The data controller is Go Kanada Travel Inc. (referred to in this Statement as “we” or “us”).
The following data privacy statement is intended to inform you about our handling of the collection, use and disclosure of personal data. We recommend you carefully read this statement.
We explain what we do with the data we obtain about you. Protecting your privacy is very important to us. Our website is basically designed in such a way that it can be used anonymously. The information we receive and store during your visit to our website is used solely for in-house purposes and to improve website design. We only store the IP address transmitted by your web browser for a limited period of time to detect, narrow down and eliminate errors or glitches (such as attacks on our servers).
In our processing we comply with the requirements of privacy legislation.
In our processing we comply with the requirements of privacy legislation. That means, among other things, that we explain the following:
we clearly state the purposes for which we process personal data;
we aim to limit our collection of personal data to only the personal data required for legitimate purposes;
we first request your explicit consent to process your personal data in cases requiring your consent;
we take appropriate security measures to protect your personal data and also require this from parties that process personal data on our behalf;
we respect your right to access your personal data or have it corrected or deleted, at your request;
when and how we may share personal data with other organisations;
the choices you have, including how to access and update your personal data.
If you have any questions, or want to know exactly what data we keep of you, please contact us at privacy(at)gokanada.ca.
We store personal data for as long as necessary to fulfill the purpose for which the data has been collected, and in accordance with our internal record retention schedule, and to comply with relevant tax and business laws. This means that we delete your personal data when such data is no longer necessary. Statistics which have been anonymised may be saved for longer.
Go Kanada Travel Inc. will only process personal data when we have a legal basis for doing so. The legal basis that we will rely on will depend on the circumstances in which we collect and use your personal data. In almost all cases, the relevant legal basis to process personal data falls under one of the following:
Data processing to fulfill legal obligations
We process your data in order to fulfill our legal obligations (e.g. tax and commercial law). Data processing takes place on the basis of Article 6 para. 1 lit. c DSGVO. The data will be deleted after expiration of the required retention periods.
Data processing for the protection of vitally important interests
We process your data on a case-by-case basis to protect your vital interests, e.g. to provide an evacuation list to emergency services in emergency situations. Data processing takes place on the basis of Article 6 para. 1 lit. d DSGVO. The data will be deleted after expiration of the required retention periods.
Data processing for the protection of legitimate interests
We process your data for our own marketing purposes (e.g. advertising, market analysis). Data processing takes place on the basis of Article 6 para. 1 lit. f DSGVO. The data will be deleted after expiration of the given retention periods. You have the right to object to data processing.
Data processing for direct advertising
We process your data for the purpose of direct marketing, in particular for the dispatch of email information and offers tailored to your travel. Data processing takes place on the basis of Article 6 para. 1 lit. f DSGVO and in the interest to inform you about new products and services. Each customer has his own right to object to this processing, the exercise of which leads to the termination of the processing for the purpose of direct mail. If data are stored exclusively for direct mail, they will be deleted after the objection has occurred.
Our website offers online Forms to get in touch with us on a variety of topics, e.g. booking request, callback request, feedback, etc.
The data requested on those forms will depend on the form’s purpose. Personal details such as personal title, first name, last name and e-mail address are usually mandatory for the purpose of establishing contact. If you use a form for a callback or an appointment request, additional data such as telephone numbers may be requested. For travel requests or questions about existing transactions, you also have the option of specifying your booking or invoice number.
the IP address of the requesting computer (anonymized after the period mentioned above)
browser type, as well as its language and version
access status/http status code
date and time of the query, as well as the respective time zone
content of the request and homepage from which it comes
size of data transfer
When you browse our website, we may collect so-called usage data about the way you access our digital services, This information is temporarily stored on our web server as a protocol in order to improve the quality of our website, to enable the access of our website, and to control and manage our systems. The stored data is stored anonymously in accordance with applicable legal requirements. No personal user profiles get created. Data about individual people or their behaviour is not collected.
For a Travel booking / Booking enquiry
Personal Title (of all travellers)
Name and Surname (of all travellers)
Postal Address (for billing purposes and mailing of travel documents)
Date of Birth / Age (of all travellers)
Telephone number of the main traveller for short notice changes
E-Mail Address (for emailing booking details)
Other ID document details
Relevant medical information
Any special dietary or disability requests
Social preferences, travel preferences, interests and activities
This also includes the associated customer support.
We will send you your booking confirmation to your e-mail address. You can also receive an e-mail with promotional content tailored to your booking. You can object to this at any time by emailing privacy(at)gokanada.ca. As soon as your objection is received, we will stop any further promotional content submissions; however, you might still receive service-related communications from us, such as reservation and booking confirmations and important information about the use of our products and services.
If required, personal data will be passed on to the companies and service providers involved in the processing of this contract, such as, but not limited to, hotels and accommodation providers, restaurants, rental companies, cruise-ship companies, transportation companies, airlines or credit institutions for payment processing.
We process the above data on the basis of Article 6 para 1 lit. b GDPR for the purpose of fulfilling a contract: Travel booking / booking enquiry.
The data required to fulfil the contract will be retained in accordance with statutory retention periods and deleted after expiry of these periods.
We may use personal information from other resources, such as public registers and companies that provide data and information.
Your insurance company, its representatives and medical staff may share relevant personal data with us in situations where they must act on your behalf or in the interests of other customers or in an emergency.
We use personal information provided by you about other people, such as people who are part of your booking.
When you submit personal information of other people, they have to agree to this and must allow you to submit this data. By submitting personal information of other people, you must ensure that they agree to this and that they understand how their information might be used by us.
We use your personal data in a variety of ways, as explained below.
To provide the products and services you request
In order for us to manage your booking and provide you with the products and services booked, as well as to help you with reservations, bookings and possible refunds, we need to process your personal data; in particular, these are the following purposes.
Planning and organisation of the trip you have booked; transmission to hotels and restaurants (possibly to third countries outside the EU); transmission to airlines (possibly to third countries outside the EU); storage of name, telephone number and relationship for information purposes in case of emergency; use of telephone numbers, e-mail address and address for the purpose of customer support, i.e. to advise you and answer your questions in connection with your booked travel arrangement; use of address and e-mail address for commercial communication (post and e-mail); processing of relevant data in response to and management of security incidents, disturbances or other similar unforeseen occurrences during travel – among others, these can be of a medical or insurance-related nature.
To manage and improve our products, services and day-to-day operations
We use personal data to manage and improve our products, websites, customer loyalty or recognition programme(s) and other services.
We monitor how our services are used to help protect your personal data, detect and prevent fraud, other crimes and the misuse of services. This helps us to make sure that you can safely use our services.
We may use personal data to carry out market research and internal research and development, and to develop and improve our product range, services, shops, IT systems, security, know-how and the way we communicate with you.
To personalise your experience
We want to ensure that marketing communications relating to our products and services, and those of our suppliers and retail partners, are relevant to your interests.
To do this, we may use your personal data to better understand your interests so that we can try to predict what other products, services and information you might be most interested in; looking at your browsing behaviour and purchases helps us to better understand you as a customer; we may also measure your responses to marketing communications relating to products and services we offer. If you do not want to receive a personalised service from us, you can change your preference online (privacy(at)gokanada.ca), over the phone or by writing to us at any time. We will update our records as soon as we can.
To make contact and interact with you
When you contact us, for instance via e-mail, post, telephone or social media, we are permitted to use personal data in order to handle your matter in the best and fastest possible way. If we have to process special categories of personal data, for example health-related data for medical reasons, we only do this if one or more additional prerequisites apply: we have your express consent; it is necessary to protect your vital interests or those of another person and you are physically or legally not in a condition to give consent; it is necessary for the justification, assertion or defence of legal claims; it is necessary for reasons of an overriding public interest.
We do not sell your personal data to third parties.
We would like to, from time to time, send you relevant offers and news about our and other companies’ products and services that we believe might be of interest to you. We will only do this if you have previously agreed to receive these marketing communications, for example when you book or register with us. You can always change your marketing preferences online or by writing to us.
Even when you opt out of marketing communications, we may still send you service-related communications from us, such as reservation and booking confirmations and / or providing you with important information about the use of our products or services.
In order to provide products or services you require, we must share personal data with service providers, including, but not limited to, hotels and accommodation providers, restaurants, rental companies, transport companies, cruise-ship companies, airlines or credit institutions for payment processing.
We may also provide your data to external service providers, e.g. IT service providers, marketing research, payment processing and delivering products and services, which support us in the processing of data within the framework of order processing, strictly bound by instructions.
We may need to share personal information if we are required to do so by law and to exercise or defend our legal rights; this includes the transfer of personal data to third parties, for example, in order to prevent fraud offences and to reduce default risks. When we share personal information with other organizations, we require them to keep it safe and not use it for their own marketing purposes.
We only share the minimum of personal data necessary for our suppliers and trading partners to provide their services to you and us.
For the purpose of performing the travel contract concluded with you, we will transmit your personal data, among other things, to the aforementioned recipients in countries outside the jurisdiction of European data protection laws, for which the European Commission has determined that there is not an appropriate level of data protection.
We take steps to protect all personal information that is transferred to third parties or other countries in accordance with applicable data protection laws and as described above. In some cases, there are separate data protection agreements with service providers to assist us in the implementation of the trip. Data processing can also take place outside the EU or the EEA. We do not sell or market your personal information to third parties.
Sharing of personal data with Regulatory Authorities
So that you can travel, it may be mandatory (as required by government authorities at the point(s) of departure and/or destination) to disclose and process your personal data for immigration, border control, security and anti-terrorism purposes, or any other purposes which they determine appropriate.
Some countries will only permit travel if you provide your advance passenger data (for example Caricom API Data and US Secure Flight Data). These requirements may differ depending on your destination and you are advised to check. Even if not mandatory, we may assist where appropriate.
We may share the minimum personal data necessary with other public authorities if the law says we must, or we are legally allowed to do so.
For the purposes of performing the travel contract concluded with you, we transmit your personal data to, among others, the above-mentioned recipients in countries outside of the jurisdiction of European data protection laws for which the European Commission has determined that there is not an appropriate level of data protection. In particular, for a ship-cruise, this transmission is carried out for the preparation of your travel and is required due to local legal requirements to register passengers upon docking in ports.
If you have any questions or want to know which personal data we have about you, please contact us. You also have the right to complain to a data protection authority. However, if you have questions or complaints, we ask that you first contact us at privacy(at)gokanada.ca.
You have the following rights:
You have the right to know why your personal data is needed, what will happen to it, and how long it will be retained for.
Right of access: You have the right to access your personal data that is known to us.
Right to rectification: you have the right to supplement, correct, have deleted or blocked your personal data whenever you wish.
If you give us your consent to process your data, you have the right to revoke that consent and to have your personal data deleted.
Right to transfer your data: you have the right to request all your personal data from the controller and transfer it in its entirety to another controller.
Right to object: you may object to the processing of your data. We comply with this, unless there are justified grounds for processing.
Please make sure to always clearly state who you are, so that we can be certain that we do not modify or delete any data of the wrong person.
We are committed to the security of personal data. We take appropriate security measures to help protect your personal data from accidental loss and from unauthorised access, use, alteration and disclosure. This ensures that only the necessary persons have access to your data, that access to the data is protected, and that our security measures are regularly reviewed.
In order to protect your data from unwanted access, our website uses TLS Encryption. Your information gets transferred from your computer to our server and vice versa via the Internet using a TLS 1.2 encryption. You will recognize this by the lock icon on the status bar of your browser and the address bar beginning with https: //.
Other security measures we use include:
Username and Password
TLS / SSL
DKIM, SPF and DMARC
Physical security measures of systems which contain personal data
The security of your data also depends on you. For example, where we have given you or where you have chosen a password for access to certain services, you are responsible for keeping this password confidential.
The personal data that we collect from you may be transferred to, and stored at, a destination outside the European Economic Area (“EEA”). It may also be processed by organisations operating outside the EEA who work for us or for one of our suppliers. We put in place appropriate protections to make sure your personal data remains adequately protected and that it is treated in line with this Notice. These protections include, but are not limited to, appropriate contract clauses, such as standard contract clauses approved by the European Commission, and appropriate security measures.
Our cookies allow (re-)identification of recurrent users during visits to our website; however, no directly identifiable personal data, with the exemption of static IP addresses, will be processed.
To offer you the best possible service and website experience, we may use both “permanent cookies” and “session cookies”.
Data stored in permanent cookies allow us to provide you with a comfortable use of our website, as these cookies allow us to identify recurrent visits. Data will only be used by us for this specific purpose.
Deactivation of permanent cookies does not affect the usability of our website.
Data stored in session cookies only affect your current visit to our website and will allow us to provide you with our services and give you the opportunity to make full use of our services, as well as experiencing a more comfortable use of our website.
When you disable session cookies, we cannot guarantee that you can make full use of all services we provide. The website may be partly or fully dysfunctional.
If you do not want cookies to be stored on your computer, you can change your browser settings (information can be found in the help function in the menu bar of your browser). Cookies already stored on your computer can be removed by deleting temporary files.
Our website uses plugins from YouTube, which is operated by Google. The operator of the pages is YouTube LLC, 901 Cherry Ave., San Bruno, CA 94066, USA. If you visit one of our pages featuring a YouTube plugin, a connection to the YouTube servers is established. Here the YouTube server is informed about which of our pages you have visited. If you’re logged in to your YouTube account, YouTube allows you to associate your browsing behavior directly with your personal profile. You can prevent this by logging out of your YouTube account. YouTube is used to help make our website appealing. This constitutes a justified interest pursuant to Art. 6 (1) (f) DSGVO. Further information about handling user data, can be found in the data protection declaration of YouTube under https://policies.google.com/privacy.
On our website we may offer Payment via PayPal. Provider of this payment service is PayPal (Europe) S.à.r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg (hereinafter “PayPal”). If you choose to pay via PayPal, the payment details you enter will be sent to PayPal. The transmission of your data to PayPal is based on Art. 6 para. 1 lit. a DSGVO (consent) and Art. 6 para. 1 lit. b DSGVO (processing to fulfill a contract). You have the opportunity to revoke your consent to data processing at any time. A revocation does not affect the effectiveness of historical data processing operations.
If you opt for a payment method offered through the payment service provider “Stripe”, the payment will be processed via Stripe, Inc., 185 Berry Street, Suite 550, San Francisco, CA 94107, United States, to which we will provide your information as part of the ordering process in addition to the information about your order (name, address, account number, bank code, possibly credit card number, invoice amount, currency and transaction number) in accordance with Art. 6 para. 1 lit. b Pass on DSGVO. The disclosure of your data is solely for the purpose of payment processing with Stripe Payments Europe Ltd. and only insofar as it is necessary for this. For more information about “Stripe” privacy, visit the following Internet address: https://stripe.com/en-ca/privacy.
Google Web Fonts
This website uses Google AdWords and, in doing so, its conversion tracking feature as well. If you come to our website by clicking on a Google ad, Google AdWords will add cookies to your computer. These cookies become invalid after 30 days and do not serve as a means of personal identification. If you visit specific pages of the AdWords customer’s website and the cookie has not yet expired, both Google and we, the customer, can see that the user clicked on the advertisement and was redirected to the current page. Every AdWords customer receives a different cookie. Cookies can therefore not be tracked over AdWords customer websites.
The information collected with the help of the conversion cookies are used in the creation of conversion statistics for AdWords customers who have opted for conversion tracking. AdWords customers receive information about the total number of users that have clicked on their advertisement(s), and how many of these customers were redirected to a website with a conversion-tracking tag.
However, these AdWords customers do not receive any information which would personally identify the users. If you do not wish to participate in the tracking process, you can block the Google AdWords conversion-tracking cookie by changing your browser settings (block cookies from the www.googleadservices.com domain). Google’s privacy statement on conversion tracking is available at http://www.google.com/intl/en/policies/privacy
This website uses Google Analytics, a web-analytic service provided by Google, Inc. (www.google.com). Google Analytics uses “cookies”, text files which are stored on your computer and which allow an analysis of the use of the website by you. The information generated by the cookie about your use of this website is generally transferred to a Google server in the USA and stored there. However, in the case of the activation of the IP anonymisation on this website, your IP address will be previously abridged by Google within the member states of the European Union or in other states parties to the Agreement on the European Economic Area. Only in exceptional cases, will the full IP address be transferred to a Google server in the US and abbreviated there.
On behalf of Go Kanada Travel Inc., Google will use this information to evaluate your use of the website, to compile reports on website activity, and to provide other services related to website usage and internet usage. The IP address provided by your browser as part of Google Analytics will not be merged with other Google data. You can prevent the Google cookies from being saved by setting your browser settings accordingly.
Where users have chosen to enable Google to associate their web and app browsing history with their Google account and to use information from their Google account to personalize ads, Google will use data from its signed-in users together with your Google Analytics data to build audience lists for cross-device remarketing. In order to support this feature, two things will happen: First, for users on this site, Google Analytics will collect Google-authenticated identifiers associated with users’ Google Accounts (and therefore, personal information). Second, Google Analytics will temporarily join these identifiers to this site’s Google Analytics data in order to support our audiences.
This website uses the Google Tag Manager. This service allows website tags to be managed through an interface. The Google Tag Manager only implements tags. This means that no cookies are used and no personal data is collected. The Google Tag Manager triggers other tags, which in turn collect data if necessary. However, the Google Tag Manager does not access this data. If a deactivation has been made at domain or cookie level, it remains valid for all tracking tags if they are implemented with the Google Tag Manager.
This privacy statement does not apply to third party websites connected by links on our website. We cannot guarantee that these third parties handle your personal data in a reliable or secure manner. We recommend you read the privacy statements of these websites prior to making use of these websites. We do not accept any responsibility or liability for websites of other organisations.
Our websites may contain social media features such as Facebook, YouTube, Vimeo, LinkedIn or Xing that have their own privacy notices.
Please make sure you read their terms and conditions and privacy notice carefully before providing any personal data as we do not accept any responsibility or liability for these features.
We reserve the right to make changes to this privacy statement. It is recommended that you consult this privacy statement regularly in order to be aware of any changes. In addition, we will actively inform you wherever possible.