Inside Travel Group Ltd (ITG) is an award-winning travel company that offers unique group tours, tailored travel and cultural experiences in Japan and South-East Asia.
We operate under the brands InsideJapan Tours, InsideAsia Tours, Japan Rugby Travel and Get the Picture.
We are a Limited Company registered in England and Wales with our headquarters in Bristol, UK. We also have offices in Boulder, Colorado (USA), Brisbane (Australia), Nagoya (Japan) and Tokyo (Japan).
IAT fully endorses the six privacy principles of the EU GDPR which can be found in Article 5 of the Regulation and stipulate that personal data must be:
- Processed lawfully, fairly and in a transparent manner
- Collected for specific, explicit and legitimate purposes
- Adequate, relevant and limited to what is necessary
- Accurate and, where necessary, kept up to date
- Retained only for as long as is necessary
- Processed in an appropriate manner to maintain security
This policy outlines how we intend to comply with these principles and describes how we use your personal information.
2.0 Your Personal Data
We respect your personal data and will always endeavour to handle your personal data with care and in line with best practice. If you have any concerns about our handling of your personal data, then please contact us using the contact details at the end of this document.
2.1 What do we use your personal information for?
We use the information we collect from you for marketing, for creating travel proposals and, if you book with us, for the fulfilment of that booking.
For marketing, we will use your information to help us deliver information about our products or services through e-mail, direct mail, social media and our websites.
For the creation of travel proposals and the fulfilment of bookings made with us we use your information to create itineraries, book services and tailor experiences to your specifications and requirements.
We also use personal information for statistical analysis to help us provide better and more relevant products and services in the future.
2.2 What information do we collect and how do we collect it?
We collect information from you when you register to receive marketing materials from us or when you make a booking with us. We collect your information through forms on our website; through paper forms by post, fax or email attachment; by email and by telephone.
Information we ask for will include your name, email address, mailing address, phone number and credit card information as well as your interests and preferences for the type of trips you like to take.
If you make a booking with us, we will also ask you for health information including medical conditions, dietary requirements, allergies, disabilities, height and weight and physical ability. This is defined as a ‘special category’ of data under GDPR and we only use this information to fulfil your contract with us. We do not use this data for marketing purposes.
2.3 How long do we keep your data for?
We retain your personal information for the period necessary to fulfil your bookings or booking requests unless a longer retention period is required or allowed by law. If you would like further information about this, please contact us using the contact details below.
2.4 How do we protect your personal information?
To protect your personal information, we take reasonable precautions and follow industry best practices to make sure it is not inappropriately lost, misused, accessed, disclosed, altered or destroyed.
If you provide us with your credit or debit card information, the information is encrypted using our internationally recognised banking partners’ systems and your card information is stored only for as long as is necessary to complete your purchase transaction. After that is complete, your card information is not kept on our systems.
On our websites, all payment information is transmitted via Secure Socket Layer (SSL) technology and then encrypted into our payment gateway provider's database. The information is only accessible by those authorised with special access rights to such systems, and such persons are required to keep the information confidential.
We ensure that our server which holds your data is protected using industry standard methods and we carry out penetration tests to test our security measures.
2.5 What happens if there is a data breach?
We have a duty to report certain types of personal data breach to the relevant supervisory authority and we must do this within 72 hours of becoming aware of the breach, where feasible.
If the breach is likely to result in a high risk of adversely affecting your rights and freedoms, we must also inform you without undue delay.
If you are concerned about a potential data breach or wish to know further details of our data breach process, then please contact us using the contact details at the end of this document.
2.6 Do we disclose any information to third-parties?
We do not sell or trade your personal information to third-parties.
We do use third-parties to assist us in our marketing and in conducting our business. We ask any third-party we use for details of their privacy and security policies and procedures. We only use third-parties that we are satisfied have sufficiently robust policies and procedures in place.
Please see our Third-Party Data Processors list for full details.
2.7 Transfer of data to countries outside of the EU
To fulfil bookings made with us it is necessary for us to transfer data outside of the EU to suppliers such as hotels and airlines. Under the GDPR these are known as ‘third countries’. We transfer data to our offices in the USA, Japan and Australia to fulfil bookings made with us. Each office has a nominated person in charge of data security and responsible for implementing our data security policies.
Some of the third-party companies we use for marketing are also located outside of the EU. These have been through the same checks that we apply for all other third-party data processors that we use.
3.0 Using your data and obtaining your consent
For each purpose that we use your data we have identified a legal basis for that use. The following section explains the reasons we use your data and the basis we have for doing so.
3.1 Using your data to fulfil bookings or booking requests
If you request or make a booking with us, then we will need to use your personal information to create your itinerary or booking, to book services and to ensure your experience is suitable for you. We use your information in this case under the legal basis of ‘legitimate interest’ for enquiries and ‘fulfilment of contract’ for bookings.
3.2 Using your data for marketing purposes
Apart from the exceptions below, we will only contact you for marketing purposes if you have actively consented to being contacted. At that time, we will ask you the method(s) you are happy to be contacted by. The lawful basis for using your personal data for marketing purposes is ‘consent’.
We continue to market by e-mail to people who are on our marketing list from before May 25th, 2018 and did not click ‘do not receive marketing’, otherwise known as soft opt-ins. We do this based on a ‘legitimate interest’ as defined under the Privacy and Electronic Communications Regulations 2003 (PECRs). If you fall within this group and would like to change your preferences, then please let us know at the contact details below.
We also continue to send direct mail marketing to customers on our soft opt-in list under the basis of ‘legitimate interest’.
You can withdraw or change your consent to receive our marketing at any time by clicking un-subscribe in any email marketing you receive from us or by contacting us using the contact details at the end of this document.
3.3 Automated decision-making
We use some automated decision-making tools in our processing of your personal data. This includes the application of profiling techniques to your personal data. We use this to enable us to offer you more relevant products and information.
4.0 Visitors to our websites
When someone visits our websites, we collect information such as your IP address, browser and the pages you visit. We do this to find out things such as the number of visitors to the various parts of the sites and how long people look at different sections.
We collect this information in a way which does not identify visitors and we do not make any attempt to find out the identities of those visiting our websites. Furthermore, we do not associate any data gathered from these sites with any personally identifying information from any source.
Cookies are text files placed on your computer to collect standard internet log information and visitor behaviour information. This information is used to track visitor use of the website and to compile statistical reports on website activity.
5.0 Social media and sharing tools
We share information, images and video with the public through external social media websites. Comments, opinions, statements, information, images and video shared through this media are solely those of the individual author(s) and do not necessarily reflect Inside Asia Tours opinions, position or view.
You will see embedded 'share' buttons on our web-sites and blogs; these enable users to easily share content with their friends through several popular social networks such as Facebook, Google+, Instagram, Linkedin, Pinterest, Twitter & Youtube. When you click on one of these buttons, a cookie may be set by the service you have chosen to share content through. We do not control the dissemination of these cookies.
Inside Travel Group has no obligation to police, update, modify or amend these messages, posts or media, or notify a recipient when they are included in this media. Inside Travel Group shall have no liability whatsoever to a recipient of any message or media, in respect of any loss or damage suffered by such recipient and shall not in any way be liable to any recipient for any inaccuracies, errors or omissions.
Any use or inclusion of a link to an external website by us should not be understood to be an endorsement of that website or its products and services. Inside Travel Group is not responsible for either the content, or output, of external websites.
6.0 Call Recording
Any incoming or outgoing calls handled by the Inside Travel Group offices in Bristol (UK) or Brisbane (Australia). Calls handled in Nagoya or Tokyo (Japan), or Boulder (USA) are not currently recorded.
6.1 Why are calls recorded?
We record calls to both improve customer service and protect both customers and employees as recordings can be a useful record of what was discussed or agreed verbally.
Recording conversations with customers has numerous benefits to the organisation and the customer. Recorded calls can be used to enhance staff training and development programmes, to assess customer satisfaction, to review client requirements for their trips and to clarify what was agreed.
Access to recorded calls can also be very useful when handling a customer complaint.
Recording calls also means employees feel more protected knowing that in the event of them experiencing threatening behaviour on a call, this can be evidenced and acted upon where necessary.
6.2 How will call recordings be used?
- Quality monitoring. Planning complex trips to our destinations can involve a long and involved series of phone calls to capture the customer requirements and agree the details of what is required. We have a training programme which is designed to help staff carry out this consultation as effectively as possible. Listening to calls can help us better understand how well training is being applied, where processes are being effective and where things could be improved.
- Training and Development. Listening to recorded calls forms a key part of our training programmes for travel consultants. By listening to calls of experienced staff, new starters can learn how an effective call is structured and handled. Consultants can also review their own calls for self-learning and improvement. Managers also review calls to identify training needs.
- Gaining a better understanding of our customers and their requirements. Capturing the requirements for any trip can involve several calls between a customer and their travel consultant. A lot of information is given and received, and it can be difficult for the consultant to write all of this down during call. Reviewing the recording immediately following a consultation can lead to a better proposal for the customer and ensures nothing of importance is missed.
- Complaints and disputes. Sometimes a dispute may arise between a customer and Inside Travel Group. In cases where there has been a misunderstanding over the service being provided or the customer requirements, it can be very helpful to review the call to understand what was said by both sides. The recorded call is the established record of what was said and may provide additional information to assist us with resolving the dispute.
- Employee safety and wellbeing. Although extremely rare, occasionally an employee may be on the receiving end of threatening or abusive language during a call. A recording may then become a key piece of evidence.
6.3 How do we let you know that we record calls?
In addition to this document:
- Incoming calls to the main UK office number – +44 117 244 2280 – receive the following message before being the call is answered: "Calls may be monitored or recorded for quality and training purposes.”
- Incoming calls to our Brisbane office (+61 7 3703 3838) receive the following message before the call is answered: "Thanks for contacting InsideJapan Tours, your call may be monitored for training purposes".
8.0 Access to your information, correction and removal of data
You have the right to request a copy of the information that we hold about you. This includes call recordings. You may also ask us to correct or remove information you believe to be inaccurate.
If you would like a copy of some, or all, of your personal information, to request a correction or for us to remove some (or all) of your personal information from our files then please email or write to us using the contact details below.
9.0 The right to lodge a complaint with a supervisory authority
If you have a complaint which we are unable to satisfy then you have the right to contact the supervisory authority in your country. The websites for the relevant offices in the UK, USA and Australia are as follows:
UK: Information Commissioner’s Office: https://ico.org.uk/
USA: Federal Trade Commission: https://www.ftc.gov/
Australia: Office of the Australian Information Commissioner: https://www.oaic.gov.au/
Please contact us if you need details of supervisory authorities in any other jurisdictions.
10.0 Contacting us
Email: [email protected]