Connexus Travel Limited ("CTL", "we", "us" or "our") is committed to protecting the privacy of our customers’ personal data (client data). We understand that providing Personal Data (as defined in paragraph 1 below) online or offline involves a great deal of trust on our customers' side, and we make it our top priority to ensure the security and confidentiality of the Personal Data provided by our customers.

All staff in CTL should act strictly according to the policy stated to protect the client data at all time.

1. Definitions

   Capitalised terms used in this PICS shall have the following meanings:

   "Booking" means the purchase and booking of Transportation, hospitality and other travel related products via the Travel Service System;

   "Connexus Travel Hotnews" means information relating to products and services of CTL in the following categories:

   1. promotion of flights, hotels, leisure and cruise travel packages;
   2. promotion of special events;
   3. research and questionnaires about our services; or
   4. joint collaboration with different brands (such as banks / credit cards / restaurants / lifestyle products / charities etc.);

   "Credit Card Information" has the meaning given in paragraph 2.1(l);

   "Customers" means customers who use the CTL platforms such as it’s website, the Webchat and/or the Travel Service System, or who subscribe to receive the Connexus Travel Hotnews;

   "Personal Data" means any data relating directly or indirectly to a living individual, from which it is possible and practical to ascertain the identity of the individual from the said data, in a form in which access to or processing of the data is practicable ;

   "System Provider" means the third party service provider who operates and maintains the travel service system that CTL uses to carry out and fulfil the travel service requests;

   "Travel Service System" means the online or offline system, as operated and maintained by the CTL or its system provider, which enables users to provide travel reservation services;

2. Personal Data Collection

   • The types of Personal Data we may collect from Customers from time to time include:
   1. their full name;
   2. their date of birth;
   3. their gender;
   4. their nationality;
   5. their country of residence;
   6. their company name, job title, staff number;
   7. their travel document number, issuing country and expiry date;
   8. their frequent flyer membership number;
   9. their email address;
   10. their postal address;
   11. their mobile number;
   12. their credit card details including the type of card, name, number, security code and expiry date on the credit card ("Credit Card Information");
   13. the flight details for their flights, including airlines, class of service, flight numbers, destination of their travel, ticket number, itinerary details, fare information; departure, onward travel and return dates and times;
   14. their preferred class of service, flight type (aircraft type) and airlines;
   15. the data in any online messaging platform where communication is made with the Customer (“Webchat Data”);
   16. any communications with the Customer via any online messaging platform (“Webchat”) or any other means.
   • We may also collect other information about Customers, such as their use of our websites, personal preferences, etc, which shall be annonymised or aggregated, and will not enable the identity of the Customer to be ascertained.
   • By providing any Personal Data to us, Customers acknowledge that such provision is fair and reasonable in the circumstances.
   • If a Customer provides us with any Personal Data of another individual, then the Customer warrants and undertakes that he/she has obtained the consent of the relevant individual to provide the Personal Data to us, for us to use and transfer the Personal Data in accordance with this Privacy Policy . If there is any individual under the age of 18, consent from his/ her parent or guardian is required prior to providing us with the personal data.

3. How we collect your data

   We collect and process data about you:
1. when you give us information voluntarily for purposes of requesting information or services from us; and/or
2. when we receive from other sources, such as third parties you engage (including your employer and/or agent) with for the services we provide and/or third parties which we engage (including those listed under clause 5 below) with for provide services to our customers.

4. Purposes for which the Personal Data are Collected and Used

1. The purposes for which we may use the Personal Data that Customers provide to us include the following:
1. process the Customer's Booking, including payment for their Booking (which includes verifying credit card details with the relevant banks and conducting matching procedures against databases of known fraudulent transactions maintained by us or other third parties);
2. send the Customer a confirmation email of their Booking;
3. handle a Customer's enquiries;
4. retrieve a Customer's Booking when handling their enquiries;
5. contact a Customer regarding their Booking or enquiries, if necessary;
6. create customer profiles for Customers who have successfully made a Booking, which will include details of the Customer's previous Bookings and the Personal Data set out in paragraph 2.1 above (except for Credit Card Information), and which can only be accessed by us, the relevant Customer and the third parties identified in paragraph 5.1 below;
7. send Connexus Travel Hotnews to Customers who have signed up for the same and who have consented to receive such marketing materials.
8. conduct surveys, market research, and data analytics;
9. maintain, improve, research, and measure the effectiveness of our website, activities, tools, and services;
10. monitor or record calls, chats, and other communications with our customer service team and other representatives, as well as platform communications between or among partners and travelers for quality control, training, dispute resolution, and as described in this Privacy Policy;
11. create, aggregated or otherwise anonymized or deidentified data, which we may use and disclose without restriction where permissible; and/or
12. comply with applicable laws and requirements.

When CTL processes your request, we may send your data to, and also use the resulting information from, credit reference agencies to prevent fraudulent purchases.

5. Disclosure and Transfer of Personal Data

1. The Personal Data that Customers provide to us via the Travel Service System, the Webchat or through any other means, may be transferred within our group of companies, to relevant third-party service providers, to the System Provider and/or the relevant airline operator for the processing of the relevant Bookings or enquiries. In order to fulfil the purposes described above, and in line with travel industry practices, CTL shares your personal information with the relevant third-party service providers listed below:
1. travel suppliers that provide the actual travel, hospitality and/or services requested (including but not limited to airlines, hotels, car rental companies, transportation companies);
2. global distribution systems (“GDS”), which are computerized reservation systems holding real-time airline seat and hotel room inventory (including rental car availability and other services) which enables CTL to make a preliminary reservation with a travel supplier while traveler makes a definitive confirmation or alternative selection;
3. corporate booking tools (“CBT”) are online portals displaying airline and hotel options and act as a profile management tool. Corporate clients will select as to whether they wish to use an CBT;
4. suppliers of products and services and providers of delivery services of such products and services;
5. safety and security service providers;
6. provider of a master profile system that allows travelers to maintain their own profile data where such data will be syncronised with GDS for online and offline reservations;
7. card payment companies;
8. any other relevant third-party service providers required to carry out, fulfil and deliver CTL products and services to Customer’s and/or traveler’s.
2. We will not otherwise disclose or transfer the Personal Data to any other parties.
3. We may disclose the Personal Data when required by law or court order of any jurisdiction, or as requested by any government or law enforcement authorities or administrative bodies.
4. We may disclose the Personal Data as is necessary to bring a legal action or defend any legal action in relation to Customers and/or any Bookings.

6. Personal Data Security and Retention

1. The Credit Card Information that Customers provide to us via the Travel Service System will be deleted from our server and will not be saved or retained by us once the relevant Customer has successfully completed the payment for their Booking.
2. The Personal Data that Customers provide to us will be kept by us in the appropriate form for so long as is necessary to fulfil the purpose(s), to comply with its legal obligations (including with regards to financial audits) and record keeping requirements or as otherwise permitted under applicable law.
3. We have implemented various physical, technical and organisational measures to safeguard and secure the Personal Data we collect against accidental or unlawful destruction or accidental loss, alteration, unauthorized disclosure or access,. We have entered into a data transfer agreement with the System Provider under which the System Provider is obligated to implement various physical, electronic and data management measures to safeguard and secure the Personal Data we transfer to them to process on our behalf.

7. What are your data protection rights

1. Every Customer is entitled to the following:
1. right to access – you have the right to request CTL for copies of your Personal Data. CTL may charge you a fee for this service;
2. right to rectification – you have the right to request CTL to correct any information you believe is incorrect. You also have the right to request CTL to complete information you believe is incomplete;
3. right to erasure – you have the right to request CTL to erase your Personal Data, under certain conditions;
4. right to restrict processing – you have the right to request CTL to restrict the processing of your Personal Data, under certain conditions;
5. right to object to processing – you have the right to object to CTL’s processing of your Personal Data, under certain conditions;
6. right to data portability – you have the right to request CTL to transfer the data that we have collected to another organization,, or directly to you, under certain conditions; and
7. right to lodge a complaint with your local data protection authority.

If you make a request, we have at least one month to respond to you. If you would like to exercise any of these rights, please contact our Data Privacy Officer at DataPrivacyOfficer@connexustravel.com.

8. Cookies

1. We use cookies (small pieces of information stored by Customers' browser or their computer's hard drive, for more information, visit https://allaboutcookies.org/) to speed up the log-in process (if applicable), to track usage of our website, understand how you use our website and to allow repeat Customers to make reservations without having to type in the same information each time. These are functionality cookies that we use.
2. We also use advertising cookies to collect information about your visit to our website, the content you viewed, the links you followed and information about your browser, device, and your IP address. CTL sometimes shares some limited aspects of this data with third parites for advertising purposes. We may also share online data collect through cookies with our advertising partners. This means that when you visit another website, you may be shown advertising based on your browsing patterns on our website.
3. We may provide statistical reports about Customers' traffic patterns and related site information to some reputable third-party vendors, however these reports will not include any data that could be used to identify a data subject.

You can set your browser not to accept cookies, and remove cookies from your browser. However, in a few cases, some of our website features may not function as a result.

9. External Websites and 3rd party vendor

Our website contains links to other websites or service provided by 3rd party vendor. We have no control over or responsibility for any other website that Customers access via the links on our website. Our privacy policy only applies to our platforms so Customers should read the privacy policy or statement of all third party websites if you click on a link to another website.

10. Our Commitment to Data Security

1. We are committed to protecting the privacy, confidentiality and security of the personal information we hold. We use an industry standard for encryption over the Internet and/or mobile application, known as Transport Layer Security (TLS) protocol, to protect the Personal Data. When you type in sensitive information such as Credit Card Information and travel document information, it is automatically encrypted before being securely dispatched over the internet.
2. The Personal Data Customers provide to us will be stored in a database for no longer than is necessary. Our website has a firewall in place, aimed to protect the Personal Data collected from Customers against unauthorized or accidental access. However, complete confidentiality and security is not yet possible over the internet, and privacy cannot be assured in Customers' communications to us. Customers acknowledge that Personal Data is disclosed at their own risk, and may be subject to unauthorized use by others. We are not responsible for any direct, indirect, special or consequential damages, howsoever caused, arising out of your communication with us or the sending of information to us. Customers are encouraged to protect themselves against any unauthorized access to their data.

11. Changes to our privacy policy

Our privacy policy is regularly reviewed and updates will be place on our platform(s).

12. How to Access or Correct Personal Data or Contact Us

Customers are entitled to access or correct their Personal Data held by us. Any data access request or data correction request, or any other data privacy related queries, may be made by contacting our Data Privacy Officer at DataPrivacyOfficer@connexustravel.com.

13. Opt-out

Should customer no longer wish to receive information on promotions or services via our electronic channel, customer can send request to notify us via DataPrivacyOfficer@connexustravel.com.

Withdrawing your consent will not affect the lawfulness of any processing that occurred before you withdrew consent and it will not affect our processing of your personal information that is conducted in reliance on a legal basis other than consent.