Privacy

YOUR PRIVACY

This site is owned and operated by Destinations Unlimited, inc. Your privacy on and off the Internet is of the utmost importance to us. Due to the sensitive nature of the information we sometimes gather from our customers, we believe it’s our responsibility to inform you of our policies, terms and conditions.

Destinations Unlimited, inc. is headquartered at 419 First Street SE, Cedar Rapids, IA 52401 with a branch office located at 755 S Gilbert Street, Iowa City, IA 52240.  In the course of offering information and travel-related services, our company collects, uses and discloses various information, including personal, in order to fulfill our service agreements to clients.  This information may include personal information such as legal name, date of birth, gender, etc.

 

INFORMATION CAPTURED AND/OR TRACKED BY DESTINATIONS UNLIMITED, INC.

Destinations Unlimited, inc. gathers many types of information about users, some of it personal information.  Personal information often means information on an individual who can be identified from that data.

Commonly, that information is obtained for the purpose of fulfilling any travel arrangements requested directly by you or by someone whom you’ve authorized.  However, some information may be used in our efforts to enhance our product or service offerings or our relationship with you in addition to gaining insight on interests our current and potential clients have.  Here are some different types of information we may capture using various methods such as e-mail, phone, etc.

  • Contact information (e.g. legal name, mailing/billing address, phone numbers, email address, etc.)
  • Payment information (e.g. complete debit or credit card information)
  • Travel-related information (e.g. passport or Visa, frequent flyer/guest membership numbers, seat preference, dietary concerns, supplier preferences, etc.)
  • Information that users provide through optional, voluntary submissions*. These are voluntary submissions to receive our electronic newsletters and/or specials, to participate in our online services, to request information from our agency, and from participation in polls and surveys.
  • Information Destinations Unlimited, inc. gathers through aggregated tracking information derived mainly by tallying page views throughout our sites. This information is for analytical purposes and is used to identify the demographics and usage of our customers. Destinations Unlimited, inc. does not sell your information to any third-party provider.  While we do track the analytics of our site such as browser used, device utilized to access our site, etc., we do not associate that data with any information about actual, individual users.

 

HOW WE COLLECT YOUR DATA

In accordance with local, federal data protection laws and compliance with regards to General Data Protection Regulation (GDPR), we request information from you during the course of our relationship with you whether that is direct in-person, via electronic communication such as email, fax, through our websites or social media accounts or through other forms of communication such as registration forms, newsletters, surveys, etc.  Information may be received from an authorized third party (e.g. spouse, family member, travel coordinator, employer, etc.) for the purpose of completing a travel request on your behalf.  This assumes that you have granted permission to the third-party whether by employment, verbal or written consent, or participation in coordinated programs.  If you are coordinating travel for another person (e.g. group booking), it is your responsibility to gain consent of the person for which you are working on behalf of.

If at any time you feel your personal information has been provided to us without your consent, or you wish for certain key information not be shared/maintained, feel free to contact us at dataprivacy@duagency.com.

 

HOW WE USE YOUR DATA

We utilize the data obtained from you or your authorized representative in the process of providing consultation for travel requests and in the process of fulfilling those requests.  As a data controller (for the purposes of GDPR) it may be necessary or required to transmit some or all of your data to a third-party.  This may be for the purposes of (but not limited to) securing travel arrangements on your behalf with third parties (e.g. hotels, cruise line, etc.), quality controlling your reservation, maintaining your arrangements, providing data and analytics for internal purposes or for your employer, fulfilling duty of care requirements for your employer, etc.  This means that travel service providers such as airlines, hotels, car rental companies, etc. may use your data as described in their own privacy policy.

It is advised that you review the individual privacy policies of the suppliers we’ve coordinated arrangements with on your behalf.  We act as an agent or reseller for hundreds of different travel suppliers across the globe, therefore it is not feasible for us to provide you policies for third-party travel providers.

We may also use your information, unless otherwise instructed by you or your authorized representative, for the purposes of marketing, engaging your feedback, or other agency-driven initiatives.

 

HOW LONG WE HOUSE YOUR DATA

Unless otherwise requested, we will house and maintain your data until you request to have your data purged from our databases or have it transferred to another travel provider in an easily readable format such as a Word document or Excel spreadsheet. Some information is maintained in travel-industry-specific tools that do not allow for export into a common file type.  In those situations will we purge your information from all non-compatible sources.

 

CHILDREN’S ONLINE PRIVACY PROTECTION ACT (COPPA)

Consistent with the Federal Children’s Online Privacy Protection Act of 1998 (COPPA), Destinations Unlimited, inc. will never knowingly request personally identifiable information from anyone under the age of 13 without requesting parental consent.

 

* OPTIONAL VOLUNTARY INFORMATION

Destinations Unlimited, inc. provides potential and existing customers the ability to submit a request to receive the following free services:

  1. Electronic Communications for Leisure, Corporate and Group Clients

We offer a free electronic newsletter to users and in order to distribute these publications, Destinations Unlimited, inc. captures the email addresses of users who voluntarily subscribe. Users may remove themselves from this mailing list by following the link provided in every newsletter that points users to the subscription management page. Users can also subscribe to the newsletters at the time of registration.

  1. Surveys

Destinations Unlimited, inc. may occasionally conduct user polls that enable us to customize our content and offerings to better serve our customers. Destinations Unlimited, inc. will never provide any survey information regarding specific individuals to a third-party.

 

SECURITY

Destinations Unlimited, inc. is fully PCI compliant and is audited quarterly to ensure that status remains in place. We also operate secure data networks protected by industry standard firewall and password protection systems.

 

CONSENT

By using the Destinations Unlimited, inc. site and accessing the content within, you consent to the collection and use of this information by Destinations Unlimited, inc. In the event our privacy policy should change, any updates will be posted to this site.

If you are a citizen of the European Union, you will be asked to complete a consent form that we will keep on file until you request your data be deleted or transferred to you.  The form can be found here.

 

SAFE HARBOR PRIVACY POLICY – COMMITMENT TO PRIVACY

Destinations Unlimited, inc. respects individual privacy and values the confidence of its customers, employees, business partners and others. Not only do we strive to collect, use and disclose personal information in a manner consistent with the laws of the countries in which it does business, but we also have a tradition of upholding the highest ethical standards in business practices. This Safe Harbor Privacy Policy (the “Policy”) sets forth the privacy principles Destinations Unlimited, inc. follows with respect to transfers of personal information from the European Economic Area (EEA) (which includes the twenty-seven member states of the European Union (EU) plus Iceland, Liechtenstein and Norway) to the United States.

 

SAFE HARBOR

The United States Department of Commerce and the European Commission have agreed on a set of data protection principles and frequently asked questions to enable U.S. companies to satisfy the requirement under European Union law that adequate protection be given to personal information transferred from the EEA to the United States (the “U.S.-EU Safe Harbor”). The EEA also has recognized the U.S.-EU Safe Harbor as providing adequate data protection (OJ L 45, 15.2.2001, p.47). Consistent with its commitment to protect personal privacy, Destinations Unlimited, inc. adheres to the principles set forth in the U.S.-EU Safe Harbor.

 

SCOPE

This Safe Harbor Privacy Policy (the “Policy”) applies to all personal information received by Destinations Unlimited, inc. in the United States from the EEA, in any format, including electronic, paper or verbal.

 

DEFINITIONS

For purposes of this Policy, the following definitions shall apply:

“Agent” means any third party that collects or uses personal information under the instructions of, and solely for, Destinations Unlimited, inc. or to which Destinations Unlimited, inc. discloses personal information for use on Destinations Unlimited, inc’s behalf.

“Personal information” means any information or set of information that identifies or could be used by or on behalf of Destinations Unlimited, inc. to identify an individual. Personal information does not include information that is encoded or anonymized, or publicly available information that has not been combined with non-public personal information.

“Sensitive personal information” means personal information that reveals race, ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, views or activities, that concerns health or sex life, information about social security benefits, or information on criminal or administrative proceedings and sanctions other than in the context of pending proceedings. In addition, Destinations Unlimited, inc. will treat as sensitive personal information any information received from a third party where that third party treats and identifies the information as sensitive.

 

PRIVACY PRINCIPLES

The privacy principles in this Policy have been developed based on the Safe Harbor Principles.

NOTICE: Where Destinations Unlimited, inc. collects personal information directly from individuals in the EEA, it will inform them about the purposes for which it collects and uses personal information about them, the types of non–agent third parties to which Destinations Unlimited, inc. discloses that information, the choices and means, if any, Destinations Unlimited, inc. offers individuals for limiting the use and disclosure of personal information about them, and how to contact Destinations Unlimited, inc. Notice will be provided in clear and conspicuous language when individuals are first asked to provide personal information to Destinations Unlimited, inc., or as soon as practicable thereafter, and in any event before Destinations Unlimited, inc. uses or discloses the information for a purpose other than that for which it was originally collected.

Where Destinations Unlimited, inc. receives personal information from its subsidiaries, affiliates or other entities in the EEA, it will use and disclose such information in accordance with the notices provided by such entities and the choices made by the individuals to whom such personal information relates.

CHOICE: Destinations Unlimited, inc. will offer individuals the opportunity to choose (opt-out) whether their personal information is (a) to be disclosed to a non-agent third party, or (b) to be used for a purpose other than the purpose for which it was originally collected or subsequently authorized by the individual.

For sensitive personal information, Destinations Unlimited, inc. will give individuals the opportunity to affirmatively and explicitly (opt-in) consent to the disclosure of the information to a non-agent third party or the use of the information for a purpose other than the purpose for which it was originally collected or subsequently authorized by the individual.

Destinations Unlimited, inc. will provide individuals with reasonable mechanisms to exercise their choices.

DATA INTEGRITY: Destinations Unlimited, inc. will use personal information only in ways that are compatible with the purposes for which it was collected or subsequently authorized by the individual. Destinations Unlimited, inc. will take reasonable steps to ensure that personal information is relevant to its intended use, accurate, complete and current.

TRANSFERS TO AGENTS: Destinations Unlimited, inc. will obtain assurances from its agents that they will safeguard personal information consistently with this Policy. Examples of appropriate assurances that may be provided by agents include: a contract obligating the agent to provide at least the same level of protection as is required by the relevant Safe Harbor Principles, being subject to EU Directive 95/46/EC (the EU Data Protection Directive), Safe Harbor certification by the agent, or being subject to another European Commission adequacy finding (e.g., companies located in Canada). Where Destinations Unlimited, inc. has knowledge that an agent is using or disclosing personal information in a manner contrary to this Policy, Destinations Unlimited, inc. will take reasonable steps to prevent or stop the use or disclosure.

ACCESS AND CORRECTION: Upon request, Destinations Unlimited, inc. will grant individuals reasonable access to personal information that it holds about them. In addition, Destinations Unlimited, inc. will take reasonable steps to permit individuals to correct, amend, or delete information that is demonstrated to be inaccurate or incomplete.  You may contact the Destinations Unlimited, inc. data security team at dataprivacy@duagency.com.

SECURITY: Destinations Unlimited, inc. will take reasonable precautions to protect personal information in its possession from loss, misuse and unauthorized access, disclosure, alteration and destruction.

ENFORCEMENT: Destinations Unlimited, inc. will conduct compliance audits of its relevant privacy practices to verify adherence to this Policy. Any employee that Destinations Unlimited, inc. determines is in violation of this policy will be subject to disciplinary action up to and including termination of employment.

DISPUTE RESOLUTION: Destinations Unlimited, inc. participates in the EU Safe Harbor Privacy Framework as set forth by the United States Department of Commerce. As part of our participation in safe harbor, we have agreed to the TRUSTe Dispute Resolution Requirements for disputes relating to our compliance with the Safe Harbor Privacy Framework. If you have complaints regarding our compliance with the Safe Harbor you should first contact the Travel and Transport Legal Counsel at the address given below. If contacting us does not resolve your complaint, you may raise your complaint by contacting TRUSTe here , by fax at 415-520-3420, or mail at Watchdog Complaints, TRUSTe, 55 2nd Street, 2nd Floor, San Francisco, CA, USA 94105. If you are faxing or mailing TRUSTe to lodge a complaint, you must include the following information: the name of company, the alleged privacy violation, your contact information, and whether you would like the particulars of your complaints shared with the company. For information about TRUSTe or the operation of TRUSTe’s dispute resolution process, please visit TRUSTe or request this information from TRUSTe at any of the addresses listed above. The TRUSTe dispute resolution process shall be conducted in English.

 

LIMITATION ON APPLICATION OF PRINCIPLES

Adherence by Destinations Unlimited, inc. to these Safe Harbor Principles may be limited (a) to the extent required to respond to a legal or ethical obligation; (b) to the extent necessary to meet national security, public interest or law enforcement obligations; and (c) to the extent expressly permitted by an applicable law, rule or regulation.

 

INTERNET PRIVACY

Destinations Unlimited, inc. sees the Internet and the use of other technology as valuable tools to communicate and interact with consumers, employees, business partners and others. Destinations Unlimited, inc. recognizes the importance of maintaining the privacy of information collected online and has created a specific Internet Privacy Policy governing the treatment of personal information collected through web sites that it operates. With respect to personal information that is transferred from the European Economic Area to the U.S., the Internet Privacy Policy is subordinate to this Policy. However, the Internet Privacy Policy also reflects additional legal requirements and evolving standards with respect to Internet privacy.

 

CONTACT INFORMATION

Questions or comments regarding this Policy should be submitted to the Destinations Unlimited, inc. by mail to:

Destinations Unlimited, inc.
Attn: Owner
419 First Street SE
Cedar Rapids, IA 52401

Or by e-mail to dataprivacy@duagency.com

 

CHANGES TO THIS SAFE HARBOR PRIVACY POLICY

This Policy may be amended from time to time, consistent with the requirements of the Safe Harbor Principles or for GDPR compliance. A notice will be posted on our website at www.duagency.com for 60 days whenever the policy is changed in a material way.

EFFECTIVE DATE: July 30, 2018