Privacy Policy for Brink Expeditions
Brink Expeditions (“we,” “us,” or “our”) is committed to protecting your privacy and the personal data you share with us. This Privacy Policy outlines how we collect, process, use, and safeguard your information when you visit or interact with brinkexpeditions.com (the “Website”). We also describe your choices, rights, and how to reach us regarding your personal data. We are committed to complying fully with all applicable data protection laws, including the General Data Protection Regulation (“GDPR”) in the European Union and the California Consumer Privacy Act (“CCPA”) in the United States.
1. Our Commitment to Your Privacy
At Brink Expeditions, we respect your privacy and are committed to protecting your personal data through practices that emphasize transparency, security, and compliance with legal obligations. This Privacy Policy is designed to help you understand how we handle your data and to empower you with meaningful choices.
2. Scope & Data Controller
This Privacy Policy applies to all personal data collected through brinkexpeditions.com and any related services, communications, or transactions you may have with us. Brink Expeditions is the data controller for the purposes of GDPR and other globally applicable data protection laws. As the controller, we determine the purposes and means of processing your personal data.
For inquiries related to data privacy, please contact: [email protected].
3. Categories of Personal Data We Process
We may collect and process the following categories of personal data:
a. Usage Data
Information about how you use our Website, including your IP address, browser type, language preferences, referring/exit pages, session duration, clickstream data, and page interactions.
b. Account Data
Data you voluntarily provide when creating an account, signing up for newsletters, making bookings, or contacting us, such as your full name, email address, postal address, and phone number.
c. Profile Data
Information that forms part of your personalized experience with Brink Expeditions, including past purchases, saved itineraries, behavioral patterns, preferences, and survey responses.
d. Communication Data
Records of your interactions with us via support tickets, email communication, and any feedback or inquiries submitted through brinkexpeditions.com.
e. Technical Data
Device information such as IP address, device type, operating system, device identifiers, software versions, and system configurations.
f. Transaction Data
Data related to purchases or bookings, including payment details (processed through third-party providers), delivery information, invoice records, and travel logistics.
g. Preference Data
Consent preferences, subscription settings, communication opt-ins, and areas of interest based on your engagement with our Website and marketing materials.
4. Legal Bases for Processing Your Data
We process your personal data under the following lawful bases, as defined by applicable data protection laws:
– Consent: Where you have explicitly given consent for specific processing activities (e.g., email marketing).
– Contractual Necessity: When processing is necessary to fulfill a contract with you (e.g., processing a booking or inquiry).
– Legal Obligation: When required by law (e.g., accounting, fraud prevention).
– Legitimate Interest: When processing is necessary for our legitimate interests, provided those interests do not override your rights and freedoms (e.g., Website optimization, service improvement).
5. Your Data Protection Rights
As a user of brinkexpeditions.com, you are entitled to the following rights concerning your personal data:
– Right of Access: Obtain confirmation of whether we hold your data and access to that data.
– Right to Rectification: Correct inaccurate or incomplete data.
– Right to Erasure: Request deletion of your data, subject to legal and contractual obligations.
– Right to Restriction: Restrict processing under certain conditions.
– Right to Data Portability: Receive your data in a structured, commonly used format and transfer it to another controller.
– Right to Object: Object to processing based on legitimate interest or direct marketing.
To exercise any of your rights, please email us at [email protected] with your request.
6. Security Measures
We apply industry-standard security measures to protect your personal data from unauthorized access, use, or disclosure:
– Data is encrypted during transmission and, where applicable, in storage.
– Access controls limit internal access to necessary personnel only.
– Regular security trainings are provided to staff.
– Security patches and software updates are applied routinely.
– Secure backup protocols safeguard data continuity.
7. International Data Transfers
Data may be transferred outside your jurisdiction, including to countries outside the European Economic Area (EEA) or outside California. Where such transfers do occur, we implement appropriate safeguards, such as:
– Standard Contractual Clauses approved by the European Commission.
– Compliance with recognized data protection frameworks.
– Data processing agreements with third-party providers ensuring data is protected in accordance with GDPR and other applicable laws.
8. Data Retention
Your personal data is retained only for as long as necessary to fulfill the purposes described in this Privacy Policy, including:
– Account and Profile Data: Retained for the duration of your account and for up to 12 months after termination.
– Transaction and Communication Data: Retained for up to 7 years to comply with financial regulations and audit requirements.
– Usage and Technical Data: Retained for up to 24 months for analytics and security purposes.
– Marketing Preferences and Consent Logs: Retained for 5 years from last user interaction.
Upon expiry of these periods, data is securely deleted or anonymized.
9. Our Use of Cookies
We use cookies and similar technologies to enhance your experience on brinkexpeditions.com. Cookies help us understand usage patterns, remember your preferences, and tailor services accordingly. Categories include:
– Essential Cookies: Necessary for Website functionality and user authentication.
– Functional Cookies: Enhance performance and remember user settings.
– Analytics Cookies: Help us analyze Website traffic and usage behavior.
– Performance Cookies: Improve speed and responsiveness.
10. Cookie Management & Legal Compliance
You have the ability to manage cookies through your browser settings or via our cookie consent tool, presented upon your first visit to brinkexpeditions.com. Under GDPR and CCPA, non-essential cookies are only activated with your consent. You may withdraw your consent at any time without affecting the legality of prior processing.
Instructions for disabling cookies vary by browser, and additional options may be available via third-party tools.
11. Special Protections for Children
Our Website is not intended for use by children under the age of 13. We do not knowingly collect or process personal data from users in this age group. If we become aware that we have inadvertently collected data from a child under 13, we will take immediate steps to delete such information.
Parents or guardians who believe their child has submitted data to brinkexpeditions.com should contact us at [email protected].
12. Policy Updates
This Privacy Policy may be updated periodically to reflect changes in our data practices, technology, or legal obligations. Updates will be posted on this page and, where required by law, we will notify you through prominent notices on the Website or by direct communication to you.
We encourage you to review this policy regularly to stay informed about how we are protecting your information.
13. Contact Us
If you have any questions, concerns, or requests related to this Privacy Policy or your personal data, please contact us at:
Email: [email protected]
We are committed to addressing privacy issues promptly and transparently. If you have unresolved concerns, you may also have the right to lodge a complaint with your relevant data protection authority.
Compliance Statement
Brink Expeditions is committed to full compliance with applicable privacy regulations, including GDPR and CCPA. Your trust is important to us. Please reach out to [email protected] with any privacy-related concerns or rights requests.