Applicable from May 2018
When you place a travel booking with us, we must make certain decisions about how and why your personal data must be processed to execute the order. As the data controller, we are thus responsible for protecting your personal data throughout the travel booking process.
We explain our procedures as data controller in this Privacy Statement, which describes our guidelines for personal data processing and what types of data we store, the purposes of our personal data storage and the ways in which we collect, store, and use and disclose these data.
Our CEO acts as the data controller on behalf of G Travel Norge AS and is thus responsible for the company’s processing of personal data.
Collection and storage of personal data
We store the following personal data about our customers:
- Data that you provide to us as a customer
G Travel processes the personal data that you provide when you register with us and data that you otherwise provide voluntarily and that are necessary for the travel booking.
The following standard data may be collected:
- Full name
- Telephone number
- Email address
- Credit card/payment details
- Seat requests
- Food preferences
- Passport details
- Date of birth
- Home airport
- Contact in case of accidents – need of notification
- Bonus programme
If required, we may also obtain information about your travel preferences. The purpose is to make travel bookings that meet your requirements.
- Data we collect when you use our services
We collect data which confirm that you have made your journey and which of our services you have used at any given time. The purpose is to enable us to assist you, if required, during your journey, to document that the journey has been made and to provide any assistance needed in case of unforeseen events. We also use these data to ensure that you receive the right invoice.
- Data we obtain from other parties
When we make travel bookings, we obtain your personal profile from the Amadeus or Galileo distribution systems. This profile is based on the data you have entered directly yourself and data provided via a dialogue with our travel consultants.
For customers who work on a ship or offshore, we also collect data about your position from your employer’s HR system, if required. The purpose is to prepare a ‘letter of guarantee’ for the practical arrangements in connection with the outbound and homebound journeys.
Purpose of the processing
We process the data to enable us to meet our obligations under our agreements with our customers. This means booking the desired journey, with the supplementary services that this entails. In this way, we handle the requirements of our customers and travellers securely and ensure that the practical arrangements of the journey are taken care of as effectively as possible before, during and after the journey.
Basis of the processing
The personal data are used to perform the purchase agreement, i.e. to make the travel booking possible. The legal basis for this processing is Article 6(b) of the General Data Protection Regulation. In addition, we store data in three systems: GTRS, GTBI and G Track. The purpose is as follows:
GTRS is a management tool for travel groups. GTRS is used to handle complex crew journeys, primarily in marine/offshore. The purpose of the processing is to meet the travel group’s requirements for the content of the communication and to perform the letter of guarantee (a requirement from the airlines), as well as to apply for visas for our customers.
GTBI is a tool for developing statistics and reports. The purpose of the processing is to handle requests from customers and to improve internal processes.
G Track is a tool for localisation of individuals. The purpose of the processing is to enable us to have knowledge, in emergency situations, of the whereabouts of all our travellers. Another purpose of the processing is to assist travellers in connection with the occurrence of unexpected events such as strikes, bad weather and volcano eruptions. A third purpose is to document that the journey has been made (a travel requirement for State employees).
If you have given your consent to this, the data are also processed to provide you with information, offers and service in connection with your purchase via email, telephone and text message. The legal basis for this processing is Article 6(a) of the General Data Protection Regulation. You may decline to receive such information from us at any given time.
Disclosure of data to third parties
To enable us to meet our contractual obligations, we disclose necessary data to our partners:
All data about you and your journey are registered in the Amadeus or Galileo distribution systems. This comprises all personal data, benefits cards, destination, departure times, airline, hotels and rental car etc. Data will subsequently be disclosed to the airlines, hotels, car rental companies etc. which are included in the booking.
In connection with visa applications, the necessary personal data, itinerary and passport details are disclosed to the embassy of the country in question.
For you who form part of a change of crew, your itinerary may be shared with the dock agent who is responsible for local logistics.
If you have purchased insurance via G Travel, data are transferred to the insurance companies, including your personal identity number.
If you form part of a group journey arranged by G Travel, your participant data are registered in the Qondor booking/registration system.
Your credit card details are shared with the credit card company to settle payment for the journey.