The information, software, products, and services provided by us or our suppliers or published on our website may include inaccuracies or errors, including pricing errors. we do not guarantee the accuracy of, and disclaim all liability for any errors or other inaccuracies relating to such information that appears on our website.

Any ratings for suppliers are intended only as general guidelines, and we do not guarantee the accuracy of the ratings. we make no guarantees about the availability of specific products and services. we make no representations about the suitability of the information, software, products, and services provided by us or contained on our website for any purpose. the inclusion or offering of any products or services by us does not constitute our endorsement or recommendation of such product or service.

The carriers, hotels and other suppliers providing travel or other services on this website are independent contractors and not agents or employees of ours. we are not liable for the acts, errors, omissions, representations, warranties, breaches or negligence of any such suppliers or for any personal injuries, death, property damage, or other damages or expenses resulting therefrom.

We expressly reserve the right to correct any pricing errors on our website and/or on pending reservations made under an incorrect price. in such event, if available, we will offer you the opportunity to keep your pending reservation at the correct price or we will cancel your reservation without penalty.

All such information, software, products, and services are provided "as is" without warranty of any kind. we disclaim all warranties that our website, the server it uses or any email sent from us or our suppliers are free of viruses or other harmful components. we hereby disclaim all warranties and conditions with regard to this information, software, products, and services, including all implied warranties and conditions of merchantability, fitness for a particular purpose, title, and noninfringement.

We have no liability and will make no refund in the event of any delay, cancellation, overbooking, strike, force majeure or other causes beyond our control, and we have no responsibility for any additional expense, omissions, delays, re-routing or acts of any government or authority.

We are acting as an independent contractor and no joint venture, partnership or employment relationship exists between you and us or our Suppliers as a result of this Agreement or your use of our website.

We reserve the right at any time to modify this Agreement without prior notice to you. Please refer to our website www.classictravel.lk from time to time to review the most current version of the Agreement.

Your continued access or use of our website or services signifies your acceptance of the modifications to the Agreement.

WHAT PERSONAL INFORMATION COLLECTED FROM OUR CLIENTS

Depending on the nature of the service, we may collect a certain amount of personal information from you with your consent prior to using such information to provide convenience services in the future.

We will provide accurate quotes pertaining to the respective services for our customers using the contact details we gather from our Clients, information such as listed hereunder:

• Name, Title, Gender and Date of Birth

• Passport Copy/ No

• NIC Copy

• Contact Details (Address, Contact No, Email ID)

• Your occupation, Company and professional activities

• Visa Copy (If already obtained)

• Visa Checklist documents as requested by the Embassy

• Necessary other information as and when to provide the relevant service

HOW DATA IS COLLECTED

Personal information will be collected at the initial inquiry stage and booking stage over the following modes;

• Via Phone Contact

• Email

• Walk-In

• Social Media (such as Facebook & Instergram)

• Direct Website Inquiry

HOW WE USE YOUR DATA

Information gathered from Clients will be used for a variety of service oriented purposes. Listed below are some of the standard practices;

Quotes: to provide you with quotes for your travel, tour or other requirements as and when requested.

Marketing: to keep you updated about our products, services, future events and special offers that you have opt-in to receive and shown interest. This may be based on your travel preferences where appropriate. You can use the unsubscribe links in our marketing emails to remove yourself from the mailing list at any time. You may contact our Data Protection Officer for any enquiries or feedbacks about our personal data protection policies and procedures, or to request removal of your personal data from our Database entirely.

Bookings: for reservations of flights, hotels, holiday activities, for making payment, travel arrangements, security, incident/accident management and insurance, etc. Occasionally, when travelling overseas, it may be mandatory for us to disclose and share your information with immigrations, border control, security and anti-terrorism divisions of the respective country for reasons they determine appropriate. Some countries passenger data of the traveler should be provided in advance for granting permission to entry to their land (for example Caricom API and US secure flight data). These requirements may vary according to the destination hence travelers are advised to check prior to travel. If it is not a mandatory requirement we may exercise our discretion to assist where appropriate.

Sometimes it will be necessary to collect personal data considered as Special Category (Ex. Health, Religion, etc.) to cater to your needs or act in your interest. We will only be able to accept this data for booking purposes with your prior consent accordingly.

With your consent: We use your information where you have given us consent to do so for a specific purpose not listed above.

For clarity we may publish testimonials or featured customer comments to promote the Services, with your prior consent.

LAWFUL BASIS FOR USING YOUR PERSONAL DATA

Contract-The personal information we use are provided by you to draw a contract that you will enter with us pertaining to services required by you for a holiday or other arrangement or any request made by you regarding the services from us.

Consent: If it is necessary to process sensitive personal information in relation to your request (e.g. relating to health or religion), we will obtain your prior consent to receive this data and as well as to share it with suppliers when necessary.

Legitimate Interest: If you request any information regarding our products or services we will ensure such information are furnished to you in a timely manner. At any time, if you feel that you do not wish to receive any further information on forthcoming events, destination news and special offers, please do not hesitate to contact us through our contact details herein or use the unsubscribe option on our emails.

WHAT HAPPENS IF YOU DO NOT PROVIDE THE REQUIRED PERSONAL INFORMATION

If you refuse to provide Personal information, or withdraw the consent to provide the information for any of the purposes, it may unqualified us to answer your enquiries.

WHO DO WE SHARE YOUR DATA WITH

• We generally do not share personal data with third parties unless otherwise if it is a confirmed booking we may share such information with airlines, hotels and transport companies. Also we may share them with public authorities such as customs and immigration. Furthermore we will take steps to ensure that your personal data continues to receive a standard of protection.

• We sometimes use GDPR compliant third party software to help us with tasks and it needs to process your data via their servers for processes such as bookings, and sending marketing emails. We disclose only the personal information that is necessary to deliver the service and we have a contract in place that requires them to keep your information secure and not to use it for their own direct marketing purposes.

• WE WILL NEVER SHARE YOUR DATA WITH OTHER COMPANIES FOR MARKETING PURPOSES. NOR WILL WE SELL OR RENT YOUR DATA TO THIRD PARTIES.

• No third parties have access to your personal data unless the law allows them to do so.

• Our website contact forms are processed via our website email service provider. For further information please access the privacy policy herein.

• We use email marketing software to keep in touch with the customers. For further information please access the privacy statement herein.

HOW LONG WILL WE KEEP YOUR INFORMATION

With the consent that you provided we store all your personal data in our system and may retain such information as long as it is necessary to fulfil the purpose for which it was collected, or as required or permitted by applicable laws.

We will retain your personal data as follows:

• Personal data supplied for the purposes of a holiday enquiry or for the purpose of quotes will be retained for a minimum period relating to the valid date of a quote and for a maximum period of the length of our business relationship.

• Data supplied for the purposes of general enquiries will be kept until the enquiry has been satisfactorily answered.

• Personal details attached to your booking will remain on our booking system invoices and be retained in accordance with the law relating to income tax and audit purposes. We do not retain any payment card details and is fully PCI- DSS compliant.

HOW DO WE STORE YOUR DATA

No storage system or equipment are 100% guaranteed to secure data, but we have taken maximum precautions to safeguard your data wherever possible.

• Our website is protected by an SSL encryption certificate to create a secure link between our website and your browser for protection of your information from hackers.

• Our Website is hosted on highly secure UK data servers with dedicated firewall protection.

• We only use GDPR compliant third party service processors for helping us to manage tasks (such as sending you mailings). We disclose only the information that is necessary to deliver the service under a legally binding contract to keep your information secure and preventing them from using for their own direct marketing purposes.

• Enquiries made via our holiday search or offers pages are processed securely by third party software hosted on highly secure UK data servers.

• We store your personal details securely on our CRM software hosted on Sri Lankan servers.

• We have taken all reasonable steps and appropriate security measures to safeguard your personal data from unauthorized access, collection, use, disclosure, copying, modification, disposal or similar risks, and whereas we have introduced appropriate administrative, physical and technical measures such as up-to-date antivirus protection, encryption and the use password protected access to our in- house computer systems, data sharing agreements with joint controllers e.g. Tour Operators and processing contracts with our software providers and whereas all ours . All Staff members are well informed about our Data Protection polices and security measures.

• We store your personal details securely on our CRM software hosted on Sri Lankan servers and protected by password access.

YOUR RIGHTS

We will always try to ensure that the data we hold about you are up to date, reasonable and not excessive. You will always have the right to:

• be informed as to how we use your data (via this Privacy Statement)

• access or request a copy of the data which we hold about you

• correction request to update, amend or rectify any of the data which we hold about you

• Change your communication preferences at any time to restrict how we process your data, or opt out of some or all communication from Classic Travel (Pvt) Ltd.

• Request us to remove your personal data from our records

• withdraw consent, where it is used as a legal basis for processing

• Object to or restrict the processing of your information for any of the purposes above.

CHANGES TO OUR PRIVACY POLICY

We reserve the right to change or amend the privacy policy and whenever any changes or modifications occur, such updated Privacy Policy will be posted in this page to reflect the new changes to our Customers.