Data Protection & Privacy Principles

The following Data Protection and Privacy Principles set out the way that New Concept Travel - American Express GBT will collect, use, store, share, transmit, delete or otherwise process your personal data. Personal data means any information that relates to an identified or identifiable individual. The standard of personal data protection set out in these Principles will be used by New Concept Travel - American Express GBT, providing adequate and consistent protection for the processing of your personal data.

  1. 1. Collection

  2. We will only collect personal data that is needed and by lawful and fair means.

  3. 2. Notice and Processing

  4. Where it is not apparent from the products or services you require or the nature of your relationship with us, we will tell you how your personal data will be processed. We will process your personal data fairly and only for those purposes we have told you, for purposes permitted by you or as permitted by applicable law. In addition, you may object to certain types of processing as expressly permitted by applicable law.

  5. 3. Choice

  6. We give customers the option of having their personal data included or removed from lists used for marketing as required by applicable law. This includes product and service offers from New Concept Travel - American Express GBT and those made in conjunction with our business partners. Of course each of our businesses will continue to send customers information about the products or services they receive from that business.

  7. 4. Data Quality

  8. We use appropriate technology and well-defined employee practices to process your personal data promptly and accurately. We will not keep your personal data longer than is necessary, except as otherwise required by applicable law.

  9. 5. Security and Confidentiality

  10. We will keep your personal data confidential and limit access to your personal data to those who specifically need it to conduct their business activities, except as otherwise permitted by applicable law. We refer to industry standards and use reasonable administrative, technical and physical security measures to protect your personal data from unauthorised access, destruction, use, modification or disclosure. We require industry standard data security measures from those third parties who are authorised by us to process your personal data on our behalf.

  11. 6. Data Sharing

  12. We only share your personal data with third parties where it is necessary to provide you with products or services or as part of the nature of our relationship with you, where we have previously informed or been authorised by you, in connection with our efforts to reduce fraud or criminal activity, or as permitted by law.

  13. 7. Openness and Data Access

  14. If you ask, we will inform you about how your personal data is processed and the rights and remedies you have under these Principles. You may inquire as to the nature of the personal data stored or processed about you by New Concept Travel - American Express GBT. You will be provided access as is required by law, regardless of the location of the data processing and storage. If any data is inaccurate or incomplete, you may request that the data be amended.

  15. 8. International Transfer

  16. Where it is not apparent from the international products or services you require or the nature of your relationship with us, we will inform you if your personal data may be transferred outside of your country and ensure that such transfer is only performed in accordance with applicable law. Regardless of where your personal data is transferred, your personal data is protected by these Principles.

  17. 9. Responsibility

  18. We and our employees may only process your personal data in accordance with these Principles. We conduct training and reviews of our compliance with these Principles. Employees who violate these Principles may be subject to disciplinary action, up to and including dismissal. Employees are expected to report violation of these Principles, and may do so to their managers, to their business unit's compliance officer, to the legal department or to the Privacy Office.

  19. 10. Accountability

  20. If you have a complaint that we have breached these Principles and have attempted in good faith to resolve the complaint through our customer service process, but the complaint was not resolved by us within a reasonable amount of time, then you may enforce these Principles against us. If you complain to the data protection authority and the data protection authority finds that we have breached these Principles, we will abide by the findings of the data protection authority, but we reserve the right to challenge or appeal such findings. These Principles do not affect any rights you have under applicable law, the requirements of any applicable regulatory data protection authority, or any other type of agreement that you may have with us.

These Principles emphasize our commitment to protect your personal data, demonstrating our commitment to privacy.

If you have questions or comments about these Principles, please contact us:

Phone: +4 021 2317071