Privacy Policy

Last updated March 29, 2024

Introduction

At Ingrid’s Travel, we are committed to protecting your personal information and respecting your privacy. This privacy policy applies to all interactions with our company, including the use of our website, booking services, and any other communications with us.

We understand the importance of transparency and want you to be fully informed about how we handle your personal information. This policy explains why we collect your personal data, how we use and disclose it, and what rights you have in relation to your information. We will always be clear about our data practices and will never sell your personal information to third parties.

Ingrid’s Travel is committed to complying with applicable privacy laws and regulations, including the Personal Information Protection and Electronic Documents Act (PIPEDA) in Canada. We strive to uphold the highest standards of privacy and data protection in all our business practices.

If you have any questions or concerns about our privacy policy or how we handle your personal information, please don’t hesitate to contact our Data Protection Officer.

How to Contact Us

Contact our Data Protection Officer at privacy@ingridstravel.com or by mail at:

Data Protection Officer
Ingrid’s Travel
1822 Whites Road, Unit 26
Pickering, ON. L1V 4M1

Interpretation and Definitions

Interpretation

The words of which the initial letter is capitalized have meanings defined under the following conditions. The following definitions shall have the same meaning regardless of whether they appear in singular or in plural.

Definitions

For the purposes of this Privacy Policy:

  • Aggregated Data is information that has been combined and anonymized in such a way that it no longer identifies an individual. This data is used for statistical, research, or analytical purposes and does not directly relate to a specific person.

  • Company (referred to as either the “Company”, “We”, “Us” or “Our” in this Agreement) refers to Ingrid’s Travel.

  • Cookies are small files that are placed on Your computer, mobile device or any other device by a website, containing the details of Your browsing history on that website among its many uses.

  • Country refers to Canada

  • Data Controller is the natural or legal person, public authority, agency, or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data. In other words, the Data Controller is the entity that decides why and how personal data is collected, used, and processed.

    In the context of Ingrid’s Travel’s Privacy Policy, Ingrid’s Travel is the Data Controller for the personal data it collects and processes for its own purposes, such as making travel arrangements, providing customer support, and sending marketing communications.

    However, when you use our services or interact with third parties through our platform, these third parties may act as separate Data Controllers. They determine the purposes and means of processing your personal data for their specific activities, such as providing travel insurance, facilitating payments, or offering other travel-related services.

    It’s important to note that when multiple Data Controllers are involved in processing your personal data, each controller is responsible for ensuring compliance with applicable data protection laws and respecting your privacy rights in relation to their specific processing activities.

  • Data Protection Officer (DPO) is the individual designated by Ingrid’s Travel to oversee data protection strategy and implementation, ensure compliance with applicable privacy laws, and handle data subject inquiries or requests. The DPO serves as the primary point of contact for data privacy matters.

  • Data Subject is an identifiable natural person who can be identified, directly or indirectly, by reference to an identifier such as a name, an identification number, location data, an online identifier, or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person. In other words, a Data Subject is the individual to whom the personal data relates.

  • Device means any device that can access our Services such as a computer, a cellphone or a digital tablet.

  • Do Not Track (DNT) is a concept that has been promoted by US regulatory authorities, in particular the U.S. Federal Trade Commission (FTC), for the Internet industry to develop and implement a mechanism for allowing internet users to control the tracking of their online activities across websites.

  • Legitimate Interests refer to the legal basis for processing personal data when it is necessary for the purposes of the legitimate interests pursued by Ingrid’s Travel or a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject.

  • Personal Data is any information that relates to an identified or identifiable individual.

  • Profiling is any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyze or predict aspects concerning that person’s performance at work, economic situation, health, personal preferences, interests, reliability, behavior, location, or movements.

  • Pseudonymous Identifier is a unique identifier assigned to an individual but does not directly identify them. It is often used to track user behavior or preferences without revealing their identity. Pseudonymous data can still be linked back to an individual when combined with additional information.

  • Service refers to our Website, and any of the services or goods sold on our Website or through other appropriate means.

  • Service Provider means any natural or legal person who processes the data on behalf of the Company. It refers to third-party companies or individuals employed by the Company to facilitate our Services, to provide our Services on behalf of the Company, to perform services related to our Services or to assist the Company in analyzing how our Services is used.

  • Supervisory Authority is the independent public authority responsible for monitoring the application of data protection laws and promoting the protection of individuals’ privacy rights. In Canada, the relevant supervisory authority is the Office of the Privacy Commissioner of Canada.

  • Third Party is any natural or legal person, public authority, agency, or body other than the data subject, Ingrid’s Travel, and persons who, under the direct authority of Ingrid’s Travel, are authorized to process personal data. This includes external service providers, business partners, and affiliates.

  • Usage Data refers to data collected automatically, either generated by the use of our Services or from our Services infrastructure itself (for example, the duration of a page visit).

  • Website refers to the Company website, accessible from https://www.ingridstravel.com

  • You or Your means the individual accessing or using our Services, or the company, or other legal entity on behalf of which such individual is accessing or using our Services, as applicable.

What Personal Data We Collect

Personal data refers to any information that can identify an individual. Depending on your interactions with us and the nature of our relationship, we may collect different types of personal data, categorized as follows:

  • Identity Data: This includes names, usernames, marital status, titles, dates of birth, passport details (number, nationality, date of birth, expiry date), gender, occupation, employer/client details (for corporate travelers), and identities of authorized bookers, directors, and shareholders.

  • Contact Data: Billing addresses, delivery addresses, email addresses, and phone numbers of lead passengers, other passengers, and booking parties.

  • Financial Data: Bank account information, payment card details, payment history, outstanding debt, and failed payment records.

  • Booking Data: Payment records, booked products/services, visa and travel insurance information, relevant criminal offense data, and details on in-resort or travel issues.

  • Travel Preferences: Dietary needs, medical requirements/conditions, religious beliefs, sexual orientation, accessibility needs, preferred travel providers, and closest/preferred airports.

  • Technical Data: IP addresses, app login data, browser/device information, browsing history, location data.

  • Profile Data: App username/password, previous bookings, travel details, loyalty program information, interests, preferences, feedback, complaints, survey responses, and emergency contacts.

  • Usage Data: Information on how you use our website, products, and services.

  • Marketing Data: Preferences for receiving marketing communications from us and third parties.

  • Call Data: Name, contact details, and any information provided when contacting us by phone, which may include sensitive personal data.

  • Attendance Data: Vehicle registration, dietary needs, accessibility requirements, and CCTV footage when attending our events or premises.

We collect personal data directly from You, from Your travel agent/agents acting on Your behalf, corporate clients if for business travel, travel suppliers, and other sources as necessary.

We may also collect and use Aggregated Data derived from personal data in a way that does not identify individuals.

Sensitive Personal Data

Certain types of personal data are considered more sensitive and require extra protection. This includes information about an individual’s race, ethnic origin, political opinions, religious or philosophical beliefs, sexual orientation, health data, and genetic/biometric data. Depending on the services we provide, we may collect, use, store and transfer the following sensitive personal data:

  • Health Data: Details of medical conditions, disabilities, pregnancies, or any health issues that may require assistance/support during travel or at destinations. This includes medical emergencies or illness occurring during travel that is brought to our attention.

  • Racial/Ethnic Origin Data: Nationality, country of issue for ID/travel documents, and photographs contained in passports or other identification provided for travel services.

  • Religious/Philosophical Beliefs: Dietary requirements or preferences that may indicate religious beliefs.

  • Criminal Offence Data: Any criminal records that could impact the ability to travel internationally or hire vehicles, which is provided for purposes of our travel services.

  • Other Sensitive Data: Any other sensitive personal data provided or disclosed to us related to our products and services.

Consequences of Not Providing Data

In some cases, we are legally required or need personal data, including sensitive data, to perform contracts or provide travel arrangements. If you do not provide this data when requested, we or travel suppliers may not be able to execute the contract or booking as intended. In such instances, we would notify you that we cannot proceed or may have to cancel the booking.

How We Collect Your Personal Data

We gather personal data about you from various sources, including:

  • Direct Interactions: When you fill out forms, make purchases, create accounts, subscribe to newsletters, enter promotions/surveys, submit feedback, or contact us by post, phone, or other means. We may record phone calls for quality assurance, service improvements, crime prevention, etc.

  • From Your Travel Agent: Your Travel Agent may provide us with personal data collected from you through different communication channels regarding travel arrangements, marketing preferences, feedback, etc.

  • From Corporate Clients: For business travelers, we may receive personal data from your employer related to onboarding, travel requirements, bookings, etc.

  • Automated Technologies: Our website automatically collects technical data about your device, browsing actions, and patterns via cookies, server logs, and similar technologies.

  • Service/Software Providers: Travel service providers and technology companies that enable booking, payments, and other travel solutions.

  • Third Parties/Public Sources: Analytics providers, search engines, publicly available information including social media, credit reference agencies (for corporate travel), and official registries.

  • About Others: You may provide personal data about others when traveling together or booking for someone else. Ensure you have appropriate permission and that those individuals understand how we may use their data.

We may collect data from additional sources for the purposes outlined in our policy when applicable.

Use of Your Personal Data

We use Your personal data for purposes such as:

  • Making travel bookings and arrangements
  • Processing payments and account management
  • Providing customer service and support
  • Marketing and personalizing our communications
  • Operating and improving our website/app/services
  • Complying with legal obligations

Our processing is based on contractual necessity, legitimate interests, legal compliance, consent (for marketing) or other applicable grounds depending on the context. We rely on legitimate interests for marketing, service improvement, fraud prevention, business restructuring and other appropriate business purposes, except where outweighed by Your interests/rights.

Usage Data

Usage Data may be collected automatically when using our Services.

Usage Data may include information such as Your Device’s Internet Protocol address (e.g. IP address), browser type, browser version, the pages of our Service that You visit, the time and date of Your visit, the time spent on those pages, unique device identifiers and other diagnostic data.

When You access our Services by or through a mobile device, We may collect certain information automatically, including, but not limited to, the type of mobile device You use, Your mobile device unique ID, the IP address of Your mobile device, Your mobile operating system, the type of mobile Internet browser You use, unique device identifiers and other diagnostic data.

We may also collect information that Your browser sends whenever You visit our Website or when You access our Services by or through a mobile device.

Cookies and Tracking

We may use Cookies and similar tracking technologies to track the activity on Our Website and store certain information. Tracking technologies used may include cookies, beacons, tags, and scripts to collect and track information and to improve and analyze Our Website performance.  You can control tracking technologies through Your browser settings and other tools. Our “Do Not Track” practices are described in this policy.The technologies We use may include:

  • Cookies or Browser Cookies: A cookie is a small file placed on Your Device. You can instruct Your browser to refuse all Cookies or to indicate when a Cookie is being sent. However, if You do not accept Cookies, You may not be able to use some parts of our Website. Unless You have adjusted Your browser setting so that it will refuse Cookies, our Service may use Cookies. We do not currently respond to browser Do Not Track signals.

  • Web Beacons: Certain sections of our Service and our emails may contain small electronic files known as web beacons (also referred to as clear gifs, pixel tags, and single-pixel gifs) that permit the Company, for example, to count users who have visited those pages or opened an email and for other related website statistics (for example, recording the popularity of a certain section and verifying system and server integrity).

    Cookies can be “Persistent” or “Session” Cookies. Persistent Cookies remain on Your personal computer or mobile device when You go offline, while Session Cookies are deleted as soon as You close Your web browser. We may use both Session and Persistent Cookies for the purposes set out below:

Necessary / Essential Cookies

Type: Session Cookies

Administered by: Us

Purpose: These Cookies are essential to provide You with services available through the Website and to enable You to use some of its features. They help to authenticate users and prevent fraudulent use of user accounts. Without these Cookies, the services that You have asked for cannot be provided, and We only use these Cookies to provide You with those services.

Cookies Policy / Notice Acceptance Cookies

Type: Persistent Cookies

Administered by: Us

Purpose: These Cookies identify if users have accepted the use of cookies on the Website.

Functionality Cookies

Type: Persistent Cookies

Administered by: Us

Purpose: These Cookies allow us to remember choices You make when You use the Website, such as remembering Your login details or language preference. The purpose of these Cookies is to provide You with a more personal experience and to avoid You having to re-enter your preferences every time You use the Website.

Tracking and Performance Cookies

Type: Persistent Cookies

Administered by: Third-Parties

Purpose: These Cookies are used to track information about traffic to the Website and how users use the Website. The information gathered via these Cookies may directly or indirectly identify You as an individual visitor. This is because the information collected is typically linked to a pseudonymous identifier associated with the device You use to access the Website. We may also use these Cookies to test new pages, features or new functionality of the Website to see how our users react to them.

Targeting and Advertising Cookies

Type: Persistent Cookies

Administered by: Third-Parties

Purpose: These Cookies track your browsing habits to enable Us to show advertising which is more likely to be of interest to You. These Cookies use information about Your browsing history to group You with other users who have similar interests. Based on that information, and with Our permission, third party advertisers can place Cookies to enable them to show adverts which We think will be relevant to your interests while You are on third party websites.

Social Media Cookies

Type: Persistent Cookies

Administered by: Third-Parties

Purpose: In addition to Our own Cookies, We may also use various third-party Cookies to report usage statistics of various social media platforms, deliver advertisements on and through Social Media platforms, including behavioural remarketing and similar audience ads. These Cookies may be used when You share information using a social media networking website such as Facebook, Instagram, Twitter, Pinterest, Snapchat, WeChat, TikTok, YouTube, WhatsApp, Vimeo, or any other social media networking website or mobile application.

Pixel Tags

A pixel tag (also known as a web beacon or clear GIF) is an invisible 1 x 1 pixel that is placed on certain web pages or email messages. When you access these web pages or open an email, pixel tags generate a generic notice of the visit, including the type of device being used, and permit us to set or read our cookies. Pixel tags are used in combination with cookies to track the activity on a site by a particular device. When you turn off cookies, pixel tags simply detect a given website visit or opening of an email message. For email messages, turning off the display of images will disable pixel tags.

For more information about the cookies we use and Your choices regarding cookies, please see the Cookies section of our Privacy Policy below.

Your Choices Regarding Cookies

If You prefer to avoid the use of Cookies on the Website, first You must disable the use of Cookies in your browser and then delete the Cookies saved in your browser associated with this website. You may use this option for preventing the use of Cookies at any time.

If You do not accept Our Cookies, You may experience some inconvenience in your use of the Website and some features may not function properly.

If You’d like to delete Cookies or instruct your web browser to delete or refuse Cookies, please visit the help pages of your web browser.

For any other web browser, please visit your web browser’s official web pages.

More Information about Cookies

A cookie is a small text file that is created by a website and stored on your computer through your browser. The idea is that the website can access the cookie at a later time and retrieve information about you. The website then customizes pages based on this information.

Many uses of cookies are uncontroversial and help the users. Examples include:

  • Storing your username (but not your password) to save you having to remember it or type it in when you return to a site

  • Keeping items in a virtual “shopping basket” for an online retailer website

  • A site such as a weather forecast service or movie theater listings ‘remembering’ your location and automatically displaying relevant details when you next visit

Cookies fall into two main categories: session cookies only last until you leave the website in question, while persistent cookies will last until a set expiration date, 13 months from when the cookies were first placed on your device.

Your web browser may allow you to block or disable cookies; however, parts of our website may not function properly if you do so.

Data Sharing

We may share the information we collect with other parties, some recipients may be located outside of Canada, including the following:

  • With third-party service providers to assist us with providing and marketing our products and services, such as payment processors, data hosting services, analytics services, online store support, advertising partners, and email service providers.

  • With Our business partners, service providers, travel suppliers, affiliates, regulators, advisors, corporate clients (for business travel), and potential buyers/investors as reasonably applicable.

  • As part of a business sale, merger, or acquisition, or other transfer of all or part of our assets, including as part of a bankruptcy proceeding.

  • To third-party vendors to whom You or Your agents authorize Us to disclose Your personal information in connection with products or services We provide to You.

  • If necessary to comply with applicable laws and regulations, to respond to a subpoena, search warrant or other lawful request for information we receive, or to otherwise protect our rights or the rights of third parties, or to protect the safety or security of any person or entity.

  • With your consent or as otherwise disclosed at the time of data collection or sharing.

  • Our website may offer interactive features, such as the ability to leave reviews, that you can use to communicate with other website visitors or to submit and post your own content. If you disclose information in one of these forums, this information can be viewed, collected, and used by others.

Information on the Processing of Your Personal Data

The Service Providers We use may have access to Your Personal Data. These third-party vendors may collect, store, use, process and transfer information about Your activity on Our Service in accordance with their privacy policies.

Constant Contact

Constant Contact is an email marketing and text messaging platform. We use Constant Contact to deliver emails, such as news about upcoming events, updates, and celebratory wishes. We gather statistics around email openings and clicks using industry-standard technologies to help us monitor and improve our emails. You may opt out of email marketing communications by clicking “unsubscribe” within the email body content and confirming your decision. You can learn more about how We may use your information with Constant Contact and the information that may be collected through Our email campaigns, by visiting Constant Contact’s Customer Data Notice page: Constant Contact – Consumer Date Notice

Zoho TeamInbox

We use Zoho TeamInbox, a shared inbox tool within the Zoho suite of products, to manage and respond to customer inquiries effectively. This tool allows our team to collaborate and provide timely assistance to ensure a smooth travel planning experience for our clients. When you contact us, your personal data, such as your name and email address, may be processed using Zoho TeamInbox.

Zoho acts as a data processor on behalf of Us and uses cookies and web beacons to improve their services. They are subject to strict confidentiality obligations and have implemented security measures to protect your data.

Please review Zoho’s Privacy Policy for more information on their data processing practices. Their Privacy Policy can be viewed at: Zoho – Privacy Policy.

Umapped

We use Umapped, an itinerary planning tool, to create and manage personalized travel itineraries for our customers. This tool allows us to consolidate all your travel details, including flights, accommodations, activities, and transportation, into a single, easy-to-access platform. When you book with us, we may share your personal data, such as your name, contact information, and travel preferences, with Umapped to generate your itinerary.

Umapped acts as a data processor on behalf of Us and is subject to strict confidentiality obligations and security measures. You can access your itinerary details, receive updates, and share your plans with designated individuals through Umapped’s web portal or mobile app.

Please review Umapped’s Privacy Policy for more information on their data processing practices. Their Privacy Policy can be viewed at: Privacy Policy

Please note that while we have carefully assessed Umapped’s privacy and security measures, We are not responsible for the privacy practices or content of Umapped’s privacy policy. If you prefer not to have your itinerary managed through Umapped, please let us know, and we will work with you to find an alternative solution.

Manulife Insurance

Manulife is our preferred travel insurance provider. When you request a quote or purchase travel insurance through Ingrid’s Travel, we may share your personal information with Manulife to facilitate the provision of insurance services.

As a separate data controller, Manulife Insurance may collect, store, use, process, and transfer your personal data in accordance with their own privacy policies and practices. This may include using your information for assessing your insurance application, administering your policy, processing claims, detecting and preventing fraud, complying with legal and regulatory requirements, conducting research and analytics, and sending you marketing communications if you have provided your consent.

Manulife may share your personal data with their service providers, reinsurers, and other third parties as necessary to fulfill the purposes outlined in their privacy policy. These third parties may be located outside of Canada, and your personal data may be subject to the laws of those jurisdictions.

By providing personal information to Ingrid’s Travel for the purpose of obtaining travel insurance, you acknowledge and agree that your information may be shared with Manulife Insurance and processed in accordance with their privacy policy. If you do not agree with Manulife’s data handling practices, please let us know, and we will be happy to recommend alternative travel insurance providers that may better align with your privacy preferences.

We encourage you to review Manulife Insurance’s Privacy Policy to understand how they collect, use, and protect your personal information. If you have any questions or concerns about Manulife’s privacy practices, please contact their privacy office directly.

For information about how Manulife uses this information, please visit their Privacy Policy page: Privacy Policy

Ensemble Travel Group

Ensemble Travel Group is a leading travel consortium that provides Ingrid’s Travel with access to exclusive offers, marketing support, and technology solutions. In June 2022, Ensemble was acquired by Navigatr Group, a travel portfolio company. Certain personal information may be shared with Ensemble to facilitate Our customer relationship with You and/or Your travel arrangements. Ensemble acts as a separate data controller and processes your data in accordance with their own privacy policy.

We encourage you to review Ensemble Travel Group’s Privacy Policy to understand how they handle your personal data. If you have any questions about Ensemble’s privacy practices, please contact their privacy team directly.

While we carefully select partners that prioritize data protection, Ingrid’s Travel is not responsible for the privacy practices or content of Ensemble’s privacy policy. For information about how Ensemble uses this information, please visit their Privacy Policy page: Privacy Policy

If you have any questions about our partnership with Ensemble and your personal data, please contact our Data Protection Officer by email or by writing to us using the contact information provided above.

Google Analytics

Google Analytics is a web analytics service offered by Google that tracks and reports website traffic. Google uses the data collected to track and monitor the use of our Service. This data is shared with other Google services. Google may use the collected data to contextualize and personalize the ads of its own advertising network.

You can opt-out of having made your activity on our Services available to Google Analytics by installing the Google Analytics opt-out browser add-on. The add-on prevents the Google Analytics JavaScript (ga.js, analytics.js and dc.js) from sharing information with Google Analytics about visits activity.

For more information on the privacy practices of Google, please visit the Google Privacy & Terms web page: Google Privacy Policy to opt out of Google Analytics, visit: Google Analytics Opt-out

Google Ads

Google Ads (AdWords) marketing service is provided by Google Inc. Google, as a third-party vendor, uses cookies to serve ads about our Services. Google’s use of cookies enables it and its partners to serve ads to our users based on their visits and interactions with our Service or other websites on the Internet.

You may opt out of the use of Google Ads Cookies for interest-based advertising by visiting the Google Ads Settings web page: Google Ad Settings. For more information on the privacy practices of Google, please visit the Google Privacy & Terms web page: Google Privacy Policy

Facebook

Facebook advertising services are provided by Facebook Inc.

You can learn more about interest-based advertising from Facebook by visiting this page: How Ads Work on Facebook | Facebook Help Center

To opt-out from Facebook’s interest-based ads, follow these instructions from Facebook: Adjust how ads on Facebook are shown to you | Facebook Help Center. For more information on the privacy practices of Facebook, please visit Facebook’s Data Policy: Meta Privacy Policy – How Meta collects and uses user data | Privacy Center | Manage your privacy on Facebook, Instagram and Messenger | Facebook Privacy

LinkedIn

LinkedIn marketing service is provided by LinkedIn Corp. You can opt-out from LinkedIn’s interest-based ads by enabling the “Do Not Track” functionality of your web browser or by following LinkedIn instructions: Manage Advertising Preferences | LinkedIn help. You can learn more about the privacy practices and policies of LinkedIn by visiting their Privacy Policy page: Privacy Policy

Usage, Performance and Miscellaneous

We may use third-party Service Providers to provide better improvement of our Service.

Invisible reCAPTCHA

We may use an invisible captcha service named reCAPTCHA. reCAPTCHA is operated by Google. The reCAPTCHA service may collect information from You and from Your Device for security purposes. The information gathered by reCAPTCHA is held in accordance with the Privacy Policy of Google: Google Privacy Policy

International Data Transfers

Personal data collected by Ingrid’s Travel may be transferred to countries such as the United States, European Union, or other relevant locations. We employ appropriate safeguards to ensure the protection of personal data during these transfers, including standard contractual clauses approved by regulatory authorities, binding corporate rules, or adequacy decisions issued by the European Commission or other relevant bodies. We are committed to complying with applicable data protection laws and ensuring that personal data is transferred with appropriate measures in place to protect individuals’ rights and privacy.

Data Security

We implement reasonable technical, administrative, and physical safeguards to protect personal information from unauthorized access, use, or disclosure. These measures include encryption, secure storage, access controls, regular security assessments, employee training, and incident response plans. However, no method of transmission or storage is 100% secure, and while we strive to protect personal data, we cannot guarantee absolute security. We encourage individuals to take their own precautions to protect their personal information, such as using strong passwords and being cautious when sharing sensitive data online.

Automated Decision-Making and Profiling

Ingrid’s Travel may engage in automated decision-making or profiling using personal data for purposes such as personalized marketing, risk assessment, or fraud detection. This involves using algorithms or machine learning to analyze personal data and make decisions or predictions about individuals. You have the right to object to automated decision-making, request human intervention, and contest decisions made solely by automated means. To exercise these rights or seek further information about the logic involved in automated decision-making processes, please contact our Data Protection Officer by email or by writing to us using the contact information provided above.

Data Retention

We are committed to protecting your personal information and ensuring that it is retained only for as long as necessary to fulfill the purposes for which it was collected, including satisfying any legal, regulatory, accounting, or reporting requirements that may apply to our business. The retention period for your personal data is determined by several factors, such as the amount, nature, and sensitivity of the data, the potential risk of harm from unauthorized use or disclosure, the purposes for which we process your personal data and whether those purposes can be achieved through other means, and the applicable legal, regulatory, tax, accounting, or other requirements.

In certain circumstances, such as in the event of a complaint or if we reasonably believe there is a prospect of litigation, we may retain your personal data for a longer period. However, we will only do so if your personal data is relevant to the complaint or potential litigation.

In some cases, we may choose to anonymize your personal information, rendering it no longer associated with you. Once anonymized, we may use this information indefinitely without further notice to you.

If you have any questions or concerns about the retention of your personal data, please don’t hesitate to contact our Data Protection Officer by email or by writing to us using the contact information provided above.

Data Subject Rights

We respect your rights under data protection laws and are committed to ensuring that you can exercise these rights effectively. As a data subject, you have the following rights:

  • Right to Access: You have the right to request that we disclose the personal information we have collected about you in the past 12 months, commonly known as a “data subject access request”, including the categories of personal information, categories of sources, our business/commercial purpose for collecting, the categories of third parties we share it with, and the specific pieces of information we have collected. This allows you to receive a copy of the personal information we hold about you and to verify that we are processing it lawfully. To make a verifiable request, contact our Data Protection Officer.

  • Right to Rectification: If you believe that any personal information we hold about you is incomplete or inaccurate, you have the right to request its correction. We will promptly update our records to reflect the accurate information you provide.

  • Right to Delete: In certain circumstances, you may request the erasure of your personal data. This enables you to ask us to delete or remove personal data where there is no compelling reason for us to continue processing it. You also have the right to request erasure if you have successfully exercised your right to object to processing (see below), if we have processed your information unlawfully, or if we are required to erase your personal data to comply with local law.

  • Right to Object: If we are processing your personal data based on a legitimate interest (Ours or that of a third party), You have the right to object to this processing if you believe it impacts your fundamental rights and freedoms. You also have the right to object to the processing of your personal data for direct marketing purposes.

  • Right to Restriction: You have the right to request that we restrict the processing of your personal data in certain situations, such as when you contest the accuracy of the data or when you object to processing and we are considering whether our legitimate grounds override your rights.

  • Right to Data Portability: You have the right to request the transfer of your personal data to you or to a third party in a structured, commonly used, and machine-readable format.

  • Right to Withdraw Consent: In the limited circumstances where we are relying on your consent to process your personal data, you have the right to withdraw that consent at any time. Please note that withdrawing your consent will not affect the lawfulness of any processing conducted before your withdrawal.

To exercise any of these rights, please contact our Data Protection Officer by email or by writing to us using the contact information provided above.

Fees and Charges

In most cases, you will not have to pay a fee to access your personal data or to exercise any of your other rights. However, if your request is clearly unfounded, repetitive, or excessive, we may charge a reasonable fee or refuse to comply with your request.

Verification of Identity

To protect your privacy and security, we may require specific information from you to confirm your identity before responding to your request. This is a necessary measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you for further information to help expedite our response.

Response Time

We strive to respond to all legitimate requests within one month. In some cases, particularly if your request is complex or if you have made several requests, it may take us longer than a month to respond. In such situations, we will notify you and keep you updated on our progress.

At Ingrid’s Travel, we are dedicated to upholding your rights and ensuring the protection of your personal information. If you have any questions or concerns about your legal rights or our privacy practices, please don’t hesitate to contact us.

Limiting Collection

We are committed to collecting only the Personal Data that is necessary for the purposes outlined in this Privacy Policy. We strive to minimize the amount of information we gather to ensure that we respect your privacy and comply with applicable laws.

Children under 18: We understand the importance of protecting the privacy of minors and do not knowingly collect Personal Data from individuals under the age of 18 without obtaining parental consent. If we inadvertently acquire personal information from a child under 18, a parent or guardian may contact us to request the deletion of this information from our records. Upon notification, we will promptly remove the data in accordance with legal requirements. If we discover that we have collected Personal Data from a person under 18 without verifying parental consent, we will take immediate steps to remove that information from our servers.

In countries where the law requires parental consent for the processing of a child’s information, we will seek such consent before collecting and using the data.

Please be aware that when making travel arrangements, we may need to collect personal information about children of any age from a responsible adult. However, we do not knowingly collect this information directly from children themselves.

At Ingrid’s Travel, we are dedicated to upholding the privacy rights of all individuals, including children, and ensuring that we handle their personal information with the utmost care and in compliance with applicable laws and regulations. If you have any questions or concerns about our data collection practices, please don’t hesitate to contact us.

Other Details

If you fail to provide necessary personal data, we may be unable to provide requested services.

This policy covers our use of personal data for individuals we deal with (e.g. not employees or contractors).

Links to Other Websites

Our Service may contain links to other websites that are not operated by Us. If You click on a third-party link, You will be directed to that third party’s site. We strongly advise You to review the Privacy Policy of every site You visit.

We have no control over and assume no responsibility for the content, privacy policies or practices of any third-party sites or services.

Regular Review and Updates

We are committed to regularly reviewing and updating our Privacy Policy to ensure it remains compliant with evolving privacy regulations and industry best practices. We will promptly address any changes in data protection laws, regulatory guidance, or our own data handling practices. The updated version of the policy will be posted on our website, indicating the “Last Updated” date. For material changes that apply to personal information already collected, we will notify individuals and may seek their consent to the changes, if required by law. We encourage users to review the policy periodically to stay informed about how we collect, use, and protect their personal data. Your continued use of Our Website after we have updated or changed our Privacy Policy will be considered Your consent to those updates or changes. If you have any questions, concerns, or feedback regarding our privacy practices, please contact our Data Protection Officer.

Contact Us 

For any questions or concerns regarding this Privacy Policy or our privacy practices, please contact our Data Protection Officer at privacy@ingridstravel.com or write to us.

Data Protection Officer
Ingrid’s Travel
1822 Whites Road, Unit 26
Pickering, ON. L1V 4M1