PRIVACY STATEMENT
SECTION 1 – WHAT DO WE DO WITH YOUR INFORMATION?
When you purchase something from our store, as part of the buying and selling process, we collect the personal information you give us such as your name, address and email address.
When you browse our store, we also automatically receive your computer’s internet protocol (IP) address in order to provide us with information that helps us learn about your browser and operating system.
Email marketing (if applicable): With your permission, we may send you emails about our store, new products and other updates.
SECTION 2 – CONSENT
How do you get my consent?
When you provide us with personal information to complete a transaction, verify your credit card, place an order, arrange for a delivery or return a purchase, we imply that you consent to our collecting it and using it for that specific reason only.
If we ask for your personal information for a secondary reason, like marketing, we will either ask you directly for your expressed consent, or provide you with an opportunity to say no.
How do I withdraw my consent?
If after you opt-in, you change your mind, you may withdraw your consent for us to contact you, for the continued collection, use or disclosure of your information, at anytime, by contacting us at bjenkinson@gmail.com or mailing us at:
Headout Quad bike Rentals
91 Country Places, Cedarwood drive Cape Town Western Cape ZA 7550
SECTION 3 – DISCLOSURE
We may disclose your personal information if we are required by law to do so or if you violate our Terms of Service.
SECTION 4 – SHOPIFY
Our store is hosted on Shopify Inc. They provide us with the online e-commerce platform that allows us to sell our products and services to you.
Your data is stored through Shopify’s data storage, databases and the general Shopify application. They store your data on a secure server behind a firewall.
Payment:
If you choose a direct payment gateway to complete your purchase, then Shopify stores your credit card data. It is encrypted through the Payment Card Industry Data Security Standard (PCI-DSS). Your purchase transaction data is stored only as long as is necessary to complete your purchase transaction. After that is complete, your purchase transaction information is deleted.
All direct payment gateways adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, MasterCard, American Express and Discover.
PCI-DSS requirements help ensure the secure handling of credit card information by our store and its service providers.
For more insight, you may also want to read Shopify’s Terms of Service (https://www.shopify.com/legal/terms) or Privacy Statement (https://www.shopify.com/legal/privacy).
SECTION 5 – THIRD-PARTY SERVICES
In general, the third-party providers used by us will only collect, use and disclose your information to the extent necessary to allow them to perform the services they provide to us.
However, certain third-party service providers, such as payment gateways and other payment transaction processors, have their own privacy policies in respect to the information we are required to provide to them for your purchase-related transactions.
For these providers, we recommend that you read their privacy policies so you can understand the manner in which your personal information will be handled by these providers.
In particular, remember that certain providers may be located in or have facilities that are located a different jurisdiction than either you or us. So if you elect to proceed with a transaction that involves the services of a third-party service provider, then your information may become subject to the laws of the jurisdiction(s) in which that service provider or its facilities are located.
As an example, if you are located in Canada and your transaction is processed by a payment gateway located in the United States, then your personal information used in completing that transaction may be subject to disclosure under United States legislation, including the Patriot Act.
Once you leave our store’s website or are redirected to a third-party website or application, you are no longer governed by this Privacy Policy or our website’s Terms of Service.
Links
When you click on links on our store, they may direct you away from our site. We are not responsible for the privacy practices of other sites and encourage you to read their privacy statements.
SECTION 6 – SECURITY
To protect your personal information, we take reasonable precautions and follow industry best practices to make sure it is not inappropriately lost, misused, accessed, disclosed, altered or destroyed.
If you provide us with your credit card information, the information is encrypted using secure socket layer technology (SSL) and stored with a AES-256 encryption. Although no method of transmission over the Internet or electronic storage is 100% secure, we follow all PCI-DSS requirements and implement additional generally accepted industry standards.
SECTION 7 – COOKIES
Here is a list of cookies that we use. We’ve listed them here so you that you can choose if you want to opt-out of cookies or not.
_session_id, unique token, sessional, Allows Shopify to store information about your session (referrer, landing page, etc).
_shopify_visit, no data held, Persistent for 30 minutes from the last visit, Used by our website provider’s internal stats tracker to record the number of visits
_shopify_uniq, no data held, expires midnight (relative to the visitor) of the next day, Counts the number of visits to a store by a single customer.
cart, unique token, persistent for 2 weeks, Stores information about the contents of your cart.
secure_session_id, unique token, sessional
storefrontdigest, unique token, indefinite If the shop has a password, this is used to determine if the current visitor has access.
SECTION 8 – AGE OF CONSENT
By using this site, you represent that you are at least the age of majority in your state or province of residence, or that you are the age of majority in your state or province of residence and you have given us your consent to allow any of your minor dependents to use this site.
SECTION 9 – CHANGES TO THIS PRIVACY POLICY
We reserve the right to modify this privacy policy at any time, so please review it frequently. Changes and clarifications will take effect immediately upon their posting on the website. If we make material changes to this policy, we will notify you here that it has been updated, so that you are aware of what information we collect, how we use it, and under what circumstances, if any, we use and/or disclose it.
If our store is acquired or merged with another company, your information may be transferred to the new owners so that we may continue to sell products to you.
QUESTIONS AND CONTACT INFORMATION
If you would like to: access, correct, amend or delete any personal information we have about you, register a complaint, or simply want more information contact our Privacy Compliance Officer at headoutours@gmail.com
[Re: Privacy Compliance Officer]
HEADOUT ADVENTURES BOOKING CONDITIONS:
- All guests/clients participate on Quad biking tours/activities “AT YOUR OWN RISK”.
- Should you the client damage the quad bike by driving into another quad bike or an obstruction or “roll-it” You shall be required to pay for the damages as determined by the Guide on duty before you leave the activity area. Should there be any dispute between the 2 parties. The hirer of the equipment shall none the less pay for the damages before leaving the activity area. The Owners of the Quad bike will provide invoices for the replacement parts and labour with-in 14 days and provide the hirer a refund if damages claimed is more than the damage sustained.
- You may not operate a quadbike under the influence of drugs or alcohol, If you arrive under the influence of drugs or alcohol your tour will be forfeit and you will not be refunded.
- 100% Upfront deposit secures your booking.
Long term bookings- up to 30 days before booking date.
- In the event of cancellation within 24hours of confirmed activity date, a 100% cancellation fee will apply.
- The Client is responsible for monitoring weather predictions for the day of their tour, and should the client feel the weather is not suitable for the activity, it is then the client’s responsibility to cancel or reschedule the tour 24hours prior to the time of activity date.
- Children younger than 12 years old will be required to ride with one of our experienced guides
Quad bike tours always commence on the hour, ie. 10h00 or under special circumstances on the half hour, ie. 10h30
Kindly ensure you arrive at the venue 30 minutes before your Quad bike tour departure time- Should you arrive 30 minutes later than the Tour departure time-your tour may be forfeited and not refunded or rescheduled. If however you contact us timeously before your tour commencement time-we may be able to make alternate arrangements. Timeously means well beforehand. Kindly persist with trying to contact us if you are running late-bear in mind we may be driving or on the dunes with clients with limited or no cellphone reception. Kindly keep trying or send us a whatsapp Please leave us full details in your whatsapp ie. client name, booking time and booking agent.
- Should Headout Adventures deem weather to be too severe and cancels an activity and you cannot reschedule you will receive a 100% refund
- The owners and management of HEADOUT ADVENTURES cannot be held responsible for any loss or damage of any property of the clients.
- All clients will be required to sign an indemnity before the Quad biking tour takes place.
- All Visa/MasterCard transactions will have a 4 % handling fee added to them and all AMEX 5% handling fee.
- Prices are subject to change without prior notice.
PayGate Terms and Conditions
Headout Adventures is a business in the activity industry
Return and Refunds policy
The provision of goods and services by Headout Adventures is subject to availability. In cases of unavailability, Headout Adventures go to every endeavor to rebook/reschedule the service. If that is not possible, it will be considered to refund the client soon as possible.
Customer privacy policy
Headout Adventures shall take all reasonable steps to protect the personal information of users. For the purpose of this clause, “personal information” shall be defined as detailed in the Promotion of Access to Information Act 2 of 2000 (PAIA). The PAIA may be downloaded from:
http://www.polity.org.za/attachment.php?aa_id=3569
Payment options accepted
Payment may be made via Visa, MasterCard, credit cards for online bookings. Bank transfers or cash will only be accepted for direct bookings into the Headout Adventures bank account, the details of which will be provided on request
Credit card acquiring and security
Credit card transactions will be acquired for Headout Adventures via PayGate (Pty) Ltd who are the approved payment gateway. PayGate uses the strictest form of encryption, namely Secure Socket Layer 3 (SSL3) and no credit card details are stored on the website. Users may go towww.paygate.co.zato view their security certificate and security policy.
Customer details separate from card details
Customer details will be stored by Headout Adventures separately from card details which are entered by the client on PayGate’s secure site. For more detail on PayGate refer towww.paygate.co.za
Merchant Outlet country and transaction currency
The merchant outlet country at the time of presenting payment options to the cardholder is South Africa. Transaction Currency is South African Rand (ZAR).
Responsibility
Headout Adventures takes responsibility for all aspects relating to the transaction including sale of goods and services sold on this website, customer service and support, dispute resolution and delivery of goods
Country of domicile
This website is governed by the laws of South Africa and Headout Adventures chooses as its domiciliumcitandi et executandi for all purposes under this agreement, whether in respect of court process, notice, or other documents or communication of whatsoever nature.
Variation
Headout Adventures may, in its sole discretion, change this agreement or any part thereof at any time without notice.
Company information
This website is run by Headout Adventures based in South Africa trading as Headout Adventures and with registration number 2017/230962/07
Headout Adventures – t: 0846271780 e:headoutours@gmail.com
This privacy notice forms part of your agreement with Activitar.
During our interactions, you share personal information with Tornado Tour Systems (Pty) Ltd, trading as Activitar, registration number 2004/000954/07.
This notice tells you what to expect when we collect information from you and how we use it.
It is part of our agreement with you, and we may need to update it occasionally. When we do, we will inform you. You should read this notice along with our terms and conditions that apply to the products and services you use.
If you have any questions about this policy, please contact us by email at privacy@activitar.com or by phone on +2787 250 0276
We collect your information in the circumstances outlined below. Sometimes we are required by law to collect your information, for instance, if tax legislation forces us to collect personal information.
We need some general information before we can enter into an agreement and you can begin to use our reservation system and online distribution service.
We collect your:
company name
contact details
VAT number
banking details
details related to your operating processes and offerings
details contained in your company registration documents
identity documents of your mandated officials
proof of address of your mandated officials
proof of banking details
We use this information to:
load you on our services and configure the system
set up and process payments via the payment gateway
communicate with you
provide training
process orders
provide your offerings to clients via activitar.com
provide support
send you statements, receipts, invoices or any other legal documents that relate to your transaction
fulfill our legal obligation to use or disclose your information
Legal basis for processing: Data protection legislation allows us to process personal information when it is necessary for the performance of a contract with you. In other instances, we are required by law to collect your information, for instance tax legislation forces us to collect personal information. |
In order for our service to function properly, ‘customer data’ is generated and collected. This includes your, and your clients’ personal information. We collect your clients’ names, contact details, and details about their bookings.
We use customer data to process bookings and reservations on our reservation system and distribution service, to analyse and improve our services and to identify and solve problems where they may appear.
Legal basis for processing: Data protection legislation allows us to process personal information when it is necessary for the performance of a contract with you. |
When you contact us by social media, email, our support service or telephone with a query, complaint, or request, we collect the information contained in your message. We use the information we collect to reply to, investigate, and resolve your query, complaint, or request.
Legal basis for processing: Data protection legislation allows us to process personal information when it is in our interest and we have chosen the least invasive way to process the information. It is in both our interest to reply to, investigate, and resolve your queries, complaints, and requests. |
We have a monthly newsletter that is delivered by email.
We’ll ask you whether you want to receive the newsletter, if you agree it is important that you know you can unsubscribe at any time by following the unsubscribe link at the bottom of the email or by contacting us.
Legal basis for processing: Data protection legislation allows us to process personal information when you have given us your express consent. |
We do not knowingly collect the personal information of children without the consent of a parent or guardian.
We use service providers and suppliers who we trust to assist us in providing our services to you. They have agreed to keep your information secure and confidential, and to only use it for the purposes for which we have sent it to them.
We share your information with service providers when they help us to:
store information
process payments
ensure you have access to the services you paid for
deliver our newsletter
help monitor the effectiveness of our promotions and advertising
help us manage our business, for instance accountants and professional advisors.
maintain our website
find and fix errors and performance issues on our website
Sometimes we will be required by law to share your information. For instance, we may be required to share your information with the South African Fraud Prevention Services. We will not sell your information or share information with third parties for the purposes of direct marketing (we don’t like spam either).
Some of the service providers that we use may be located in other countries; for instance, our cloud storage service. These countries may not have the same levels of protection of personal information as South Africa. If this is the case, we require that they undertake to protect the personal information of our customers to the same level that we do.
We will not retain your information for longer than we need to, unless we are legally required to do so. Most of your personal information will be retained for 5 years from the date of your last transaction with us. However, we may keep your contact details for longer for marketing and mailer purposes.
We have implemented reasonable security measures based on the sensitivity of the information we hold. These measures are in place to protect the information from being disclosed, from loss, misuse, and unauthorised access, and from being altered or destroyed.
We regularly monitor our systems for possible vulnerabilities and attacks, but no system is perfect and we cannot guarantee that we will never experience breach of any of our physical, technical, or managerial safeguards. If something should happen, we have taken steps to minimise the threat to your privacy. We will let you know of any breaches that affect your personal information and inform you how you can help minimise the impact.
You also have a role to play in keeping your information secure. For example, you should never share personal information with us in an email, because while our servers are protected, it is still possible that email can be intercepted. Instead, contact the Activitar support team at +2787 250 0276, which will connect you to Chris Coetzee, our information officer.
You have the right to know what kind of personal information we have about you, to correct it, and to opt out of marketing.
You have the right to
ask us what we know about you;
ask what information was sent to our suppliers, service providers, or any other third party;
ask us to update, correct, or delete any out-of-date or incorrect personal information we have about you;
unsubscribe from any direct marketing communications we may send you; and
object to the processing of your personal information.
You can request access to the information we have about you, or correct your personal information by contacting our deputy information officer at privacy@activitar.com. It can take us up to 21 days to respond to your request because there are procedures that we need to follow. In certain cases, we may require proof of your identity, and sometimes changes to your information may be subject to additional requirements such as valid proof of residence.
If you are in the European Union, you have these rights in terms of the GDPR:
The right to be informed about the collection and use of your personal information.
The right to access your personal information. You may make such a request from us by contacting privacy@activitar.com. We may take one month to respond to your request and may charge a fee in some circumstances. We will let you know if this is the case.
You have a right to have inaccurate personal information corrected or completed if it is incomplete. You may make such a request from us by contacting privacy@activitar.com. We may take one month to respond to your request and may refuse in certain circumstances.
You have the right to have your personal information erased, also known as the ‘right to be forgotten’. You may make such a request from us by contacting privacy@activitar.com. We may take one month to respond to your request and may refuse in certain circumstances.
You have the right to request that we restrict or suppress your personal information. You may make such a request from us by contacting privacy@activitar.com. We may take one month to respond to your request and may refuse in certain circumstances.
You have the right to reuse your personal information for your own purposes across different services, also known as the right to data portability.
You have the right to object to us processing your personal information in certain circumstances. You may make your objection by contacting privacy@activitar.com. We may take one month to respond to your request. There are legitimate reasons why we may refuse your objection, which depend on why we are processing it.
You have the right to complain to a supervisory authority in the Member State where you live or work, or where the infringement took place.
You have the right to object to automated decision-making and profiling.
You may ask that a human review any automated decisions that we make about you, express your point of view about it, and obtain an explanation of the decision. You may challenge any automated decision made about you by contacting privacy@activitar.com. We may take one month to respond to your request.
© 2024 Tornado Tour Systems (Pty) Ltd ta Activitar.