Effective September 8th, 2020
Oojo (“Oojo”, “we”, “our”, “us”) respects your privacy and is committed to protecting your personal information. This policy describes Oojo practices regarding personally identifiable information or personal data (“personal information/ PI”). This policy applies to our websites, applications, email, voice calls and text messages, and social media accounts(the “Platforms”). When you use the Platforms, you agree to the terms in this policy.
Oojo is the company (business) responsible for your PI.
Full name of legal entity: Traveltech LLC
Email address: [email protected]
In case of material changes Oojo will definitely publish such amendments and amended policy on our website and, as far as possible, notify you either by email or by pop-up windows when you are using our Platforms next time.
Amendments shall enter into force on the Effective Date.
When you give us PI, you are telling us, that the information is true, accurate, complete and current. You are also telling us, that you have the authorization to provide it to us.
It is important that the PI we hold about you is accurate and current. Please keep us informed, if your PI changes during your relationship with us.
THE CATEGORIES OF PERSONAL INFORMATION WE COLLECT
We may collect, use, store and transfer different kinds of PI about you which we have grouped together as follows:
- Identifiers or Identity Data such as a first/ middle/ last name, alias, postal address, unique personal identifier (cookie), date of birth, online identifier Internet Protocol address, or other similar identifiers.
- Contact Data includes (billing address, delivery address, email address and telephone numbers).
- Commercial Information, including requested price quotes, products or services purchased or other purchasing or consuming histories or tendencies, as well as Financial Data (bank account and payment card details) and Transaction Data (details about payments to and from you and other details of products and services you have purchased from us).
- Network Activity Information, including, but not limited to Technical Data (your login data, browser type and version, browsing history, search history, time zone setting, browser plug-in types and versions, operating system and Platform, and other technology on the devices you use to access our Platforms), and information regarding your interaction with our Platforms (Usage Data).
- Geolocation data in a general way (country, state or city).
- Audio (e.g. call records) and Electronic (e.g. email threads) information .
- Inferences (conclusions) drawn from any of the PI collected by Oojo, including, but not limited to Profile Data (your preferences, characteristics, psychological trends, behavior, attitudes, intelligence, feedback and survey responses) and Marketing Data (your preferences in receiving marketing from us and our partners and your communication preferences).
Customer support If you choose to contact our customer support services we will collect any inquires, complaint or other information that you may submit to our support team.
We do not collect any Special Categories of PI about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health, and genetic and biometric data). Nor do we collect any information about criminal convictions and offences.
Oojo does not knowingly collect PI from minors, except if the minor is one of travelers. If we become aware that a minor is attempting to submit PI, we will remove this information from our records. If you are the parent/legal guardian of a minor who has given us PI, please contact us so we can delete it.
IF YOU FAIL TO PROVIDE PERSONAL INFORMATION
Where we collect PI required by law or under the terms of a contract, and you fail to provide that PI when requested, we may not be able to perform the contract we have or are trying to enter into with you (for example, to provide you with goods or services). In this case, we may have to cancel a product or service you have with us, but we will notify you if this is the case at the time. For example, if you started to fill in the application form and for some reason closed the browser, we might contact you via email/ phone in order to save your time and finish the application process properly.
HOW WE COLLECT YOUR PERSONAL INFORMATION
We use different methods to collect PI from and about you including through:
PI you give to us
We collect your PI directly from you (using life chat, online forms or via voice call/ messenger). For example, when you provide us with your PI by requesting a quote, registering or booking travels, contacting our customer support. This includes PI you provide when you:
- apply for our products or services;
- subscribe to our service or publications;
- request marketing to be sent to you;
- give us feedback or contact us.
Platform features may make use of your device attributes and settings that will allow us to determine your physical location (country, state). Such technologies may include IP address mapping or other technologies. We use this information to enhance and personalize your experience and provide you with offers and services that may be of interest to you. Oojo does not have control over your device settings, but we do recommend enabling location services on your device so you can take advantage of the location based features and functionality offered.
PI we receive from service providers: We collect your PI using service providers. This can include when you log in using a service provider platform, such as Facebook. In addition, we also integrate service providers' software that collects information about users for security reasons.
FOR WHAT PURPOSE WE USE YOUR PERSONAL INFORMATION
We will use your PI for the following purposes:
Improving our services To provide you and improve our Platforms and services, to better understand the users of our Platforms and services, and to protect our property and to prevent damage to them.
If you have ever requested a price quote or purchased our services, we treat you as the Regular (loyal) Customer. Regular Customers have plenty of benefits:
- become experts of using our services;
- receive the most relevant price quotes.
According to our policy, we may contact you as a Regular Customer via email/phone saved within previous requests and transactions. Such cases may be, for example, when you have accidentally provided the wrong email/phone or when you cannot be reached via email/ phone left in the last request/ purchase. If you want to opt-out, please contact us.
Bookings We and our travel partners (ticket consolidators, airlines, payment processors etc.) use your PI to process your bookings and store your itinerary information where applicable.
We use your information for marketing purposes. These activities may include:
To send you marketing emails and/or text messages from Oojo address regarding our services or those of our partners, if you have opted-in to receive emails and/or text messages from us or have transacted with us, and as permitted by law. You can easily unsubscribe from these marketing communications at any time by clicking on the “Unsubscribe” link included in the newsletter or by texting STOP via sms.
To display more relevant advertising and recommendations, or suppress advertising and content that you might find irrelevant. This advertising might be shown to you on our Platforms as well as third party platforms (including Google and social media sites like Facebook) and include information or offers that we, or our business partners’, believe you will find interesting. Individualized advertising may be based on information collected through cookies or other tracking technologies. You can opt out from from Google (press here
) and Facebook (press here
) ad personalisation any time.
- If you choose to participate in promotional activities, relevant information may be used to administer these promotions.
To communicate with you, including as follows:
- To send booking confirmations;
- To send alerts and notifications you have subscribed to, including to your mobile device;
- To solicit reviews;
- To update you regarding itineraries processed by our service;
- To communicate with you if you have contacted Oojo customer support;
- To send you information servicing and administrative emails;
- To send you information about services, offered by Oojo or our business partners, that we believe you would be interested in;
Performance of a contract The use of your PI may be necessary to perform the services and provide you products that you have requested from us. For example, if you make a booking on our Platform, we need to collect PI from you in order to complete the booking.
Consent We may rely on your consent to use your PI for certain direct marketing purposes. You can withdraw your consent anytime by contacting us.
We have set out below, in a table format, a description of the ways we might process your PI.
We will only use your PI for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If you wish to get an explanation as to how the processing for the new purpose is compatible with the original purpose, please contact us.
As a customer-oriented business we respect and value your expectations.
As a result, you are able to make announcements and queries at any time regarding your concerns in privacy matters.
Each of our marketing messages has an opt-out option and you can change preferences or unsubscribe at all from such communication at any time. Each Oojo website is targeted to the current audience and region, therefore subscribe/ unsubscribe options are also different. You cannot unsubscribe from servicing and administrative messages.
HOW WE SHARE YOUR PERSONAL INFORMATION
Corporate affiliates and change of control We may share your PI with our corporate affiliates and if Oojo itself (or part of its business) is sold or otherwise changes control, owners would have access to your PI for the uses set out herein.
Payment service providers and travel vendors If you book through the Platforms, we may share your PI with the payment service providers, acquirer banks and the travel vendors you have booked with (ticket consolidators, airlines etc.). This can include online travel agencies, hotels, airlines, car rental companies, and travel insurance providers. These third parties will process your PI as data controllers in accordance with their own privacy policies. If you contact our customer support, they may need to share information about your request with the relevant travel vendor in order to assist you.
Business partners We may share your PI with various business partners. Some of these business partners may use your PI for fraud detection, including, but not limited Identifiers, Contact Data and Network Activity Information , also to detect, prevent, or otherwise address fraud, security or technical issues. We may also share your PI to ask our partner to create a survey, form, application, or questionnaire, so we know the degree of your satisfaction with our services. Some of these business partners may use your PI for online behavioral advertising purposes, or to offer you services or products that we believe you may be interested in. We may also share your information as otherwise described to you at the time of collection. We may also share anonymous aggregated usage information with partners.
We enter into confidentiality and PI processing terms with partners to ensure they comply with high levels of confidentiality and best practice in privacy and security standards and we regularly review these standards and practices.
Trips shared by you If you use or have itineraries as part of our Service, you can send or grant access to your itinerary to anyone you choose. Your itinerary may contain enough details (for example, booking reference codes) to allow the recipient to cancel or modify your booking, perform a check-in, etc. You should only share your itinerary with people you trust. If you choose to display your itinerary on publicly-viewable web pages (Facebook, for instance), that information may be collected and used by others.
Information shared in public If you provide us a review of your trip, you authorize us to publish it on all our Platforms under the screen name you provided. You also authorize us to aggregate it with other reviews.
Authorities We may disclose PI if required by law, for example to law enforcement or other authorities. This includes court orders, subpoenas and orders arising from legal processes, and administrative or criminal investigations. We may also disclose your PI if the disclosure is necessary for the prevention, detection or prosecution of criminal acts or to prevent other damage, or in response to a legal action or to enforce our rights and claims.
We may also share anonymous aggregated usage information with others.
HOW WE STORE AND PROTECT YOUR PERSONAL INFORMATION
Our servers and data centers are located in the U.S and our service providers may be located there and in other countries. By providing us PI, you agree that your PI may be transferred to and stored in these countries. These countries may have different and/or less stringent privacy/data protection and data security rules than those of your own country. As a result, your PI may be subject to access requests from governments, courts, or law enforcement in those countries according to laws in those countries. Subject to the applicable laws of such countries, we will provide the necessary safeguards to maintain protections of your PI, e.g. by obtaining from the PI recipients contractual commitments based on the EU model clauses.
We have put in place appropriate security measures to prevent your PI from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your PI to those employees, agents, contractors and other service providers who have a business need to know. They will only process your PI on our instructions and they are subject to a duty of confidentiality.
We have put in place procedures to deal with any suspected PI breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
We will only retain your PI for as long as reasonably necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, regulatory, tax, accounting or reporting requirements. We may retain your PI for a longer period in the event of a complaint or if we reasonably believe there is a prospect of litigation in respect to our relationship with you.
To determine the appropriate retention period for PI, we consider the amount, nature and sensitivity of the PI, the potential risk of harm from unauthorised use or disclosure of your PI, the purposes for which we process your PI and whether we can achieve those purposes through other means, and the applicable legal, regulatory, tax, accounting or other requirements.
Under certain circumstances set by applicable law, you are entitled to:
- Request access to your PI (commonly known as a “data subject access request”). This enables you to receive a copy of the PI we hold about you and to check correctness and integrity of PI. You may also request to furnish you with:
- the categories of sources from which PI is collected;
- the business or commercial purposes for collecting of PI;
- the categories of third parties with whom we share your PI;
- the categories of PI we have disclosed for a business purpose.
- Request correction of the PI that we hold about you. This enables you to request any incomplete or inaccurate PI to be corrected, though we may need to verify the accuracy of the new PI you provide to us.
- Request to delete. You are able to submit a verifiable request and ask us to delete your PI. Please, be aware, there are some cases when we might reject your request.
Due to the remote nature of our services, it is important for us to keep communicating through the same email (Verified Email), which was used by you to purchase air tickets and other related services.
The Verified Email is the key communication channel for us, so we can give quick answers and not divulge your data to any malicious person.
You might also submit a request through the voice call, but still we must use the Verified Email to reply, due to law requirements and in order to protect our legal claims.
If you submit your request through the authorised agent or by using third party service we will ask for additional verification by contacting you via Verified Email.
NONDISCRIMINATION: We shall not discriminate (deny services, charge different prices, provide different levels of quality) against you because you exercised any of the rights set herein.
This right might be limited in case, if the difference in prices or levels or quality is reasonably related to the value provided to you by your PI.
We might obtain your opt-in consent and provide to you financial incentives, so you agree to provide additional PI or not to request the deletion of your PI.
FEES and DENIALS: You will not have to pay a fee to access your PI (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive (more than twice in a 12-month period) or excessive. Alternatively, we could refuse to comply with your request in these circumstances.
We might also refuse to act on your request, when we are not in a position to identify you and verify your request or the requested fee was not paid.
We may need to request specific information from you to help us confirm your identity and ensure your right to access your PI (or to exercise any of your other rights). This is a security measure to ensure that PI is not disclosed to any person who has no right to receive it. We may also contact you (via email, phone or messenger) to ask you for further information in relation to your request to speed up our response.
TERMS: We try to respond to all legitimate requests within one month. Occasionally it could take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated. The maximum response time shall not exceed 90 days.
CONTACTS: you can submit your complaint/ request to DPO email (see above).