THE PERSONAL INFORMATION WE COLLECT
Service information: When you use the Service, we may collect information from you. Some of it may be personal information. This information can include, but is not limited to, search history, IP address, screen resolution, browser used, operating system and settings, access times and referring URL. If you are using a mobile device, we may also collect data that identifies your device, your settings and your location.
Device Information: This is collected so that we understand the type of device or software you are using to interact with MOBYTRIP. This information includes things like Desktop of Mobile, Android or Apple, Chrome or Safari, etc. This information helps us better understand how users are engaging with us, and ensures we can provide full support for all devices. For more info on what data is shared, contact your device manufacturer or software provider.
Cookies and Log Data: These are used to record information about your session. This includes things like your IP address, the date and time of your searches and messages, and cookies or data provided to third-party analytics tools.This information helps us to better understand how you use our site, and what your preferences are.
Booking information: If you book a reservation via the Service, we may need additional information from you. This information can include your name (and the traveler’s name, if different), age, birthday, email address, telephone number, credit card information, billing address, itinerary details.
Full legal name of the person making the hotel reservation
Payment details to finalize a reservation, including credit card details or PayPal account, and billing address An email address where a confirmation email and receipt can be sent
While processing your booking request , we may retrieve an additional information about you from a third party service providers and combine it with information we have about you to make a decision whether or not to accept financial transaction initiated by you.
Information Collected from Third Parties
Web beacons (also known as clear gifs, pixel tags or Web bugs) are tiny graphics with a unique identifier, similar in function to cookies, that are placed in the code of a web page. We use web beacons to monitor traffic patterns from one page to another, to deliver or communicate with cookies, to understand whether you have come to our site from an online advertisement displayed on a third-party website, and to improve site performance. We also may allow our service providers to use web beacons to track the visitor traffic and actions on our site. This helps us measure the effectiveness of our content and other offerings.
How Personal Data is Used
We ask for and collect the following personal information about you when you use MOBYTRIP. This information is necessary for the adequate performance of the contract between you and us and to allow us to comply with our legal obligations. Without it, we may not be able to provide you with all the requested services. We use the data collected in the previous section in the following ways:
- to improve the Service, and to develop new products, services, features, and functionality;
- to verify that the cardholder has authorized the purchase made on their debit or credit card, when necessary;
- to understand and analyze the usage trends and preferences of our users;
- to send you communications subject to applicable laws; or
- to comply with legal and regulatory requirements, where applicable.
We process this personal information for these purposes given our legitimate interest in improving the MOBYTRIP service, where it is necessary for the adequate performance of the contract with you and to comply with applicable laws.
NON-PERSONAL / ANONYMIZED INFORMATION
Personal information is information you provide us which personally identifies you, such as your name, physical address, email address, phone number, password, phone number, social media identifiers, email or other personally identifying information.
Aggregated non-personal information (also known as de-identified information or anonymized information) is different from personal information. Aggregated non-personal information is information about our users, their computers or devices and/or use of our Service that are collected into groups so that it no longer reflects or references an individually identifiable user. This information may include, without limitation, information about use of our Service, web pages viewed or used, Service content accessed or used, IP addresses and device identifiers, information about hardware or software used to access the Service, user location information, page views, app usage, customization settings relating to the Service, and other types of information we collect that cannot reasonably be used to identify you personally. MobyTrips.com may collect and use aggregated non-personal information to improve the Service or for any other reason, at its sole discretion.
How Personal Data is Shared
MOBYTRIP shares your personal data securely with some third-party partners, such as hotels, payment processing companies and fraud prevention services.
Hotels and Hotel Suppliers are where you are booking yourself to stay. By making a booking through MOBYTRIP, you are authorizing us to share some of your personal data with them in order to make and hold your reservation. The only personal information provided to Hotels and Suppliers is the information you enter on the Booking Form, and we have added an extra checkbox to ensure you understand which data is being shared. We encourage all users to review hotel privacy policies to understand how their data is being handled once shared. Other Third-Party Partners that we work with include payment/credit card processing, fraud prevention, business and product analytics, and customer service support. These partners are only given the specific personal data that they require, and nothing else. We have ensured that all of our third-party partners have data collection and processing policies that adhere to GDPR and other legislative requirements.
Personal Data Choices You Have
The personal data that we collect is yours, and so you have choices available to you around what we collect and how it is used. Some of these choices can be communicated to MOBYTRIP (such as requesting access to or deletion of your information), and others should be communicated to other parties you engage with (such as in your phone settings for whether or not you share location information, etc.).
You can always choose not to provide personal information such as your name, phone number, email address, payment details, etc., however this may mean that we will be unable to complete your hotel booking.
Managing Your Information
You may access and update some of your information through your Account settings. If your account is tied to a third-party application, like Facebook or WhatsApp, you can change your settings and remove permission for the app in the third party’s website. You are responsible for keeping your personal information up-to-date.
Rectification of Inaccurate or Incomplete Information
You have the right to ask us to correct inaccurate or incomplete personal information about you.
Data Access and Portability
In some jurisdictions, applicable law may entitle you to request certain copies of your personal information held by us. You may also be entitled to request copies of personal information that you have provided to us in a structured, commonly used, and machine-readable format and/or request us to transmit this information to another service provider (where technically feasible).
Data Retention and Erasure
We generally retain your personal information for as long as is necessary for the performance of the contract between you and us and to comply with our legal obligations. In certain jurisdictions, you can request to have all your personal information deleted entirely. Please note that if you request the erasure of your personal information:
- We may retain some of your personal information as necessary for our legitimate business interests, such as fraud detection and prevention and enhancing safety. For example, if we suspend a MOBYTRIP account for fraud or safety reasons, we may retain certain information from that account to prevent opening of a new account in the future.
- We may retain and use your personal information to the extent necessary to comply with our legal obligations. For example, MOBYTRIP may keep some of your information for tax, legal reporting and auditing obligations.
- We may retain some copies of your information (e.g., log records) in our database, but they will be disassociated from personal identifiers.
Withdrawing Consent and Restriction of Processing
If we are processing your personal information based on your consent you may withdraw your consent at any time by changing your Account settings or by sending a communication to MOBYTRIP specifying which consent you are withdrawing. Please note that the withdrawal of your consent does not affect the lawfulness of any processing activities based on such consent before its withdrawal. Additionally, in some jurisdictions, applicable law may give you the right to limit the ways in which we use your personal information, in particular where (i) you contest the accuracy of your personal information; (ii) the processing is unlawful and you oppose the erasure of your personal information; (iii) we no longer need your personal information for the purposes of the processing, but you require the information for the establishment, exercise or defence of legal claims; or (iv) you have objected to the processing pursuant (under Objection to Processing) and pending the verification whether the legitimate grounds of MOBYTRIP override your own.
Objection to Processing
In some jurisdictions, applicable law may entitle you to require MOBYTRIP not to process your personal information for certain specific purposes where such processing is based on legitimate interest. If you object to such processing MOBYTRIP will no longer process your personal information for these purposes unless we can demonstrate compelling legitimate grounds for such processing or such processing is required for the establishment, exercise or defence of legal claims.
Personal Data Protection & Information Security
The protection, security and confidential processing of your personal data is a major priority for MOBYTRIP. Our systems are configured with data encryption, or scrambling technologies and firewalls constructed to industry standards. We also use Secure Socket Layer (SSL) technology that protects the data you send over the Internet. We will use all commercially reasonable methods to keep personal information securely in our files and systems. With current technology, however, we cannot guarantee the security of your data from all possible attacks or intrusions on our servers or guarantee the security of your data as it travels over the Internet. Thus, you hereby release MOBYTRIP.com and Travel Booking Support Inc. from liability for any such possible attacks or intrusions that might compromise the security of your data. Internally, only authorized staff members are permitted to access your personal information, and they only have access to the data that they need to perform their role. MOBYTRIP does not store credit card information at all. Any and all access of personal information is logged for security purposes.
The Site and the Service are not directed to individuals under the age of eighteen (18), and MOBYTRIP.com does not knowingly collect personal information from minors. If we become aware that a minor is attempting to submit personal information, we will remove this information from our records. If you are the parent/legal guardian of a minor who has given us personal information, please contact us at www.MOBYTRIP.com/privacy_policy so we can delete it. European Users MOBYTRIP is in compliance with all applicable data protection laws in the European Economic Area (EEA), which, if applicable to you, include the following rights provided by GDPR:
- Right to Information
- Right to Access
- Right to Rectification
- Right to Withdraw Consent
- Right to Object
- Right to Object to Automated Processing
- Right to be Forgotten
- Right for Data Portability
California Privacy Rights
California law permits Members who are California residents to request and obtain from us once a year, free of charge, a list of the third parties to whom we have disclosed their personal information (if any) for their direct marketing purposes in the prior calendar year, as well as the type of personal information disclosed to those third parties. See the “Contact Us” section for where to send such requests. MOBYTRIP does not share personal information with third parties for their own direct marketing purposes without your prior consent. Accordingly, you can prevent disclosure of your personal information to third parties for their direct marketing purposes by withholding consent.
Effective January 1, 2020, the California Consumer Privacy Act (CCPA) allows California residents, upon a verifiable consumer request, to request that a business that collects consumers’ personal information to give consumers access, in a portable and (if technically feasible) readily usable form, to the specific pieces and categories of personal information that the business has collected about the consumer, the categories of sources for that information, the business or commercial purposes for collecting the information, and the categories of third parties with which the information was shared. California residents also have the right to submit a request for deletion of information under certain circumstances. Consistent with California law, if you choose to exercise your rights, we won’t charge you different prices or provide different quality of services unless those differences are related to your information. See here for information on data subject rights requests and how to submit a request. Please note that you must verify your identity and request before further action is taken. As a part of this process, government identification may be required. Consistent with California law, you may designate an authorized agent to make a request on your behalf. In order to designate an authorized agent to make a request on your behalf, you must provide a valid power of attorney, the requester’s valid government issued identification, and the authorized agent’s valid government issued identification.
Updates and Questions
- Email privacy@MOBYTRIP.com
- Mail Travel Booking Support Inc.
- Attn: Privacy Officer
- 459 Columbus Ave, Unit #1013, New York, NY 10024