- Purchases and/or intend to purchase and/or inquire about any products of the Company (“Products”) and / or any services of the Company (“Services”).
- Purchases any service(s) made available by us through any of our various customer interface channels including without limitation Websites, mobile site, mobile app (collectively referred hereinafter as "Online Sales Channels") and through our offline channels such as but not limited to call centers, offices, agents and franchisees (collectively referred hereinafter as “Offline Sales Channels”).
- We are Cox & Kings Limited, a company incorporated in India under the provision of Companies Act 1956 and have our registered office address at Turner Morrison Building, 16 Bank Street, Fort, Mumbai – 400 001.
For the purpose of applicable data protection laws, we are the “Data Controller” of all Personal Data that we collect, use and otherwise process about you, through -
- Online sales channels
- Offline sales channels
- Our social media pages that we control (hereinafter referred as “social media pages”)
- Email messages, SMS, notifications, alerts etc that we send you from time to time.
- Offline interactions
Full name of the Entity Cox & Kings Limited Attention The Data Protection Officer Address Turner Morrison Building, 16 Bank Street, Fort, Mumbai - 400 001 firstname.lastname@example.org
The type of information we collect about you are as following:
“Personal Data” is that information and / or data which identify you as an individual or relate to a particular individual. Depending on the circumstances, we collect any of the following -
- Details about you such as but not limited to your name, gender, address, contact number, email address, date and place of birth, nationality, religion, PAN card details, Aadhar details, choice of veg / non-veg food, information about your health to the extent that it’s relevant to your fitness to receive our services, your holiday itinerary or to provide you with special assistance.
- Credit and debit card number, Bank Account details, net banking details, cheque details or any other payment related information / data.
- Financial and tax information in limited circumstances.
- information related to your transactions on the website which including the date and time, the amounts charged and other related transaction details.
- Language preference.
- Identification documents/information such as but not limited to your passport or identity card details (including your passport number, the country in which your passport was issued and the expiry date), visa or other government-issued identification data.
- Important dates, such as birthdays, anniversaries and special occasions of self and family members.
- Membership or loyalty program data (including co-branded payment cards, travel partner program affiliations) Your Employer details.
- Your travel details, tour group or activity data including details of your travel itinerary such as where you are flying from and to, your booking information, any onward travel details if relevant, details of experiences or excursions booked through us, your baggage requirements, any upgrade information, your lounge visits, seat preferences, meal preferences or requirements, details of any special assistance you might need from us and any other information relevant to enable us to provide you with the travel or other services that you’ve arranged with us.
- Information about your interactions or conversations with us and our people, including when you make enquiries, comments, complaints or submit feedback to us or when you purchase goods and services, special service and / or make any other amenity requests.
- Information related to your Geographic location and IP address.
- Social media account ID, profile photo and other data publicly available, or data made available by linking your social media and loyalty accounts. In more limited circumstances, we also collect:
- Data about family members (including children) and companions, such as name(s), age, birthdays, anniversaries etc.
- Biometric data, such as digital images.
- Images and video and audio data via: (a) security cameras located in public areas, such as hallways, lobbies, grounds etc, in our properties; and (b) body-worn cameras carried by our loss prevention officers and other security personnel.
- Guest preferences and personalized data (“Personal Preferences”), such as your interests, activities, hobbies, food and beverage choices, services and amenities of which you advise us or which we learn about during your visit.
- “Other Data” is that information and / or data which does not identify you as an individual or relate to any particular individual such as but not limited to - (i) Browser and device data (ii) App usage data (iii) Data collected through Cookies, pixel tags and other technologies (iv) Demographic data and other data provided by you (v) Aggregated data. However, in case any Other Data identify you as an individual or relate to any particular individual, then we will treat such Other Data as Personal Data.
- “Personal Data” is that information and / or data which identify you as an individual or relate to a particular individual. Depending on the circumstances, we collect any of the following -
- Personal data which concerns your health or which reveals your data related to your social security numbers, any national identification number, racial or ethnic origin, political opinions, ideological or other beliefs, health, biometrics or genetic characteristics, criminal background, trade union membership, administrative or criminal proceedings and sanctions, your sexual orientation are Sensitive Data.
- Processing of Sensitive Data requires your explicit consent. Accordingly, information concerning any disability, medical condition or restricted mobility which may affect your travel arrangements (and related requirements) as well as dietary restrictions which may disclose your religious beliefs are Sensitive Data. We will ask for your consent to our processing this Sensitive Data at the time you make your booking or your booking enquiry.
Depending upon circumstances, we collect Personal Data and Other Data (collectively referred as “Information”) in various ways-
Online Sales Channels. We collect Information when you-
- Browse our Online Sales Channels, mobile website or mobile application
- Book or search for any Product or other services via our Online Sales Channels
- Fill in a portion of the booking form on our Online Sales Channels whether you submit or do not submit the complete or partly complete booking form.
- Communicate with us, or otherwise connect with us or ‘follow’, ‘like’, post to social media accounts/social media pages including without limitation at including Facebook, LinkedIn, Twitter, Pinterest, Instagram and YouTube.
- Sign up for any newsletter, promotional materials or participate in any activity, survey, contest or promotional offer.
Offline Sales Channels. We collect Information through our Offline Sales Channel as following-
- When you fill in the booking form in part or in whole.
- When you make a reservation over the phone, communicate with us by email, fax or via online chat services or contact customer service. These communications may be recorded for purposes of quality assurance, training.
- We collect Information from other sources, such as but not limited to suppliers providing public databases, joint marketing partners and other third parties.
- We collect Information from internet-connected devices available in our Office premises, or at the Franchisee stores.
- We collect Information when you download our App or choose to participate in any programs. In such situation we collect your device’s precise physical location through satellite, your network tower, WiFi signals etc. We collect this data when you access our Online Sales Channels to enable location-driven capabilities on your mobile device. We will continue to collect location data until you log off or close the Online Sales Channels or unless you disable your location capabilities of the App or your mobile device.
- We collect Information through your browser or automatically through your device, such as but not limited to your Media Access Control (MAC) address, computer type (for eg- Windows or Macintosh), screen resolution, operating system name and version, device manufacturer and model, language, internet browser type and version and the name and version of the online services (such as the Apps) you are using. We use this data to ensure that the Online Services function properly.
- We collect certain Information from Cookies. Please refer to clause 18 for more details on Cookies.
- We collect certain Information when you download and use an App in your mobile phone, such as App usage data, the date and time of the App on your device when it accesses our servers and information regarding all data and files that have been downloaded using the App based on your contact number.
- We collect your IP address. As soon as you access any of the Online Sales Channels, your IP address is automatically identified and logged in our server log files along with the date, time of visit and the pages that were visited by you. We use such IP address to calculate the level of usage of the Online Sales Channels and also to derive your location using your IP address.
- Online Sales Channels. We collect Information when you-
We’ll use your information for various purposes to render services to you as per our contract and hence usage of some Information will depend on the type services for which you have engaged us. Under some circumstance we might require you to share the Information directly with us. In case you fail to provide such Information to us or prohibit us from collecting such information, then we might not be able to render you with your requested Product or services under the contract. We use all such Information for our genuine business purpose to render appropriate services, which includes the following-
- To Render You with Booked Products / Services.We use Information to render any services or Products that you had booked with us. This includes without limitation your flight tickets, rail tickets, cruise, accommodations, arranging a tour, transportation or car hire and providing you with any special assistance with your prior consent such as but not limited to assistance for obtaining visa, insurance etc. We will also use the Information to facilitate your reservations, payments, confirmations or pre-arrival messages, to assist you Other Data about the destination that you are scheduled to visit.
- To support our electronic receipt program. When you provide an email address at the time of making a booking, we use that email address to send you a copy of your invoice(s) and / or other notifications, documents related to your bookings. However, in case you are booking any Products / Services on behalf of any third person using your email address, then the invoice(s) and / or other notifications, documents related to the bookings made for such third person will also be sent to you on the emailed address shared by you with us.We will also use your information to process transactions and payments for bookings made by you with us and in order to collect and recover money owed to us.
- Loyalty Programs. We use Information to Offer and manage your participation in our global loyalty programs, as well as others that are specific to certain properties or tailored to your interests.
- To optimise our Online Sales Channels. We will use your information to (i) ensure that the content from our Online Sales Channels are made accessible to you in a manner that is effective, convenient and optimal, and (ii) to share with you relevant contents using site analytics and research.
- To protect and safeguard the Company. To protect, safeguard, investigate and prevent any fraudulent, unauthorized or illegal activity, terrorism and other types of unlawful conduct.
- To Comply with our Policies, Procedures and other Business Purposes. We will use your Information so as to enable us complying with various policies, procedures and legal obligations, to enforce our legal rights, and to protect the rights, interests, property and safety of our staffs, customers and us as well. This may include sharing your information with our lawyers, technical advisors, law enforcement and other regulatory bodies where necessary (on the basis of our legitimate interests or to comply with a legal obligation). We also use Information for various data analysis, audits, security and fraud monitoring and prevention, developing new services, improving our existing Services and determining the effectiveness of our promotional campaigns.
In order to ensure that you are provided with the best services in furtherance of our contract, we may have to share your Information with the parties set out below
- Affiliate and Group Companies. From time to time we might disclose your Information with our affiliate and group Companies for various reasons such as but not limited to - (i) to ensure proper Services are rendered to you, (ii) communicating with you, (iii) facilitating the loyalty programs if any, (iii) to accomplish our business purposes, (iv)to carry out statistical analysis, (v) market research, business/knowledge process outsourcing (such as call centres) etc.
- Third Party Service Providers, Concerned Bodies and Authorities. You are aware that your tour may comprise of services rendered by several Third Party Service Providers. Hence, we will disclose your Information with these Third Party Service Providers to ensure they provide you with appropriate services. Many destinations require Third Party Service Providers to provide certain Information about you to the border/immigration authorities of the country of your travel destination. These certain Information are mostly basic information contained in your passport or any other documents issued by the concerned authorities of a country, which you would be required to present on your arrival and without which services cannot be rendered. In addition, applicable laws of some destinations and other countries over which your flight may fly, require the concerned airlines to share certain Information about you and your travel arrangements with the government/bodies/authorities of such country. Hence, accordingly we will share such required Information where we are required to do so.
- Business Partners and other Suppliers. On a need to know basis, we share your information with various vendors and third party suppliers that render us services in connection with our business including without limitation: (i) marketing agencies and/or companies that run our marketing campaigns, (ii) IT developers and other software companies, (iii) business / knowledge process outsourcing companies (such as call centres) etc (iv)third parties that manage promotions or competitions that we may run, (v) third Parties whose services/applications are procured by us on a white label basis, (vi) networks, ground handlers, destination management companies, site analytics providers, medical service providers, financial institutes and banks.
- Regulators and Governmental Bodies. We will share your information with regulators, governmental bodies and other authorities etc for various reasons including without limitation- (a) to comply with any applicable laws; (b) to comply with any legal process including defending our company and/or you from 3rd party claim; (c) to respond to any orders, instructions or requests received from any public and government bodies and authorities (d) to ensure that our terms and conditions are complied with; (e) to protect the rights, interest, privacy, safety of the Company.
- We take appropriate technical and organizational measures to protect against unauthorised or unlawful processing of Personal Data and against accidental loss or destruction of, or damage to, Personal Data, which is appropriate to the harm that might result from the unauthorised or unlawful processing or accidental loss, destruction or damage and the nature of the Information to be protected, having regard to the state of technological development and the cost of implementing any measures.
In order to protect your Information against any unauthorised access or any unlawful use, we use various technical and operational security measures such as but not limited to:
- Limiting access to your Information to those employees, agents, franchisees, contractors, Third Party Service Providers and other third parties, who have a business need to know.
- Ensuring the physical security of our offices and Franchisee stores and further ensuring digital and physical security of our equipment, devices and systems by mandating appropriate password protection, encryption and access restrictions.
- Implementing processes (such as password hashing, login auditing, and idle session termination) to protect against unauthorized access to your Information.
- Maintaining internal policies and deliver data protection and confidentiality training to our employees to ensure they understand their responsibilities towards protecting and safeguarding your Information and if required take appropriate measures to enforce these responsibilities.
In addition to us protecting your Information, you can also protect your Information if you take reasonable measures to protect the same, such as but not limited to - (i) Choose strong passwords and change them regularly (ii) at all times ensure that your booking references and passwords are kept confidential and ensure that you do not share them with anyone else; (iii) do not use your same password for multiple accounts (iv)if you are a registered user then you must ensure that you log out after each session; (v) in case you suspect that your password or booking reference has been compromised or if someone may have accessed your account, then you must immediately inform us; (vi) keep your devices protected by ensuring that you’re using the latest version of your operating system and have suitable anti-virus software, if applicable; and (vii)stay away from any and all fraudulent emails.
- We will only retain and use your Information for marketing purposes where you have specifically consented to this or we are permitted to do in accordance with data protection laws (including as set out below).
- We may send you e-mail marketing where we comply with applicable laws, rules and regulations. However, you will of course be given the opportunity to opt out of receiving such e-mail marketing communications when you first provide us with your e-mail address and whenever we send you any e-mail marketing.
- Where you have previously requested or agreed to receive information about our travel services from us by post / courier/email/sms, we may continue to send you such information in the same way until you ask us not to (which you can do by telephone, e-mail or post or courier or sms). Everything we send you will tell you what you should do if you no longer wish to hear from us. We will send you this information as this is necessary for the purposes of our legitimate interests in communicating with you unless it is or becomes clear that our interests are overridden by your interests or fundamental rights and freedoms in which case we will cease communicating with you.
- You may provide your consent to receiving marketing information from us by opting to receive marketing material either on-line or by telephone. You may also choose in what ways you are happy to receive communications from us. You may, for example, be happy to receive information and offers by couriers, sms and e-mail but not by telephone.
Yes, you can withdraw your consent to receiving marketing material or other communications from us, either generally or in any particular way, at any time by e-mailing us at email@example.com or you can telephone us.
Yes, you can ask us to review, correct, update, suppress, restrict or delete your Personal Data under certain circumstances, for example where you have withdrawn your consent to further marketing material where the data in question has only been processed for this purpose. In case you want to review, correct, update, suppress, restrict or delete your Personal Data and / or want a copy of your Personal Data then you will have to contact The Data Protection Officer by writing to him at firstname.lastname@example.org.
- You are entitled to ask us (by letter or e-mail) what Information of yours is being held or processed, for what purpose and to whom it may be or has been disclosed. No fee will be charged for responding to this request unless it is obviously unfounded or excessive or we have previously provided the same information.
- We promise to respond to your request without delay and in any event within 1 month unless the request is complex or you have made numerous requests in which case we may be able to extend our response time by a further 2 months.
If you believe this is the case, please tell us by e-mail as soon as possible. We will rectify the problem within 1 month or within 3 months if the rectification request is complex.
- Your Information will be stored in secured locations, and on servers controlled by us, located either at our offices, or at the offices of our service providers.
- We will not process your Information in a form which enables you to be personally identified for any longer than is necessary in order to fulfil the purpose for which it was originally collected or for any other legitimate business purpose.
- Where your Information has been provided to us for the purpose of the holiday arrangements or other services you have contracted, we are entitled to retain this Information for a period of 6 years after those arrangements have been completed. However, under certain circumstances, we might retain your Information for a longer period due to various reasons such as but not limited to (i) ongoing relationship with you (for example, for as long as you are registered with us or keep using our Services) (ii) complying with any laws, rules and regulations, notifications, statutes etc., that requires us to keep Information, or (iii) for as long as we reasonably require your Information for our legitimate interests and/or to exercise our legal rights and/or to defend ourselves against any legal actions, damages, claims etc.
- If you have consented to receiving marketing communications from us, we may continue to use your Information for this purpose until you withdraw your consent or otherwise for as long as we reasonably consider your consent remains valid and effective.
- We encourage you to register with us in order to book services on our Online Sales Channels and to take advantage of our customization features. However, you may choose not to register and take advantage of any feature of our site where registration is not required. If you do not register, then the information we collect from you is limited.
- We log your IP address in order to help diagnose problems with our server, administer our Web site and track usage statistics.
- Your IP address may vary each time you visit, or it may be the same, depending on whether you access our site through an always-on type of Internet connection (e.g., cable modem or DSL), or through a dial-up connection (e.g., VSNL, MTNL etc). Either way, it would be extremely difficult for us to identify you through your IP address, and we make no attempt to do so.
- If you reached our site by clicking on a link or advertisement on another site, then we also log that information. This helps us to maximize our Internet exposure, and to understand the interests of our users. All of this information is collected and used only in the aggregate; that is, it is entered into our database, where we can use it to generate overall reports on our visitors, but not reports about individual visitors.
- All users who choose to register themselves on our site www.coxandkings.com will be able to do online transactions with us. You will be able to purchase services like Flights, Hotels, Car Rentals, Packages, Cruises etc. available on our site.
- If you register with us, we will collect personal information from you in addition to the non-personal information described above. That personal information may include your name, email address, mailing address, telephone number, travel preferences, passport number, user name and password. The information we collect may vary, but we only collect the information that you manually enter into our forms. We may store all or some of that information in a cookie file on your hard drive, so that our system will recognize you each time you visit our site. In that way, we can save your preferences from visit to visit and present you with a customized Web site, without requiring you to log into our site every time you visit. To improve services and enhance personalization, we may periodically obtain information about you from other independent third-party sources and add it to your registration information. Additionally, authorized Cox & Kings personnel may update your registration information to accurately reflect any new information included in communications received from you.
- We collect certain data from Cookies, which are pieces of data stored directly on the computer or mobile device that you are using. Cookies allow us to collect data such as browser type, time spent on the Online Services, pages visited, referring URL, language preferences, and other aggregated traffic data. A Cookie may also allow us to collect information about your path through our Web site and to determine whether you have visited us before. However, unless you register with us, it will only collect Other Data. Cookies cannot be used to read data off of your hard drive, and cannot retrieve information from any other Cookies created by other Web sites. These Information to help us understand how visitors use our site and help us to improve our site for various purpose including security purposes, to facilitate navigation, to display data and information more effectively, to collect statistical data, to personalize your experience while using the Online Sales Channel and to recognize your computer to assist your use of the Online Sales Channel. We also gather statistical data about use of the Online Sales Channel to continually improve design and functionality understand how they are used and assist us with resolving questions.
- You may refuse to accept a Cookie from us by following the procedures specific to your Web browser. Although if you do so, you may find your browser to react strangely while visiting our Web site and other Web sites as well. Since Cookies don't provide us with any information from which we can identify you, we suggest you allow us to place one on your computer. If you are visiting a site where you will be accessing your confidential account information, you will be required to accept Cookies as it is essential for site administration and security.
- You can choose whether to accept Cookies by changing the settings on your browser or by managing your tracking preferences by clicking on “Tracking Preferences” located at the bottom of our home page. However, if you do not accept Cookies, you may experience some inconvenience in your use of the Online Services. For example, we will not be able to recognize your computer, and you will need to log in every time you visit. You also will not receive advertising or other offers from us that are relevant to your interests and needs. At this time, we do not respond to browser “Do-Not-Track” signals.
Minors (as defined under the laws of their jurisdiction or residence) are not eligible to register for, use, or Purchase the Products or Services available on our Online Sales Channels. We do not knowingly collect Personal Information from any Minor, and will not use any such Information if we discover that it has been provided by a Minor.
- Our registered office is based in India. However, we are a global company and we provide our Services globally. We have partnered with various Third Party Service Providers across the globe as well. Under such circumstances, sharing Information across borders is essential for us to ensure that you are provided with high quality Services wherever you travel. Hence, subject to applicable laws, we will share/transfer your Information with entities and Third Party Service Providers in countries where data protection standards may differ from those in the country where you reside. However, we take all necessary measures to ensure that your Information is adequately protected and used in accordance with the applicable laws of that country including but not limited to relying on any appropriate cross-border transfer solutions which may include EU-US Privacy Shield Framework.
If you have any complaint about the way in which your personal data has been dealt with, please let us know by e-mail to DPO. We will investigate and respond to you as soon as we reasonably can. If you remain dissatisfied, you may complain to the Data Protection Officer.