Privacy Policy
The protection of your personal data is important to us. With this privacy policy, we would like to explain to you in more detail what personal data we collect and for what purposes this data is processed.
Controller and contact
The controller for purposes of processing your personal data is:
Trekkers.in
24-C, V.N.Gardens,
Patel Road,
Coimbatore, Tamil Nadu,
India-641009.
If you have any questions or suggestions regarding data protection or would like to exercise your rights, please feel free to contact us at the following link: https://www.Trekkers.in/contact/
You can reach our Data Protection Officer at: support@trekkers.in
For clarity, any data processing by activity providers who offer their services on the Trekkers platform is subject to their respective privacy policies. Activity providers act as separate data controllers.
2. Subject of data protection
The subject of data protection is personal data, i.e. all information relating to an identified or identifiable natural person. Personal data is also referred to simply as data in the following.
3. Automated data collection
When accessing our website, your end device automatically transmits data for technical reasons. The following data is stored separately from other data that you may transmit to us:
· URL of the page accessed
· Latency of the network connection
· Date and time
We store this data for the following purposes:
· for load balancing, i.e. to distribute access to our website across several devices and to be able to offer you the fastest possible loading times;
· to ensure the security of our IT systems, e.g. to defend against specific attacks on our systems and to recognise attack patterns;
· to ensure the proper operation of our IT systems, e.g. if errors occur that we can only rectify by storing the IP address;
· to enable criminal prosecution, averting of danger or legal prosecution in the event of specific indications of criminal offences.
Your IP address is only stored for a period of 30 days.
In this case, the processing is carried out to ensure the security of the processing in accordance with Art. 32 GDPR, as well as on the basis of our legitimate interest in protecting ourselves against misuse of our service (Art. 6 para. 1 lit. f GDPR).
4. Trekkers account
4.1. Registration
· Surname/first name
· E-mail address
· Passwords
Alternatively, you can log in with your Facebook, Google or Apple account. In this case, we receive the following personal data from Facebook or Google or Apple in order to create a user account for you:
· Name
· E-mail address
· Photo (Facebook only)
· an authentication token
Your registration data is required to set up and manage a user account for you. In this case, you conclude a (free) user agreement with us, on the basis of which we collect this data (Art. 6 para. 1 lit. b GDPR).
In order to conclude the agreement, you must provide us with this data. However, you are neither contractually nor legally obliged to conclude the agreement and thus to provide the data.
4.2. Wish lists
After you have created a customer account, you have the option to create wish lists with activities and tours and to share these wish lists with other users. Your data is processed for these purposes in order to be able to provide you with the corresponding functions (Art. 6 para. 1 lit. b GDPR).
5. Reviews and ratings
Our website offers the possibility to rate and comment on tours or activities. After you have completed a tour booked via our website, we may ask you to rate it accordingly. Submitting a rating is, of course, voluntary. When you submit a rating, we collect the data you enter in order to process it according to the function you use and publish it on our website. You can have a rating deleted at any time by contacting our customer service.
You can object at any time to receiving review requests by clicking the unsubscribe link in each review request email. If you have an account, you can also do so from the Settings -> Notifications section on your profile. Otherwise, you can also send us a message using the link https://www.Trekkers.in/contact/.
The processing of your data for these purposes is done to protect our legitimate interest in providing our users with as much information as possible about the tours we offer. User ratings are also in the interest of all users. Accordingly, the processing is based on Art. 6 para. 1 lit. f GDPR.
6. Customer support
6.1. Processing of enquiries
Your request will be processed by our processor, Trekkers.in NI EXIM.
For the processing of enquiries, we or Trekkers Global Services GmbH use systems provided by NI EXIM. based in the India ("NI EXIM "). Accordingly, your enquiries are stored on NI EXIM 's servers.
6.2. Improvement of customer service
In order to continuously improve our customer service, we analyse enquiries sent to us on the basis of certain parameters and keywords. Although, as a matter of principle, no analysis is carried out on the basis of personal data, it cannot be ruled out that, in individual cases, personal data may also be processed within this context. The processing required within this context serves our legitimate interest as well as that of our customers in the continuous improvement of our customer service (Art. 6 para. 1 lit. f GDPR).
For the evaluation of enquiries, we use the systems of the providers Chattermill Analytics Limited (Great Britain), Miuros S.A.S. (France) and Looker Data Sciences, Inc. (USA). There is no EU Commission adequacy decision for the USA. We have therefore concluded the standard contractual clauses approved by the EU Commission with Looker Data Sciences, Inc. pursuant to Art. 46 para. 2 lit. c GDPR.
6.3. Translations
In certain cases, it is necessary for us to translate incoming requests into a specific language. This may require the processing of personal data necessary to protect our legitimate interest in providing international customer service, Art. 6 para. 1 lit. f GDPR. For this purpose, we use the service of Unbabel Inc. based in the USA ("Unbabel"). There is no EU Commission adequacy decision for the USA. We have therefore concluded the standard contractual clauses approved by the EU Commission with Unbabel in accordance with Art. 46 para. 2 lit. c GDPR.
6.4. Storage and evaluation of telephone calls
Telephone calls are only stored and analysed if you have given us your prior consent. We will only use this data for the purpose of improving our customer service. The recordings will be deleted after three months. The legal basis is Art. 6 para. 1 lit. a GDPR. You have the option to revoke your consent at any time by contacting one of the contact channels mentioned in this privacy policy. This will not affect the lawfulness of the processing carried out by us until your revocation.
7. Technical service providers
We use technical service providers for hosting and some of the services required for the website. Accordingly, the processing of data takes place on the servers of these service providers. These service providers only process the data according to our explicit instructions and are obliged to guarantee sufficient technical and organisational measures for data protection. Consequently, our service providers act for us as so-called processors within the meaning of Art. 28 GDPR.
7.1. Hosting of the website
For the hosting of our website, we use the services of Amazon Web Services EMEA S.a.r.l. ("AWS") based in Luxembourg. Accordingly, when you interact with our website or provide personal data, it is processed on AWS servers. We only use servers located in the European Union. To cover remote maintenance and similar constellations, we have concluded the standard contractual clauses approved by the EU Commission with AWS in accordance with Art. 46 para. 2 lit. c GDPR.7.2. E-mail system
For sending emails, we use the Sendgrid service of Twilio Inc based in the USA ("Twilio"). There is no adequacy decision for the USA. We have therefore concluded the standard contractual clauses approved by the EU Commission pursuant to Art. 46 para. 2 lit. c GDPR with Twilio.
8. Newsletter
You have the option on our website to register for our newsletter. With our newsletter, we would like to send you information on offers, tours, activities or special promotions that is as personalised as possible. By registering for our newsletter, you therefore consent to us processing your email address for the purpose of sending the newsletter. The legal basis for this processing is Art. 6 para. 1 lit a GDPR. You can revoke your consent at any time by unsubscribing from our newsletter. To do this, you can use the unsubscribe link contained in every email or send us a message using the link https://www.Trekkers.in/contact/. To verify your e-mail address, you will first receive a registration e-mail, which you must confirm via a link (double opt-in). When you register for the newsletter, we store the IP address and the date and time of registration. The processing of this data is necessary in order to be able to prove that consent has been given. The legal basis results from our legal obligation to prove your consent (Art. 6 para. 1 lit. c in conjunction with Art. 7 para. 1 GDPR).
If you have booked a tour via our website or created a Trekkers account, we will send you our newsletter based on our legitimate interest in promoting similar services to your bookings or account (Art. 6 para. 1 lit. f GDPR, § 7 para. 3 UWG) unless you have objected to this use. If cookies are used for personalisation, we will obtain your separate consent.
You can object to this at any time – even during registration – by deselecting the corresponding checkbox or clicking the unsubscribe link in the respective emails. In addition, if you have an account, you can always subscribe or unsubscribe to different types of communication from the Settings -> Notifications section on your profile.
9. Bookings & payments
9.1. Bookings
When you book a tour, activity or similar on our site, we collect the data required to carry out the tour. This usually includes the following information: First and last name, billing address, email address, telephone number, number of participants, date and time. Depending on the activity booked, it may also be necessary for us to collect further information, such as your flight number or the age of the participants. The processing that takes place in connection with this is based on Art. 6 para. 1 lit. b GDPR. To the extent necessary, we will transfer your data to the provider responsible for the tour or activity who will process your personal data as set out in their privacy policy as an independent data controller. If a transfer to a third country outside the European Economic Area is necessary, this is based on Art. 49 para. 2 lit. b, c GDPR.
If you make bookings via partner sites, you will be redirected to provide you personal data and conclude the booking process on the Trekkers website, as described above. On some partner sites, your data is collected by the partner as a separate data controller, in accordance with their privacy policy, and we receive the data required to make the booking from the partner.
On other websites who have partnered with us in order to integrate the booking offers directly on their own website, both the partner and Trekkers act as separate data controllers for the processing of your personal data.
9.2. Booking confirmations
In order to keep you updated on your bookings we will send you booking confirmations as well as reminders and updates for upcoming bookings (e.g. changed times or meeting points) to make sure that you have all information you need to attend your booked services. Booking confirmations are sent to your email address, and/or by SMS to the phone number you provide during the booking process and/or through a push notification from GYG app. If you have an account, you can choose more granularly how you want to be notified from the Settings -> Notifications section on your profile.
We process your personal data in order to be able to provide you with these features of our service (Art. 6 para. 1 lit. b GDPR).
9.3. Payments
You have various options for paying for your booking. In doing so, we will process the data required in each case depending on the selected payment method. Within this context, your personal data will be processed as described below, which is based on Art. 6 para. 1 lit. b GDPR and is necessary to carry out the payment method you have chosen.
9.3.1. Credit card payments
For the processing of payments by credit card, we use the service provider Adyen N.V. ("Adyen"), which is based in the Netherlands. The data provided during your payment will be forwarded by Adyen to the respective banks or financial institutions for the purpose of processing the payment. In the case of payments by credit card, we only receive the information that a payment has or has not been made, along with the last 4 digits of the credit card number. We therefore have no knowledge of your full credit card number.
9.3.2. Payment via PayPal
If you have a PayPal account, you can also process your payment via PayPal. In this case, we receive from PayPal not only the information that a payment has been made, but also the e-mail address and address you have registered with PayPal.
9.4 Chargebacks
In the event of chargebacks, we will transfer the necessary data to Global Merchant Risk Technologies trading as The Chargeback Company (Chargebacks911) based in Ireland to process a chargeback. The required data includes your name, booking information, telephone number and payment information. Chargebacks911 will then process the chargeback with your bank or PayPal or Ayden. The processing is carried out within the context of the execution of the contract (Art. 6 para. 1 lit. b GDPR) as well as on the basis of our legitimate interest in the effective processing of chargebacks (Art. 6 para. 1 lit. f GDPR).
9.5. Booking Cancellation Insurance
If you visit our website from certain regions, you will be able to also book activities with extended cancellation rights covered by insurance. The insurance coverage is offered to you
With regards to the data processing connected to offering these insurances on the Trekkers website, You can exercise your data subject rights towards either Trekkers or insurance company and we will ensure the requests is forwarded to the responsible party.
10. Fraud prevention
In order to protect ourselves and the activity providers from fraudulent bookings, we evaluate the information provided by our customers during the booking process, including the data technically transmitted by their device, insofar as this is necessary to protect our legitimate interest and that of the activity providers in reliable bookings (Art. 6 para. 1 lit. f GDPR).
11. Protection against bots
To protect us from bots and similar technologies, we use the Cheq service provided by CHEQ AI Technologies Ltd. based in Israel ("Cheq"). Cheq will use the data automatically transmitted by your device to determine whether the request most likely originates from a human. No further storage of the data will take place. The processing is carried out in order to ensure the security of the processing in accordance with Art. 32 GDPR and on the basis of our legitimate interest in protecting ourselves against misuse of our service (Art. 6 para. 1 lit. f GDPR). For Israel, there is an adequacy decision of the EU Commission according to Art. 45 GDPR.
12. Cookies
We use so-called "cookies" to offer certain functions of our website and to optimise the use of our website. "Cookies" are small files that are stored on your device with the help of your internet browser.
Specifically, we use (unless other cookies are specified elsewhere in this privacy policy or our cookie consent) the following cookies:
· Session cookies: These cookies are needed to store certain technical data during your visit to our website, e.g. to determine whether you have logged in.
· Persistent cookies: These cookies are needed to store data beyond a browser session if you wish to do so.
The legal basis for the use of these cookies is § 15 para. 1 of the German Telemedia Act (TMG) or Art. 6 para. 1 b GDPR, insofar as they are necessary for the use of our website and the functions you have accessed. Otherwise, we use cookies – as described below – on the basis of your consent. You can revoke your consent at any time via our consent manager.
13. Customer Research
13.1. Customer surveys and research panels
We or research agencies we collaborate with might invite you to participate in moderated or unmoderated research panels. You might be either a Trekkers Customer or an external participant recruited independently by the agency. The participation and the video recordings of these sessions are always based on your express consent, which we collect in writing before the research activity. Research agencies we might collaborate with are: Respondent, Inc., a company based in the US (you can find their Privacy Policy here), Userlytics, a compay based in the US (you can find their Privacy Policy here), Lookback Group Inc., a company located in the US (you can find their Privacy Policy here). These research agencies act as data controllers. We invite you to participate based on our legitimate interest and we do not address you in case you have opted out of marketing emails.
When you access our website, you might be prompted in a pop-up window to answer some questions about the Trekkers product or features. We collect the answers in an aggregate form and they are not linked personally to you. This is completely optional and you give your consent for us to process your answers if you choose to answer the questions.
14. Marketing and remarketing services
14.1. Evaluation of advertising on the web and on social media platforms
With regard to our social media advertising, we use a service provided by Smartly.io Solutions Oy, based in Finland, to analyse the success of our advertisements.
14.2. Google services
We use the services of Google LLC, 1600 Amphitheatre Pkwy Mountain View, California 94043, USA ("Google") described below. There is no EU Commission adequacy decision for the USA. We have therefore concluded the standard contractual clauses approved by the EU Commission with Google in accordance with Art. 46 para. 2 lit. c GDPR.
Basic information on the processing of your personal data by Google can be found here: https://policies.google.com/privacy?hl=en.
You also have the following setting options with Google:
· You can deactivate personalised advertising from Google: https://adssettings.google.com/anonymous?hl=en&sig=ACi0TCie_PP0WXzD2NDiHGJny9ca0PSQVyMysggnxws0C7Hxy7edd8F9O3gyme7JNE3bplGpLmt8pU3iFPJYnpIHlEL7FSn5hXWg8EhEQAbCywX-v9nEW3M
· You can disable personalised advertising on a device-by-device basis: (https://support.google.com/ads/answer/1660762?hl=en-GB#mob)
You can disable personalised advertising by browser: (http://optout.networkadvertising.org/?c=1)
14.2.1 Google Analytics 360
If you have consented, we use Google Analytics 360, a web analytics service. Google Analytics 360 collects pseudonymous data from you about the use of our website, including your shortened IP address, and uses cookies. This data is transmitted to a Google server in the USA and stored there. Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity, and providing other services relating to website activity and internet usage. Google may also transfer this information to third parties where required to do so by law, or where such third parties process the information on Google's behalf.
Your data will be stored by Google Analytics for a period of 14 months. After this period, the data is deleted and only aggregated statistics are kept.
The use of Google Analytics is based on your consent (Art. 6 para. 1 lit. a GDPR).
You can revoke your consent at any time and deactivate Google Analytics using a browser add-on. You can download this here: http://tools.google.com/dlpage/gaoptout. Alternatively, you can revoke your consent as described here: https://developers.google.com/analytics/devguides/collection/analyticsjs/user-opt-out. You can also revoke your consent via our consent manager. This does not affect the lawfulness of the processing carried out until your revocation.
14.2.2. Google Remarketing & Advertising Personalisation on the Google Network
If you have consented, we use remarketing services from Google. Google uses cookies to record your usage behaviour on our website in order to display interest-based advertising for our products on other pages within the Google advertising network across devices. This includes Google search and other sites operated by Google and its subsidiaries, as well as sites operated by Google's advertising partners. The information is transmitted accordingly to Google and Google's partners. Additional data processing will only take place if you have consented to Google linking your browsing history to your Google Account and using information from your Google Account to personalise the ads you see on the web. In this case, Google will use your data together with Google Analytics data to create and define target group lists for remarketing. To do this, your personal data will be temporarily linked by Google with Google Analytics data to form target groups.
The use of these services is based on your consent (Art. 6 para. 1 lit. a GDPR).
You can revoke your consent via our consent manager. This does not affect the lawfulness of the processing carried out until your revocation. Furthermore, the remarketing cookie is automatically deleted as soon as it is no longer necessary for the purposes for which we collected or used it in accordance with the above paragraphs.
14.2.3. YouTube pixel
If you have consented, we use the YouTube pixel. This is a tracking code that is loaded when our website and certain subpages are accessed and when certain actions are performed, and thus tracks your behaviour on our website. The pixel also collects usage data (such as URL, referrer URL, IP address, device and browser properties and timestamp). We send this information to Google so that Google can display advertisements on YouTube according to your behaviour on our website.
We use the YouTube pixel on the basis of your consent (Art. 6 para. 1 lit. a GDPR). You can revoke your consent at any time via our consent manager. This does not affect the lawfulness of the processing carried out until your revocation.
14.2.4. Google Enhanced Conversions
This technology is based neither on cookies nor on pixels. When you use our website and are redirected by a Google ad, we send a hashed identifier and information about possible purchases to Google. Google will use this information only to understand which ad you clicked, to measure the success of certain ads and to provide us with this information in aggregate form. In particular, Google will not use the data to serve targeted ads to you or to other users, or store or use the data for any other purpose. We transmit this data on the basis of our legitimate interest in controlling our marketing activities (Art. 6 para. 1 lit. f GDPR).
14.2.5. Retargeting and audience matching
If you give us your consent, we use services provided by Google Ireland Limited to show you personalized ads on Google and to reach audiences which are similar to you. In this case, we transfer your encrypted (hashed) email address along with information about website behaviour to Google. Google will then match your encrypted data with their database and, if you have a Google account with personalized ads enabled, identify you to show you ads for Trekkers. The processing is carried out based on your consent (Art. 6 para. 1 lit. a GDPR). You can withdraw your consent at any time with future effect by rejecting Marketing Technologies in our consent manager. Google may process your personal data in the USA. There is no EU Commission adequacy decision for the USA. We have therefore concluded the standard contractual clauses approved by the EU Commission with Google in accordance with Art. 46 para. 2 lit. c GDPR.
14.3. Facebook services
We use the services of Facebook Ireland Limited ("Facebook") described below. Please note that this may also involve processing by Facebook Inc. based in the USA. There is no EU Commission adequacy decision for the USA. In this case, Facebook will use the standard contractual clauses approved by the EU Commission, which constitute a suitable guarantee within the meaning of Art. 46 para. 2 lit. c GDPR for the transfer to third countries.
Basic information on the further processing and use of your data by Facebook as well as your setting options for protecting your privacy with Facebook can be found in Facebook's privacy policy at https://www.facebook.com/privacy/explanation.
14.3.1. Facebook pixel
If you have consented, the Facebook pixel is used on our website. This is a Javascript code. The Facebook pixel records when you perform certain actions on our website or visit certain areas on our website. The Facebook pixel also collects usage data (such as URL, referrer URL, IP address, device and browser characteristics and timestamp). The Facebook pixel generates a checksum (hash value) from this information and transmits this hash value to Facebook. If available, the Facebook cookie is also addressed and your Facebook ID is transmitted. If you have a Facebook profile and log in there, you can be presented with targeted personalised advertising on Facebook based on the data transmitted by the pixel. Data from users who do not have a Facebook profile is discarded by Facebook without being used.
We use the Facebook pixel on the basis of your consent (Art. 6 para. 1 lit. a GDPR). You can revoke your consent at any time via our consent manager. This does not affect the lawfulness of the processing carried out until your revocation.
14.3.2. Facebook Server-to-Server
This technology is based neither on cookies nor on pixels. When you use our website and are redirected by Facebook, we send your Facebook Click-ID and information about possible purchases and other actions on our website to Facebook. Facebook will use this information to understand which ad you clicked, to measure the success of certain ads and to provide us with this information in aggregate form. Facebook will not use the data to serve targeted ads to you or other users. We transmit this data on the basis of our legitimate interest in controlling our marketing activities (Art. 6 para. 1 lit. f GDPR).
14.3.3. Retargeting and audience matching
If you give us your consent, we use services provided by Meta Platforms, Inc. (USA) to show you personalized ads on Facebook and to reach audiences which are similar to you. In this case, we transfer your encrypted (hashed) email address along with information about website behaviour to Facebook. Facebook will then match your encrypted data with their database and, if you have a Facebook account with personalized ads enabled, identify you to show you ads for Trekkers.
We are joint controllers with Meta Platforms, Inc. for such data transfer to Facebook. You can find our agreement on this joint controllership here: https://www.facebook.com/legal/controller_addendum. The processing is carried out based on your consent (Art. 6 para. 1 lit. a GDPR). You can withdraw your consent at any time with future effect by rejecting Marketing Technologies in our consent manager. There is no EU Commission adequacy decision for the USA. We have therefore concluded the standard contractual clauses approved by the EU Commission with Facebook in accordance with Art. 46 para. 2 lit. c GDPR.
14.4. Other remarketing services
If you have consented, we also use the remarketing services described below on our website. In each case, your usage behaviour on our website is analysed using cookies. The providers will use this information to play personalised advertising on third-party sites.
· Remarketing service of Criteo S.A. based in France ("Criteo"). Criteo will serve personalised advertising on sites connected to the Criteo network.
· Remarketing services provided by Microsoft Ireland Operations Limited, based in Ireland ("Microsoft"). Microsoft will use the cookie information to serve personalised advertisements through the Bing search engine and to display advertisements to you on third-party sites.
· Remarketing service provided by Outbrain Inc based in the USA ("Outbrain"). Outbrain will use the cookie information to show you personalised advertising on third-party sites.
<p class="MsoNormal" style="text-indent:-18pt;line-height:
