Cisco’s global privacy program and policies have been approved by the Dutch, Polish, Spanish, and other relevant European privacy regulators as providing adequate safeguards for the protection of privacy, fundamental rights, and freedoms of individuals for transfers of. In recent years, the usage and complexity of browser cookies has increased significantly. This largely went unnoticed by most users. To be sure, minimize this invasive monitoring by reading on. In this post we’ll summarize how Cookies gather information about you. Learn how to manage web cookies to protect your online privacy.
- Cookie 5 7 3 – Protect Your Online Privacy Concerns Regarding
- Cookie 5 7 3 – Protect Your Online Privacy Concerns Without
- Cookie 5 7 3 – Protect Your Online Privacy Concerns Among
- Cookie 5 7 3 – Protect Your Online Privacy Concerns Act
Effective May 25, 2018
Cleartrip is fanatical about protecting your privacy.
Since tracking cookies are used to gather information about you without your authorization, they present a real threat to your online privacy. Tracking cookies like third-party cookies aren’t used to enhance your experience but rather to keep track of your activity across certain websites.
If you have any questions about our Privacy Policy, you can contact us at [email protected] and include ‘Privacy Policy’ in the subject line.
1. Privacy Policy Overview
1.1 This Policy explains how we may process your information. This Policy may be amended or updated from time to time, so please check it regularly for updates.
1.2 Cleartrip Private Limited with its affiliates and its subsidiary Cleartrip Packages and Tours Private Limited (collectively referred to as “Cleartrip”, “us”, “our” or “we”), provides travel related services and leisure activities (“Services”) through its websites www.cleartrip.com; www.agentbox.com; and www.cleartripforbuisiness.com (“Website”) and Mobile Application (hereinafter collectively referred to as “Booking Platform”).
1.3 This Privacy Policy applies to all information collected about you by Cleartrip, regardless of how it is collected or stored, and describes, among other things, the types of information collected about you when you interact with the Services, how your information may be used, when your information may be disclosed, how you can control the use and disclosure of your information, and how your information is protected.
1.4 Except as otherwise noted in this Privacy Policy, Cleartrip is a data controller under the EU General Data Protection Regulation (“GDPR”), which means that we decide how and why the information you provide to us is processed. Contact details are provided in Section 17 below. This Policy may be amended or updated from time to time to reflect changes in our practices with respect to the Processing of your information, or changes in applicable law. We encourage you to read this Policy carefully, and to regularly check this page to review any changes we might make.
2. What Categories of Information We May Process
2.1 On your accessing of the Booking Platform, we may process the following categories of information about you, such as:
- Personal details: your username or login details; e-mail id; contact number(s);
- Booking information: which includes information about your travel, PNR details, bookings, co-passengers, travel preferences etc.
- Demographic information: gender; age/date of birth; nationality;
- Location information: location data that describes the precise geographic location of your device (“Precise Location Data”).
- Purchase and payment details: records of travel services purchases and prices; invoice records; payment records; payment method; cardholder or account-holder name; payment amount; and payment date.
- Other information that may be requested or gathered while you visit, access or use the Booking Platform.
- We may also Process information about you from your use of our Services (e.g., the type of device you are using, I.P address, the internet service provider, etc)
2.2 We also collect other kinds of information from you or other sources, which we refer to as “Other Information” in this Policy, which may include but is not limited to:
- Information about your use of the Services, such as usage data and statistical information, which may be aggregated.
- Browsing history on the Booking Platform;
- Non-precise information about the approximate physical location (for example, at the city) of a user’s computer or device derived from the IP address of such computer or device (“GeoIP Data”).
- Device identification (“ID”), which is a distinctive number associated with a smartphone or similar handheld device, but is different than a hardware serial number.
- Internet Protocol (“IP”) address, which is a unique string of numbers automatically assigned to your device whenever you access the Internet.
- Internet connection means, such as internet service provider (“ISP”), mobile operator, WiFi connection, service set identifier (“SSID”), International Mobile Subscriber Identity (“IMSI”) and International Mobile Equipment Identity (“IMEI”).
- Information collected through the use of cookies, eTags, Javascript, pixel tags, device ID tracking, anonymous identifiers and other technologies, including information collected using such methods and technologies about (i) your visits to the Booking Platform and engagement with, the Services, content and ads on third party websites, applications, platforms and other media channels (“Channels”), and (ii) your interaction with emails including the content and ads therein (collectively, “Online Data”).
- Device type, settings and software used.
- Log files, which may include IP addresses, browser type, ISP referring/exit pages, operating system,
- Web Beacons, which are electronic files that allow a website to count users who have visited that page or to access certain cookies.
- Pixel Tags, also known as clear GIFs, beacons, spotlight tags or web bugs, which are a method for passing information from the user’s computer to a third party website.
- Local Shared Objects, such as Flash cookies, and Local Storage, such as HTML5.
- Mobile analytics to understand the functionality of our mobile applications and software on your phone.
Under certain circumstances and depending on applicable law, some of this Other Information may constitute Personal Information. Personal Information together with Other Information is hereinafter referred to as “User Information”.
“Personal Information” means information that is about any individual, or from which any individual is directly or indirectly identifiable.
“Process”, “Processing” or “Processed” means anything that is done with any Personal Information, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
3. Sensitive Personal Information
3.1 We do not seek to collect or otherwise Process your Sensitive Personal Information. Where we need to Process your Sensitive Personal Information for legitimate purpose, we do so in accordance with applicable law. The Services are not intended for use by children.
3.2 We do not collect or otherwise Process Personal Information about race, religion, sexual orientation or health or any other information that may be deemed to be sensitive under GDPR (collectively, “Sensitive Personal Information”) in the ordinary course of our business.
3.3 Children: The Travel Services are not intended for the use by Children below the age of 18 years. For availing the services on Booking Platform by the children below 18 years, parental consent will be necessary.
4. How We Collect or Create Information
4.1 We may collect or obtain User Information about you: directly from you (e.g, when you visit our Booking Platform); in course of our relationship with you (e.ge, if you utilize travel services); when you make your Personal Information public (e.g., if you make a public post about us on social media); when you download, install or use any of our Services. We may also receive User Information about you from third parties (e.g., our travel affiliate partners.) We may also create User Information about you, such as records of your interactions with us. Cleartrip is not responsible for Personal Information you volunteer about yourself in public areas of the Services. This Policy does not cover the practices of third parties who many provide information about you to Cleartrip.
4.2 Creation of User Information. We may also create User Information about you, such as records of your interactions with us and details of your travel history, for internal administrative purposes and analysis. We may also combine data you have provided to us with data obtained from third parties such as social networks and other data collection entities.
5. Purposes for Which We May Process Your Information
We may process User Information for following purposes: providing the Services to you; communicating with you; providing advertising to you on the Services and Channels; Lead generation; analyzing your travel interest; observing user engagement and booking travel activities across Services and Channels; conducting surveys; managing our IT systems i.e. identification and mitigation of fraudulent activity; compliance with applicable law; and improving our Services
6. Direct Marketing
We may process your User Information to contact you via email, telephone, SMS or other methods of communication to provide you with information regarding our Services that may be of interest to you. We may send information to you regarding our Services, travel offers; upcoming promotions that may be of interest to you, using the contact details that you have provided to us and always in compliance with applicable law.
7. Cookies, Similar Technologies and Online Behavioral Advertising
7.1 We may Process your User Information by placing or reading Cookies or similar technologies on the Services and Channels. For more information, please see our Cookie Policy. Certain tracking technologies enable us to assign a unique identifier to you, and relate information about your use of the Services to Other Information about you, including your User Information for the purpose of learning more about your travel preferences. We and our partners also use these technologies to administer the Services; collect and store information such as user settings, anonymous browser identifiers; track user’s location; gather demographic information about our user base; visitor behavior etc. We use this information to get a more accurate picture of customer travel interest.
Twistedwave 1 20 1 – powerful audio editor. 7.2 You can control the use of cookies at the individual browser level, but if you choose to disable cookies, it may limit your use of certain features or functions on the Services. Please see our Cookie Policy for more information, including a more in-depth explanation of what cookies are, the different types of cookies used on the Services, and how to change or delete them.
7.3 Online Data that we collect through cookies, is aggregated with the Other Information and data we collect as described in this Privacy Policy and/or similar data collected by partners to create groups of users and certain general-interest categories or segments that we have inferred based on (a) demographic or interest data and GeoIP Data, (b) the pages you view and links you click when viewing an email or using the Services and those of our partners, and/or © the search terms you enter when using certain search services. We use this information to get a more accurate picture of audience interests in order to provide travel updates we believe are more relevant to your interests. We store page views, clicks and search terms used for ad personalization targeting separately from your Personal Information.
8. What is the Lawful Basis for Processing Personal Information
8.1 We may process your User Information where: you have given your consent (this legal basis is only used in relation to Processing that is entirely voluntary – it is not used for Processing that is necessary or obligatory in any way) ; the Processing is necessary for a contract between you and us; the Processing is required by applicable law; the Processing is necessary to protect the vital interests of any individual; or where we have a valid legitimate interest in the Processing.
9. What Information We Disclose to Third Parties
9.1 We may disclose your User Information to other entities within the Company group, for legitimate business purposes (including operating the Services, and providing services to you), in accordance with applicable law.
In addition, we may disclose your User Information to:
- Any relevant third Party Service Providers such as an Airline, Hotel, Activity Service Provider/s who provide the end services;
- legal and regulatory authorities, upon request, or for the purposes of reporting any actual or suspected breach of applicable law or regulation;
- outside professional advisors (such as accountants, auditors, or lawyers), subject to binding contractual obligations of confidentiality;
- third party Processors (such as analytic providers; data centers; etc.), located anywhere in the world, subject to the requirements noted below in this Section 9;
- any relevant party, law enforcement agency or court, to the extent necessary for the establishment, exercise or defence of legal rights;
- any relevant party for the purposes of prevention, investigation, detection or prosecution of criminal offences or the execution of criminal penalties, including safeguarding against and the prevention of threats to public security;
- any relevant third party acquirer(s), in the event that we sell or transfer all or any relevant portion of our business or assets (including in the event of a reorganisation, dissolution or liquidation);
- to third parties whose practices are not covered by this Privacy Policy (e.g., third party providers of goods and services, marketing and advertising companies and agencies, content publishers and retailers).
9.2 When you use a co-branded service (a service operated with a partner of Cleartrip), or register or otherwise provide information on a co-branded site, you grant us permission to pass the collected information back to that partner, which may include third party service providers whose services are embedded into and/or appear within the Services;
9.3 Cleartrip may use third party advertising service companies for online behavioral advertising (“OBA”) or otherwise, and perform related services when you use our Services. Often, these third party advertising companies employ cookies and other technologies to measure the effectiveness of website, app and to understand the booking behavior of the User. We also engage third party providers to assist with the segmentation of this data.
9.4 We may engage third party providers to assist with the collection, storage and segmentation of Online Data and the providers are required to maintain the confidentiality of this information. These third party providers may collect User Information from our Services for their own purposes, including but not limited to monitoring fraud around the web.
9.5 We may share your User Information with our partners such as your name, email, or other identifier. Our partners may also: (i) collect information directly from your device, such as your IP address, device ID, advertising ID, and information about your browser or operating system; (ii) combine User Information about you received from Cleartrip with information about you from other sites or services; and (iii) place or recognise a unique cookie on your browser.
10. International Transfers of Information
Cookie 5 7 3 – Protect Your Online Privacy Concerns Regarding
10.1 Because of the international nature of our business, we may need to transfer your User Information with the Cleartrip Group of companies (Cleartrip Private Limited; Cleartrip Packages and Tours Private Limited; Cleartrip MEA FZ LLC), and to third parties as noted in Section 9 above, in connection with the purposes set out in this Policy. For this reason, we may transfer your User Information to other countries that may have different laws and data protection compliance requirements to those that apply in the country in which you are located.
10.3 If you are a European resident with a privacy related complaint, concern or question about Cleartrip’s privacy practices, please contact us by writing to [email protected] (must include “Privacy Policy” in the subject line) and we will respond within a reasonable time after receiving your request.
11. Data Security
11.1 We have implemented reasonable technical and organizational security measures to protect your User Information. Please ensure that any Personal Information that you send to us is send securely.
11.2 In certain instances we may use Secure Sockets Layer encryption and/or transfer certain User Information in a non-human readable format to provide protection. However, we cannot guarantee there will not be a breach, and we are not responsible for any breach of security or for the actions of any third parties.
11.3 Because the internet is an open system, the transmission of information via the internet is not completely secure. Although we will implement reasonable measures to protect your information, we cannot guarantee the security of your data transmitted to us using the internet. Any such transmission is at your own risk and you are responsible for ensuring that any Personal Information that you send to us are sent securely.
12. Data Accuracy
We take every reasonable step to ensure that your User Information that we Process is accurate and, where necessary, kept up to date, and any of your User Information that we Process that you inform us is inaccurate (having regard to the purposes for which they are Processed) is erased or rectified.
13. Data Minimisation
We take every reasonable step to ensure that your User Information that we Process is limited to the User Information reasonably necessary in connection with the purposes set out in this Policy or as required to provide you services or access to the Services.
14. Data Retention
14.1 We take every reasonable steps to ensure that your User Information is only retained as long as they are needed. Online Data related to online behavioural advertising (“OBA”) is kept by Cleartrip for not more than 365 days after which it will expire, subject to certain conditions. However, the 365 days period may commence again if the same user subsequently visits or interacts with an ad, email, the Services or a Channel.
14.2 The criteria for determining the duration for which we will keep your User Information are as follows: we will retain copies of your User Information in a form that permits identification only for as long as is necessary in connection with the purposes set out in this Policy, unless applicable law requires a longer retention period. Unless there is a specific legal requirement for us to keep the information, we plan to retain it for no longer than is necessary to fulfill a legitimate business need.
15. What Can I Do to Control My Information?
You can directly take steps to unsubscribe to the newsletters that you receive from us. Please allow fifteen to thirty business days for change to take effect. On some services, pertaining to transactional communication, you may continue to receive emails as a part of the travel booking Service availed on the Booking Platform.
If you are an EU resident, you may have certain rights including: the right not to provide your Personal Information to us; the right to access your Personal Information; the right to request erasure, or restricting of Processing of your Personal Information; the right to have your Personal Information transferred to another controller; the right to withdraw your consent; and the right to lodge complaints with supervisory authorities. We may require proof of or need to verify your identity before we can give effect to these rights.
16. Terms of Use
16.1 Cleartrip’s Terms of Use governs the use of Booking Policy and the Services provided by Cleartrip. For more information concerning your use of all services, please visit the Terms of Use. The Terms of Use is incorporated by reference into this Privacy Policy.
16.2 We recommend that you review our Terms of Use regularly, in order to review any changes we might make from time to time.
17. Contact Details
If you have any comments, questions or concerns about any of the information in this Policy, or any other issues relating to the Processing of User Information carried out by us, or on our behalf, please contact:
Cookie 5 7 3 – Protect Your Online Privacy Concerns Without
Cleartrip Private Limited
Kind Attn: Legal Department
06, Godrej Business District
Pirojshanagar Vikhroli
Mumbai 400079
Maharashtra, India
Kind Attn: Legal Department
06, Godrej Business District
Pirojshanagar Vikhroli
Mumbai 400079
Maharashtra, India
Email: [email protected]
If you are an EU resident, you may contact our Data Protection Officer at [email protected]
18. How this Privacy Policy May Change
We may change this Privacy Policy from time to time, and all changes will be effective at the time we post them. If we believe there is a significant change to this Privacy Policy or our data collection and use practices, we will indicate on our Booking Platform that our Privacy Policy has changed prior to the change becoming effective. The then-posted version of the Privacy Policy supersedes all prior versions. Your continued access to or use of any of the Services shall be deemed your acceptance of the Privacy Policy.
This Privacy Policy, including our Cookie Policy applies to your use of our Services.
May 2011
Cookies
When you visit a website, not only are you offered information or services, but your computer may also be offered a “cookie.” A cookie is a small file that is passed from a website to an end user’s (your) computer, often without your knowledge or consent. The cookie is used to save information about the interaction between you and the site, such as login credentials, preferences, and any work in progress. The cookie file is automatically stored by your browser (e.g., Internet Explorer or Firefox) on the local hard drive, and it can later be retrieved by the website.
Cookies were invented in 1994 so that information could be saved between visits to a website. This lets you avoid logging in for every visit, and cookies are also used to keep track of preferences and works in progress (such as items in an online shopping cart). Today, just about all of the top websites use cookies for one purpose or another. Cookies are a very useful feature of the web and, without them, web sessions would have no history; you would have to enter your information over and over.
Third-Party Cookies
Initially, cookies were only shared between the website (the “first party” in the transaction) and the user (the “second party”). Soon after cookies were invented, however, their use was expanded to third parties—organizations not directly involved in the interaction—such as advertising companies displaying ads on certain websites.
When an advertisement is on a web page supplied by a first party, the advertising content and a cookie are passed from the advertising company (the third party) to the end user’s (your) computer. Later, when you revisit that same first-party website, or another site that uses the same advertising company, the third-party cookie can be retrieved by the advertising company. If the cookie contains a unique identifier, then information about your visits to different websites can be linked together.
Further, if any of the sites (such as social networking sites) collect personal information, this information might also be collected by the advertisers. In this way, advertising companies are able to track the websites that you visit and build up detailed personal profiles, which may then be used to target further advertising to you.
Third-party cookies raise privacy concerns because the transactions typically involve unknown third parties and are conducted without your knowledge or consent. Unless you pay attention to an often-confusing set of options in your browser software, the cookies are created and used invisibly, and the information that is gathered may be stored forever. In addition, the tracking and profiling done by advertising companies can be extensive; it is common for your computer to collect dozens of third-party tracking cookies.
Flash Cookies
Flash cookies (also called Local Shared Objects or LSOs) are created by Adobe’s popular Flash browser add-on for multimedia. Like traditional cookies, Flash cookies can be used to save state information, as well as preferences, between sessions. They are also used to track the websites that you visit. These cookies are normally not visible to you, the end user, and options to control or delete them are usually absent or very difficult to find. Flash cookies are frequently found on websites, and they are often used along with traditional web cookies. In fact, even if you delete web cookies, Flash cookies can be used to recreate them.
Flash cookies raise additional privacy concerns because they are more hidden than traditional web cookies, so you have to take extraordinary measures to remove them. Also, many privacy policies that describe the use of web cookies fail to mention Flash cookies, and procedures to opt out of web cookies often have no effect on Flash cookies.
Super Cookies
A third type of cookie, called “super cookies,” is also emerging. Super cookies use new storage locations built into browsers to save information about you. For example, the Internet Explorer browser has “userData” storage, while Firefox has “DOM” storage”. The emerging HTML 5 specifications also set aside web storage that can last either for a browser session or permanently (until deleted). These storage mechanisms are larger and more flexible than traditional cookies so more information can be stored. Like web cookies and Flash cookies, you, as a user, are often unaware that super cookies exist. You, as the user, are often not provided with tools to control the information that is stored.
Cookie-Less Tracking
A person’s browsing habits can also be tracked without cookies. One such method involves “web bugs”, which are small, invisible image files placed on a web page or hidden in an e-mail message. When you view the page or message, the image is downloaded from a server that can keep detailed logs. These logs record such information as your location, Internet address, the page or message you are reading, and the current date and time.
When people view web pages, their browsers can reveal a lot of information. The browsers can be queried to determine their detailed characteristics, including version number, window size, settings, add-ons, and customizations. The combination of information, often called “device fingerprinting,” can be quite specific to an individual machine. An experiment conducted by the Electronic Frontier Foundation suggests that this information may be unique to about one in one million people.
Web Privacy Tools
Unfortunately, protecting privacy while browsing the web is not an easy task. Web browsers provide some tools for storing and clearing cookies. However, the default is to store all cookies indefinitely and the privacy tools are often hard to find and use. Browsers can be set to block cookies, but many websites require that you, as a user, allow cookies to use the service. Even blocking third-party cookies can impair the experience of some services, so users are faced with the onerous task of allowing some cookies and not others. If you do configure your browser to delete stored cookies, this often only clears traditional cookies, without removing super cookies and Flash cookies.
Some browsers have recently implemented a “private browsing mode,” designed to protect privacy. In Firefox, for example, web cookies are deleted when a private browsing session is ended. Unfortunately, super cookies and Flash cookies are not always affected by these settings, so they are still stored during private browsing sessions. In order to clear all the different forms of cookies and web storage, you generally have to install and use special add-on applications. Some popular tools for Firefox, for example, are the BetterPrivacy, NoScript, and Targeted Advertising Cookie Opt-Out (TACO) plug-ins.
Conclusion
Cookies are powerful tools that give the web a memory, making for a better user experience. They do, however, also pose privacy concerns because they are often used without your knowledge or consent, and can be used to track your web habits and build detailed personal profiles about you.
To protect your privacy on the web, you need to learn about the cookie controls provided in your browser. You should also investigate some specialized tools that can control all cookie types. Unfortunately, however, even if you do make the effort to control cookies, there is little that you can currently do to protect against cookie-less tracking methods.
The OPC is studying this issue. We raised concerns about tracking practices in our Report on the 2010 Consultations on Online Tracking, Targeting, and Profiling, and Cloud Computing. We will continue to address our concerns with industry, as appropriate.
Additional Reading
Eckersley, P. (2010) Browser versions carry 10.5 bits of identifying information on average.
Krishnamurthy, B. and Wills, C.E (2010). On the leakage of personally identifiable information via online social networks. ACM SIGCOMM Computer Communication Review, 40(1), 112—117.
Cookie 5 7 3 – Protect Your Online Privacy Concerns Among
McKinley, K. (2008). Cleaning up after cookies.
Cookie 5 7 3 – Protect Your Online Privacy Concerns Act
Schoen, S. (2009). New cookie technologies: Harder to see and remove, widely used to track you.
Soltani, A., Canty, S., Mayo, Q., Thomas, L. Path finder 9 0 8 x 6. and Hoofnagle, C. (2009). Flash cookies and privacy.
Wall Street Journal. (2010). What they know.