Travello respects the privacy and confidentiality of the information provided by you and adheres to the Australian Privacy Principles.
Travello takes responsibility for the processing of your personal data as a data controller.
Personal data means any information that can identify a natural person or any information that can link to an identifiable natural person. Personal data does not include information that is anonymised and where no natural person can be identified.
Personal data that we collect about you:
Travello can obtain personal data through different means:
Travello relies on the following basis for the legal processing of your personal data:
Travello shall only use the data collected about you solely for the following purposes:
You are not required to provide Travello with your personal data, however, we may not be able to deliver services to you if you refuse to provide personal data.
Where you provide us with consent to process your personal data, you have the right to withdraw this consent at any time. If you wish to withdraw consent please see the section entitled ‘Your rights’ for more information.
Automated decisions and profiling
We do not process your personal data to create a profile of you and you shall not be subjected to automated decisions.
We will store and process your personal data for the period necessary depending on the purposes of processing and the contractual relationship you may have with Travello.
We may share your data with the following categories of third parties:
We do not allow our service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.
We share data with the following specific third parties:
Travello shall not be liable in any way for direct or indirect damages caused by wrongfully or improper use of the personal data by a third party.
Payment and financial data
Travello does not store full credit card details. Travello collects the last 4-digits of your credit card number and the issuing bank for fraud prevention purposes only. This data is retained by us for a maximum of 2 years only. All payments and transactions are processed by our third-party payment gateway processor Braintree and Braintree guarantees data security by various methods listed here.
Third party external links
We do not and will not sell or deal in personal or customer information. We will never disclose your personal details to a third party except the necessary information required by providers of products or services you have purchased or to protect the rights, property or safety of Travello, our customers or third parties or if required by law.
We may, however, use in a general sense without any reference to your name, your information to create marketing statistics, identify user demands and to assist it in meeting customer needs generally. In addition, we may use the information that you provide to improve our Website and services but not for any other use.
Please keep in mind that whenever you voluntarily make your personal information available for viewing by third parties online – for example on message boards, web logs, through email, or in chat areas – that information can be seen, collected and used by others besides us. We cannot be responsible for any unauthorised third-party use of such information.
Transfer of ownership
Please also note that as our business grows, we may buy or sell various assets. In the unlikely event that we sell some or all of our assets, or one or more of our websites is acquired by another company, information about our users may be among the transferred assets. You will be notified of this event if it occurs and you have the right to restrict processing of your personal data and/or withdraw consent.
Due to the global nature of our operations, these transfers will involve transferring your data within and outside the European Economic Area. We ensure that there is an adequate level of protection for personal data in the receiving entity.
We may use the following methods to safeguard the transfer of data internationally:
We have implemented an appropriate technical and organizational measures, procedures and safeguards are in place to prevent the destruction, loss, adjustment, accidental notification to a third party, removal and unauthorized access of personal data.
We only allow access to your personal data to those employees, contractors and other third parties who have a business need to know. They only process your personal data on our instructions and are subject to a duty of confidentiality.
All payments are processed by the third-party payment gateway Braintree and we not store full credit card details.
We use Amazon and Norton SSL certificates to secure each and every transaction that occurs on our Website. All data collected from the customer is encrypted in transition between our website and customers’ devices.
All our servers are secured by Amazon and we use 2-factor authentication for logging into to our platform and servers.
When you use the Website, your device or browser may be sent cookies from third parties, for example when using embedded content and social network links. It's important for you to know that we have no access to or control over cookies used by these companies or third-party websites. We suggest you check the third party websites for more information about their cookies and how to manage them.
Under the General Data Protection Regulation, data subjects within the European Economic Area are entitled to the following rights:
We extend the above rights to data subjects outside of the EEA, and we also adhere to the rights of the user under the Privacy Act 1988 and the Australian Privacy Principles.
If you wish to exercise any of your rights, please contact us by sending mail to:
Travello Pty Ltd
321 Brunswick St,
Or electronically to email@example.com
Please note that you will be requested to provide specific identification information in order to verify your identity before your request can be processed. This is a security measure that we have implemented to ensure that there is no unauthorized access to personal data by third parties.
We are committed to providing you with a response to your request within 30 days. However, if there are delays in providing you with your request, we will notify you of the delay, the reason for the delay and extend our response time.
Right to make a complaint.
You have the right to make a complaint anytime to:
For all other enquiries please contact firstname.lastname@example.org
Effective: 25th May 2018