enter into with us (e.g., purchase of goods and services, refunds, discounts and offers).

  4. Contact information (e.g., address, phone number, email address) Perform certain automated decision-making, including profiling, which is used for direct marketing and to contact you with information about SmartCruiser and affiliated third-parties and to send you other marketing materials, for example, via email, and to notify you about products and services that we believe would be of interest to you.

  5. Government Issued ID (e.g., Social Security Number, Government ID Number, Passport Number) to comply with legal requirements.

  6. Authentication information (e.g., login id, password) to verify your authority to enter and use our Site and other services, to deter, detect, and prevent fraud and other prohibited or illegal activities.

  7. Information obtained from third parties including but not limited to travel suppliers for marketing and booking purposes.

  8. Online behavior information (online activity, preferences, time spent viewing features on our Site) to measure, analyze and improve our products and services, the effectiveness of our websites, and our advertising and marketing and to provide targeting advertising, including the use of re-targeting technology.

The type of personal data collected by Palm Coast Travel may vary from country to country, and in some countries Palm Coast Travel might not collect all of the categories of personal data listed above.  

Palm Coast Travel is committed to only collecting and processing the minimum amount of data from you that is necessary to fulfil the purposes of our data processing activities, and to retaining such data only if required to fulfil such purposes. Where applicable, if Palm Coast Travel intends to further process the personal data for a purpose other than that for which the personal data was initially collected, Palm Coast Travel shall, prior to such processing, provide you with any relevant information on such additional purpose, and, to the extent required by applicable law, obtain your consent for this.

IV. THE LEGAL GROUNDS FOR PROCESSING GUEST PERSONAL DATA

In most instances, we process your personal data under the legitimate interests of providing you products and services related to your travel purchases.  In other instances, we obtain your consent to process your personal data where we are required to do so by applicable law – for example, where we want to use your contact details for marketing purposes or where the personal data we are collecting from you is sensitive personal data (defined below) and we are not lawfully permitted to process your personal data on any other legal grounds. Where we rely on your consent for processing your personal data, you may withdraw your consent at any time, by contacting us at admin@smartcruiser.com.  Please note, however, that withdrawing your consent will not affect the lawfulness of processing based on the consent you gave prior to withdrawal. 



Where we process your personal data for direct marketing purposes, we will log your objection to and stop such processing of your data, and we will not contact you again if requested.  You may object to such direct marketing by contacting us at admin@smartcruiser.com or by using the contact details below.  



While we always want you to be aware of how we are using your personal information, this does not necessarily mean in every instance that we are required to ask for your consent before we can use it.  There may be instances where we process your personal data for our legitimate interests (furthering our business relationship with you) or on the basis of other lawful grounds (i.e., because we have established a relationship with you and need to process your personal data in order to provide you with the information and/or services you have requested), without having obtained your consent. We do not seek your consent in such cases largely so that we can provide you with services in an efficient way (or where in some cases it might not be possible for us to seek your consent because we must process personal data, for example, for the detection of fraud). Before processing your personal data, we will consider your rights and freedoms and will only commence such processing where we do not think your rights will be infringed.



Except as otherwise provided in this Policy, only a limited number of individuals within Palm Coast Travel’s legal, finance, IT, accounting and customer service departments, as well as certain managers will receive access to personal data when necessary in connection with their job responsibilities.



If you provide Palm Coast Travel with personal data about members of your family and/or other dependents (e.g., for emergency contact or administration purposes), it is your responsibility to inform them of their rights relating to the processing of their personal data for these purposes.  You are also responsible for obtaining the explicit consent of these individuals (unless you are authorized to provide such consent on their behalf) to the processing (including disclosure and transfer) of that personal data for the purposes set out in this Policy.



V. DISCLOSURES OF USER PERSONAL DATA TO THIRD PARTIES

Disclosures to third parties

We do not sell your personal data to third parties for their own marketing purposes. We may share or disclose your personal data as follows:

  1. To affiliated and unaffiliated service providers for the sole purpose of enabling them to provide services to us in connection with providing our services to you;


  2. Based on a good faith belief that such disclosure is necessary to investigate, prevent, or take action regarding illegal activities, suspected fraud, situations involving potential threats to the safety of any person, violation of our policy, as evidence in litigation in which we are involved, or to otherwise protect the rights or safety of any person or entity;


  3. Based on a good-faith belief that disclosure is necessary to respond to judicial process, valid government inquiry, or is otherwise required by law;


  4. If we are acquired by or merged with another entity, if all or part of our assets are acquired, or in response to a bankruptcy proceeding, we may transfer your information to the acquiring entity;


  5. When posted by you or an authorized third-party, to our wikis, forums, blogs, message boards, chat rooms and other social networking environments or Sites;


  6. We also may share aggregate or non-personally identifiable data about users with third parties for marketing, advertising, research, analytics or similar purposes; and


  7. To other third parties for purposes you have allowed or consented to.



Transfers out of the EEA and Switzerland


Some service providers and other recipients may be located in countries outside of the European Economic Area (EEA) or Switzerland; the data protection laws in such countries may not provide a level of protection to personal data equivalent to that provided by your home country.

Wherever such a transfer is made, Palm Coast Travel will (i) exercise appropriate due diligence in the selection of such third party service providers, (ii) ensure that Personal data is adequately protected via appropriate contractual measures (which shall include the European Commission Model Clauses where Personal data is transferred out of the EEA), and (iii) place such third party service providers under such contractual obligations as are required under applicable law (including that  Personal data be processed only as instructed by Palm Coast Travel and for no other purposes than those identified in this Policy).  Users may request and obtain a copy of the contractual measures taken by Palm Coast Travel to ensure appropriate safeguards when personal data is transferred outside of the European Union or Switzerland.

Palm Coast Travel may also disclose personal data to governmental agencies and regulators (e.g., tax authorities), external advisors (e.g., lawyers, accountants, and auditors), courts and other tribunals, and government authorities or in the context of any sale or transaction involving all or a portion of the business, all to the extent required or permitted by applicable legal obligations.

Location of data processing and security measures


If you choose to provide us with your personal data, you understand that we are transferring it to Palm Coast Travel locations and systems in the United States or to the locations and systems of Palm Coast Travel’s service providers around the world. Palm Coast Travel has safeguards and security controls in place to protect your personal data. This includes appropriate technical and organizational measures to protect the personal data (i) from accidental or unlawful destruction, and (ii) loss, alteration, unauthorized disclosure of, or access to the data. Palm Coast Travel obtains written assurances from any third-party data processors given access to your data so as to require them to adopt standards that ensure an equivalent level of protection for data as that adopted by Palm Coast Travel.

VI. YOUR DATA SUBJECT RIGHTS

You can contact us directly any time at the address below to update your personal data or make another type of request regarding the data you know or believe Palm Coast Travel holds about you. You, as a data subject with personal data held by Palm Coast Travel as the controller, have the right to request from Palm Coast Travel:

(1)  Access to your Guest Personal data



You may contact Palm Coast Travel at any time in order to request access to the personal data Palm Coast Travel holds about you. Palm Coast Travel will provide details of the categories of personal data processed and the reasons for our processing. Palm Coast Travel can also provide you with a copy of your personal data on request.



(2)  Rectification or Erasure of your Guest Personal data



If you notify us, or we otherwise become aware, that the personal data we hold is inaccurate, Palm Coast Travel will not use it, and will not allow others to use it, until it is verified. You can ask Palm Coast Travel to correct or complete our record of your personal data by contacting us at any time.  To the extent possible, Palm Coast Travel will inform anyone who has received your personal data of any corrections.

You may, in certain limited circumstances where the processing is not necessary in the context of your cruise or other services we provide to you, ask to have the personal data Palm Coast Travel directly or indirectly processes deleted or removed.  If the request is founded, Palm Coast Travel will try to do so promptly, and, to the extent possible, will inform anyone who has received your personal data of your request.

 

(3) Restriction of Processing



It may be possible to require Palm Coast Travel to limit the way in which it processes your personal data (i.e., require Palm Coast Travel to continue to store your personal data, but cease certain processing activities with regard to it) where (i) you contest the accuracy of the personal data we have for you, (ii) you believe our processing of your personal data is unlawful (but you oppose the erasure of your personal data and prefer that our processing be restricted instead), (iii) we no longer need your personal data but you require such personal data for the establishment, exercise or defense of legal claims or (iv) you have objected to our processing pending the verification of our legitimate grounds for processing.

(4)  Halting of Processing based on an objection



You have the right to object, on grounds relating to your particular situation, at any time to processing of personal data concerning you. If Palm Coast Travel can show sufficiently compelling legitimate grounds for processing your personal data, or Palm Coast Travel needs your data to establish, exercise or defend legal claims, Palm Coast Travel may continue to process it. Otherwise Palm Coast Travel will stop using your personal data. 



(5) Personal data portability – The ability to move Personal data to another controller



You have the right to data portability in certain limited circumstances, where a) you provided the data to Palm Coast Travel, b) our processing is based on your consent or is necessary to fulfil a contract with you, and c) our processing is automated.  Palm Coast Travel may refuse your request if these criteria are not met.



(6) To withdraw your consent to Palm Coast Travel’ Processing of your Personal data



Where we have relied on your consent as the legal grounds for processing, you may with draw your consent at any time. Withdrawal does not invalidate the consent-based processing that occurred prior to withdrawal.



(7) To complain 

You may contact us at any time where you believe that we are in breach of data protection laws or where you wish to make a complaint about our data processing. Furthermore, if you are located in the EEA and you believe that our processing of your personal data is in breach of data protection laws, you have the right to lodge a complaint with the relevant data protection supervisory authority in the country where you are based or any place in the EEA where you believe the infringement has occurred (or where you believe that we have not resolved an issue you have raised with us).

Responding to your requests

Palm Coast Travel shall provide you with a response to any request you make in connection with your rights without undue delay and in any event within one month of receipt of the request. That period may be extended by up to two additional months where necessary, taking into account the complexity and number of the requests. Palm Coast Travel shall inform you of any such extension within one month of receipt of the request, together with the reasons for the delay. Where you make the request by electronic means, the data shall be provided by electronic means where possible, unless otherwise requested by you. 

If, after evaluating the legitimacy of the request, Palm Coast Travel does not take action on the request, Palm Coast Travel shall inform the data subject without delay, and at the latest within one month of receipt of the request, of the reasons for not taking action and on the possibility of lodging a complaint with a supervisory authority and seeking a judicial remedy.

VII. SECURITY & RETENTION

Palm Coast Travel maintains technical and organizational security measures to protect against unauthorized or unlawful processing of Personal data and accidental or unlawful loss, alteration, disclosure, destruction or damage of, or access to, Personal data.



Palm Coast Travel will retain Personal data no longer than is necessary to carry out the purposes listed in this Policy and/or as required by applicable law or in connection with actual or prospective legal proceedings.  



VIII. CHANGES TO THIS PRIVACY POLICY

We reserve the right to change, modify, add or remove portions of this statement from time to time and at our sole discretion, but will alert you that changes have been made either by email or other indication on our Site. We will always include on this Policy the date of its effectiveness (see Effective Date above). Where required to do so by law, Palm Coast Travel may need to re-obtain your consent for certain processing activities for material changes to this Policy or our data processing activities.  


IX. QUESTIONS & CONCERNS

Users who have questions, comments or access requests related to the transfer of their personal data to the United States can also contact the Palm Coast Travel Global Privacy Team at:

admin@smartcruiser.com

561-393-4610

4800 N Federal Highway

Suite D200

Boca Raton, FL 33431



APPENDIX A– KEY TERMS
Key terms:

Controller: a natural or legal person, public authority, agency, or any other body which alone or jointly with others determines the purposes and means of the processing of personal data. 

Processor: A natural or legal person, public authority, agency, or any other body which processes personal data on behalf of the controller. 

Processing: Almost any use of personal data, such as collecting, organizing, analyzing, storing, altering, disclosing, transferring, or archiving data.

Data subject: An individual whose personal data is being processed.

Personal data: Any data by which a natural person can be identified, directly or indirectly, or located. Any information that in combination with other non-personal data can reasonably be used to identify a natural person. Data that is anonymized or de-identified for statistical evaluations or studies are not subject to this definition.

Sensitive personal data: A subset of personal data, which reveals racial or ethnic origin, political opinions, religious or philosophical beliefs, trade-union membership; data concerning health or sex life and sexual orientation; genetic data or biometric data.



APPENDIX B – PALM COAST TRAVEL ONLINE COOKIE POLICY 


Palm Coast Travel, and our third-party providers set and use cookies and similar technologies in order to distinguish you from other users of our Site, to provide a better experience when you browse our Site, and to improve the Site’s performance and usefulness. The use of cookies and similar technologies is standard across websites and applications through which information is collected about your online activities.  

A cookie is a small data file that websites place on your hard drive when you visit. A cookie file can contain information such as a user ID that tracks the pages you’ve visited within that site. The cookies on this Site are primarily used to recognize that a user has visited the website previously and to track user traffic patterns. In addition, we use cookies to present relevant content and establish customer profiles.  We do not share this information or sell it to any third party.  

Types of Cookies We Use

Following is a list of cookies with brief descriptions, to better inform our users why we use cookies on our site. For your convenience, we have split them into three categories.

Strictly Necessary Cookies: These are essential to navigate around our Site and use its features. Without them, you would not be able to use basic services like account registration. These cookies do not collect information about you that could be used for marketing or tracking. 

Functionality Cookies: These are used to recognize you when you return to our Site, enabling us to personalize our content for you, greet you by name and remember your preferences (for example, your choice of language or region).

Tracking Cookies: These cookies enable us to collect information such as number of visitors to the Site and pages visited in order to analyze user behavior. This information is collected in an anonymous format and will be collated with similar information received from other users. We use these cookies to determine the usefulness of the information we supply to you and other users, to track your purchases from this site, and to see how effective our navigation is in helping users reach that information.

Managing Cookies

If you prefer not to receive cookies through the Site, you can set your browser to warn you before accepting cookies and refuse the cookie when your browser alerts you to its presence. You also can refuse all cookies by turning them off in your browser. You do not need to have cookies turned on to use any pages within our Site.  However, if you chose to not accept cookies, some functionality will be limited. For more information about cookies, including how to set your browser to reject cookies, visit www.allaboutcookies.org.

Cookie Expiration

Some of the cookies we use will remain on your computer after the browser is closed. Until removed, the cookies will become active again when the Site is reopened. Cookies can be deleted by you, at any time, and will not collect any information when you are not accessing the Site.

Other Tracking Technologies

In addition to cookies, our Site also utilizes the following tracking technologies:

  1. Web beacons: Our Site contain electronic images known as web beacons (also called single-pixel gifs and transparent graphic images). We use web beacons/ pixels to understand aggregate traffic to our website pages. Third parties use tracking pixels according to their terms of use.


  2. Embedded script: An embedded script is programming code that is designed to collect information about your interactions with the Site, such as the links you click on. The code is temporarily downloaded onto your device from our web server or a third-party service provider, is active only while you are connected to the Site and is deactivated or deleted thereafter. We use web embedded scripts to understand aggregate traffic to our website pages.

  3. Web server & application logs: Our servers automatically collect certain information to help us administer and protect the services we provide, analyze usage, and improve users’ experience. The information collected includes the following: 

- IP address and browser type;
- Device operating system and other technical facts;
- The city, state and country from which you access the Website; 
- Pages visited, and content viewed and stored;
- Information or text entered;
- Links and buttons clicked (i.e., IP address information such as the referring and destination URL).