Personal information has the meaning given under your local data protection law, and, where the GDPR applies, the meaning of personal data given under the GDPR. Personal information generally means information which relates to a living individual who can be identified from that information, or from that information and other information in a person’s possession, including any expression of opinion, whether true or not, and whether recorded in material form or not, about an identified or reasonably identifiable individual, and any indication of intention in respect of an individual. Generally, the type of personal information we collect about you is the information that is needed to facilitate your travel arrangements and bookings and to arrange travel related services and/or products on your behalf. We therefore typically process the following types of personal information about you: contact information (such as name, residential/mailing address, telephone number, email address); payment account information (credit/debit card details, including card type, card number, security number and expiry date); passport details; information about your dietary requirements and health issues (if any); and other details relevant to your travel arrangements or required by the relevant travel service provider(s) (e.g. other sport or tourist activities and accommodation or transport providers). When you make contact with us for other purposes, we may also collect personal information about you in relation to those purposes. For example, we may collect your personal information so we can contact you about a competition you have entered (e.g. if you win) or to respond to an enquiry or feedback you have sent to us. We also collect information that is required for use in the business activities of BaliFit and our related entities, including for example, financial details necessary in order to process various transactions, and other relevant personal information you may elect to provide to us. In some circumstances, we may collect personal information from you which may be regarded as sensitive information under your local data protection laws. We will only collect sensitive information in compliance with your local data protection laws, with your explicit consent and where it is reasonably necessary for, or directly related to, one or more of our functions or activities (e.g. to make travel arrangements), unless we are otherwise required or authorised to do so by law. To the extent permitted or required under your local data protection laws, you consent to us using and disclosing your sensitive information for the purpose for which it was collected, unless we subsequently receive your consent to use it for another purpose. For example, if you provide health information to us in connection with a sport activity you booked through us, you consent to us using and disclosing that health information in connection with arranging that activity on your behalf. A further example is if you disclose your religious beliefs to us because you are interested in, for example, certain holiday packages, in which case you consent to us using and disclosing that information in connection with facilitating your request. We will not use sensitive information for purposes other than those for which it was collected, unless we subsequently receive your consent to use it for another purpose.
We will only collect personal information when you book, enquire, or engage with our website and social media. We usually collect your personal information from the information you submit during the course of your relationship with us. We will collect this information directly from you unless it is unreasonable or impracticable to do so. Generally, this collection will occur: when you deal with us either in person, by telephone, letter, email; when you visit any of our websites; or when you connect with us via social media. We may collect personal information about you: when you purchase or make enquiries about travel arrangements or other products and services; when you enter competitions or register for promotions; when you subscribe to receive marketing from us (e.g. e-newsletters); when you request brochures or other information from us; or when you provide information, or use our services, on social media. Unless you choose to do so under a pseudonym or anonymously, we may also collect your personal information (other than sensitive information) when you complete surveys or provide us with feedback. In some circumstances, it may be necessary for us to collect personal information about you from a third party. This includes where a person makes a travel booking on your behalf which includes travel arrangements to be used by you (e.g. a family or group booking made by a third party). Where this occurs, we will rely on the authority of the person making the travel booking to act on behalf of any other traveller on the booking. Where you make a travel booking on behalf of another person (e.g. a family or group booking or a travel booking made for an employee), you agree you have obtained the consent of the other person for BaliFit to collect, use and disclose the other person's personal information in accordance with this Notice and that you have otherwise made the other person aware of this Notice. You should let us know immediately if you become aware that your personal information has been provided to us by another person without your consent or if you did not obtain consent before providing another person's personal information to us. We make every effort to maintain the accuracy and completeness of your personal information which we store and to ensure all of your personal information is up to date. However, you can assist us with this considerably by promptly contacting us if there are any changes to your personal information or if you become aware that we have inaccurate personal information relating to you (see section 13 below). We will not be responsible for any losses arising from any inaccurate, inauthentic, deficient or incomplete personal information that you, or a person acting on your behalf, provide to us.
We do not and will not sell, rent out or trade your personal information. We will only disclose your personal information to third parties in the ways set out in this Notice and, in particular, as set out below. Note that, in this Notice, where we say “disclose”, this includes to transfer, share (including verbally and in writing), send, or otherwise make available or accessible your personal information to another person or entity. Your personal information may be disclosed to the following types of third parties: our contractors, suppliers and service providers, including without limitation: in each of the circumstances set out in section 4 (“How do we use your personal information?”); suppliers of IT based solutions that assist us in providing products and services to you (such as any external data hosting providers we may use); publishers, printers and distributors of marketing material; event and expo organisers; external business advisers (such as lawyers, accountants, auditors and recruitment consultants); our related entities and brands; travel service providers such as travel wholesalers, tour operators, hotels, transport rental companies, transfer handlers and other related service providers; any third party to whom we assign or novate any of our rights or obligations; a person making your travel booking on your behalf, where you are travelling on a booking made on your behalf by another person (for example, a family member, friend or work colleague); a person who can verify to us that they have a relationship with you (e.g. a family member) where you are not contactable, the person correctly answers our required security questions and the request is, in our opinion, in your interest (for example, where the person is concerned for your welfare or needs to undertake action on your behalf due to unforeseen circumstances); as required or authorised by applicable law, and to comply with our legal obligations; customs and immigration to comply with our legal obligations and any applicable customs/immigration requirements relating to your travel; government agencies and public authorities to comply with a valid and authorised request, including a court order or other valid legal process; various regulatory bodies and law enforcement officials and agencies, including to protect against fraud and for related security purposes; and enforcement agencies where we suspect that unlawful activity has been or may be engaged in and the personal information is a necessary part of our investigation or reporting of the matter. Other than the above, we will not disclose your personal information without your consent unless we reasonably believe that disclosure is necessary to lessen or prevent a threat to life, health or safety of an individual or to public health or safety or for certain action to be undertaken by an enforcement body (e.g. prevention, detection, investigation, prosecution or punishment of criminal offences), or where such disclosure is authorised or required by law (including applicable privacy / data protection laws).
We may disclose your personal information to third parties located overseas for the purpose of performing services for us, including the storage and processing of such information. Generally, we will only disclose your personal information to these overseas recipients in connection with facilitation of your travel booking and/or to enable the performance of administrative and technical services by them on our behalf. We will ensure that any such international transfers are either necessary for the performance of a contract between you and the overseas recipient or are made subject to appropriate or suitable safeguards as required data protection laws (e.g. GDPR). It is possible that information will be transferred to an overseas recipient located in a jurisdiction where you will not be able to seek redress under your local data protection laws and that does not have an equivalent level of data protection as in your jurisdiction. To the extent permitted by your local data protection laws, we will not be liable for how these overseas recipients handle, store and process your personal information.
We are committed to safeguarding and protecting personal information and will implement and maintain appropriate technical and organisational measures to ensure a level of security appropriate to protect any personal information provided to us from accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to personal information transmitted, stored or otherwise processed. BaliFit is not responsible for any third party’s actions or their security controls with respect to information that third parties may collect or process via their websites, services or otherwise. We will destroy or de-identify personal information once we no longer require it for our business purposes, or as required by law.
If you wish to: access, update, modify, rectify, erase, object to, or obtain a copy of the personal information that we hold on you; or restrict or stop us from using any of the personal information which we hold on you, including by withdrawing any consent you have previously given to the processing of such information; or where any personal information has been processed on the basis of your consent or as necessary to perform a contract to which you are a party, request a copy of such personal information in a suitable readable format or have that personal information transmitted by us to another controller you can request this by emailing us at the address set out in section 13 below. We endeavour to respond to such requests within a month or less, although we reserve the right to extend this period for complex requests. We reserve the right to deny you access for any reason permitted under applicable laws. Such exemptions may include national security, corporate finance and confidential references. If we deny access or correction, we will provide you with written reasons for such denial unless it is unreasonable to do so and, where required by local data protection laws, will note your request and the denial of same in our records. Please note that, if you request that we restrict or stop using personal information we hold on you, or withdraw a consent you have previously given to the processing of such information, this may affect our ability to provide services to you or negatively impact the services we can provide to you. For example, most travel bookings must be made under the traveller's full name and must include contact details and appropriate identification (e.g. passport details). We cannot make bookings for you without that information. You must always provide accurate information and you agree to update it whenever necessary. You also agree that, in the absence of any update, we can assume that the information submitted to us is correct, unless we subsequently become aware that it is not correct. You can at any time tell us not to send you marketing communications by email by clicking on the unsubscribe link within the marketing emails you receive from us or by contacting us as indicated below (section 13). In any of the situations listed above, we may request that you prove your identity by providing us with a copy of a valid means of identification in order for us to comply with our security obligations and to prevent unauthorised disclosure of personal information. We reserve the right to charge you a reasonable administrative fee for any manifestly unfounded or excessive requests concerning your access to your personal information, and for any additional copies of the personal information you request from us.
When you access our website, use any of our mobile applications or open electronic correspondence or communications from us, our servers may record data regarding your device and the network you are using to connect with us, including your IP address. An IP address is a series of numbers which identify your computer, and which are generally assigned when you access the internet. We may use IP addresses for system administration, investigation of security issues and compiling anonymised data regarding usage of our website and/or mobile applications. We may also link IP addresses to other personal information we hold about you and use it for the purposes described above (e.g. to better tailor our marketing and advertising materials, provided you have opted in to receive electronic marketing).
If you wish to change or make a correction to your personal information, request a copy of the information we collect on you, request deletion of your information or would like to restrict the further processing of your data, please use the following link: Link: Contact We will respond to these requests within a month of receipt. If you have any enquiries, comments or complaints about this Notice or our handling of your personal information, please contact us using the details set out below and we will respond as soon as practicable. Email: email@example.com Post: Jalan Raya Semat no. 1 Tibubeneng Kecamatan Kuta Utara Badung Bali 80361 Indonesia
We may amend this Notice from time to time. If we make a change to the Notice, the revised version will be posted on our website. We will post a prominent notice on our website to notify you of any significant changes to our Notice and indicate at the end of the Notice when it was most recently updated. It is your responsibility, and we encourage you, to check the website from time to time in order to determine whether there have been any changes. If we update our Notice, in certain circumstances, we may seek your consent. This Privacy Notice was last updated on 31 October 2018.