We care about your privacy and want you to trust your information is safe and respected. This Privacy Policy provides details about the personal information that Black Sheep Touring Co. Ltd (‘Black Sheep’, ‘we’, ‘us’ and ‘our’) collects, and the ways in which we use, disclose, and protect that personal information.

Black Sheep Touring Company Ltd complies with the New Zealand Privacy Act 1993 (the Act) when dealing with personal information. Personal information is information about an identifiable individual (a natural person). This policy does not limit or exclude any of your rights under the Act. If you wish to seek further information on the Act, see www.privacy.org.nz

I. The Information We Collect

To help us provide information, products, services and support to you, and to optimize our website for delivering information about our products and services, we collect a variety of personal details directly from you, from our website, and from third party sources where appropriate and applicable. The types of information we collect are detailed below.

Information You Provide to Us:

We collect information you provide directly to us. For example, we collect your details when you request information or customer support from us, participate in any interactive features of our services, fill out a form, interact via email or message board, or otherwise communicate with us. We may use the information you provide to respond to your questions, provide you with specific products or services, and/or send you news or updates. The types of information we may collect include your name, email address, phone number, and any other information you choose to provide depending on the service you are requesting.

Information We Collect Automatically When You Use Our Website:

As is standard practice with websites, when you access or use our website, we automatically collect information about your use, including:

  • Log Information: We log information about your use of the Services, including the type of browser you use, access times, pages viewed, which hyperlinks you “clicked”, your IP address, your general location, and the page you visited before navigating to our site.
  • Device Information: We collect information about the computer or mobile device you use to access our Services, including the hardware model, operating system and version, unique device identifiers and mobile network information.

This information is collected for our own purposes to improve the design and delivery of information on our website.

We use cookies (an alphanumeric identifier that we transfer to your computer’s hard drive so that we can recognise your browser) to monitor your use of the website. You may disable cookies by changing the settings on your browser, although this may mean that you cannot use all of the features of the website.

Information from Third Party Sources:

If possible, we prefer to collect personal information from you directly. In some cases, we may collect information from third parties where you have authorised this or where the information is publicly available. For example, we may collect information about you from but not limited to social media sites, identity verification services, credit bureaus, mailing list providers and/or other publicly available sources.

II. How We Use the Information

We may use your personal information to:

  • Verify your identity
  • Send communications to you and respond to communications from you
  • Provide and improve upon services and/or products to you
  • Send you statements and invoices
  • Collect payments from you, including authorising and processing credit card transactions
  • Send you marketing communications from which you can unsubscribe at any time
  • Contact the Emergency Contact person provided by you if deemed necessary
  • Administer this website
  • Personalize the website for you
  • Enable your access to and use of the website services
  • Conduct research and statistical analysis (on an anonymised basis)
  • Publish information about you on the website and/or social media sites if authorized by you
  • Protect and/or enforce our legal rights and interests, including defending any claim
  • For any other purpose authorized by you or the Act

III. Disclosing Your Personal Information

We consider the confidentiality and security of your information to be of the utmost importance and never sell your personal details to third parties. There are occasions where it may be necessary to disclose personal information to third parties in order to provide you with our services, or as otherwise identified below. In such cases, we will provide the minimum amount of information required. We may disclose your personal information to:

  • Any business that supports our services and products, including any person that hosts or maintains any underlying IT system or data centre that we use to provide the website or other services and products
  • Other third parties for anonymised statistical information
  • A person who can require us to supply your personal information (eg a regulatory authority)
  • Any other person authorised by the Act or another law (eg a law enforcement agency)
  • Any other person authorised by you
  • A business that supports our services and products which may be located outside New Zealand. This may mean your personal information is held and processed outside New Zealand (see Cross-border Data Transfers below)

If you have booked a tour with us, defined by providing a deposit and completing a Reservation Form, we may also disclose some of your personal information to:

  • Companies that we contract to provide travel services. This includes accommodation and activity operators and other suppliers we use to provide services to you on our tours
  • An outside authority if doing so is necessary to ensure the care and safety of you or others while on tour, as permitted by applicable law
  • Contact the Emergency Contact person provided by you if deemed necessary
  • If authorized by you, publish information about you on the website and/or social media sites

IV. Protecting Your Data

We will take reasonable technical and organisational precautions to prevent the loss, misuse or alteration of your personal information.

We do not store your credit card details as outlined in item V. below. We will store all other personal information you provide on our secure servers, along with the pages you visit on our website.

Internet Use:

While we take reasonable steps to maintain secure internet connections, if you provide us with personal information over the internet, the provision of that information is at your own risk.

If you post your personal information on the website’s message board, you acknowledge and agree that the information you post is publicly available.

If you follow a link on our website to another site, the owner of that site will have its own privacy policy relating to your personal information. We suggest you review that site’s privacy policy before you provide personal information. We not responsible for the privacy policies or practices of any third party.

Information relating to electronic transactions entered into via this website will be protected by encryption technology. Please note that e-mail communications are typically not encrypted and should not be considered secure.

Cross-border Data Transfers:

Information that we collect may be stored and processed in and transferred between any of the countries in which we operate to enable the use of the information in accordance with this privacy policy.

In addition, personal information that you purposely submit for publication on the website will be published on the internet and may be available around the world.

V. Credit Card Security

No credit card information is stored by us. Any payments made to us will be processed through Windcave’s secure DPS Payment Express system using bank-grade security. Any credit card details stored for payments are done so on the DPS system. Payment Express protects personal information – at a minimum – to be compliant with the Payment Card Industry Data Security Standards (“PCI-DSS”).

VI. Accessing, Correcting and/or Deleting Your Personal Information

Subject to certain grounds for refusal set out in the Act, you have the right to access your readily retrievable personal information that we hold and to request a correction to your personal information. We offer the option of deleting any or all of your data we hold on file.  Before you exercise this right, we will need evidence to confirm that you are the individual to whom the personal information relates.

In respect of a request for correction, if we think the correction is reasonable and we are reasonably able to change the personal information, we will make the correction.  If we do not make the correction, we will take reasonable steps to note on the personal information that you requested the correction.

If you want to exercise any of the above rights, email our Data Protection Officer at privacy@blacksheeptouring.co.nz. Your email should provide evidence of who you are and set out the details of your request (eg the personal information, or the correction, that you are requesting).

VII. Cookies

Our website uses “cookies” to improve our visitors’ website experience. Cookies are small pieces of data sent to your browser by us or our partners. These are stored on your computer or other browsing device so that we can recognise the device when you return. We cannot identify you personally.

Cookies may provide us or our partners with information about your preferences so we can use it to personalise your website experience.

Third-party vendors such as Google Analytics use cookies to help us improve our site’s features and functions. This might include what pages you visit, your time on our site, and general demographic information about our user base as a whole. This information is used to create a more engaging user experience.

We may also collaborate with third-party sites to display advertising about us on their sites. These parties may use cookies to gather information about your prior visits to our site in order to serve ads to you relevant to your interests.

Most web browsers allow you to modify your settings so you can be alerted to the use of cookies, or allow you to refuse cookies entirely. Note, however, if you choose to reject cookies, you may not be able to use all of the features of our site.

VIII. Changes to This Policy

We may change this policy by uploading a revised policy onto our website. The change will apply from the date that we upload the revised policy. When a significant change is made to our Privacy Policy, we will inform you by email. You can also access our Privacy Policy on the footer of every email you receive from us.

VIX. Contact Us

If you have any questions about this privacy policy or Black Sheep Touring Co Ltd’s treatment of your personal information, please write to our Data Protection Officer:

Updated: 3 Dec 2018