Privacy Policy
1. Who we are
We are Nkuringo Bwindi Gorilla Lodge Ltd (NBGL Ltd) or Nkuringo Lodges and we respect your privacy. This policy describes how we use your personal information.
We are NBGL Limited (company number 80010001015223 with registered address at Nkuringo, Nteko Ridge, Kanungu District in Uganda). When you visit our website, make an enquiry about one of our properties, or make a booking with us either directly or via a third party, you trust us with your information. There are many ways this information can help us make our service better. For example, we can make sure you only see offers/products in which you’re likely to be interested and we can remember your details in order to provide you with a better service.
We respect your privacy and we value the trust you’ve placed in us by sharing your information. This privacy policy sets out the way we use your information: what we collect, how we collect it, how we use it, why we use it, who we share it with and the rights to which you may be entitled.
For instance, if you provide your contact details and make an enquiry through our site we will use this information to get in touch with you to discuss the property you have enquired about.
We’re committed to protecting the privacy of any personal information you give to us and we will comply with all relevant data protection legislation and related applicable UK legislation. For the purposes of relevant data protection legislation, NBGL is the data controller of personal information that we hold and process about you.
We have tried to keep this document as clear and direct as possible. If you have any questions or anything in this policy is unclear, please get in touch at the following email address: marketing@nkuringosafaris.com
2. Your information
Data Collection and Usage
We will collect and use your personal information when you visit our website, subscribe to our services, make an enquiry about one of our properties, or make a booking with us either directly or via a third party as set out in more detail in this section.
Your information may be shared with members of our group and some third parties.
Please click the expanders below for further details on how we use your information and with whom we may share it.
We will only use your personal information for the purposes for which we collected it unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If we need to use your personal information for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.
You may choose to opt in to receive our newsletter via our website subscribe page, contact us page and property feedback forms. We may also be able to send you relevant email marketing about our news and offers when you make a reservation with our hotels, restaurants and spas.
You can opt out of direct marketing at any time. The easiest way to do this is to click the unsubscribe link at the bottom of your email or let us know by mailing bwindi@nkuringolodges.com
WHAT WE COLLECT
HOW WE USE IT
WHY WE USE IT
Legitimate Interests
A legitimate interest will only apply where we consider that it is not overridden by individuals’ interests or rights which require protection of their personal data. If you require further information regarding our legitimate interests as applied to your personal data, you may contact the Head of Privacy.
Legal requirements
Your personal information may also be processed if it is necessary on reasonable request by a law enforcement or regulatory authority, body or agency or in the defence of a legal claim. We will not delete personal information if relevant to an investigation or a dispute. It will continue to be stored until those issues are fully resolved.
Special information we collect
Certain types of personal information are more sensitive than others, and as a result can only be processed in restricted circumstances. As part of the booking or registration process at the properties, we may collect dietary or allergy requirements that imply specific religious beliefs or medical conditions. We may also need to process information regarding your health in the event of an accident, illness or subsequent complaint. Separately we may collect or receive criminal offence information in connection with fraud or crime prevention.
We will only process your special information in accordance with the following legal bases:
- The processing is necessary for the purposes of medical diagnosis and/or provision of healthcare treatment by or under the responsibility of a health professional;
- The processing is necessary to protect your vital interests where you are legally or physical incapable or providing your consent;
- The processing is based on your explicit consent for a specified purpose;
- The processing is necessary for the establishment, exercise or defence of legal claims;
Minors
Protecting the online privacy of children is especially important to us. Outside of required guest details and relevant medical information (i.e. medical information and disability information), we do not intentionally gather personal information about minors save for the data required in order to facilitate you and your child’s stay with us. If you believe we have inadvertently collected personal information about your child, please contact us, and we will attempt to remove this information. If a minor (according to applicable laws) has provided us with personal information without parental or guardian consent, the parent or guardian should contact us to remove the relevant personal information and unsubscribe them from our website and/or services.
How long we keep your information
We will keep your information for as long as it is reasonably necessary and to deal with claims. It will depend on factors such as whether you’ve made a booking or an enquiry with us or have interacted with recent offers. We will also retain your information as necessary to comply with legal, accounting or reporting requirements.
Information we share
There are certain circumstances where we may transfer your personal data to employees, contractors and to other third parties.
- We share information about you with employees at the properties and other members of our group of companies. They are bound to keep your information in accordance with this privacy policy.
- We may also share your information with certain contractors or service providers. They may process your personal data for us, for example, if you book an activity package provided by a third party supplier at a NBGL property. Other recipients/service providers include database management providers, website digital agents, IT systems specialists and email providers.
- Our suppliers and service providers will be required to meet our standards on processing information and security. The information we provide them, including your information, will only be provided in connection with the performance of their function.
- We may also share your information with certain third parties. We will do this either when we receive your consent or because we need them to see your information to provide products or services to you. These include other partners we do business with such as charity organisations and third party activity suppliers approved by NBGL.
- We will share a copy of your passport and your CV with the BVI tourist board if you are a journalist or a B2B contact who has provided us with a copy of your CV for the purposes of obtaining a work permit in Uganda.
- In the event that you suffer an accident or an injury whilst visiting one of our properties details of your accident including your health information will be shared with our on site nurses (where applicable) or our third party medical providers.
Your personal information may be transferred to other third party organisations in certain scenarios:
1). If we’re discussing selling or transferring part or all of our business – the information may be transferred to prospective purchasers under suitable terms as to confidentiality;
2). If we are reorganised or sold, information may be transferred to a buyer who can continue to provide services to you;
3). If we’re required to by law, or under any regulatory code or practice we follow, or if we are asked by any public or regulatory authority – for example the Police;
4). If we are defending a legal claim your information may be transferred as required in connection with defending such claim.
Your personal data may be shared if it is made anonymous and aggregated, as in such circumstances the information will cease to be personal data.
Where your information will be held
When we share your information your information may be transferred outside the European Economic Area.
We store our information on servers located in the EU. This data will be transferred to the NBGL properties and third parties (as identified above). In some circumstances this may result in data being transferred outside of the EEA to countries which do not have an equivalent level of data protection laws to those applicable in Europe. The transfer of this information is governed by a contract including standard contractual clauses (SCCs) approved by the European Commission in accordance with Article 46(c) of the General Data Protection Regulation.
We will only transfer data to jurisdictions outside the scope of the European General Data Protection Regulation (GDPR) where the appropriate safeguards set out in the GDPR are in place.
We are happy to provide you with copies of the regulator-approved SCCs which you can request from our Head of Privacy whose contact details are below in the section titled ‘How to contact us‘.
Your rights
You may have certain rights in relation to your information including a right to access or to correct the information we hold on you.
Other rights may be available in certain circumstances.
Some rights will only apply in certain circumstances. For example, the right to be forgotten or the right to request that we transfer your information to another company. Generally, these rights will not be available if you have an outstanding booking with us, if we are required by law to keep the information or if the information is relevant to a legal dispute. If you would like to exercise, or discuss any of these rights, please contact the Head of Privacy.
Where we receive a request to exercise one of these rights, we shall provide information on the action we take on the request within one month of receipt of the request. This may be extended by a further two months in certain circumstances, for example where requests are complex or numerous.
The information will be provided to you free of charge, except where requests are manifestly unfounded or excessive, in particular because of their repetitive character. In these circumstances we may charge a reasonable fee or may refuse to act on the request. We will advise you of any fees prior to proceeding with a request.
We may ask you to verify your identity before carrying out a request.
Where we do not carry out your request, we shall inform you without delay and within one month of receipt of the request, together with our reasons for not taking the action requested. You shall have a right to raise a complaint with a supervisory authority or seek a remedy from a Court.
We’ve listed the rights you have over your information and how you can use them below. These rights are subject to restrictions in the GDPR and, subject to the exemptions in that law, may only apply to certain types of information or processing.
YOUR RIGHT AND HOW TO USE IT
How to contact us
If you have any questions about this policy please contact our Head of privacy: marketing@nkuringosafaris.com or +256 392 176327, or Nkuringo Lodges Booking Office, Plot 2 Uringi Crescent, Kiwafu, Entebbe.
Changes to the policy
This policy will be changed from time to time.
If we change anything important about this policy (the information we collect, how we use it or why) we will highlight those changes at the top of the policy and provide a prominent link to it for a reasonable length of time following the change.
Links to third party websites
Our website, newsletters, email updates and other communications may, from time to time, contain links to and from the websites of others including our partner networks, advertisers and other group companies and/or social networks as offered to you and supported by your browser.
The personal data that you provide through these websites is not subject to this Privacy Policy and the treatment of your personal data by such websites is not our responsibility. If you follow a link to any of these websites, please note that these websites have their own privacy policies which will set out how your information is collected and processed when visiting those links. For more information about the purpose and scope of data collection and processing in connection with social sharing features, please visit the privacy policies of entities through which you chose to share.
Other policies
Cookies
We use cookies that identify your browser or device. They collect and store information when you visit our website about how you use it.
Security
We are committed to keeping your personal information safe. We’ve got physical, technical and administrative measures in place to prevent unauthorised access or use of your information.