Personal information we collect & how information is used
We collect information such as clients’ IP (internet protocol) address, type of device used, and geographic location when clients visit our website. We use information in aggregate to track where our clients come from, referring websites and user trends.
When making a booking we collect information such as the client name, email address, phone number, passport number, and physical address. We use this information to provide the requested tour services to clients’ requests. We only collect the minimum information required to successfully deliver services.
Personal details like customer names are shared with authorized third parties. These include accommodation and activity suppliers. We only share the necessary information for these suppliers to provide a service to clients. Third-party suppliers are under the same legal duty to protect your personal information.
For client bookings and payments we utilize booking systems including Checkfront, Paygate, and Payfast. Contracts are in place with each of these service providers and they are under legal duty to protect client information. This includes payment information. All payment gateways used by our company are PCI-DSS compliant. Earthstompers does not store client debit and credit card numbers.
We will share client information with law enforcement authorities if required.
Data access and storage
Our company booking systems, where personal information is stored, is password-protected. Only authorized staff have access to the information. If we have reason to believe that a data breach has occurred, we will report it both to you and to the Information Regulator of South Africa, as required by law.
You have the right to access, correct, or delete your personal information at any time. If you would like to do so, please send an email with your request to the Data Protection Officer, Chrissy Human, at [email protected].