We respect your need to understand how and why information is being collected, used, disclosed, transferred, and stored. Thus we have developed this policy to familiarize you with our practices. This policy sets out how we process your information on our website and other digital platforms by applicable data protection laws. You must read this policy together with any other policies we may provide on specific occasions while collecting or processing your data to make you aware of how and why we are using your data. This policy supplements the other notices and is not intended to override them.
Personal data includes any information about any user from which that person can be identified. It does not include personal data where the identity has been removed (anonymous data).
You may be asked for personal data while interacting with Andaman Connections directly or indirectly through a third party.
We collect, use and share aggregated data such as statistical or demographic data for any purpose. Aggregated data may be derived from your data but is not considered personal data in law as this data does not directly or indirectly reveal your identity.
However, if we combine or connect aggregated data with your data so that it can directly or indirectly identify you, we treat the combined data as personal data which will be used following this policy.
We collect, use, store and transfer different kinds of personal data about you as per the following categories:
The only way we will get any kind of personal data is if you choose to give it to us in the following circumstances-
(a) Direct interaction:
(b) Cookies and other technologies:
(c) Third parties or publicly available sources:
When you use our website we will use your data in the following circumstances:
We do not use your data for activities where our interests are overridden by the impact on you (unless we have your consent or are otherwise required or permitted to by law).
We will only process your personal data when the law allows us to, that is, when we have a legal basis for processing. We generally use the information to establish and enhance our relationship with our users for the following purposes:
While you make a booking:
We may also use your Personal Information for several reasons including but not limited to:
We may share your data with third parties for reasons cited below but not limited to:
We may use your personal information for Marketing Promotions, Research, and other programs:
Where required, we will (subject to our professional obligations and any terms of business which we may enter into with you) disclose your personal data to:
Taking into account the costs of implementation and the nature, scope, context, and purposes of processing as well as the risk of varying likelihood and severity for the rights and freedoms of natural persons, we implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk of processing, including:
(a) the bogus and encryption of personal data;
(b) the ability to ensure the ongoing confidentiality, integrity, availability, and resilience of processing systems and services;
(c) the ability to restore the availability and access to personal data promptly in the event of a physical or technical incident; and
(d) a process for regularly testing, assessing, and evaluating the effectiveness of technical and organizational measures for ensuring the security of the processing.
We ensure that those who have permanent or regular access to personal data, or that are involved in the processing of personal data, or in the development of tools used to process personal data, are trained and informed of their rights and responsibilities when processing personal data.
To protect your data and prevent unauthorized access, we have put in place appropriate security measures and certifications. We have an SSL site and the user should use it to protect the information transmission while transacting online.
We reserve the right to update or change this policy at any time and we will provide you with the updated policy when we make any substantial updates at the earliest, either through email or by providing a prominent notice of the change on our website. You should check the policy periodically. Your continued use of our website after we post any modifications to the policy on this page will constitute your acknowledgment of the modifications and your consent to abide and be bound by the modified notice.
Under certain circumstances, you have rights under applicable data protection laws about your data. It is our policy to respect your rights. We will act promptly and by any applicable law, rule, or regulation relating to the processing of your data.
Details of your rights under the General Data Protection Regulation (GDPR) are mentioned below:
(a) right to be informed about how personal data is used – you have a right to be informed about how we will use and share your data. This explanation will be provided to you in a concise, transparent, intelligible, and easily accessible format and will be written in clear and plain language;
(b) right to access personal data – you have a right to obtain confirmation of whether we are processing your data, access to your data, and information regarding how your data is being used by us;
(c) right to have inaccurate personal data rectified – you have a right to have any inaccurate or incomplete personal data rectified. If we have disclosed the relevant personal data to any third parties, we will take reasonable steps to inform those third parties of the rectification where possible;
(d) right to have personal data erased in certain circumstances – you have a right to request that certain personal data held by us be erased. This is also known as the right to be forgotten. This is not a blanket right to require all personal data to be deleted. We will consider each request carefully under the requirements of any laws relating to the processing of your data;
(e) right to restrict the processing of personal data in certain circumstances – you have a right to block the processing of your data in certain circumstances. This right arises if you are disputing the accuracy of personal data if you have objected to processing, if the processing of personal data is unlawful and you oppose erasure and request restriction instead or if the personal data is no longer required by us but you require the personal data to be retained to establish, exercise or defend a legal claim;
(f) right to data portability – in certain circumstances you can request to receive a copy of your data in a commonly used electronic format. This right only applies to personal data that you have provided to us (for example by completing a form or providing information through a website). Information about you that has been gathered by monitoring your behavior will also be subject to the right to data portability. The right to data portability only applies if the processing is based on your consent or if the personal data must be processed for the performance of a contract and the processing is carried out by automated means (i.e. electronically);
(g) right to object to the processing of personal data in certain circumstances, including where personal data is used for marketing purposes – you have a right to object to processing being carried out by us if (a) we are processing personal data based on legitimate interests or for the performance of a task in the public interest (including profiling), (b) if we are using personal data for direct marketing purposes, or (c) if the information is being processed for scientific or historical research or statistical purposes. You will be informed that you have a right to object at the point of data collection and the right to object will be explicitly brought to your attention and be presented clearly and separately from any other information; and
(h) right not to be subject to automated decisions where the decision produces a legal effect or a similarly significant effect – you have a right not to be subject to a decision that is based on automated processing where the decision will produce a legal effect or a similarly significant effect on you.
We may need to request specific information from you to help us confirm your identity and ensure your right to access your data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information about your request to speed up our response.
We try to respond to all legitimate requests within one calendar month. Occasionally it may take us longer than one calendar month if your request is particularly complex or you have made several requests. In this case, we will notify you and keep you updated.