Nepal Trek Routes is committed to protecting your Personal Information that you share with us. Please take a moment to review this Privacy Policy (referred to as “Policy”) where you can find more details about how we collect and process your information. By using our website or the services offered by us, you are consenting to our use of such personal information as you provide to us as described herein. If you do not consent to our use of your information, please do not use our services. Any questions you have about our Privacy Policy, or the information contained herein can be directed to [email protected] or our Privacy Officer at [email protected].

We need to collect, use and disclose personal information in order to perform our business functions and activities, including making and managing travel bookings on behalf of our customers. We are firmly committed to protecting the privacy and confidentiality of personal information with various physical, electronic, and procedural safeguards. For the purposes of the General Data Protection Regulation (“GDPR”) we assume the role of either the “data processor” or “data controller” for any personal information you provide to us in connection with our relationship. The exact role assumed depends on the context of our relationship with you and the purpose of the processing of personal information.

For the provision of retail travel services by Nepal Trek Routes, we will be the data controller and this Policy shall apply. Likewise, for the purpose of all our marketing activities, we will be the data controller and this Policy shall apply. By providing personal information to us, you agree that this Policy will apply to how we handle your personal information, and you consent to us collecting, using, and disclosing your personal information as detailed in this Policy. If you do not agree with any part of this Policy, you must not provide your personal information to us.

If you do not provide us with your personal information, or if you withdraw a consent that you have given under this Policy, this may affect our ability to provide services to you or negatively impact the services we can provide to you.

1. What personal information do we collect?

Personal information has the meaning given under your local data protection law, and, the meaning of personal data given under the GDPR, where applicable. Generally, the type of personal information we collect about you is the information that is needed to facilitate your travel arrangements and bookings and to arrange travel-related services and/or products on your behalf.

We therefore typically process the following types of personal information about you:

πŸ‘‰ contact information (such as name, residential/mailing address, telephone number, email address);
πŸ‘‰ passport details;
πŸ‘‰ payment account information (credit/debit card details, including card type, card number, security number, and expiry date);
πŸ‘‰ information about your dietary requirements and health issues (if any); and

When you make contact with us for other purposes, we may also collect personal information about you in relation to those purposes. For example, we may collect your personal information so we can contact you about a competition you have entered (e.g. if you win) or to respond to an inquiry or feedback you have sent to us. We also collect information that is required for use in the business activities of Nepal Trek Routes, including, for example, financial details necessary in order to process various transactions and other relevant personal information you may elect to provide to us.

In some circumstances, we may collect personal information from you which may be regarded as sensitive information under your local data protection laws. Sensitive information may include (without limitation) your racial or ethnic origin, philosophical or religious beliefs or affiliations, sexual preferences or practices, and health information. We will only collect sensitive information in compliance with your local data protection laws, with your explicit consent, and where it is reasonably necessary for, or directly related to, one or more of our functions or activities (e.g. to make travel arrangements), unless we are otherwise required or authorized to do so by law. To the extent permitted or required under your local data protection laws, you consent to us using and disclosing your sensitive information for the purpose for which it was collected unless we subsequently receive your consent to use it for another purpose.

2. How do we collect personal information?

We will only collect personal information in compliance with your local data protection laws. We usually collect your personal information from the information you submit during the course of your relationship with us.

Generally, this collection will occur when you:

πŸ‘‰ Contact us in person, by telephone, letter, email;
πŸ‘‰ Visit our websites;
πŸ‘‰ Connect with us on social media.

We may collect personal information about you when you:

πŸ‘‰ Purchase or make inquiries about travel arrangements or other products and services;
πŸ‘‰ Enter competitions or register for promotions;
πŸ‘‰ Subscribe to receive marketing from us (e.g. e-newsletters);
πŸ‘‰ Request brochures or other information from us; or
πŸ‘‰ Provide information, or use our services, on social media.

Unless you choose to do so under a pseudonym or anonymously, we may also collect your personal information (except sensitive information) when you complete surveys or provide us with feedback.

In some circumstances, it may be necessary for us to collect personal information about you from a third party. This includes where a person makes a travel booking on your behalf which includes travel arrangements to be used by you, and vice versa (i.e. a group booking made for you by your friend or a group making made for a friend by you). Where this occurs, we will rely on the authority of the person making the travel booking as the Lead passenger to act on behalf of any other passenger on the booking. The Lead Passenger agrees to have obtained the consent of the other person for Nepal Trek Routes to collect, use and disclose the other person’s personal information in accordance with this Policy.

You should let us know immediately if you become aware that your personal information has been provided to us by another person without your consent or if you did not obtain consent before providing another person’s personal information to us.

We strive to maintain the accuracy of your personal information that we store, however, you can assist us with this considerably by promptly contacting us if there are any changes to your personal information or if you become aware that we have inaccurate personal information relating to you (see section 11 below). We will not be responsible for any losses arising from any inaccurate, inauthentic, deficient, or incomplete personal information that you, or a person acting on your behalf, provide to us.

3. How do we use your personal information?

We will only process your information, where:

πŸ‘‰ you have given your consent to such processing (and may withdraw at any time, as detailed in section 7)
πŸ‘‰ the processing is necessary to provide our services to you;
πŸ‘‰ the processing is necessary for compliance with our legal obligations; and/or
πŸ‘‰ the processing is necessary for our legitimate interests or those of any third-party recipients that receive your personal information (detailed in sections 5 and 6).

In detail: When you contact us in relation to a travel booking or query, we collect your personal information generally to provide you with travel advice and/or to assist you with booking travel and/or travel-related products and services. However, the purpose for collection may differ depending on the particular circumstances as disclosed in this Policy (e.g. collection of your personal information for the purpose of your participation in a competition, provision of feedback, etc.).

When you book or otherwise arrange travel-related products and services through us, we usually act as an agent for the relevant travel service providers (e.g. for a hotel). In this case, we process your personal information as necessary so as to provide the services you requested from us. This usually includes collecting personal information about you both for our internal purposes as described in this Policy and for the travel service provider for whom we act as agents (e.g. to provide you with the booked services). For example, if you book pre-accommodation through us, then we use your personal information to enable your accommodation to be booked and disclose it to the hotel solely for this purpose.

We may therefore share your information with our travel service providers such as hotel, airline, car rental, or other providers, who fulfill your travel bookings. We encourage you to review the privacy policies of any third-party travel service providers whose products you purchase through us. We will provide you with copies of all relevant travel service provider terms, conditions, and privacy policies on request. For more information about the disclosure of personal information to travel service providers located overseas, please refer to section 6.

If you have any concerns regarding the transfer of your personal information to a travel service provider, or you wish to contact us for further information, please refer to the “Feedback & Contact” section below (section 11).

The purposes for which we collect personal information further include:

πŸ‘‰ Providing you with services and tools you choose to use (for example, saving travel preferences on our websites to a wishlist or saving personal information to allow for pre-population of online forms);
πŸ‘‰ Developing and improving our products and services and those of our related entities;
πŸ‘‰ Servicing our relationship with you by, among other things, creating and maintaining a customer profile to enable our brands to service you better or presenting options on our website we think may interest you based on your browsing and preferences;

Involving you in market research, gauging customer satisfaction, and seeking feedback regarding our relationship with you and/or the service we have provided;

To facilitate your participation in loyalty programs and online competitions;

πŸ‘‰ For internal research and analysis in relation to our business and services, including but not limited to trends and preferences in sales and travel destinations and use of our websites;
πŸ‘‰ Internal accounting and administration;
πŸ‘‰ Identification of fraud or error;
πŸ‘‰ Regulatory reporting and compliance;
πŸ‘‰ Compliance with our legal obligations and any applicable customs/immigration requirements relating to your travel; and
πŸ‘‰ Where permitted by local data protection laws, we may use your personal information to send you targeted marketing activities relating to our products and services (and those of third parties) that we think may interest you unless you have requested not to receive such information. These may include but are not limited to, mailouts, electronic marketing, and notifications as described below. We will only use your personal information to send electronic marketing materials to you (including e-newsletters, email, SMS) if you have opted-in to receive them.

Should you no longer wish to receive promotional/marketing material from us, participate in market research, or receive other types of communication from us, please refer to the “Feedback & Contact” section below (section 11). You can unsubscribe from receiving electronic marketing materials by following the unsubscribe prompt in any email or other form of electronic marketing you receive from us. Please also see the “Your Rights” (Section 7) section of this Policy to learn about your ability, at any time, to opt-out or limit the use of your browsing behavior for online behavioral advertising purposes.

5. Is personal information disclosed to third parties?

We do not and will not sell, rent, or trade your personal information. We will only disclose your personal information to third parties in the ways set out in this Policy and, in particular, as set out below, and in accordance with your local data protection laws. Note that, in this Policy, where we say “disclose”, this includes transfer, share (including verbally and in writing), send, or otherwise make available your personal information to another person or entity.

Your personal information may be disclosed to the following types of third parties:

πŸ‘‰ our contractors, suppliers, and service providers, including without limitation:
πŸ‘‰ in each of the circumstances set out in section 4 (“How do we use your personal information?”);
πŸ‘‰ suppliers of IT-based solutions that assist us in providing services to you (such as any external data hosting providers we may use);
πŸ‘‰ publishers and distributors of marketing material;
πŸ‘‰ event and expo organizers;
πŸ‘‰ marketing, market research, research and analysis, and communications agencies;
πŸ‘‰ external business advisers (such as lawyers, accountants, auditors, and recruitment consultants);
πŸ‘‰ travel service providers such as travel wholesalers, tour operators, airlines, hotels, car rental companies, transfer handlers, and other related service providers;
any third party to whom we assign or novate any of our rights or obligations;
πŸ‘‰ a person making your travel booking on your behalf (i.e. a family member, friend, or work colleague);
πŸ‘‰ a person who can verify to us that they have a relationship with you (e.g. a family member) where you are not contactable, the person correctly answers our required security questions and the request is, in our opinion, in your interest (for example, where the person is concerned for your welfare or needs to undertake action on your behalf due to unforeseen circumstances);
πŸ‘‰ as required or authorized by applicable law, and to comply with our legal obligations;
πŸ‘‰ customs and immigration to comply with our legal obligations and any applicable customs/immigration requirements relating to your travel;
πŸ‘‰ government agencies and public authorities to comply with a valid and authorized request, including a court order or other valid legal process;
πŸ‘‰ various regulatory bodies and law enforcement officials and agencies, including to protect against fraud and for related security purposes; and
enforcement agencies where we suspect that unlawful activity has been or may be engaged in and the personal information is a necessary part of our investigation or reporting of the matter.

Other than the above, we will not disclose your personal information without your consent unless we reasonably believe that disclosure is necessary to lessen or prevent a threat to life, health, or safety of an individual or to public health or safety or for a certain action to be undertaken by an enforcement body (e.g. prevention, detection, investigation, prosecution or punishment of criminal offenses), or where such disclosure is authorized or required by law (including applicable privacy/data protection laws).

On our websites, you may choose to use certain features that can be accessed through, or for which we partner with, other entities that are not otherwise affiliated with us. These features, which include social networking and geo-location tools, are operated by third parties, including social networks, and are clearly identified as such. These third parties may use or share personal information in accordance with their own privacy policies. We strongly suggest you review the third parties privacy policies if you use the relevant features.

6. Is personal information transferred overseas?

We may disclose your personal information to certain overseas recipients, as set out below. We will ensure that any such international transfers are either necessary for the performance of a contract between you and the overseas recipient or are made subject to appropriate or suitable safeguards as required by your local data protection laws (e.g. GDPR). We will provide you with copies of the relevant safeguard documents on request (see section 11 below).

It is possible that information will be transferred to an overseas recipient (other than any of our overseas related entities) located in a jurisdiction where you will not be able to seek redress under your local data protection laws and that does not have an equivalent level of data protection as in your jurisdiction. To the extent permitted by your local data protection laws, we will not be liable for how these overseas recipients handle, store and process your personal information.

7. Your rights in relation to the personal information we collect

If you wish to:

πŸ‘‰ update, alter, delete or obtain a copy of your personal information that we hold;
πŸ‘‰ restrict or stop us from using any of the personal information which we hold on you, including by withdrawing any consent you have previously given to the processing of such information; or
πŸ‘‰ where any personal information has been processed on the basis of your consent or as necessary to perform a contract to which you are a party, request a copy of such personal information in a suitable format.

You can request this by emailing us at the address set out in section 11 below. You will receive acknowledgment of your request and we will advise you of the timeframe within which you will receive your information pack. We endeavor to respond to such requests within a month or less, although we reserve the right to extend this period for complex requests.

We reserve the right to deny you access for any reason permitted under applicable laws. Such exemptions may include national security, corporate finance, and confidential references. If we deny access or correction, we will provide you with written reasons for such denial unless it is unreasonable to do so and, where required by local data protection laws, will note your request and the denial of same in our records. Further correspondence regarding your request should only be made in writing to the Data Protection Officer at the address set out in section 11 below.

Please note that, if you request that we restrict or stop using personal information we hold on you, or withdraw a consent you have previously given to the processing of such information, this may affect our ability to provide services to you or negatively impact the services we can provide to you. For example, most travel bookings must be made under the passenger’s full name and must include contact details and appropriate identification (e.g. passport details). We cannot make bookings for you without that information.

You must always provide accurate information and you agree to update it whenever necessary. You also agree that, in the absence of any update, we can assume that the information submitted to us is correct unless we subsequently become aware that it is not correct. You can at any time tell us not to send you marketing communications by email by clicking on the unsubscribe link within the marketing emails you receive from us or by contacting us as indicated below (section 11).

In any of the situations listed above, we may request that you prove your identity by providing us with a copy of a valid means of identification in order for us to comply with our security obligations and to prevent unauthorized disclosure of personal information. We reserve the right to charge you a reasonable administrative fee for any manifestly unfounded or excessive requests concerning your access to your personal information, and for any additional copies of the personal information, you request from us.

8. Security of Information

We are committed to safeguarding and protecting your personal information via implementing various physical, electronic, and managerial security procedures in order to protect the personal information it holds from loss and misuse, and from unauthorized access, modification, disclosure, and interference. Nepal Trek Routes regularly reviews security technologies and will strive to protect your personal information as fully as we protect our own confidential information. Nepal Trek Routes is not responsible for any third party’s actions or their security controls with respect to information that third parties may collect or process via their websites, services, or otherwise. We will destroy or de-identify personal information once we no longer require it for our business purposes, or as required by law.

9. Social Media Integrations

Our websites and mobile applications may use social media features and widgets (such as “Like” and “Share” buttons/widgets). These are provided and operated by third-party companies (i.e. Facebook, Twitter, etc.) and either hosted by a third party or hosted directly on our website or mobile application. Such features may collect information such as the page you are visiting on our website/mobile application, your IP address, and may set cookies to enable the feature to function properly.

If you are logged into your account with a third-party company, then the third party may be able to link information about your visit to and use of our website to your social media account with them. Similarly, your interactions with the social media features may be recorded by a third party. In addition, the third-party company may send us information in line with their policies, such as your name, profile picture, gender, friend lists, and any other information you have chosen to make available, and we may share information with the third party company for the purposes of serving targeted marketing to you via the third party social media platform. You can manage the sharing of information and opt-out from targeted marketing via your privacy settings for the third-party social media platform.

Your interactions with these social media features and widgets are governed by the privacy policy of the third-party company providing them. For more information about the data practices of these third-party companies, and to find out more about what personal information is collected about you and how the third party uses such personal information, please refer to their privacy policy directly.

10. Tracking Technologies & Cookies

We may use third-party web analytics services on our websites and mobile apps (such as Google, Facebook, affiliate tracking, etc.). The analytics providers that administer these services use technologies such as cookies and web beacons to help us analyze how visitors use our websites and apps.

When you access our website, open electronic correspondence, or communications from us, our servers may record data regarding your device and the network you are using to connect with us, including your IP address. An IP address is a series of numbers that identify your computer, and which are generally assigned when you access the internet. We may use IP addresses for system administration, investigation of security issues, and compiling anonymized data regarding usage of our website and/or mobile applications. We may also link IP addresses to other personal information we hold about you and use it for the purposes described above (e.g. to tailored online advertising, provided you have opted in).

Our websites may also contain links to third-party websites over which we have no control over. We are not responsible for the privacy practices or the content of such websites and encourage you to read the privacy policies of any linked third-party websites you visit.

What is a Cookie?

A Cookie is a small file that is stored on a user’s computer which is designed to hold a modest amount of data specific to a particular client and website and can be accessed either by the web server or the client computer. While you visit a particular website, a cookie may be used to track the activities of your browser as well as provide you with a consistent, more efficient experience.

How do third-party vendors use Cookies?

Third-party channels (i.e. Google) show Nepal Trek Routes ads across the internet. These third parties use cookies to serve ads based on a user’s prior visits to our websites. No personal information is stored in cookie data, and users may opt-out of third-party usage of cookies by visiting the Network Advertising Initiative opt-out page (members include but are not limited to Google, Criteo, Yahoo) or via the third party’s cookie settings.

How do Nepal Trek Routes use cookies?

Cookies may be used to help speed up the booking process so you do not need to re-type the same information. We may use cookies to measure website usages such as the number of visitors on a certain page, entry and exit points of visitors, and details of activities and searches performed with related information. If you are making a purchase, we may also use cookies to keep track of the transaction from one page to the next. We do not store any personal information in the cookie or use it for any other purpose.

11. Feedback & Contact

If you wish to inform us of a change or correction to your personal information, request a copy of the information we collect on you, request deletion of your information, or would like to restrict the further processing of your data, please contact us at [email protected] or via any other channel.

We will respond to these requests within one month. If you have any inquiries, comments, or complaints about this Policy or our handling of your personal information, please contact your consultant or the Privacy Officer via:

Email: [email protected]

Post:
Privacy Officer
Nepal Trek Routes Pvt. Ltd.
Keshar Mahal Marg, Thamel
Kathmandu 44600
Nepal

12. Changes to our Policy

We may amend or make revisions to this Policy from time to time, which amendments may also apply to your personal information collected under a previous version of this Policy. Nepal Trek Routes reserves the right to alter this Privacy Policy at any time and for any reason. It is your responsibility to keep up to date with any changes to this policy. If we make a change to the Policy, we will notify you via a notice online and the revised version will be posted on our website with the revision date.

This Privacy Policy was last updated on February 22, 2020.