Blackstone and Sterling / Zogute Limited / ShareTrips GDPR Compliance Notice
Effective Date: 7 July, 2023
This GDPR Compliance Notice ("Notice") explains how Blackstone and Sterling/Zogute Limited/ShareTrips ("we," "us," or "our") complies with the requirements of the General Data Protection Regulation (GDPR) when processing personal data of individuals in the European Economic Area (EEA).
Data Controller and Contact Information
We act as the data controller for the personal data collected and processed through our website and application (collectively referred to as the "Platform"). If you have any questions or concerns about the processing of your personal data, you can contact us at:
ROOM 409, BEVERLEY COMMERCIAL CENTRE,
87-105 CHATHAM ROAD SOUTH,
TSIM SHA TSUI, KOWLOON, Hong Kong
Types of Personal Data Processed
When you access and use our Platform, we may collect and process the following types of personal data:
- Contact information, such as your name and email address
- Demographic information, such as your age and gender
- Device information, such as your IP address and browser type
- Usage information, such as pages visited and features used
- Payment information, if applicable, processed by our third-party payment service providers
Purposes and Legal Bases of Processing
We process personal data for the following purposes and legal bases:
- To provide and improve our services: Processing is necessary for the performance of a contract or to take steps at your request before entering into a contract.
- To communicate with you: Processing is based on our legitimate interests in responding to your inquiries, requests, or transactions.
- To personalize and enhance your experience on the Platform: Processing is based on our legitimate interests in improving our services and providing a customized user experience.
- To send promotional materials and updates: Processing is based on your consent, which you can withdraw at any time.
- To comply with legal obligations: Processing is necessary to comply with our legal obligations.
- To protect our rights and interests: Processing is based on our legitimate interests in preventing fraud, enforcing our terms and conditions, and defending against legal claims.
We may transfer your personal data to recipients located outside the EEA, including our third-party service providers. When transferring personal data to countries that do not provide an adequate level of data protection, we implement appropriate safeguards, such as standard contractual clauses approved by the European Commission, to ensure the security and protection of your personal data.
We retain your personal data for as long as necessary to fulfill the purposes for which it was collected, unless a longer retention period is required or permitted by law.
Under the GDPR, you have certain rights regarding your personal data, including:
- The right to access: You have the right to request access to the personal data we hold about you.
- The right to rectification: You have the right to request the correction of inaccurate or incomplete personal data.
- The right to erasure: You have the right to request the deletion of your personal data under certain circumstances.
- The right to restrict processing: You have the right to request the restriction of processing of your personal data under certain circumstances.
- The right to data portability: You have the right to receive a copy of your personal data in a structured, commonly used, and machine-readable format and to transmit it to another data controller.
- The right to object: You have the right to object to the processing of your personal data under certain circumstances, including for direct marketing purposes.
- The right to withdraw consent: If we process your personal data based on your consent, you have the right to withdraw your consent at any time.
To exercise your rights or if you have any questions or concerns, please contact us using the contact information provided in Section 1 of this Notice.
Changes to this Notice
We may update this Notice from time to time to reflect changes in our privacy practices. Any updates will be posted on our Platform. We encourage you to review this Notice periodically for the latest information on our GDPR compliance.
Last Updated: 7 July, 2023