Privacy Policy

At Nordfolk Travel, we take the privacy of our customers seriously and are committed to protecting the personal information. This Privacy Policy outlines the types of personal information we collect, how we use it, and how we protect it.

Information Collection and Use

We collect personal information from our customers when they book luxury tours or make an inquiry about our services. This information may include, but is not limited to, name, contact information, travel dates, and special requirements. We use this information to provide our customers with the best possible tour experience, including customized itinerary planning, transportation and logistics support, and access to exclusive experiences and attractions.

 Information Sharing and Disclosure

We do not sell, trade, or otherwise transfer to outside parties any personal information that we collect from our customers, except as necessary to fulfill our obligations to them or as required by law. We may share personal information with our service providers, such as transportation and accommodation providers, as necessary to provide our tour guide services.

Data Security

We implement reasonable and appropriate measures to protect the personal information we collect from unauthorized access, use, or disclosure. However, no method of data transmission or storage is 100% secure, and we cannot guarantee the absolute security of any information.

 Cookies and Tracking Technologies

We may use cookies and other tracking technologies on our website to improve its functionality and performance, and to provide a better user experience. Cookies are small text files that are stored on your device when you visit a website. You may choose to disable cookies in your browser settings, but this may affect the functionality of our website.

 Changes to this Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or applicable law. We will post any changes to this Privacy Policy on our website, and we encourage you to review it periodically.

 

Nordfolk Travel AS is the controller of your personal data. The company is located at Bognesvegen 23, 6016 Ålesund, Norway.

How we collect your information

You give it to us:

Contact or request information from us

Contact us via our social media profiles.

Other people give it to us:

Our client has included you as a travel guest;

Our client has indicated that you are his or her  emergency contact;

It is publicly available.

 Information we collect about you

  • When you contact us interested in a travel proposal: first name and last name, email address, phone number, location, type of travel you are interested in, budget, and any other information you have provided to us in our conversation history, including any information related to other people who will accompany you on your trip;

  • When you have booked a travel service with us or you are a travel guest: first name and last name, preferred name, email, phone number, mobile number, date of birth, address, travel itinerary, flight and transfer information, travel insurance information, passport, special occasion information, and any other miscellaneous information provided to us;

  • We may also collect the following sensitive information after you have booked a travel service with us: health or medical issues and information about allergies, dietary requirements and preferences, weight, travel waivers, and information about children. Whether or not you choose to provide personal information is entirely up to you;

  • When you are indicated as an emergency contact: first name, last name, and phone number.

A note about children

Children (under the age of 18) are not eligible to use the Platform unsupervised, and we ask that children do not submit any personal information to us. If you are under the age of 18, you may only use this Platform in conjunction with, and under the supervision of, your parents or guardians.

Why we collect your information

We use the information we collect about you for the following purposes and on the following legal bases:

Provide you with our services: to administer and manage our relationship with you;

  • Performance of a contract with you and enforcement of our Privacy Policy. Note: If you have been invited by another person as a guest on a trip, but are not interested in being included and would like us to remove any information we have about you, you can request that we remove your information at any time by contacting us at welcome@nordfolktravel.no

  • Gather analysis information, justified based on our legitimate interests to improve our services;

  • Provide you with news and general information about our services, justified based on our legitimate interests to offer you our services. You can opt out of our newsletter at any time by contacting us at welcome@nordfolktravel.no

  • Provide you with news and general information about our services, justified based on your consent if you choose to subscribe to our newsletter;

  • Contact you in case of an emergency, justified based on our contractual and legal obligation of ensuring safe travel for our clients or protecting the vital interests of our clients;

  • Provide government agencies with information, as necessary for compliance with a legal obligation.

Who we share your information with

We may disclose personal data to third parties if you consent to us doing so, in the following circumstances:

  • Other entities within the Nordfolk Travel AS group of companies;

  • Our third party services providers, suppliers, and partners that assist in providing our services, such as airlines, hotels, system hosting, management, support and data analysis;

  • Credit or reference providers or debt collection companies;

  • Our professional advisors, including lawyers, consultants, accountants, auditors and insurers;

  • Possible acquirers or investors (and our and their advisors) in the context of facilitating or implementing a business reconfiguration or reorganization or a transfer or sale of all or part of our assets or business, including, but not limited to, a divestiture, acquisition, or business reconfiguration. Alternatively, we may seek to acquire other businesses or merge with them;

  • Competent governmental and public authorities, in each case to comply with legal or regulatory obligations or requests.

Some of the service providers mentioned above may be located abroad and, in this case, Nordfolk Travel AS adopts additional safeguards to guarantee an adequate level of protection to your personal data.

Transfer of your information

Nordfolk Travel AS will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Privacy Policy. No transfer of your Personal Data will take place to an organization or a country unless there are adequate controls in place including the security of your data and other personal information.

 In accordance with the the European Union’s General Data Protection Regulation (“GDPR”), when we transfer your personal data out of the the European Economic Area, we ensure a similar degree of protection is afforded to it by ensuring that we use specific controls approved by the European Commission which give personal data the same protection it has in Europe. 

How we protect your information

To ensure that your personal information is secure, we communicate our privacy and security guidelines to Nordfolk Travel AS employees and business partners and strictly follow precautionary measures regarding privacy within the company.

 We strive to protect your personal information through physical, technical, and organizational measures aimed at reducing the risks of loss, misuse, unauthorized access, disclosure, and improper alteration of this data.

How long we retain your information

We have determined retention periods based on the purpose of the processing and the rules set forth within the GDPR and other applicable data protection laws. For example, we are  required to remove data when it has served its purpose and is no longer of use. We review the personal data we collect  regularly to ensure that the personal data we have is up-to-date and is not retained longer than needed or required by the regulation. Any personal data held by us for marketing and service update notifications will be kept by us until such time that you notify us that you no longer wish to receive this information.

If you wish to have more detailed information about our retention times, please contact us at  welcome@nordfolktravel.no.

Your rights

You have several rights concerning your personal data, such as the right to access, update, delete and have a copy of such data as well as to transfer it between IT environments of your choosing. We seek to ensure that you can exercise your rights efficiently. You can exercise your rights by contacting us at Nordfolk Travel.

Under the law, you are granted six fundamental rights when data about you is being processed. We will ensure to reach out without undue delay (no more than 30 days) when you submit a request related to exercising your data subject rights. Although uncommon, when applicable for official or legal reasons we may be unable to address the specific request you make related to your rights. 

Also, if a request is manifestly unfounded or excessive, in particular because of its repetitive character, we may either:

  • charge a reasonable fee taking into account the administrative costs of providing the information or communication or taking the action requested; or

  • refuse to act on the request.

In this scenario we will inform you of the reasons we believe your request is manifestly unfounded or excessive.

As a data subject, you may: 

  • request access to the personal information we process about you; 

  • request that we correct inaccurate or incomplete personal information about you;

  • request deletion of personal information about you; 

  • request restrictions, temporarily or permanently, on our processing of some or all personal information about you; 

  • request transfer of personal information to you or a third party where we process the data based on your consent or a contract with you, and where our processing is automated - data portability (e.g. on a PDF file); 

  • and opt-out or object to our use of personal information about you where our use is based on your consent or our legitimate interests. 

If we have reasonable doubts concerning your identity, we may request the provision of additional information necessary to confirm it.

You also have the right to lodge a complaint with a supervisory authority.

Updates on our Privacy Policy

From time to time it may be necessary to adapt the content of this Privacy Policy. We, therefore, reserve the right to change these at any time without prior notice. If the Privacy Policy is part of an agreement with you, we will notify you by e-mail or other appropriate means in case of an amendment.

 

Last update: 02.09.2024