Who we are
Our website address is: https://afc.nvds.co.za.
What personal data we collect and why we collect it
When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.
If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.
Please visit our contact page: https://afc.nvds.co.za/contact-us/
If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.
If you have an account and you log in to this site, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.
When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select "Remember Me", your login will persist for two weeks. If you log out of your account, the login cookies will be removed.
If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.
Embedded content from other websites
Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.
How long we retain your data
If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.
For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.
What rights you have over your data
If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.
Where we send your data
Visitor comments may be checked through an automated spam detection service.
Further terms information
The personal data we collect
Generally, the type of personal data we collect is the information that we need to enable you to make your transactions and bookings. This includes information such as your first and last name, date of birth, telephone number and email address. Should you call our support or use other forms of communication such as e-mails, social media etc, we will collect the data you provide. As you can see below, our cookies also collect some information.
The sensitive personal data we collect
In some cases, we may handle so-called “special categories of personal data” about you, which may be considered sensitive. This would be the case, for example, if you (i) have submitted a medical certificate or shared your medical or health condition with us, or (iii) have made a request revealing some other sensitive personal data about you.
Before we handle sensitive personal data about you, we require your consent to do so. We therefore ask you to use the dedicated contact forms on our websites for submitting any sensitive data. The contact forms enable you to give us the consent required under applicable data protection legislation. Such consent may of course be withdrawn at any time. We will not handle any sensitive personal data that we are not permitted by you to handle, or that you have not provided us with. A limited amount of our personnel will have access to your sensitive personal data, and after handling your sensitive data in accordance with your request, we will erase the data as soon as possible.
What we do (our purposes with handling your personal data)
If you have chosen to create a user account on our website, we will make such account available to you. The account includes access to information on all your transactions and registrations made on our website. We will also store your username and password. Performance of our contract with you. Your user account data, as well as personal information related to your previous bookings or transactions, will be stored until you decide to cancel your user account via our website. The data is stored for the purpose of making it easier for you to fill in our forms, without having to re-type your details all over again.
Sharing your personal data
Each partner is responsible for its own handling of your personal data after it has received it from us, meaning that you must contact the partner in question for any requests related to your rights under applicable data protection legislation. We recommend that you read the partners’ respective privacy policies for information on their handling of your personal data.
We will also share your personal data with other companies (so called “data processors”) needed to deliver the services you requested, such as service providers running our call centers and our other suppliers and vendors that will handle your personal data when providing their services to us (for example external storage).
Due to the global nature of the travel industry, your personal data may be processed in different locations around the world when the parties we share your personal data with reside in a country outside the EU/EEA. Our sharing of personal data outside the EU/EEA requires certain legal ground under applicable data protection legislation. Where a country is regarded by the European Commission to be a country with adequate level of protection for personal data, this will be our legal ground. Otherwise there are three main types of legal ground on which that we may base such sharing. These are:
that the transfer is necessary for our performance of the contract with you (for example when you have booked a flight with an airline residing outside the EU/EEA);
that the transfer will be based on the standard data protection clauses for transfer of personal data to countries outside of the EU/EEA adopted by the European Commission (a copy of these standard data protection clauses can be found at http://ec.europa.eu/justice/data-protection/international-transfers/transfer/); and
the EU-U.S. Privacy Shield, where the transfer is made to the United States and the recipient is duly certified.
Third party providers
According to the applicable data protection legislation, you have certain rights as a so-called “data subject”. Below, we have listed your rights. Your rights include the following:
Right to access – You are entitled to access the personal data that we handle. You are also entitled to receive certain information about what we do with the personal data. Such information is provided in this document.
Right to rectification – Under certain circumstances, you are entitled to correct inaccurate personal data concerning you and to have incomplete personal data completed. Please note that we might not be able to correct inaccurate personal data provided by you due to e.g. the airlines rules, and that such particular change may incur a cost.
Right to erasure – Under certain circumstances, you are entitled to have your personal data erased. This is the so-called “right to be forgotten”.
Right to restriction of processing – Under certain circumstances, you are entitled to restrict how we use your personal data.
Right to data portability – You are entitled to receive your personal data (or have your personal data directly transmitted to another data controller) in a structured, commonly used and machine-readable format from us.
Right to object – You are entitled to object to certain types of handling of personal data that we carry out. This applies to all our activities that are based on our “legitimate interest”.
Finally, you also have the right to lodge a complaint with the applicable data protection supervisory authority.
A cookie is a small text file that is stored on your computer, some only until you close down your browser (so-called “session cookies”) and some for an extended period of time (so-called “permanent cookies”). If you do not wish to allow storage of cookies on your computer, you can change the settings in your browser. Note however that in a few cases some of our website features may not function properly and some content may not be displayed correctly as a result.
Our website also uses Facebook pixel, which collects anonymized aggregated data that helps us with optimization of ad purchases on Facebooks different platforms (including Instagram). Facebook collects a user id that will allow them to match if a user has visited a site with the Facebook pixel. We as advertisers can however never identify the behavior of a specific user. Facebook and its related platforms are in a closed advertising ecosystem where their users can regulate if they consent to advertisers using data collected from their websites to purchase ads on Facebook. To view and change your advertising settings on Facebook use this link.
To be transparent, we have summarized the cookies used on this website here.
In order to keep your personal data secure, we have implemented a number of technical and organizational security measures. For example, we maintain high levels of technical security in all systems (including traceability, disaster recovery, access limitations etc.). In addition, we have adopted policies to ensure that our employees (which of course are subject to confidentiality obligations) do not use personal data when it is not necessary. Such policies also set out our standards for when we contract suppliers or introduce new IT systems within our operations.