GDPR Compliance Statement
On 25 May 2018, the EU General Data Protection Regulation (Regulation EU 2016/679) replaced the existing EU Data Protection Directive (European Directive 95/46/EC).
The GDPR applies to all companies operating within the EU and European Economic Area, and to any companies outside the EU/EEA who may offer services to people resident in the EU/EEA.
Following an extensive global project, Malaxianakis Emmanouil with distinctive titles “Uncharted Escapes” (formerly “Safari Adventures”) is pleased to confirm that it complies with the new GDPR requirements in all locations where the personal data of EU residents is processed within the ATPI group.
Malaxianakis Emmanouil “Uncharted Escapes” (formerly “Safari Adventures”) processes personal data of EU/EEA citizens as Data Processor acting on behalf of our clients who are the Data Controller, and as such that contractual arrangement is the lawful basis on which data is processed by ATPI within the GDPR.
To achieve compliance with the GDPR, the following exercises were completed:
DATA MAPPING & SECURITY
Malaxianakis Emmanouil “Uncharted Escapes” (formerly “Safari Adventures”) has reviewed where and how its travel management services collect, use, store and dispose of personal data and has updated its policies, procedures, governance and documentation as needed. This includes production of a thorough data processing ‘map’ to fully understand the impact of the GDPR on all global services. The company only houses personal data in fully certified (ISO 27001) data centres to which access is strictly controlled and monitored, will with all data encrypted both at rest and during transit to ensure maximum levels of data security are maintained at all times.
CONTRACTUAL COMMITMENTS
Malaxianakis Emmanouil “Uncharted Escapes” (formerly “Safari Adventures”) has reviewed its contractual commitments with its clients, partners, and suppliers as needed to directly address GDPR requirements and ensure full compliance with all relevant Articles of the Regulation. All contracts identify compliance with relevant Data Protection law in any jurisdiction in which Malaxianakis Emmanouil “Uncharted Escapes” (formerly “Safari Adventures”) operates. Any trading clients with whom no contract is established have been asked to acknowledge their role within Data Protection law as a Data Controller, and Malaxianakis Emmanouil “Uncharted Escapes” (formerly “Safari Adventures”) as their appointed Data Processor.
CROSS-BORDER DATA TRANSFER
To ensure Malaxianakis Emmanouil “Uncharted Escapes” (formerly “Safari Adventures”) fully complies with the GDPR requirements to legally transfer data from the EU/EEA to the rest of the world as may be necessary to provide travel management services; In compliance with the Privacy Shield Principles, Malaxianakis Emmanouil “Uncharted Escapes” (formerly “Safari Adventures”) commits to resolve complaints about our collection or use of your personal information. EU and non EU individuals with inquiries or complaints regarding our Privacy Shield policy should first contact our DPO at the contact details set out in the Data Protection Officer section below.
EMPLOYEE TRAINING AND AWARENESS
All Malaxianakis Emmanouil “Uncharted Escapes” (formerly “Safari Adventures”) employees globally have undertaken mandatory data privacy and security training, including specific GDPR requirement awareness. Malaxianakis Emmanouil “Safari Adventures” and “Uncharted Escapes” will continue to update existing training modules based on changes to the GDPR that may occur. In addition to these training requirements, Malaxianakis Emmanouil “Safari Adventures” and “Uncharted Escapes” conducts ongoing awareness initiatives on a variety of topics, including data protection, security and privacy, and conducts internal auditing for assurance of knowledge and application.
RIGHTS OF INDIVIDUALS
The GDPR retains the rights of individuals from previous EU data protection legislation, and introduces additional rights from 25 May. Malaxianakis Emmanouil “Uncharted Escapes” (formerly “Safari Adventures”) has reviewed all of its internal procedures to ensure that the rights of individuals are fully respected at all times, and to ensure that all staff receive training on the process to follow if an individual wishes to exercise their rights. This is made clear in the https://www.unchartedescapes.com/terms-conditions
DATA PROTECTION OFFICER
Malaxianakis Emmanouil “Uncharted Escapes” (formerly “Safari Adventures”) and has formally appointed the Company Owner as the Data Protection Officer for the Malaxianakis Emmanouil “Safari Adventures” and “Uncharted Escapes” in accordance with the requirements of the GDPR. The Data Protection Officer’s contact details are:
Malaxianakis Emmanouil
Georgiakakidon 31str, Chania, Crete, Greece
Zip Code: GR73131
Email: info@unchartedescapes.com