Privacy Policy

Last Updated: July 1, 2021

At Out2Africa, your privacy matters. When you use our services, you trust us to protect your personal data. This Privacy Policy explains what data we collect, why, and how we handle it. "Out2Africa," "we," or "us" refers to Rhino Africa Safaris (PTY) LTD, registered in South Africa under company registration number 2014/101371/07.

Headquarters: 103 Francis Street, Zonnebloem, 7925, Cape Town, South Africa. London office: First Base Old Street Ltd, The old Fire Station, 140 Tabernacle Street EC2A 4SD, London, United Kingdom.

If you enquire or book for others, you must ensure they're aware of and agree to this policy. By submitting data while enquiring or booking, you consent to the transfer, storage and processing described here.

Information we collect

Personal data you provide us

When enquiring, we may collect your name, address, email, phone number, travel preferences, and arrangement details. When booking, we may also collect date of birth and passport details for all passengers.

We may need sensitive personal data about medical conditions, disabilities and special requirements (like dietary requests revealing religious beliefs) to meet your booking needs. We collect this through a secure website interface with your consent.

Personal data for legal and compliance purposes

We process your data to meet legal, compliance and regulatory obligations, respond to legal claims, and protect our property and rights. This includes fraud prevention, identity verification, credit checking and accounting. Our offices may use CCTV for security.

Personal data from third parties

We collect data from third parties you've authorized (like travel agents, companions, coordinators, promotion partners, social media sites). We also collect data from individuals who refer you, after confirming you're happy to hear from us.

Sensitive personal data

We generally minimize collection of sensitive data. Where collected, we handle it with extra care and share it with third parties who help manage our business and deliver services. By providing sensitive data, you consent to our use for the purposes collected.

Payment data

We collect different data depending on payment method (credit card, bank transfer, cash). For credit cards, this includes cardholder name, address, card number, expiry date and CVC code.

Automatically collected data

When using our services, we automatically collect information about your usage, including:

Geo-location data from your IP address
Usage and log data (access dates/times, session duration, clicks, browser type, pages shown)
Computer operating system data (application versions, language settings)
Mobile device type and network information

How we use your information

We use, store, and process information to create tailor-made travel itineraries, for marketing, data analytics, profiling and to improve service quality.

To create tailor-made travel itineraries

We use your data to:

Fulfill our contract and process bookings, sending itineraries and booking details
Update you on travel itinerary changes (booking changes, flight delays/cancellations)
Manage travel requirements by liaising with airlines, service providers and travel facilitators
Process payments, fulfill refund requests, and handle accounting/audits
Personalize service and offers based on previous experiences, transactions or preferences
Communicate with you throughout your journey
Communicate with airlines, accommodation providers and other parties about your experience

For marketing purposes

We may use data to inform you about products and services we think may interest you, based on your preferences, Cookies, interactions with us (including social media) or market research. We may also share relevant corporate services information.

We work with social media and digital websites to provide advertisements. We provide them your name and contact details; if they match your profile, they'll serve our ads without identifying you to us or sharing other data.

We only send direct marketing according to your preferences, via email, SMS/text, social media or other channels. You can unsubscribe anytime by contacting us or using the unsubscribe option. Unsubscribing from marketing won't stop operational and service messages about your booking or enquiries.

For profiling purposes

We use data like date of birth, gender, country of residence, transactions, Cookie-derived information, preferences and behaviors for profiling to:

Better understand what you'd like from us
Provide tailored online content and optimize website experience
Provide tailored advertisements on other websites including social media
Share marketing material we believe may interest you
Operate services more efficiently

We ensure our legitimate interest doesn't override your interests or fundamental rights before profiling.

For data analytics

We aggregate and anonymize data to analyze patterns, improve marketing/promotional efforts, analyze website use, improve content/products/services, customize website content/layout/products/services, and support business operations. We may appoint third parties for this.

We gather usage information like visitor numbers/frequency, which website redirected you, pages visited, browser type, device ID and IP address. This helps us understand how customers use our website and research demographics, interests and behavior. We do this partly by installing and using Cookies.

To improve service quality

We may use your data to:

Improve or create new products and services
Conduct customer satisfaction surveys to understand how to improve
Improve internal systems for testing, IT maintenance/development, training, benchmarking and performance measurement

Legal basis for using your information

We only collect, process, use, share and store data where we have appropriate legal basis:

To perform a contract or take steps to enter into one (managing enquiries/bookings, taking payment, completing travel arrangements)
For our legitimate interest as a commercial organization (recording consultant calls, capturing website interactions to identify issues and ensure customer experience meets expectations), always in a proportionate way respecting your privacy
To comply with legal or regulatory obligations
With your consent for particular activities (like sharing special offers)

How we share your information

We don't share data outside Out2Africa except in these cases:

With your consent

We share data when you've provided consent as described at the time.

Service providers of your travel itinerary

We share data with service providers whose products/services you're purchasing (airlines, tourism agencies, hotels, transfer/car hire companies, tour/excursion providers, travel agents), including if there's a booking problem.

Third-party service providers

We share data with third parties who help manage our business and deliver products/services. They've agreed to confidentiality obligations. They:

Help manage IT and back-office systems
Advertise our company online and using social media
Manage communications and tailor marketing campaigns
Provide internet and infrastructure services
Conduct consumer interest research

Payment providers

We share reservation details with payment service providers and financial institutions to verify payments (banks, payment card companies). We may share information with financial institutions to detect fraudulent transactions and security incidents.

For legal reasons

We may share data with governments, government organizations/agencies, border control, regulators, law enforcement and others as permitted or required by law, for API or other legal requirements when traveling to/from particular countries, and to comply with laws, regulations, rules, and governmental requests.

Aggregated data

We may share aggregated data (combined data no longer identifying individual users/clients) and non-personally identifiable information for analysis, demographic profiling, marketing, advertising and other business purposes.

How we protect and store your information

Protection of your personal data

We've implemented and maintain appropriate technical and organizational security measures, policies and procedures to protect shared data and safeguard privacy. Measures include:

Confidentiality requirements on staff and service providers
Destroying or permanently anonymizing data no longer needed
Following security procedures for storage and disclosure to prevent unauthorized access
Using secure communication channels like SSL for transmitting data

Storage of your personal data

We keep data as long as reasonably necessary for the purposes collected (managing bookings, providing products/services). We ensure secure disposal.

We may store data longer where required by legal, regulatory, tax or accounting requirements. In specific circumstances, we may store data longer to maintain accurate records in case of complaints or potential litigation.

Other important information

Children's personal data

For children under 16, our services require lawful consent from a parent or guardian. Where a child is part of a booking, we collect and use their data only as provided by the parent/guardian with their consent.

We reserve the right to erase all data of any child under 16 if we learn it was provided without lawful parental/guardian consent.

How we use Cookies

A cookie is a small computer file downloaded to your device. It collects information about how you navigate our websites and the internet, helping us provide better services. Cookies can't harm your computer and are industry standard text files containing only visitor-provided information. Users may configure browsers to not accept our cookies.

Cookies may collect personal data about you. They help us remember visit information, settings and searches. They enable us to understand who's seen which pages and how frequently, determine popular website areas, operate efficiently, customize your view to reflect preferences/activities, and tailor marketing and advertisements on our website, other websites, social media and other devices.

Managing cookies in Chrome

On your computer, open Chrome, click More then Settings at top right. Under "Privacy and security", click "Cookies and other site data". From here you can:

Modify general settings: Allow all cookies, Block all cookies, Block third-party cookies in Incognito, Block third-party cookies
Add/remove sites to specific categories: Sites that can always use cookies, Always clear cookies when windows close, Sites that can never use cookies

Managing cookies in Safari on Mac

In Safari app on Mac, choose Safari > Preferences, click Privacy, then:

Prevent trackers: Select "Prevent cross-site tracking". Cookies and data are deleted unless you visit and interact with trackers' websites
Always block cookies: Select "Block all cookies". This may prevent some websites from working properly
Always allow cookies: Deselect "Block all cookies"
Remove stored cookies/data: Click Manage Website Data, select websites, click Remove or Remove All. This may reduce tracking but may log you out or change website behavior

Managing cookies in other browsers/devices

Check the support website for your browser or device for instructions.

Your rights

You have certain rights regarding your personal data. We may ask for additional information to confirm your identity and for security purposes before disclosing data. Exercise rights by emailing dataprotection@rhinoafrica.com. We'll make every reasonable effort to honor your request within 30 days or inform you if we need further information.

We may not always fully address your request, for example if it impacts confidentiality duties to others, or if we're legally entitled to deal with it differently.

Access your personal data

You have the right to reasonable access to your data. You may request copies of data you've provided in structured, commonly used, machine-readable format.

Rectify inaccurate or incomplete data

You have the right to request we rectify inaccurate data. We may verify accuracy before rectifying.

Erase your personal data

If you no longer want us using your information, you can request erasure in limited circumstances where:

It's no longer needed for collection purposes
You've withdrawn consent (where processing was based on consent)
Following successful objection
It's been processed unlawfully

We're not required to comply if processing is necessary:

For legal obligation compliance
For establishment, exercise or defense of legal claims

Note that if you request erasure:

We may retain some data as necessary for legitimate business interests like fraud detection/prevention and safety enhancement
Residual copies may remain in backup systems for a limited period due to maintenance and protection from loss/destruction

Object to processing

You can object to any processing with our legitimate interests as legal basis if you believe your fundamental rights and freedoms outweigh our legitimate interests.

Lodge a complaint with a regulator

If you think we haven't complied with data protection laws, you can lodge a complaint with your local supervisory authority.

Changes to this policy

We reserve the right to modify this Privacy Policy at any time in our sole discretion. If we make changes, we'll post the revised policy on our websites and update the "Last Updated" date at the top. Once available on our websites, your continued access or use constitutes acceptance of the revised policy.

Contact Us

Rhino Africa HQ

103 Francis Street, Zonnebloem, 7925

Cape Town, South Africa

Rhino Africa London Office

First Base Old Street Ltd

The old Fire Station, 140 Tabernacle Street

EC2A 4SD, London, United Kingdom