Protecting your Data, Privacy and conforming to the European GDPR rules
Protecting your privacy and data security is of critical imporatance these days. Boatbookings has always taken privacy seriously, and are well on our way to conforming to the European GDPR regulations that take effect in 2018. Here are the key ways that we protect your privacy.
Secure Website, Credit Card Processing and Systems
Boatbookings goes to extreme lengths to protect your sensitive data, such as credit cards numbers. If you pay by credit card, your information is never saved on the site - it is passed through in encryped manner to our processor who uses the highest level secuirity technology and syste. Our entire site is secured to the highest level possible and all data is encrypted, so when you put in an enquiry you can be sure that only we are able to see it.
As a greater precaution, one we believe sets us apart from all others in the Yachting Industry, the only people who can access your data are our employees who have access via a Virtual Private Network (VPN). You have to be behind a firewall, that we set for each employee, in order to have ANY access to client data. VPNs protect data with state of the art encrpytion and are virtually inpenetrable.
Conforming to the GDPR
If you are in Europe, you have most likely heard of the GDPR: the General Data Protection Regulation, a European privacy law approved by the European Commission in 2016. The GDPR replaces a prior European Union privacy directive known as Directive 95/46/EC (the “Directive”), which has been the basis of European data protection law since 1995. This directive is designed to give you, the consumer, the right to know how your data is being used, protect it, correct it and erase it if you choose. We take this serously and know that privacy is critical to the functioning of the yachting industry.
Here are the key tenants of the GDPR and how we are dealing with them
Right to be forgotten: Your personal information is important to us so that we can help you charter a yacht. We are enacting processes so that you can request deletion of your personal data, and we will comply. We have had this capability for years on our mailings, via an unsubscribe link at the bottom of our emails. We are working with our email provider to assure compliance with the regulation.
Right to object: You may opt out of inclusion of your data in any data science experiments. It is important to note that we do not, and have never, sold bartered or otherwise shown any other organizations your personal information
Right to rectification: If you feel your information is incorrect, you can request at any time that we correct it, and we will comply.
Right of portability: You may export any of your information to other companies at any time.
We are in the process of upgrading all of our systems so that we conform 100% to GDPR. If you have any questions, please direct them to firstname.lastname@example.org.