Gaia Tree Center Privacy Policy2018-05-21T18:23:33+00:00

Gaia Tree Center Privacy Policy

PRIVACY STATEMENT OF outertravelsinnerjourneys.com & gaiatree.center

 

This is the privacy statement of outertravelsinnerjourneys.com & gaiatree.center.
In this privacy statement, we explain how we collect and use your personal data.

Last updated: May 2018 

  1. When is this privacy statement applicable?
  2. Who is responsible for your data?
  3. What data do we collect and how?
  4. How do we use your data?
  5. What third parties have access to your data?
  6. How do we secure your data and how long do we retain them?
  7. How can you exercise your statutory rights?
  1. When is this privacy statement applicable? 

This privacy statement is applicable to any and all personal data that we collect, use, share and store about you when you book a retreat or tour with us, when you visit our website or when you are in contact with us.  

Our website contains links to websites of third parties. This privacy statement is not applicable to the collection of data via the said websites and we are neither responsible for it. See the privacy policy of the relevant website (where available) for more information.

This privacy statement was most recently amended on May 2018 and replaces earlier versions. We may amend this privacy statement from time to time and will notify you of any changes by posting the revised statement on this website and inform you by email, prior to these changes taking effect. 

  1. Who is responsible for your data?

outertravelsinnerjourneys.com & gaiatree.center are websites belonging to outertravelsinnerjourneys ltd. Established in 2012 and operating from Peru.

We are responsible for the collection and use of your personal data as described further in this privacy statement. If you have questions, comments or complaints about the use of your personal data by outertravelsinnerjourneys then contact our customer service – at retreats@outertravelsinnerjourneys.com

  1. What data do we collect and how?

We collect five categories of personal data about you: (1) name and contact details, (2) booking details,

(3) data that we collect when you contact our customer service, (4) data that we collect when you visit our website or read our newsletter, and (5) social media details.

  1. Name and contact details

These are the data that you enter when you book a tour or retreat e.g. your given names and surname, date of birth, place of residence and your telephone number and email address.

When you create a booking, we may request some of the details as needed for the given tour or retreat as well as other information that you enter or change in your account. If you travel with somebody else then we also collect a part of the data outlined in this section about your fellow travellers.

  1. Booking details

Booking details are the data about the tour/retreat that you purchased from us. For instance, tour/retreat information (tour/retreat name, destination, price, etc.), data about any specific medical conditions we need to consider, additional hotel/flight bookings made on your behalf (number of nights, type of room, price, etc.).

To book an airline ticket we need your passport number for certain destinations. You can also enter customer numbers of third parties (e.g. your frequent flyer number) if you want to qualify for the relevant privileges or other benefits. With your consent, we save these numbers and your travel preferences (e.g. whether you travel for personal or business purposes and what your favourite airport is) in your retreat.guru account.

When you purchase a retreat/tour, you are forwarded to the payment environment (within retreat.guru) to complete your order. To complete this payment you must enter your payment details, e.g. a bank account or credit card number. We do not keep any of this data (nor are the details visible to us), the payment processor retreat.guru offers a secure payment gateway which anonymises all these details from us.

Via our website, you can indicate if you want to bring along special luggage on your flight, e.g. medical luggage or a wheelchair. In pursuance of privacy legislation, these data are qualified as sensitive as they refer to your health.

  1. Data that we collect when you contact us

When you contact our customer service by email, WhatsApp, social media or telephone then we establish these contact moments in our systems.

  1. Data that we collect when you use our website or read our newsletter

When you visit our website, we register, inter alia, your IP address, type of browser and web browsing behaviour. We register, for instance, which tour you have downloaded a brochure for. We DON NOT collect this information via cookies, scripts, pixel tags and similar technologies. If you receive a newsletter from us then we register when you open this newsletter or when you click on a link via our email marketing sofwtare.

  1. Social media details

Depending on the settings of your social network, we may receive information from the provider of the said service. If you, for instance, you visit our webpage via your Facebook account then we may receive a part of your public social media profile, including your user name, profile photo, “likes” and friends. Also, if you communicate with us via our social media pages (e.g. when you place a comment, upload a photo or click the “like” button) we may receive these data. See the privacy policy of your social media provider for more information about the personal data that we receive and how you can change your settings.

We collect the aforementioned data in three ways: (1) we record the data that you enter when you book a tour/retreat or contact our customer service, (2) we automatically record data when you open a newsletter or communicate with us via social media, and (3) we receive anonymised data about you from our social media network eg. Facebook..

  1. How do we use your data?

We use your data for four objectives: (1) for the supply of our services and for maintaining contact with you, (2) for research to improve our services, (3) for direct marketing based on your preferences and behaviour, and (4) for our administration and for compliance with legislation and regulations.

  1. For the supply of our services and for maintaining contact with you

When you book an tour/retreat, we use the data as described in section 3 for this. We use your name, passport number and other personal data to, for instance, to make reservations on your behalf.

We only supply your medical data in order to assess risk in participation of our retreat and tours.. We do not use these data for other objectives.  

We use your contact details to communicate with you. Think about, for instance, sending your booking confirmation or

warning you by email that there may be action you need to take prior to travel. We also use your contact details to answer your questions when you contact our customer service.

We use your payment details to handle your payment. Our fraud department checks, in association with our payment provider, if there is question of a fraudulent booking that uses, for instance, a stolen or blocked credit card.

  1. For research to improve our services

We research trends with regard to the manner that visitors and customers use our services, website, customer services and social media. We do this to gain insight into the behaviour and the preferences of our visitors and customers in order that we can thus improve our services, the content on our website and our customer service. We also use the said insight to develop new services.  

For this research, we use automatic tools with which we analyse the data outlined in section 3, including your booking details, additional services you purchased and information about you (such as gender and your residence). Names, email addresses or other information that can be traced back to specific persons are not analysed, as we are only interested in general trends. We never use sensitive data. We may also combine the analysed data with data that we collect with cookies and similar technologies when you visit our website or information that we receive from group companies or from other sources.

  1. For direct marketing based on your preferences and behaviour

We use your data to send you newsletters, offers or other promotional messages. We do this via email and other digital channels, e.g. social media.

To adapt these messages to your preferences and behaviour we analyse and combine your data. We use automatic tools for this that analyse your data saved in our data management platform. For this purpose we use your booking details, information about additional services you purchased and information about you (such as gender, residence and your booking preferences). We do not only analyse and combine the data that you entered but also data that we collect via pixel tags and similar technologies, social media and when you contact our customer service.

In our emails, we include personalized offers from Outer Travels Inner Journeys relating to our services and products. For example, we may include offers of for our own additional services (eg. Additional tours). We tailor these offers to your interests.   

We use Custom Audiences of Facebook, DoubleClick and other networks to show you advertisements of outer travels inner journeys when the said network or an affiliated website is visited. To this end we may send your identifying data to (for instance) Facebook in order that it can check if you have a Facebook account. See the website of your social network for more information about Custom Audiences. You may also have provided consent for receiving personalized ads on your Facebook timeline or other social media via our cookie policy.

We process your personal data as described in this paragraph for our legitimate interest and the interests of third parties in order to provide you with relevant updates and offers. You can unsubscribe from receiving newsletters, offers or other promotional messages at any time by clicking the unsubscribe link in the email.

When you unsubscribe, you will still receive our service emails (such as your booking confirmation and any itinerary changes). You may object to the use of your personal data for direct marketing purposes anytime (please see section 7).

  1. For our administration and for compliance with legislation and regulations

We use your personal data for internal administration purposes, such as record keeping and to comply with our legal and fiscal obligations. 

We collect and use your personal data to provide our services to you, to comply with our statutory obligations, for our legitimate interests or the interests of a third party or with your consent, for example in situations where we require your medical data.

If you revoke your consent or if you do not supply the data that we need for the performance of the contract with you or to comply with our statutory obligations then you may not be able to use our services or only to a limited extent.

If we process your personal data for our legitimate interests or the interests of a third party, we have balanced these interests against your privacy interests. We will take measures to safeguard your privacy interests and to prevent unwarranted harm to you, as appropriate. Our legitimate interests may for example include security and safety purposes or to provide better services and offerings to you. For more information on these interests, please see the purposes for which we process your personal data above. These balancing tests are primarily based around tour and retreat safety for you and other participants.

Where we process your personal data for our legitimate interests or the interests of a third party, you have the right to object at any time on grounds relating to your particular situation (see section 7). 

  1. What third parties have access to your data?

We may exchange your data with or make your data available to third parties within the framework of the following three objectives: (1) with partners to implement your bookings, (2) with our group companies and brands for support services, statistical research and direct marketing, and (3) with our suppliers who provide supporting services. Only if Outer Travels Inner Journeys is by law held to do so, shall we supply your data to supervisory authorities, tax authorities and investigate authorities.

  1. Implement bookings & Reservations

We supply your data to partners who are directly involved in your booking. We supply your data to, for instance, airlines/hotels and other service providers who are involved in the implementation of your flight or reservation. We supply your data to the relevant providers, usually this will be limited to name, gender and in some cases passport info (for flights/visa/border related issues). 

  1. Group support services, research and direct marketing

For the supply of our services we rely on support services provided by Outer Travels Inner Journeys. We have, for instance, customer support operating in different timezones in different parts of the world so we can provide you customer service. These group has access to your data as required for their business function. Your data are available to Outer Travels Inner Journeys and are used within the framework of Outer Travels Inner Journeys and Gaia Tree Center. Your data may be used within these brands for research and direct marketing (see section 4). When you, for instance, book a retreat with Gaia Tree Center you may receive direct marketing from Outer Travels Inner Journeys.

  1. Reliance on supporting services

For the supply of our services we rely on third parties, e.g. IT suppliers, marketing agencies, online advertising companies, credit card companies, payment providers, service providers in the area of fraud prevention and online bookings. We conclude agreements with these third parties in which it is, inter alia, determined that they shall handle your data confidentially and shall secure these data adequately.

Our group, partners and service providers are not all based in the European Union but also beyond. If this kind of party has access to your data then this constitutes an international transfer of personal data. For example, an South American airline receives your data from us within the framework of a booked tour. Ouer Travels Inner Journeys supplies data to, inter alia, group companies, partners and service providers in Peru, India, Egypt, Cambodia and the United States. The regulations in these countries do not always provide the same level of protection of personal data as the regulations covered by the GDPR. Where required, Outer Travels Inner Journeys took appropriate measures to comply with the requirements that the applicable privacy regulations impose on the international transfer of personal data.

We conclude, for instance, so-called European Model Agreements for the transfer of personal data with our group companies and service providers (see article 46 GDPR). We may also supply personal data to recipients established in the US if they have a valid EU-US Privacy Shield certification (article 45 GDPR). In some cases, we may ask your explicit consent to transfer personal data outside the European Union (article 49 GDPR).

  1. How do we secure your data and how long do we retain them?

Outer Travels Inner Journeys took technical and organisational security measures to protect your data against loss or unlawful use, e.g. unauthorised insight into data. In this respect, we take the state of the art and the cost of the implementation into account in order that we guarantee an appropriate level of security regarding the risks that the processing and the nature of the data to be protected bring about.

We retain your data as long as required to realise the objectives as described in this privacy statement but generally no longer than 4 years after your last interaction with us, unless in so far as such is necessary for compliance with our statutory obligations or for the benefit of potential disputes. If we no longer require data then we destroy these data or anonymise them in order that they can no longer be linked to you.

  1. How can I exercise my statutory rights?

You may contact our customer service to exercise any of the rights you are granted under applicable data protection laws, which includes (1) the right to access your data, (2) to rectify them, (3) to erase them, (4) to restrict the processing of your data, (5) the right to data portability and (6) the right to object to processing. Please note that we may require you to provide additional information to verify your identity. Learn more

  1. Right to access

You may ask us whether or not we process any of your personal data and, if so, receive access to that data in the form of a copy. When complying with an access request, we will also provide you with additional information, such as the purposes of the processing, the categories of personal data concerned as well as any other information necessary for you to exercise the essence of this right. 

  1. Right to rectification

You have the right to have your data rectified in case of inaccuracy or incompleteness. Upon request, we will correct inaccurate personal data about you and, taking into account the purposes of the processing, complete incomplete personal data.

  1. Right to erasure

You also have the right to have your personal data erased, which means the deletion of your data by us and, where possible, any other controller to whom your data has previously been shared with by us. Erasure of your personal data only finds place in certain cases, prescribed by law and listed under article 17 of the GDPR. This includes situations where your personal data are no longer necessary in relation to the initial purposes for which they were processed as well as situations where they were processed unlawfully. Due to the way we maintain certain services, it may take some time before backup copies are erased.

  1. Right to restriction of processing

You have the right to obtain the restriction of the processing of your personal data, which means that we suspend the processing of your data for a certain period of time. Circumstances which may give rise to this right include situations where the accuracy of your personal data was contested but some time is needed for us to verify their (in)accuracy. This right does not prevent us from continue storing your personal data. We will inform you before the restriction is lifted. 

  1. Right to data portability

Your right to data portability entails that you may request us to provide you with your personal data in a structured, commonly used and machine-readable format and to have such data transmitted directly to another controller, where technically feasible. Upon request and where this is technically feasible we will transmit your personal data directly to the other controller.

  1. Right to object.

You also have the right to object to the processing of your personal data, which means you may request us to no longer process your personal data. This only applies in case the ‘legitimate interests’ ground (including profiling) constitutes the legal basis for processing (see paragraph 4). 

At any time and free of charge you can object to direct marketing purposes in case your personal data are processed for such purposes, which includes profiling purposes to the extent that it is related to such direct marketing. You can always exercise this right by revoking your previously given consent by following the instructions in the relevant marketing communication. In case you exercise this right, we will no longer process your personal data for such purposes.

There may be situations where we are entitled to deny or restrict your rights described in this paragraph. In any case, we will carefully assess whether such an exemption applies and inform you accordingly. 

We may, for example, deny your request for access when necessary to protect the rights and freedoms of other individuals or refuse to delete your personal data in case the processing of such data is necessary for compliance with legal obligations. The right to data portability, for example, does not apply in case the personal data was not provided by you or if we process the data not on the basis of your consent or for the performance of a contract.   

You can also contact us at if you have any questions, remarks or complaints in relation to this privacy statement. If you have any unresolved concerns, you also have the right to lodge a complaint with your Data Protection Authority.

Contacting us

If you have any questions about this Privacy Policy, the practices of this site, or your dealings with this site, please contact us at:

Outer Travels Inner Journeys Limited

http://outertravelsinnerjourneys.com

retreats@outertravelsinnerjourneys.com

Gaia Tree LogoOuter Travels Inner Journeys

Take me to the retreat page!

Retreat Info