Privacy Policy

Introduction

At SteadyPassage, we respect your privacy and are committed to protecting your personal data. This privacy policy will inform you about how we look after your personal data when you visit our website and tell you about your privacy rights and how the law protects you.

We recommend that you read this privacy policy carefully to understand how we collect, use, and protect your information. By using our website or services, you consent to the data practices described in this policy.

1. Data We Collect

We may collect, use, store, and transfer different kinds of personal data about you which we have grouped together as follows:

1.1 Information You Provide to Us

• Identity Data includes first name, last name, username or similar identifier, title, date of birth, and gender.
• Contact Data includes billing address, delivery address, email address, and telephone numbers.
• Financial Data includes bank account and payment card details (stored securely through our payment processors).
• Transaction Data includes details about payments to and from you and other details of products and services you have purchased from us.
• Profile Data includes your username and password, purchases or orders made by you, your interests, preferences, feedback, and survey responses.
• Travel Preference Data includes your accommodation preferences, dietary requirements, accessibility needs, and activity interests.
• Marketing and Communications Data includes your preferences in receiving marketing from us and our third parties and your communication preferences.

1.2 Information We Collect Automatically

• Technical Data includes internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform, and other technology on the devices you use to access this website.
• Usage Data includes information about how you use our website, products, and services.

1.3 Special Categories of Personal Data

For certain travel arrangements, we may request information about your health, including any medical conditions or disabilities, religious beliefs (such as for dietary requirements), or other special categories of personal data. We only collect this information with your explicit consent and only use it to ensure your travel arrangements are suitable for your needs.

2. How We Use Your Data

We will only use your personal data when the law allows us to. Most commonly, we will use your personal data in the following circumstances:

• To provide our services: To process and manage your travel bookings, respond to your inquiries, and provide customer support.
• To personalize your experience: To deliver content and product offerings relevant to your interests, including targeted offers and ads through our website, third-party sites, and via email or text message (with your consent, where required by law).
• To improve our website: To understand how our users use our site, to develop new products and services, and to enhance our current offerings.
• To communicate with you: To send administrative information, such as updates about your booking, changes to our terms, conditions, and policies, or important service messages.
• For marketing purposes: To deliver relevant website content and advertisements to you and measure or understand the effectiveness of the advertising we serve to you (with your consent, where required by law).
• To comply with legal obligations: To fulfill legal requirements, such as maintaining proper business records, complying with travel regulations, and responding to lawful requests from governmental authorities.

We will get your express consent before we use your data for any purpose other than those outlined in this Privacy Policy.

3. Legal Basis for Processing

We process your personal data on the following legal bases:

• Contractual necessity: Processing is necessary for the performance of a contract to which you are a party or to take steps at your request before entering into a contract.
• Legitimate interests: Processing is necessary for our legitimate interests, such as managing our business, providing our services, and marketing, provided your interests and fundamental rights do not override those interests.
• Legal obligation: Processing is necessary for compliance with a legal obligation to which we are subject.
• Consent: You have given consent to the processing of your personal data for one or more specific purposes.

4. Data Sharing and Disclosure

We may share your personal data with the following categories of recipients:

• Service providers: Third parties who provide services to us, such as payment processing, website hosting, email delivery, marketing assistance, and customer service.
• Travel suppliers: Airlines, hotels, tour operators, transportation companies, and other travel suppliers who fulfill your travel arrangements.
• Business partners: Trusted partners with whom we may jointly offer products or services.
• Affiliates: Companies related by common ownership or control.
• Legal and regulatory authorities: Government agencies, courts, and other public authorities when required by law or to protect our rights.

We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.

We may also disclose your personal data in the following scenarios:

• Business transfers: If we sell or transfer all or a portion of our business or assets, your personal data may be transferred as part of that transaction.
• Legal requirements: If we are under a duty to disclose or share your personal data in order to comply with any legal obligation.
• Protection of rights: To protect the rights, property, or safety of SteadyPassage, our customers, or others.

5. Your Rights as a Data Subject

Depending on your location, you may have certain rights regarding your personal data, including:

• Access: The right to request copies of your personal data.
• Rectification: The right to request that we correct any incomplete or inaccurate information we hold about you.
• Erasure: The right to request that we delete or remove your personal data where there is no good reason for us continuing to process it.
• Restriction: The right to request that we restrict the processing of your personal data.
• Data portability: The right to request the transfer of your personal data to another organization or directly to you.
• Objection: The right to object to processing of your personal data where we are relying on a legitimate interest and there is something about your particular situation which makes you want to object to processing on this ground.
• Withdraw consent: The right to withdraw consent at any time where we are relying on consent to process your personal data.

To exercise any of these rights, please contact us using the contact details provided at the end of this policy. We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data. This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it.

We try to respond to all legitimate requests within one month. Occasionally it may take us longer if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.

6. Cookie Policy

6.1 What are Cookies?

Cookies are small text files that are placed on your computer or mobile device when you visit a website. They are widely used to make websites work more efficiently and provide information to the website owners.

6.2 How We Use Cookies

We use cookies for various purposes, including:

• Essential cookies: These are necessary for the website to function properly and cannot be switched off in our systems.
• Performance cookies: These allow us to count visits and traffic sources so we can measure and improve the performance of our site.
• Functionality cookies: These enable enhanced functionality and personalization, such as remembering your preferences.
• Targeting/advertising cookies: These may be set through our site by our advertising partners to build a profile of your interests and show you relevant advertisements on other sites.

6.3 Managing Cookies

You can set your browser to refuse all or some browser cookies or to alert you when websites set or access cookies. If you disable or refuse cookies, please note that some parts of this website may become inaccessible or not function properly.

When you first visit our website, we will inform you about our use of cookies and ask for your consent for non-essential cookies.

7. Data Security

We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used, or accessed in an unauthorized way, altered, or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors, and other third parties who have a business need to know. They will only process your personal data on our instructions, and they are subject to a duty of confidentiality.

We have procedures in place to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.

While we strive to use commercially acceptable means to protect your personal data, no method of transmission over the Internet or method of electronic storage is 100% secure. Therefore, we cannot guarantee its absolute security.

8. Data Retention

We will only retain your personal data for as long as necessary to fulfill the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.

To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.

In some circumstances, we may anonymize your personal data (so that it can no longer be associated with you) for research or statistical purposes, in which case we may use this information indefinitely without further notice to you.

9. International Transfers

We may transfer your personal data to countries outside of your country of residence, including to countries that may not provide the same level of data protection as your home country. When we do so, we ensure appropriate safeguards are in place to protect your personal data and to ensure that all transfers of your personal data comply with applicable data protection laws.

10. Children's Privacy

Our website and services are not intended for children under 16 years of age. We do not knowingly collect personal data from children under 16. If you are a parent or guardian and you believe your child has provided us with personal data, please contact us, and we will take steps to delete that information.

11. Changes to This Privacy Policy

We may update our privacy policy from time to time. We will post any changes on this page and, if the changes are significant, we will provide a more prominent notice (including, for certain services, email notification of privacy policy changes).

We encourage you to review this privacy policy periodically to stay informed about how we are protecting your information.

12. Contact Information

If you have any questions about this privacy policy or our privacy practices, or if you wish to exercise any of your rights as a data subject, please contact us at:

If you are located in the European Union, you also have the right to make a complaint at any time to your local supervisory authority for data protection issues.