Privacy Policy, Effective: August 1, 2023
Bali Customized Tours owns and operates a service that enables users to find, curate and book travel experiences in Bali. In this Statement, these are collectively referred to as our “Services”.
The information that you and others entrust us with enhances our ability to provide more relevant, personalized, and helpful Services. We know that sharing your personal information with us is based on trust. We take your trust in us seriously and are committed to providing you with helpful information, products, and Services, curated based on the information you have shared with us. Equally, and perhaps more importantly, we are committed to respecting your privacy when you visit our website or use our Services, and being transparent about how we use the information you have entrusted to us. Please review this privacy policy (“Policy”) carefully to learn about our privacy practices.
This Policy describes how we obtain, use, and process your information – hopefully, in an easily understandable and transparent manner. It informs you of the rights you have, how you can exercise them, and how you can contact us. Please review this Policy carefully to learn about our practices with respect to information and privacy. By visiting our website and business contacts, whether on a computer, phone, tablet, or similar device (each of these is referred to as a “Device”), you acknowledge and confirm that you have read this Policy.
We offer our Services to users in a number of countries and territories where the laws and customs differ. This Policy provides a general overview of our privacy practices. In addition, sections 12 and 13 of this Statement provide specific information relevant to users residing in certain regions or countries.
When you access or use our Services, we collect and process information from and about you to provide the Services in a more personalized and relevant way.
We may also collect, in instances where you have provided it, information about other travelers, including their email address and other travel-related information. If you are sharing information with us about other individuals, you must obtain their consent and ensure that they have understood and accepted how we will use their personal information (as described in this Policy).
To the extent possible, we want to provide you with relevant content and a tailored experience when you use our Services, and we use information about you to do that, including in the following ways:
Registration and other contracts
Improve our Services
Individualization and customization
Communication
Legal Compliance
In order to provide some of our Services, we may need to share information with certain other third parties, including our group of companies, in the following circumstances:
We also may share your information if we believe, in our sole discretion, that such disclosure is necessary:
You have options with respect to the processing and use of your information by us. You can do the following:
Our Services are not intended for children, which we consider to be: (i) individuals that are 13 years of age or under, or the age of privacy consent in your jurisdiction; or (ii) when processing data on the basis of a contract, the age of legal capacity to enter into the agreement.
We will only collect or process information belonging to children under very limited circumstances. We might need to collect personal information belonging to children as part of our Service if, for example, the personal information is required as part of an experience-related reservation. We will only collect personal information belonging to children if it is provided by and with consent of a parent or guardian. If we become aware that we have processed the personal information of a child without the valid consent of a parent or guardian, we will delete the personal information.
We have implemented appropriate administrative, technical, and physical security procedures to help protect your information. We only authorize specific personnel to access personal information and they may do so only for permitted business functions. We also employ firewalls and intrusion detection systems to help prevent unauthorized access to your information. However, we cannot guarantee the security of information from unauthorized entry or use, hardware or software failure, or other circumstances outside of our control.
We will retain copies of your information for as long as you maintain our services or as necessary in connection with the purposes set out in this Policy, unless applicable law requires a longer retention period. In addition, we may retain your information for the duration of any period necessary to establish, exercise or defend any legal rights.
We may update this Policy in the future. If we believe any changes are material, we will let you know by doing one or more of the following: sending you a communication about the changes, placing a notice on the website and/or posting an updated Statement on the website. We will note at the top of this Policy when it was most recently updated. We encourage you to check back from time to time to review the most current version and to periodically review this Statement for the latest information on our privacy practices.
If you have a data privacy request, such as a request to delete, please send us a request through our contact us page. For general data privacy inquiries or questions concerning our Privacy Policy, please also contact us through our contact page.
This GDPR Statement applies to persons in the European Economic Area (“EEA”), including those based in the United Kingdom. This GDPR Statement supplements our Policy; however, where the Policy conflicts with the GDPR Statement, the GDPR Statement will prevail as to persons located in the EEA.
Controller of Personal Information and Local Representative
Bali Customized Tours is the data controller of the personal information we collect.
Your rights under GDPR
You have certain rights regarding your personal information. Your rights with respect to your own personal information include the following:
You will not usually have to pay a fee to access your personal information (or to exercise any of the other rights described in this Policy). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive, or excessive.
We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal information (or to exercise any of your other rights). To the extent you use a third party to submit a data request on your behalf, we may need to take reasonable steps to verify the authenticity of the request. These are security measures to ensure that personal information is not disclosed to any person who has no right to receive it. In an effort to speed up our response, we may also contact you to ask you for further information in relation to your request.
Information Uses and Legal Basis
We will only use your personal information under the circumstances permitted by the law or you.
Pursuant to GDPR, we will use your personal information in one or more of the following circumstances:
Information uses:
Disclosures
In addition to the further details as described in the Policy, we make the following disclosures:
California Privacy Statement
This California Privacy Statement is provided pursuant to California laws. It applies to California residents and supplements our overall Statement with additional disclosures and rights.
Your California rights
California residents may also take advantage of the following rights:
We may need to verify your identity or elements of the request to enable us to process your request. We will take reasonable steps to verify your identity; these verification steps will vary depending on the sensitivity of the personal information and whether you have an account with us. We may deny certain requests, or fulfil a request only in part, based on our legal rights and obligations. For example, we may retain personal information as permitted by law, such as for tax or other record keeping purposes, to process transactions and facilitate customer requests. We value your privacy and will not discriminate against California residents in response to your exercise of privacy rights.
Multi-State Privacy Statement for Virginia, Connecticut, Colorado
This Multi-State Privacy Statement is provided pursuant to applicable state laws and applies to Virginia, Connecticut, and Colorado residents, and supplements our overall Statement with additional disclosures and rights.
If you are a resident of Virginia, Connecticut, or Colorado you may take advantage of the following rights in accordance with applicable law:
We will take reasonable steps to authenticate your identity prior to responding to your requests. The authentication process will vary depending on the sensitivity of the personal information and whether you have an account with us.
We may deny certain requests, or fulfil a request only in part, based on our legal rights and obligations.