Tourco Privacy Policy

1. Tourco ten principles for protecting your personal data

In accordance with applicable regulations, in particular the European General Data Protection Regulation, we have instituted the following ten principles for the processing of your data within Tourco:

1.  Lawfulness: we use personal data only if:
   1. we obtain the consent of the person, OR
   2. it is necessary to do so for the performance of a contract to which the person is a party, OR
   3. it is necessary for compliance with a legal obligation, OR
   4. it is necessary in order to protect the vital interests of the person, OR
   5. we have a legitimate interest in using personal data and our usage does not adversely affect the persons’ rights.
2. Fairness: We can explain why we need the personal data we collect.
3. Purpose limitation and data minimization: We only use personal data that we really need. If the result can be achieved with less personal data, then we make sure we use the minimum data required.
4. Transparency: We inform people about the way we use their personal data.
5. We facilitate the exercise of the people’s rights: access to their personal data, rectification and erasure of their personal data and the right to object to the use of their personal data.
6. Storage limitation: We retain personal data for a limited period.
7. We ensure the security of personal data, i.e. its integrity and confidentiality.
8. If a third party uses personal data, we make sure it has the capacity to protect that personal data.
9. If personal data is transferred outside European Union, we ensure this transfer is covered by appropriate legal tools.
10. If personal data is compromised (lost, stolen, damaged, unavailable…), we notify such breaches to the respective country’s responsible authority and to the person concerned, if the breach is likely to cause a high-risk in respect of the rights and freedoms of this person.
     

For any questions regarding these ten principles, please contact us at the coordinates indicated in article 7 “Your rights”.

2. What personal data is collected?

As part of the processing activities described below, we collect the following personal data, in particular through our partner Orient Express Management Company:

• Title,
• First name and last name,
• Date of birth,
• Nationality,
• Phone number,
• Where applicable, a copy of a piece of identification,
• The Accor ALL loyalty program number, or of another partner program, and 
  information about your activities within this program,
• Email address,
• Where applicable, the audio recording of your call with our concierge 
  service,
• Postal address (ZIP code, address, city, country),
• Information related to the booking,
• Information related to your children where applicable (first name, date of 
  birth, age),
• Any relevant comments related to your booking that you would 
  spontaneously communicate to us (e.g., smoker or not, type of bedding, 
  print media read, cultural interests, sports, relevant health data, food and 
  drink preferences, etc.),
• Your questions/comments during or following your stay/cruise. 

The information collected in relation to persons under 16 years of age is limited to their name, nationality and date of birth, which can only be supplied to us by an adult. We would be grateful if you could ensure that your children do not send us any personal data without your consent (particularly via the Internet). If such data is sent, you can contact our data protection officer (see clause “Your rights” below) to arrange for this information to be deleted.

3. For what purposes is your data collected and how long do we retain it?

4. Condition of third-party access to your personal data

Your personal data may be shared with internal and external recipients under the following conditions: 

1. We share your data with a limited number of authorized staff members and departments within TourCo, and in particular the marketing team, and our customer support. Your data will also be transmitted to the other companies of the group to which TourCo belongs and which provide intra group services. We will provide you with a full list of these companies if you send a request to the address given in article 7 “Your rights”.

2. With service providers and partners: your personal data may be transmitted to third parties, in particular to the staff on board the yacht, our concierge and support partners, those organizing the experiences during your cruise, as well as our IT service providers. Your data may also be transmitted to our partner Orient Express Management Company.

3. Local authorities: we may also disclose your information to local authorities, if required by law or in the course of an investigation and in accordance with local regulations.

5. Protection of your personal data during international transfers

 For the purposes indicated in Article 3 of this Policy, we may transfer your personal data to internal or external recipients who may be located in countries offering different levels of personal data protection.

Therefore, TourCo implements appropriate measures to secure the transfer of your personal data to an external recipient located in a country offering a different level of protection from that offered in the country where the personal data is collected.

Data flows to countries that do not offer an equivalent personal data protection are either covered by the exceptions provided for in Article 49 of the GDPR or subject to the standard contractual clauses defined by the European Commission. If necessary, we will also implement additional safeguards to these transfers in order to ensure the effective application of the standard contractual clauses.

You may ask more information on the framing of the international transfers we may perform by sending an email at the address specified in Article 7 “Your rights”.

6. Data security

TourCo takes appropriate technical and organizational measures, in accordance with 
applicable legal provisions (in particular article 32 of the GDPR), to protect your personal data against destruction, loss or alteration, misuse and unauthorized access, modification or disclosure, whether such actions are unlawful or accidental. To this end, we have implemented technical measures (such as firewalls) and organizational measures (such as a login/password system, physical protection, etc.) to ensure the ongoing confidentiality, integrity, availability and resilience of the processing systems and services. 

7. Your rights

You have the right to obtain information and access to your personal data collected by TourCo, subject to the applicable legal provisions.

You also have the right to have your data rectified, erased or have its processing restricted. Furthermore, you have the right to data portability and to issue instructions on how your data is to be processed after your death (hopefully as late as possible!). You can also object to the processing of your personal data.

If you wish to exercise any of your rights, please contact our department in charge of these matters directly at the email address: tourco.privacy@silenseas.com, or at 6 rue Christophe Colomb, 75008, Paris.

For the purposes of confidentiality and personal data protection, we will need to check your identity in order to respond to your request. In case of reasonable doubts concerning your identity you may be asked to include a copy of an official piece of identification, such as an ID card or passport, along with your request. A black and white copy of the relevant page of your identity document is sufficient.

All requests will receive a response as swiftly as possible and in compliance with applicable law.

You also have the right to lodge a complaint with a data protection authority.