On January 1, 2004, the third phase of the Canadian Federal Law about Personal Information Protection and Electronic Documents Act (PIPEDA) came into effect. This Act governs information collected as part of commercial activity by any private sector organization. It states that information must be gathered with consent, collected for a reasonable purpose, used for the limited purpose for which it was gathered, be accurate, be open for the owner's inspection and correction, and stored securely. Rocky-Peak Holidays (RPH) already maintains a high level of security with respect to the confidentiality of your personal information but we are now obligated by law to advise and obtain consent to the terms of collection, disclosure and storage of your data.
The following outlines our 10 principles to which we adhere in protecting your personal information.
RPH is responsible to protect all personal information under its control or transferred to a third party for processing. Personal information can include name, home address and phone number, age, identification numbers, credit information, customer preferences and other items that personally relate to you as an individual. RPH has appointed a Privacy Officer, who is responsible for our accountability and compliance.
2. Identifying Purposes
Whenever personal information is collected by RPH, we will identify why the information is being collected and how it will be used. If we have collected information in the past, we will not use it for any other purpose than that expressly stated at the time of collection. The reasons personal information is collected by RPH include:
Type of Information Collected
The type of information we collect from you relates to your reservation or potential booking with us. This may include: name, address, contact information, travel insurance requirements, travel needs (medical/dietary or physical restrictions), preferences, identity validation on services such as traveller's cheques, credit information for payment purposes, and publicly available information.
How it is Collected
Information is collected directly from you through surveys, online registration, and requests for information. It is also collected through our reservations office during a phone call or sometimes through third party partners who have made the reservation for you such as Travel Agencies and Representatives.
Your consent will be obtained either in person, through writing, email, telephone, or the Internet. Sometimes consent may be implied (eg. when transferring relevant information to a hotel partner). Also, RPH may occasionally ask for written or verbal confirmation that the information collected and maintained is accurate and that your consent is still provided to maintain this information.
Under certain circumstances RPH will need to disclose your personal information without your consent. This may include:
4. Limiting Collection
Information collected will only be expressly used for the purpose outlined at the time of collection. RPH will not indiscriminately collect or maintain personal information on its guests or employees.
5. Limiting Use, Disclosure and Retention
RPH does not disclose your personal information for any purposes other than, for which it was originally collected, unless we have first obtained consent from you. We do not sell or rent your personal information and we will not retain the information for longer than is necessary to fulfill the purpose for which it was originally collected.
Personal information will be maintained in an accurate, complete and up-to-date format as is necessary and reasonably practical to fulfill the purpose for which it was collected.
RPH protects your personal information by security safeguards, which are appropriate to the sensitivity of the information. These include premises security; locked filing cabinets; information technology security such as restricted access to specific programs, firewalls and software security; and restricting access to personal information only to those employees and partners to which it is necessary. We keep our employees up-to-date on policies and procedures regarding protecting personal information.
RPH will make its policies and practices that apply to the protection of personal information available to anyone on which it holds information.
9. Individual Access
Upon written request, RPH will inform you if we are maintaining any personal information about you. If so, we will provide it for your review of accuracy and completeness and will amend it as appropriate. However, RPH reserves the right to confirm your identity before providing this personal information. RPH can refuse access in certain circumstances including when granting access would have an unreasonable impact on the personal privacy of others, when the request is frivolous or when it may impact RPH's rights and property.
Requests for access to your personal information should be made in writing to the Privacy Officer by email at firstname.lastname@example.org or by mail:
ROCKY-PEAK HOLIDAYS [RockyMountainVacations.com]
P.O. Box 25205
Mission Park RPO
10. Challenging Compliance
RPH’s compliance with this policy may be challenged by directing concerns or complaints to the Privacy Officer by any of the above-mentioned methods.
Use of our Websites
You can visit our websites without telling us who you are or revealing any personal information, including your e-mail address. Our web servers automatically recognize your domain name when you visit our site, and this information is aggregated and used to measure statistics regarding the use of our site, such as the number of visitors, average time spent on the site, pages viewed and similar information. However, this information is not disclosed or shared with third parties.
RPH's goal in collecting personal information online is to continually improve the content of our websites and to offer guests with tours that best meet your preferences and desires.
Google AdWords and Remarketing
Google AdWords Remarketing is a web-based service relying on the Google Display Network which improves the relevance of online advertisements to website visitors where those websites display advertisements from the Google Display Network.
In order to distinguish one visitor from another, Google AdWords may create several tracking cookies on a visitor’s computer. RPH will only permit such cookies corresponding to remarketing lists for RPH services to be created on a visitor’s computer when that visitor has visited a section or webpage on a RPH website that can reasonably be determined to be related to the services to be advertised using the Remarketing feature of Google AdWords.
Google explicitly and expressly forbids the collection of Personally Identifiable Information in the Terms of Service for Google AdWords, and as such, RPH has not attempted to make, has not made, and will never make modifications that would enable Google AdWords or any of the RPH websites to collect any such information.
RPH does not have access, and will never seek access, to information on other websites visitors have visited or which remarketing lists they are on, apart from the RPH website and remarketing lists of RPH itself.