The protection of personal data is an important asset in the trust of business partners and their customers.
This policy is applicable to all recipients to whom Softvoyage sends personal data as part of its operations.
The company's operational teams must ensure that the personal data collected and transmitted are subject to special care in order to minimize the possibility of breaches.
In the context of the protection of personal data, Softvoyage undertakes not to disclose or sell the information on the people collected and allows them to assert their rights.
The purpose of this policy is to set the principles and organizational rules that ensure Softvoyage's compliance with the protection of personal data. It includes in particular Softvoyage's commitment to compliance with regard to the protection of personal data, the commitment of recipients and the procedures relating to requests from individuals to assert their rights.
All Softvoyage employees are made aware of the importance of confidentiality in the processing of personal data through semi-annual information sessions during which any modifications or reinforcements to existing measures are explained. An employee witnessing a breach or violation of security must immediately notify their immediate superior. Employees do not keep personal data and, under no circumstances, transfer it to third parties.
Softvoyage has implemented strict measures in terms of both software and human resources to ensure compliance with laws and regulations in this area. The objective is to protect against a breach of confidentiality that could cause harm to Softvoyage or one of its business partners.
The personal data collected by Softvoyage is saved in a secure database.
Softvoyage transmits the personal data collected to recipients for the sole purpose of completing a travel reservation, creating an invoice or analyzing payment information to counter potential fraud.
As part of its operations, Softvoyage must transmit personal information to recipients for the purpose of booking a trip or creating an invoice. The minimum data necessary for processing are requested and transmitted.
The recipients are companies having a contract with Softvoyage.
Data may be sent to one or more of the following recipients:
Recipients are responsible for the protection of personal data upon receipt and must take the necessary actions to comply with laws and regulations.
Right to access
In order to prove their identity, the person must contact the service provider who sold them the trip. The company having a contract with Softvoyage may thus ask the person responsible for processing personal data to obtain:
Right of rectification and deletion
Any person, having proved their identity, may require Softvoyage, responsible for the processing of personal data, to, as the case may be, rectified, completed, updated, locked or erased if they are inaccurate, incomplete, ambiguous , outdated or when the collection, use, disclosure or retention is prohibited.
Right of opposition
The right of opposition allows a customer to oppose without having to justify any reason that their personal information is used for prospecting purposes, in particular commercial.
Right to information
Any person whose data is collected must be informed of the purpose of the collection and its mandatory or optional nature, the recipients of the information, the recognized rights of the person as well as any data transfers.
In the event of indirect collection, it is necessary to inform the person who provides the personal data that they will be transmitted to Softvoyage as well as to the recipients.
Procedure for asserting rights in relation to Personal Data
The person can make a request to exercise their rights of access, rectification, or opposition by contacting the Personal Information Protection Officer:
Céline Lavoie, Vice President Operations
All inquiries should be forwarded to the Softvoyage management team. If it is a customer, Softvoyage must verify the identity of the person making the request. If the request is made by a recipient, the latter must ensure the identity of the customer.
Softvoyage must respond to the request within a reasonable time. There is no cost related to the request, except in the case of abusive request.
The consultation of information on Softvoyage screens by the customer is not authorized, even for information concerning the customer.
Any request must be registered in the register of requests in relation to personal data (see the data controller).
When the request is made to a recipient (tour operator, agency, GDS, accounting company) by a client, the latter must contact Softvoyage to assert the rights of their client. In this case, the representative communicates with their account manager to transmit the request.