This Policy is incorporated into, and is subject to, our Terms of Service. Capitalized terms used but not defined in this Policy have the meaning given to them in our Terms of Service.
We collect different types of information from or through the Service. The legal bases for our processing of personal information are primarily that the processing is necessary for providing the Service and that the processing is carried out in our legitimate interests, which are further explained in the "How Do We Use The Information We Collect?" section. We may also process personal information upon your consent, asking for it as appropriate.
a) When you give it to us or give us permission to obtain it
When you use the Service, you may provide and we may collect certain information that personally identifies you or could be used to personally identify you ("personal information"). Personal information includes (but is not limited to) the following categories of information: first and last name, phone number and email addresses. You may provide us with personal information in various ways on the Service. For example, when you use the Service, send us customer service-related requests, register for an account, apply for a job, etc. If you choose to withhold any personal information requested by us, it may not be possible for you to gain access to certain parts of the Service.
If you make a booking via the Service, we will request additional personal information and traveler preference information. You can choose not to provide information to us, but in general some information about you is required in order to book travel including:
• Transactional information, such as credit card number, zip/postal code, cardholder name, and expiration date.
• Personal information, such as your first and last name, date of birth, and gender as required by TSA Secure Flight Program. Additionally, you can choose to provide travel preference information like redress number and special assistance options.
• Traveler companions: When you make a reservation for someone else through the website, we will request personal information and travel preferences about that individual including first and last name, gender, and date of birth. You should obtain the consent of other individuals prior to providing us with their personal information and travel preferences, as any access to view or change their information will be available only through your account.
If you are using Hopper on your mobile device, you can choose to provide us with location data.
b) We also get technical information when you use our Service or Website or apps that have Hopper features
These days, whenever you use a website, mobile application, or other Internet service, there's certain information that almost always gets created and recorded automatically. The same is true when you use our Service. Here are some of the types of information we collect:
• Log Data: When you use Hopper, our servers automatically record information ("Log data") including information that your browser sends whenever you visit a website or your mobile app sends when you're using it. This Log Data may include your Internet protocol address, the address of the web pages you visited that had Hopper features, browser type and settings, the date and time of your request, how you used Hopper, and cookie data.
• Device Information: In addition to Log Data, we may also collect information about the device you're using Hopper on, including what type of device it is, what operating system you're using, device settings, unique device identifiers, and crash data. Whether we collect some or all of this information often depends on what type of device you're using and its settings. For example, different types of information are available depending on whether you're using a Mac or a PC, or an iPhone or an Android phone. To learn more about what information your device makes available to us, please also check the policies of your device manufacturer or software provider.
• Flight Search Results Data: We create our reports and forecasts of flight pricing and demand based on Realtime airfare search results data that we aggregate from several Global Distribution Systems (GDS) partners. This data is generated by consumers searching for flights through a variety of unaffiliated online and offline travel agencies. All search results are completely anonymous: we don't receive or store any information about who made the search or where it was initiated, whether any flight was actually purchased, or even the specific query that was entered. We only store the price and availability of whatever flight options were presented to the consumer when the search was made.
We take steps designed to ensure that only those employees who need access to your personal information to fulfil their employment duties will have access to it. We use the information we collect to provide our Service to you and make them better, develop new products, and protect Hopper and our users. For example, we may log how often people use two different versions of a product, which can help us understand which version is better.
We use the information we collect to:
• to operate, maintain, enhance and provide all features of the Service, to provide the services and information that you request, to respond to comments and questions and to provide support to users of the Service;
• to verify that the cardholder has authorized the purchase made on their debit or credit card, when necessary;
• to understand and analyze the usage trends and preferences of our users, to improve the Service, and to develop new products, services, feature, and functionality;
• to send you communications subject to applicable laws; or
• to comply with legal and regulatory requirements, where applicable.
You may have choices available to you through the device or software you use to access Hopper. For example: The browser you use may provide you with the ability to control cookies or other types of local data storage; Your mobile device may provide you with choices around how and whether location or other data is shared with us.
You can choose not to provide personal information like credit card information, or your name, gender, and date of birth, but often this information is required to complete travel booking.
To learn more about these choices, please see the information provided by the device or software provider.
In certain circumstances, in order to perform the Service, we may disclose certain information that we collect from you:
• with Third party vendors who provide services or functions on our behalf, including credit card processing, business analytics, customer service, and fraud prevention. Third party vendors have access to and may collect information only as needed to perform their functions and are not permitted to share or use the information for any other purpose. They are also required to follow the same data security practices that we ourselves adhere to.
• with law enforcement and governmental entities when required by law. For greater clarity, we may disclose personal information or other information if required to do so by law or in the good-faith belief that such action is necessary to comply with applicable laws, in response to a facially valid court order, judicial or other government subpoena or warrant, or to otherwise cooperate with law enforcement or other governmental agencies; and
When we disclose your personal information to third parties, we take reasonable measures to ensure that the rules set forth in this Policy are complied with and these third parties provide sufficient guarantees to implement appropriate technical and organisational measures.
We may finally make certain automatically-collected, aggregated, or otherwise non-personally-identifiable information available to third parties for various purposes, including (i) compliance with various reporting obligations; (ii) for business or marketing purposes; or (iii) to assist such parties in understanding your interests, habits, and usage patterns for certain programs, content, services, and/or functionality available through the Service.
Your personal information may be stored and processed in any country where we have facilities or in which we engage third party service providers. By using the Service, you consent to the transfer of information to countries outside your country of residence, which may have different data protection rules than in your country. While such information is outside of Canada, it is subject to the laws of the country in which it is held, and may be subject to disclosure to the governments, courts or law enforcement or regulatory agencies of such other country, pursuant to the laws of such country. However, our practices regarding your personal information will at all times continue to be governed by this Policy and, if applicable, we will comply with the General Data Protection Regulation ("GDPR") requirements providing adequate protection for the transfer of personal information from the EU/EEA to third country.
On written request and subject to proof of identity, you may access the personal information that we hold, used or communicated and ask that any necessary corrections be made, where applicable, as authorized or required by law. However, to make sure that the personal information we maintain about you is accurate and up to date, please inform us immediately of any change in your personal information by e-mail.
Under the GDPR, you may be entitled to specific provisions, including: (i) the right to withdraw consent to processing where consent is the basis of processing; (ii) the right to access your personal information and certain other supplementary information, under certain conditions; (iii) the right to object to unlawful data processing, under certain conditions; (iv) the right to erasure of personal information about you, under certain conditions; (v) the right to demand that we restrict processing of your personal information, under certain conditions, if you believe we have exceeded the legitimate basis for processing, processing is no longer necessary, or believe your personal information is inaccurate; (vi) the right to data portability of personal information concerning you that you provided us in a structured, commonly used, and machine-readable format, under certain conditions; (vii) the right object to decisions being taken by automated means which produce legal effects concerning you or similarly significantly affect you, under certain conditions; (viii) the right to lodge a complaint with data protection authorities. If you want to learn more about your rights under the GDPR, you can visit the European Commission's page on Data Protection.
The Service is not directed to children under the age of 16, and we do not knowingly collect personal information from children under the age of 16 without obtaining parental consent. If you are under 16 years of age, then please do not use or access the Service at any time or in any manner. If we learn that personal information has been collected on the Service from persons under 16 years of age and without verifiable parental consent, then we will take the appropriate steps to delete this information. If you are a parent or guardian and discover that your child under 16 years of age has provided personal information, then you may alert us as set forth in the "Contact" section and request that we delete that child's personal information from our systems.
We follow generally accepted industry standards to protect the information submitted to us, both during transmission and once we receive it. We maintain appropriate physical, technical and administrative safeguards to protect personal information against accidental or unlawful destruction, accidental loss, unauthorized alteration, unauthorized disclosure or access, misuse, and any other unlawful form of processing of the personal information in our possession. However, no method of transmission over the Internet, or method of electronic storage, is 100% secure. We cannot ensure or warrant the security of any information you transmit to us or store on the Service, and you do so at your own risk. We also cannot guarantee that such information may not be accessed, disclosed, altered, or destroyed by breach of any of our physical, technical, or administrative safeguards. If you believe your personal information has been compromised, please contact us as set forth in the "Contact" section. If we learn of a security systems breach, we will inform you and the authorities of the occurrence of the breach in accordance with applicable law. We will only keep your personal information for as long as reasonably necessary to fulfil the relevant purposes set out in this Policy and in order to comply with our legal and regulatory obligations. If you would like further information regarding the periods for which your personal information will be kept, please contact us as set forth in the "Contact" section.
Please revisit this page periodically to stay aware of any changes to this Policy, which we may update from time to time. If we modify the Policy, we will make it available through the Service, and indicate the date of the latest revision, and will comply with applicable law. Your continued use of the Service after the revised Policy has become effective indicates that you have read, understood and agreed to the current version of the Policy.
If you have any questions or comments about this Policy or your personal information, to make an access or correction request, to exercise any applicable rights, to make a complaint, or to obtain information about our policies and practices with respect to any service providers outside Canada, our Privacy Officer can be reached by email using the following contact information:
[Last Update: September 3rd, 2018]