Your privacy is important to you and to us. We are therefore happy to explain why and how we deal with your personal data. Honesty and transparency are important values for us. In this way, we want to build a lasting relationship of trust with our clients. This means, among other things, that we respect and protect your privacy and your choices. After all, personal data tells all sorts about you. Your information must be safe with us, and we do everything we can to ensure that. All our employees are bound by strict privacy rules and are constantly monitored on them. We only share your data with third parties if this is necessary, for example for the execution of our agreement. We do not sell any personal data to third parties. Nor do we send you marketing information unless you have asked us to do so. Your data will only be used for the purpose of optimal service and operational management.

We would like you to know exactly how we process your personal data, but also that they are up-to-date. You are therefore free to access, modify and correct your data. Of course you can also let us know that you no longer give permission for your data to be processed by us. Because the data belong to you, you can also ask us to transfer them to you.

In the execution of the agreement we obviously work together with partners, such as campsite owners and service providers. We only work with reliable partners who apply the same privacy standards as we do. These third parties will only receive your personal data if this is really necessary and under strict privacy conditions. We have ensured that your personal data are as secure there as they are with us.

The way in which ACSI handles your data is in accordance with the new European regulations (General Data Protection Regulation). When you share your personal data with us or when we collect personal data about you, we use them in accordance with this Privacy Statement. The following questions and answers explain in detail what your personal data consist of and how we use, process and secure them.

For general questions or complaints regarding this Privacy Statement, please contact our Data Protection Officer by email: dataprotection@acsi.eu. For security reasons, the Officer will ask you to provide proof of identity before your request is taken into consideration.

What are personal data?

These data say something about a natural person. This information relates to your identity, such as your name, address and telephone number, but also your IP address. Personal data therefore includes this kind of data, but also profile photos, personal preferences and purchasing behaviour and financial data. Appendix 1 contains the categories of personal data that we may be able to process. Cookies are also part of personal data. You can read about what cookies are, why we use them and how we handle them in our Cookie Statement.

What data do we collect and how do we use it?

At ACSI, the focus is always on the customer. We think that this is logical. We want to develop the best possible travel products for you and for this we need to get in touch with you and communicate with you. This helps us to deliver exactly what you want. We collect or receive your data via our websites, booking forms, apps, but also via social media.

You provide us with your information when you create an account, fill out a survey or when you sign up to receive newsletters, for example. In addition we receive your data through the purchase process. By browsing our websites, we collect cookies that are essential for the proper functionality and security of our apps and websites.

We process personal data in order to (be able to) comply with the agreement with you. This way we can manage your bookings and provide you with relevant information. If you wish, you will receive marketing messages from us on a regular basis, whether or not by means of newsletters. We measure your satisfaction and look for solutions if you are not (completely) satisfied. For the purpose of our product development, we keep statistics. This helps us to consolidate our relationship with you and to work with new customers. The analysis and investigation of personal data is necessary for the development and improvement of our products and services; in short, to serve you (even) better. Through our analyses, we can use automated profiling techniques to inform you about products and activities that are tailored to your personal interests and needs.

We do not share your personal data with third parties, unless this is necessary for the execution of the agreement or the internal business operations. We have entered into a so-called Processor’s agreement with these third parties to ensure that these third parties apply the same stringent privacy standards as we do. Your personal data will never be offered for sale by us.

Where do we store your data?

We ensure safe and honest business operations, not in the least for the security of your personal data. Our employees who process personal data may also be outside the European Economic Area and work for us or for our service providers from there. We have also entered into a Processor’s agreement with these parties established outside the EEA. Your data is therefore just as safe with them as it is with us. Because the transmission of information over the internet is not fully secured, we and the third parties with whom we work cannot guarantee the security of your data sent to our website. Therefore, each shipment remains at your own risk. Occasionally, our websites and apps contain links to the websites of our partner networks, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we are therefore not responsible or liable for these policies.

How long do we store your personal data?

We do not store your personal data for longer than is necessary for the purpose for which we have the data in our possession. This is in order to meet your wishes and needs or to comply with our legal obligations. As soon as we no longer need your data, they will be removed from our systems or rendered anonymous so that your identity can no longer be derived from them. We store personal data relating to a customer for seven years after the termination of the relationship. Personal data of potential customers who have not yet been contacted will be retained for six months after collection. Personal data of potential customers who have indicated that they want to be in contact with us are kept for two years.

What are your privacy rights?

It is important to us that you have control over your personal data. You can exercise this control by using the following rights:

Right to information
Right of access
Right of rectification
Right to be forgotten
Right to object to marketing and profiling
Right to withdraw your consent
Right to data portability
Right to disable cookies
Right to complain

Modifications

This Privacy Statement dates from May 24th 2018. Any change or addition to the Privacy Statement will be promptly disclosed to the public.

Appendix 1: Categories of personal data which may be processed
Below are the categories of personal data that we may process. This Privacy Statement explains why we may be able to process these personal data and on what basis.

Category of personal data	Example
Personal Identification data	Name, address, town, postal code, e-mail address, telephone number, e-mail, signature, social media user name, customer number, account number.
Personal characteristics	Age, gender, date of birth, marital status, nationality, occupation, education, personal interests, leisure activities, family situation, relationships, memberships
Electronic identification data	IP address, cookies
Communication data	Records from face-to-face contacts, contacts by phone, email, app, letter, records of product and service conversations, records of complaints and inquiries
Financial data	Bank account and payment behaviour
Information about products and services	Purchased products and services, interests in products and services
Special personal data	Data referred to in Article 9 of the General Data Protection Regulation
Other personal data	User ID and password, citizen service number, national registry number

ACSI

Privacy statement

Contents: