About this Policy
Jump Out Of Bed Pty Ltd (JOOB) (ACN 630 377 105) takes its data protection and privacy responsibilities seriously.
Who is JOOB?
JOOB is partly owned by Intrepid Group Pty Limited (“Intrepid Group”). References to ‘we’, ‘our’, ‘us’ means ‘JOOB’ and each of our affiliates and branded partners forming part of our group.
For the purposes of relevant data protection laws (including each of the EU and UK General Data Protection Regulation (EU/UK GDPR) as well as the California Consumer Privacy Act (2018) (CCPA), JOOB with whom you contract will be the primary controller of your personal data.
However, you should also review the online policies of the company that you engage with, where they may have separate notices on how they protect your information to satisfy yourself as to the way in which they process and handle your personal data.
What Information do we collect about you?
Making an Enquiry or Booking a Trip
We will collect certain information from you when you make an enquiry or book a trip with us. Depending on your interaction with us and what products and services you use, typically we collect the following personal information:
We also process and store records of the products and services you have enquired about or purchased from us.
We also collect your technical identity data (including IP addresses, browser type and versions, other technology on the device that you use to access our websites, some of which is collected automatically), as well as information about your usage of our websites as you and others browse our websites (see our separate “Cookies” policy for more information).
We may also receive information about you from other sources. These include business partners, such as our affiliate partners, travel providers and other independent third parties. Anything we receive from these sources may be combined with information provided by you. For example, our services are not only made available via our website and mobile apps, but may also be integrated into the services of our affiliate partners that you can find online. When you use any of these services, you may provide reservation details to our business partners who, where permitted, then forward your details to us.
Travel providers (e.g. accommodation, hotel, transport and other similar local providers (Travel Providers) may also share personal information about you with JOOB, for example, to ensure fulfillment of your travel reservation, if you have support questions about a trip booked, or if any complaints or disputes arising about your reservation.
Through your user preferences on your booking account, if you link your user account to a social media account (e.g. Facebook or Twitter) you may exchange information between us and that social media provider – though you can at all times choose not to share that data through the user preferences on your account.
We also integrate with third party service providers (such as Tourcube) and payment gateways (such as Authorize.net ) to facilitate payments between you and us and our partners and agents, as applicable. These service providers share payment information so we can administer and handle your travel services reservation and other purchases such as gift vouchers. All of our third-party payments providers are required to be PCI DSS compliant and process all payments on our behalf.
In the majority of cases, to make a payment via credit card for your travel services, you will use the secure online booking engine on the relevant website or platform that you are using or you will call your booking agent directly. In some limited cases you may provide us with your credit card details over the phone; for example if JOOB needs to provide you with a refund, your bank details may be collected and recorded by us for the purposes of providing the refund only.
We ask that you do not email or send in writing your payment card details to us or any of our partners at any time.
With your consent also, any calls with us, if any, may be recorded, and/or monitored for quality control, coaching and/or training and customer service purposes that assist in addressing your inquiries. As part of the recording. we may collect information such as the identity of the caller, the date and time of the call and the subject and resolution of the issue. For clarity, any financial information that may be provided during a telephone call is not recorded or logged by JOOB.
Marketing and Other Interactions
We collect the following personal information from you for marketing purposes (as more fully described below):
We may contact you to seek your interest in taking part in research projects, surveys feedbacks and interviews. This may include contacting you with a post-booking or post-trip feedback survey and asking to provide a score and comment on your experience.
As part of this contact, we may collect your full name, email address and booking number. You will be asked to provide a score and comment on your trip experience. This information will be linked to any comments you make about your trip.
Where you have provided the relevant details, we may also contact you in response to your feedback to discuss your comments.
If you apply for a job with us, we will collect your CV details and supporting documents which include personal information. If you are successful in obtaining a position with us we will also request you to fill in a form and will ask for your personal information, where necessary, such as your full name, contact details, home address, date of birth, tax file number, superannuation details accessibility requirements and details in relation to your passport and immigration information.
Why do we collect your information?
We collect, hold and handle your personal information for a variety of business purposes (further information on each of which is set out below), including to:
Under applicable privacy and data protection laws (including EU/UK GDPR and the CCPA), for JOOB to collect, hold, use, share and process your information we must have a purpose and legal basis to do so. The legal basis may differ depending on your interaction with us and what information we collect and process, which will fall under:
Necessary for the performance of a contract – When you make an enquiry or booking with us or any of our partners, we rely on the legal basis that the processing of your personal information is necessary for the performance of your contract with us i.e. completing a reservation as part of your planned itinerary and administering your booking.
Legitimate Interest – Our legitimate interest means your information has a commercial business purpose and is necessary in order to provide a product or service to you and does not override your rights and freedoms as an individual. For example; as a travel customer, we collect your email address for the purpose of communicating with you when necessary to communicate about the product or service you’re requesting or booking, and for JOOB to provide you with relevant information. If you are a business partner, we may process your contact information in order to manage our relationship with you. We also rely on our legitimate interests to improve our products and services, and to prevent fraudulent activity on our online platforms and accounts (as set out more specifically below). When using personal data to serve our or a third party’s legitimate interest, we will always balance your rights and interests in the protection of your personal information against our rights and interests or those of the third party, including by using your information in a way which is proportionate and respects your privacy.
Legal Obligations – in certain circumstances we will need to use your information to comply with our legal obligations in Australia.
Vital Interest – we rely on the legal basis of vital interest in certain limited circumstances where it is essential to you and your health that we process your personal information; for example, to contact medical providers / insurance providers in the case of any medical emergency.
Consent – where required by applicable laws, we will obtain your prior consent prior to processing your personal information, including before sending you electronic marketing materials or as otherwise required by law.
You can revoke your consent or object to our marketing in certain circumstances.
Providing your personal data to us is voluntary. However, we may not be able to fulfill your reservation and your experience may be affected if certain personal information is not provided. We may only be able to provide you with some products and services if we can only collect some personal data. For example, we can’t process your travel booking if we don’t collect your name and contact details.
Making an Enquiry or Booking a Stay
We use your personal information to arrange and provide you with the products and services you have requested and booked. The following will provide more insight into these purposes:
Photo and Video
Taking a photo or video is something many people love to do, especially as a way to capture special moments. This is likely to be the reason why you may be included in visual media taken on your trip. On occasion, visual media captured by JOOB employees are so good our marketing team may wish to use them in our brochures or on our website for promotional purposes. In these cases, a consent and waiver form will be provided to you. You do not have to sign this consent or waiver form and providing such information is entirely voluntary. We will respect your privacy and your preferences when processing any personal information collected using visual media.
Marketing and Other Interactions
JOOB may use your information for marketing purposes including:
These products and services may be offered by us our associated companies, or our brand partners.
We will only engage in direct marketing in accordance with the laws of the relevant country or jurisdiction you are located in.
To protect privacy rights and to ensure you have control over how we manage marketing with you we will take steps to limit direct marketing to a reasonable and proportionate level and only send you communications which we believe may be of interest or relevance to you based on the products and services which you have purchased or have registered your interest in purchasing to date. Where you receive electronic marketing communications from us, you may opt out of receiving further marketing communications by following the opt-out instructions provided in the communication. For example, if you are subscribed to any promotional marketing newsletters, you have the choice to unsubscribe from these communications by scrolling to the bottom of the e-mail enclosing the newsletter and clicking the ‘unsubscribe’ link at any time. You can also change and manage your marketing preferences at any time on your preference centre. Alternatively, or in case of any issue, you can contact us at [email protected]
You can change the way your browser manages cookies, which may be used to deliver online advertising, by following the settings on your browser. We recommend you routinely review the privacy notices and preference settings that are available to you on any social media platforms as well as your preferences within your account with us.
We conduct research and analyse your information, including feedback and comments, to help us improve our products and services and to enhance your customer experience, including customising online content, and to improve your booking and website experience. We also look for trends and future destinations and itinerary opportunities.
We may use your de-identified data for internal reporting (i.e. if a partnership was successful), creating new marketing strategies and to identify trends.
We may contact you to seek your interest in taking part in research projects, surveys and interviews. These interactions are designed to help us gain insight and understand certain things such as how to improve the services we provide, help us to understand our customers’ needs and expectations, what media they consume, what their concerns are, why do they travel, etc. Your information and details from our research activities may be stored or kept on file for future reference if relevant and will be de-identified where possible.
How do we collect your information?
Your information may come to us in a variety of different ways. You may provide information directly to us or business partners, and other third parties when communicating via email, phone, letter, or in person. You may also provide us with your information by filling in an online or printed form, leaving feedback, completing a survey or by subscribing to a newsletter.
Your information may also be provided to us by a friend/family member who is booking on your behalf.
Sharing your information
Making an Enquiry or Booking a Trip
In order to handle your enquiry, fulfil your product or service request or manage your booking, we may share your personal information with the following:
We share your personal information with third parties that help us operate, provide, improve, integrate, customise, support and market our products and services. This includes the following:
We seek to ensure that your information is protected at all times including that these third parties have agreed confidentiality restrictions and only use any personal information we share with them or which they collect on our behalf solely for the purpose of providing the contracted service to us.
Sharing within the Intrepid Group
As we are part of a large international group, your information may be shared within JOOB, the Intrepid Group and any of our related entities worldwide, including destination management companies forming part of the Intrepid Group, including our IT shared services centre located in Columbo, Sri Lanka. Where permitted, we may share your personal information with the Intrepid Foundation for the purpose of promoting charitable causes.
We may share or transfer information in connection with any merger, sale of company assets, financing, or acquisition of all or a portion of our business to another company. You will be notified via email and/or a prominent notice on the services if a transaction takes place, as well as any choices you may have regarding your information.
We may share your information with relevant regulators, which may include privacy regulators and supervisory authorities in other jurisdictions, and with courts and law enforcement to comply with all applicable laws, regulations and rules, and requests of law enforcement (e.g. police), regulatory and other governmental agencies
We also share personal information with insurance providers and/or medical personnel, which may be for identification of fraud or error, for regulatory reporting and compliance, or if we believe the disclosure is necessary to lessen or prevent a threat to life, health or safety.
We may share in aggregate, statistical form, non-personal information regarding the visitors to our website, traffic patterns, and website usage with our advertisers.
We do not and will not sell your personal information under any circumstances.
As we have stated earlier, it is necessary for us to share your information with our Group entities, partners and third parties, many of which are located overseas. When we transfer your information overseas, we seek to ensure appropriate privacy, confidentiality and security measures are in place, and that we comply with all applicable data protection and privacy laws.
Further, Intrepid Group operates with different service providers in over 120 countries, across all regions of the world, so it is not possible for us to provide a list of all these countries in this Policy. If you have any specific questions about where or to whom your personal information will be sent, please contact [email protected].
In some jurisdictions, including the EEA, the UK and Australia, data protection laws restrict transferring personal information outside the jurisdiction. We take appropriate steps to ensure that your personal information receives an adequate level of protection (by putting in place appropriate safeguards, such as contractual clauses e.g. EU approved standard contractual clauses), or that we are able to rely on an appropriate derogation under applicable privacy and data protection laws. You have a right to request access to any safeguard which we use to transfer your personal information outside of the UK and the EEA.
Where we receive requests for information from law enforcement or regulators, we carefully validate these requests before any personal information is disclosed.
You have a right to contact us at [email protected] more information about the safeguards we have put in place (including a copy of relevant contractual commitments).
What are your rights
We want you to feel reassured that you have control of the information you provide to us. Subject to certain exemptions, and depending on relevant data protection laws, including in some cases upon our legal basis for processing your information there are certain rights you have over your personal information. These include:
Where possible we will comply with your request, however, there may be instances where we cannot fulfil your request, or there will be consequences if we were to fulfil your request. We will always communicate with you about any consequences before going forward, or give you written reasons for any refusal.
Under certain data protection laws, including the EU/UK GDPR, as well as the CCPA, you may also (subject to certain exceptions):
We may ask you for additional information to confirm your identity and for security purposes, before disclosing the personal information requested to you. We reserve the right to charge a fee where permitted by law, for instance if your request is manifestly unfounded or excessive.
We will only perform the activities outlined above to the extent that such activities will not compromise privacy, security or any other legal interests.
You may also wish to make a complaint about the way we have handled your personal information or other interference with your privacy rights.
You can exercise any of these rights at any time by contacting us (see the Contact Us section) or your relevant privacy or data protection authority.
One of our Privacy Officers will contact you within a reasonable time frame after receiving your enquiry or request to verify who you are in order to locate any accounts or bookings you may have with us or ask any follow up questions to better understand your enquiry.
Please contact us at [email protected] We will inform you whether we will conduct an investigation and the estimated completion date for the investigation process. After we have completed our enquiries, we will contact you, usually in writing, to advise the outcome and invite a response to our conclusions about the complaint. If we receive a response from you, we will assess it and advise if we have changed our view. If you are unsatisfied by our final response, you may escalate your complaint to the relevant regulatory body.
Complaint to the Data Protection Authority
If you have any concerns or complaints about how we are collecting or processing your personal information, you can complain to your local data protection authority. We would ask that you first contact us to seek to resolve the concern or complaint in the first instance.
If you are in the UK/EU, please follow this link to locate the data protection authority most relevant to you: https://edpb.europa.eu/about-edpb/board/members_en
If you are in Australia, you may contact the Privacy Commissioner at the Office of the Australian Information Commissioner (www.oaic.gov.au/).
The California Consumer Privacy Act (2018) (CCPA) gives California Consumers the right to lodge a complaint with the California Attorney General’s office. The Attorney General’s office may be contacted at https://oag.ca.gov/contact/consumer-complaint-against-business-or-company or by telephone at (916) 210-6276.
We retain and store most information about you in computer systems and databases operated by either us or our external service providers. Some information about you may be recorded in paper files that we store securely.
We will only retain your personal information for as long as necessary to fulfil the purposes we collected it for. In some circumstances we may store your personal information for longer periods of time, for instance where we are required to do so in accordance with legal, regulatory, tax or accounting requirements
In specific circumstances we may store your personal information for longer periods of time so that we have an accurate record of your dealings with us in the event of any complaints or challenges, or if we reasonably believe there is a prospect of litigation relating to your personal information or dealings.
How we keep your information secure
JOOB is dedicated to keeping your personal information secure. We have implemented various physical, electronic and managerial security procedures in order to protect your information and reduce the risk of loss and misuse, and from unauthorized access, modification, disclosure and interference.
We have put in place adequate procedures to deal with any actual or suspected personal information breach and will notify you and any applicable regulator of any data breach where we are legally required to do so.
Whilst we take all reasonable steps to ensure that your personal information is secure, we would ask you to be aware that the internet is inherently insecure, so please take precautions when disclosing any personal information online to us.
Links to Third Party Sites
Cookies & Website Usage
Our websites use a standard technology called ‘cookies’ and web server log. To find out more about the cookies we use, click here.