Tour Desk ehf. (“TourDesk”, “We”, “Us”, “Our”) is committed to protecting your privacy and data. We know that your privacy is very important to you and have setup this policy to help you understand what information we collect, how we use that information, who can access it, where and what information is shared and how we protect that information. This policy applies to all TourDesk systems/applications including white label sales portals, Agent system, API, customer support, phone service, registration process and checkout.
Our clients’ data security is of great importance to us. We are aware that some of the information collected, processed and presented through Tour Desk services could be regarded as personal data. We are determined to protect it to the fullest extent possible and have taken the appropriate steps to ensure we are compliant with the General Data Protection Regulation (GDPR).
When you make a purchase or you register as an affiliate or supplier we collect the information that you give us. That information may include…
While using our we might collect information on of your use. That may include information about your device, your location or logs on information changed.
When signing in to the Agent system we will store information about your IP address, product model, operating system, browser type and browser version as well as what times you signed in.
When completing a purchase through checkout or the agent system we will store information on your IP Address. The IP address might be used to determine the country your purchase was made from.
Your card details are not stored with TourDesk. At the time of purchase they are sent directly to a card acquirer. Your name, email or phone number is not sent to the acquirer.
All our card acquirers are PCI certified. They store your card information and give us a virtual number for later use.
We store that virtual number along with the last 4 digits of your card number. In case of cancellations or other problems this allows us to refund directly to your card without you having to give out your card details to a support personnel.
Whenever you contact us, we use the information that you provide to us to help resolve issues you might be having when you use our services. We also use information, such as your email address, to respond to you when you contact us, to let you know about changes to our policies and terms, to let you know about changes or improvements to our services and to inform you about other services that we offer.
We also may permit our partners/resellers to set their own analytics tracking cookies like Google Analytics or Facebook pixel. These will also be on an opt-in basis.
We may share your information for legal and business purposes, such as complying with legal process, responding to claims or inquiries, enforcing our terms, or protecting the rights, property or personal safety of our operations, our users, or the public. Your information may also be shared as part of any sale or transfer of company assets, if legally permitted.
Tour Desk does not store your credit card or other payment information. TourDesk uses PCI certified acquirers that store your information according to the PCI regulations. They return to us a virtual number that we store along with the last 4 digits of your card number for identification. See a list of Tour Desk’s acquirers here.www.tourdesk.io/Docs/PaymentAcquirers
Tour Desk employees will have access to your name, email address, phone number and purchase history through TourDesk internal administration system. Employee access to the internal administration system is logged.
In some cases you may choose what information we are allowed to collect and how that information is shared.
You are not able to opt-out of your payment details being shared with the acquirer as the payment can’t be processed without going through the acquirer.
We have implemented administrative, physical and technical security measures that are designed to protect your information from loss, theft, misuse, unauthorized access, disclosure, alteration and destruction. All your passwords are stored salted with a running encryption key. You should understand though that, despite our efforts, no security can be guaranteed as impenetrable.
Payment information, such as credit card number or CVC code is not stored with TourDesk.
All of our internet accessible application communicate through SSL on a 256 bit encrypted connection.
All of our customers and partners will enjoy the same data protection regulations according to the EU data protection law (including the General Data Protection Regulation 2016/679 (the “GDPR”)) as such we are a ‘data controller’ of your personal information.How you can access your personal information
If you wish to exercise any of the rights set above, please contact us.
We try to respond to all legitimate requests within one month. Occasionally, it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.