Skip to content

SHARE WITH FRIENDS

SYDNEY TOP TOURS – GENERAL DATA PROTECTION REGULATION (GDPR)

General Data Protection Regulation or GDPR is the core of the digital privacy legislation of Europe and came to effect on 25th May 2018.

GDPR is based on the 2012 European legislation formulated to bring digital protection reform across the EU. This regulation applies to all organisations operating within the EU or holding or utilizing personal information for an EU citizen.

Sydney Tours and Travels has applied its data processing practices to comply with the new regulations set under GDPR. Below, they have mentioned their GDPR Compliance Statement in detail, which meets and upholds the principles of the legislation. They will keep on updating their policies according to the demands of GDPR in the future.

For any information about cookies, click here and all commonly asked questions are answered here.

HOW DOES SYDNEY TOP TOURS COMPLY WITH THE GDPR?

  •  Definition of GDPR compliance statement
    • It is a public-facing document that details the steps our company is taking to comply with the rules and regulations set under GDPR.
  •  Personal data
      Depending on how our website and services are used, we will collect the user data.
    • Personal data we collect: We may collect your data to provide you with the right services. Therefore, we may also collect additional information about you during any recruitment process.
    • Personal data provided to us: We use contact forms and chat facilities to gain basic information about the users. This will help us generate newsletters, service quotes, provide query responses, and so on.
    • Personal data from other sources: We may collect your data from analytics, advertising networks, etc.
    • Other identifiers: We may also record your device’s IP address when you visit our website to determine website and page visitors.

CONTROLLERS AND PROCESSORS

  •  The processor will ensure that the Processing of the Protected Data is carried out in accordance with the Data Protection Laws.
  •  The Controller will ensure that necessary consents and notices are in place to enable the Processing of the Protected Data in compliance with the Agreement.

DATA PROTECTION

Our central policy and procedure document for data protection has been formulated to meet the standards and requirements of the GDPR.

DATA RETENTION

We keep data as long as it is necessary. In addition, we do not retain any data that is illegal. Also, we have reviewed our policy to match with the ‘data minimisation and ‘storage limitation’ principles.

DATA BREACHES

We have ensured that safeguards and measures notify the Controller of any Personal Data Breach involving Protected Data at the earliest possible time in line.

TRANSFER OF PERSONAL DATA TO A THIRD COUNTRY

We transfer personal data outside the EU, for which we have robust procedures and safeguarding measures in place to secure, encrypt, and maintain the integrity of the data.
  •  We maintain a log of GDPR compliance work
  •  We have appointed a Data Protection Officer
  •  Our Privacy Policy is in compliance with the GDPR
  •  We have informed all individuals whose personal information we process

TECHNICAL AND SECURITY MEASURES

  •  There are dedicated information security policies and procedures in place to protect personal information from unauthorized access, alteration, disclosure, or destruction.
  •  We have implemented an employee awareness program specific to GDPR regulations.
  •  All our employees have signed confidentiality statements.

CHANGE IN THE GDPR STATEMENT

We may change or update our GDPR statement to reflect changes in our policies according to the legislation. If we make any updates, we will notify utilizing a notice on this Statement.
We respect and honour Aboriginal and Torres Strait Islander Elders past, present and future. We acknowledge the stories, traditions and living cultures of Aboriginal and Torres Strait Islander peoples on this land and commit to building a brighter future together.

Copyright ©2023 All rights reserved