This privacy notice forms part of your agreement with Activitar.
During our interactions, you share personal information with Tornado Tour Systems (Pty) Ltd, trading as Activitar, registration number 2004/000954/07.
This notice tells you what to expect when we collect information from you and how we use it.
It is part of our agreement with you, and we may need to update it occasionally. When we do, we will inform you. You should read this notice along with our terms and conditions that apply to the products and services you use.
If you have any questions about this policy, please contact us by email at firstname.lastname@example.org or by phone on +2787 250 0276
We collect your information in the circumstances outlined below. Sometimes we are required by law to collect your information, for instance, if tax legislation forces us to collect personal information.
We need some general information before we can enter into an agreement and you can begin to use our reservation system and online distribution service.
We collect your:
details related to your operating processes and offerings
details contained in your company registration documents
identity documents of your mandated officials
proof of address of your mandated officials
proof of banking details
We use this information to:
load you on our services and configure the system
set up and process payments via the payment gateway
communicate with you
provide your offerings to clients via activitar.com
send you statements, receipts, invoices or any other legal documents that relate to your transaction
fulfill our legal obligation to use or disclose your information
Legal basis for processing:
Data protection legislation allows us to process personal information when it is necessary for the performance of a contract with you. In other instances, we are required by law to collect your information, for instance tax legislation forces us to collect personal information.
In order for our service to function properly, ‘customer data’ is generated and collected. This includes your, and your clients’ personal information. We collect your clients’ names, contact details, and details about their bookings.
We use customer data to process bookings and reservations on our reservation system and distribution service, to analyse and improve our services and to identify and solve problems where they may appear.
Legal basis for processing:
Data protection legislation allows us to process personal information when it is necessary for the performance of a contract with you.
When you contact us by social media, email, our support service or telephone with a query, complaint, or request, we collect the information contained in your message. We use the information we collect to reply to, investigate, and resolve your query, complaint, or request.
Legal basis for processing:
Data protection legislation allows us to process personal information when it is in our interest and we have chosen the least invasive way to process the information. It is in both our interest to reply to, investigate, and resolve your queries, complaints, and requests.
We have a monthly newsletter that is delivered by email.
We’ll ask you whether you want to receive the newsletter, if you agree it is important that you know you can unsubscribe at any time by following the unsubscribe link at the bottom of the email or by contacting us.
Legal basis for processing:
Data protection legislation allows us to process personal information when you have given us your express consent.
We do not knowingly collect the personal information of children without the consent of a parent or guardian.
We use service providers and suppliers who we trust to assist us in providing our services to you. They have agreed to keep your information secure and confidential, and to only use it for the purposes for which we have sent it to them.
We share your information with service providers when they help us to:
ensure you have access to the services you paid for
deliver our newsletter
help monitor the effectiveness of our promotions and advertising
help us manage our business, for instance accountants and professional advisors.
maintain our website
find and fix errors and performance issues on our website
Sometimes we will be required by law to share your information. For instance, we may be required to share your information with the South African Fraud Prevention Services. We will not sell your information or share information with third parties for the purposes of direct marketing (we don’t like spam either).
Some of the service providers that we use may be located in other countries; for instance, our cloud storage service. These countries may not have the same levels of protection of personal information as South Africa. If this is the case, we require that they undertake to protect the personal information of our customers to the same level that we do.
We will not retain your information for longer than we need to, unless we are legally required to do so. Most of your personal information will be retained for 5 years from the date of your last transaction with us. However, we may keep your contact details for longer for marketing and mailer purposes.
We have implemented reasonable security measures based on the sensitivity of the information we hold. These measures are in place to protect the information from being disclosed, from loss, misuse, and unauthorised access, and from being altered or destroyed.
We regularly monitor our systems for possible vulnerabilities and attacks, but no system is perfect and we cannot guarantee that we will never experience breach of any of our physical, technical, or managerial safeguards. If something should happen, we have taken steps to minimise the threat to your privacy. We will let you know of any breaches that affect your personal information and inform you how you can help minimise the impact.
You also have a role to play in keeping your information secure. For example, you should never share personal information with us in an email, because while our servers are protected, it is still possible that email can be intercepted. Instead, contact the Activitar support team at +2787 250 0276, which will connect you to Chris Coetzee, our information officer.
You have the right to know what kind of personal information we have about you, to correct it, and to opt out of marketing.
You have the right to
ask us what we know about you;
ask what information was sent to our suppliers, service providers, or any other third party;
ask us to update, correct, or delete any out-of-date or incorrect personal information we have about you;
unsubscribe from any direct marketing communications we may send you; and
object to the processing of your personal information.
You can request access to the information we have about you, or correct your personal information by contacting our deputy information officer at email@example.com.
It can take us up to 21 days to respond to your request because there are procedures that we need to follow. In certain cases, we may require proof of your identity, and sometimes changes to your information may be subject to additional requirements such as valid proof of residence.
If you are in the European Union, you have these rights in terms of the GDPR:
The right to be informed about the collection and use of your personal information.
The right to access your personal information. You may make such a request from us by contacting firstname.lastname@example.org. We may take one month to respond to your request and may charge a fee in some circumstances. We will let you know if this is the case.
You have a right to have inaccurate personal information corrected or completed if it is incomplete. You may make such a request from us by contacting email@example.com. We may take one month to respond to your request and may refuse in certain circumstances.
You have the right to have your personal information erased, also known as the ‘right to be forgotten’. You may make such a request from us by contacting firstname.lastname@example.org. We may take one month to respond to your request and may refuse in certain circumstances.
You have the right to request that we restrict or suppress your personal information. You may make such a request from us by contacting email@example.com. We may take one month to respond to your request and may refuse in certain circumstances.
You have the right to reuse your personal information for your own purposes across different services, also known as the right to data portability.
You have the right to object to us processing your personal information in certain circumstances. You may make your objection by contacting firstname.lastname@example.org. We may take one month to respond to your request. There are legitimate reasons why we may refuse your objection, which depend on why we are processing it.
You have the right to complain to a supervisory authority in the Member State where you live or work, or where the infringement took place.
You have the right to object to automated decision-making and profiling.
You may ask that a human review any automated decisions that we make about you, express your point of view about it, and obtain an explanation of the decision. You may challenge any automated decision made about you by contacting email@example.com. We may take one month to respond to your request.