Cookies help us deliver our services. By using our services, you agree to our use of cookies. Learn more

Privacy Policy

Ceres Rail Company Privacy Policy

Privacy Policy
Last updated: November 01, 2021

This Privacy Policy describes Our policies and procedures on the collection, use and disclosure of Your information when You use the Service and tells You about Your privacy rights and how the law protects You.

We use Your Personal data to provide and improve the Service. By using the Service, You agree to the collection and use of information in accordance with this Privacy Policy. This Privacy Policy has been created with the help of the Privacy Policy Generator.

Interpretation and Definitions
Interpretation
The words of which the initial letter is capitalized have meanings defined under the following conditions. The following definitions shall have the same meaning regardless of whether they appear in singular or in plural.

Definitions
For the purposes of this Privacy Policy:

Account means a unique account created for You to access our Service or parts of our Service.

Company (referred to as either “the Company”, “We”, “Us” or “Our” in this Agreement) refers to Ceres Rail Company (Pty) Ltd, 1A Apple Tree Street, Ceres Golf Estate, Ceres.

Cookies are small files that are placed on Your computer, mobile device or any other device by a website, containing the details of Your browsing history on that website among its many uses.

Country refers to: South Africa

Device means any device that can access the Service such as a computer, a cellphone or a digital tablet.

Personal Data is any information that relates to an identified or identifiable individual.

Service refers to the Website.

Service Provider means any natural or legal person who processes the data on behalf of the Company. It refers to third-party companies or individuals employed by the Company to facilitate the Service, to provide the Service on behalf of the Company, to perform services related to the Service or to assist the Company in analyzing how the Service is used.

Usage Data refers to data collected automatically, either generated by the use of the Service or from the Service infrastructure itself (for example, the duration of a page visit).

Website refers to Ceres Rail Company, accessible from www.ceresrail.co.za

You means the individual accessing or using the Service, or the company, or other legal entity on behalf of which such individual is accessing or using the Service, as applicable.

Collecting and Using Your Personal Data
Types of Data Collected
Personal Data
While using Our Service, We may ask You to provide Us with certain personally identifiable information that can be used to contact or identify You. Personally identifiable information may include, but is not limited to:

Email address

First name and last name

Phone number

Address, State, Province, ZIP/Postal code, City

Usage Data

Usage Data
Usage Data is collected automatically when using the Service.

Usage Data may include information such as Your Device’s Internet Protocol address (e.g. IP address), browser type, browser version, the pages of our Service that You visit, the time and date of Your visit, the time spent on those pages, unique device identifiers and other diagnostic data.

When You access the Service by or through a mobile device, We may collect certain information automatically, including, but not limited to, the type of mobile device You use, Your mobile device unique ID, the IP address of Your mobile device, Your mobile operating system, the type of mobile Internet browser You use, unique device identifiers and other diagnostic data.

We may also collect information that Your browser sends whenever You visit our Service or when You access the Service by or through a mobile device.

Tracking Technologies and Cookies
We use Cookies and similar tracking technologies to track the activity on Our Service and store certain information. Tracking technologies used are beacons, tags, and scripts to collect and track information and to improve and analyze Our Service. The technologies We use may include:

Cookies or Browser Cookies. A cookie is a small file placed on Your Device. You can instruct Your browser to refuse all Cookies or to indicate when a Cookie is being sent. However, if You do not accept Cookies, You may not be able to use some parts of our Service. Unless you have adjusted Your browser setting so that it will refuse Cookies, our Service may use Cookies.
Flash Cookies. Certain features of our Service may use local stored objects (or Flash Cookies) to collect and store information about Your preferences or Your activity on our Service. Flash Cookies are not managed by the same browser settings as those used for Browser Cookies. For more information on how You can delete Flash Cookies, please read “Where can I change the settings for disabling, or deleting local shared objects?” available at https://helpx.adobe.com/flash-player/kb/disable-local-shared-objects-flash.html#main_Where_can_I_change_the_settings_for_disabling__or_deleting_local_shared_objects_
Web Beacons. Certain sections of our Service and our emails may contain small electronic files known as web beacons (also referred to as clear gifs, pixel tags, and single-pixel gifs) that permit the Company, for example, to count users who have visited those pages or opened an email and for other related website statistics (for example, recording the popularity of a certain section and verifying system and server integrity).
Cookies can be “Persistent” or “Session” Cookies. Persistent Cookies remain on Your personal computer or mobile device when You go offline, while Session Cookies are deleted as soon as You close Your web browser. Learn more about cookies: Use of Cookies by Free Privacy Policy.

We use both Session and Persistent Cookies for the purposes set out below:

Necessary / Essential Cookies

Type: Session Cookies

Administered by: Us

Purpose: These Cookies are essential to provide You with services available through the Website and to enable You to use some of its features. They help to authenticate users and prevent fraudulent use of user accounts. Without these Cookies, the services that You have asked for cannot be provided, and We only use these Cookies to provide You with those services.

Cookies Policy / Notice Acceptance Cookies

Type: Persistent Cookies

Administered by: Us

Purpose: These Cookies identify if users have accepted the use of cookies on the Website.

Functionality Cookies

Type: Persistent Cookies

Administered by: Us

Purpose: These Cookies allow us to remember choices You make when You use the Website, such as remembering your login details or language preference. The purpose of these Cookies is to provide You with a more personal experience and to avoid You having to re-enter your preferences every time You use the Website.

For more information about the cookies we use and your choices regarding cookies, please visit our Cookies Policy or the Cookies section of our Privacy Policy.

Use of Your Personal Data
The Company may use Personal Data for the following purposes:

To provide and maintain our Service, including to monitor the usage of our Service.

To manage Your Account: to manage Your registration as a user of the Service. The Personal Data You provide can give You access to different functionalities of the Service that are available to You as a registered user.

For the performance of a contract: the development, compliance and undertaking of the purchase contract for the products, items or services You have purchased or of any other contract with Us through the Service.

To contact You: To contact You by email, telephone calls, SMS, or other equivalent forms of electronic communication, such as a mobile application’s push notifications regarding updates or informative communications related to the functionalities, products or contracted services, including the security updates, when necessary or reasonable for their implementation.

To provide You with news, special offers and general information about other goods, services and events which we offer that are similar to those that you have already purchased or enquired about unless You have opted not to receive such information.

To manage Your requests: To attend and manage Your requests to Us.

For business transfers: We may use Your information to evaluate or conduct a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of Our assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which Personal Data held by Us about our Service users is among the assets transferred.

For other purposes: We may use Your information for other purposes, such as data analysis, identifying usage trends, determining the effectiveness of our promotional campaigns and to evaluate and improve our Service, products, services, marketing and your experience.

We may share Your personal information in the following situations:

With Service Providers: We may share Your personal information with Service Providers to monitor and analyze the use of our Service, to contact You.
For business transfers: We may share or transfer Your personal information in connection with, or during negotiations of, any merger, sale of Company assets, financing, or acquisition of all or a portion of Our business to another company.
With Affiliates: We may share Your information with Our affiliates, in which case we will require those affiliates to honor this Privacy Policy. Affiliates include Our parent company and any other subsidiaries, joint venture partners or other companies that We control or that are under common control with Us.
With business partners: We may share Your information with Our business partners to offer You certain products, services or promotions.
With other users: when You share personal information or otherwise interact in the public areas with other users, such information may be viewed by all users and may be publicly distributed outside.
With Your consent: We may disclose Your personal information for any other purpose with Your consent.
Retention of Your Personal Data
The Company will retain Your Personal Data only for as long as is necessary for the purposes set out in this Privacy Policy. We will retain and use Your Personal Data to the extent necessary to comply with our legal obligations (for example, if we are required to retain your data to comply with applicable laws), resolve disputes, and enforce our legal agreements and policies.

The Company will also retain Usage Data for internal analysis purposes. Usage Data is generally retained for a shorter period of time, except when this data is used to strengthen the security or to improve the functionality of Our Service, or We are legally obligated to retain this data for longer time periods.

Transfer of Your Personal Data
Your information, including Personal Data, is processed at the Company’s operating offices and in any other places where the parties involved in the processing are located. It means that this information may be transferred to — and maintained on — computers located outside of Your state, province, country or other governmental jurisdiction where the data protection laws may differ than those from Your jurisdiction.

Your consent to this Privacy Policy followed by Your submission of such information represents Your agreement to that transfer.

The Company will take all steps reasonably necessary to ensure that Your data is treated securely and in accordance with this Privacy Policy and no transfer of Your Personal Data will take place to an organization or a country unless there are adequate controls in place including the security of Your data and other personal information.

Disclosure of Your Personal Data
Business Transactions
If the Company is involved in a merger, acquisition or asset sale, Your Personal Data may be transferred. We will provide notice before Your Personal Data is transferred and becomes subject to a different Privacy Policy.

Law enforcement
Under certain circumstances, the Company may be required to disclose Your Personal Data if required to do so by law or in response to valid requests by public authorities (e.g. a court or a government agency).

Other legal requirements
The Company may disclose Your Personal Data in the good faith belief that such action is necessary to:

Comply with a legal obligation
Protect and defend the rights or property of the Company
Prevent or investigate possible wrongdoing in connection with the Service
Protect the personal safety of Users of the Service or the public
Protect against legal liability
Security of Your Personal Data
The security of Your Personal Data is important to Us, but remember that no method of transmission over the Internet, or method of electronic storage is 100% secure. While We strive to use commercially acceptable means to protect Your Personal Data, We cannot guarantee its absolute security.

Children’s Privacy
Our Service does not address anyone under the age of 13. We do not knowingly collect personally identifiable information from anyone under the age of 13. If You are a parent or guardian and You are aware that Your child has provided Us with Personal Data, please contact Us. If We become aware that We have collected Personal Data from anyone under the age of 13 without verification of parental consent, We take steps to remove that information from Our servers.

If We need to rely on consent as a legal basis for processing Your information and Your country requires consent from a parent, We may require Your parent’s consent before We collect and use that information.

Links to Other Websites
Our Service may contain links to other websites that are not operated by Us. If You click on a third party link, You will be directed to that third party’s site. We strongly advise You to review the Privacy Policy of every site You visit.

We have no control over and assume no responsibility for the content, privacy policies or practices of any third party sites or services.

Changes to this Privacy Policy
We may update Our Privacy Policy from time to time. We will notify You of any changes by posting the new Privacy Policy on this page.

We will let You know via email and/or a prominent notice on Our Service, prior to the change becoming effective and update the “Last updated” date at the top of this Privacy Policy.

You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page.

Contact Us
If you have any questions about this Privacy Policy, You can contact us:

By email: bookings@ceresrail.co.za

Credit card transactions will be acquired for Cape Rail Company via PayGenius (Pty) Ltd who are the approved payment gateway.

As such, the transaction will reflect as PayGenius: Cape Rail Company on your statement.

PayGenius uses the strictest form of encryption, namely Secure Socket Layer 3 (SSL3) and no credit card details are stored on the website.

Activitar Privacy Notice

This privacy notice forms part of your agreement with Activitar.

During our interactions, you share personal information with Tornado Tour Systems (Pty) Ltd, trading as Activitar, registration number 2004/000954/07.

This notice tells you what to expect when we collect information from you and how we use it.

It is part of our agreement with you, and we may need to update it occasionally. When we do, we will inform you. You should read this notice along with our terms and conditions that apply to the products and services you use.

If you have any questions about this policy, please contact us by email at privacy@activitar.com or by phone on +27 61 541 3986

We collect your information:

We collect your information in the circumstances outlined below. Sometimes we are required by law to collect your information, for instance, if tax legislation forces us to collect personal information.

When you sign up for and implement our reservation system and online distribution service

We need some general information before we can enter into an agreement and you can begin to use our reservation system and online distribution service.

We collect your:

  1. company name

  2. contact details

  3. VAT number

  4. banking details

  5. details related to your operating processes and offerings

  6. details contained in your company registration documents

  7. identity documents of your mandated officials

  8. proof of address of your mandated officials

  9. proof of banking details

We use this information to:

  1. load you on our services and configure the system

  2. set up and process payments via the payment gateway

  3. communicate with you

  4. provide training

  5. process orders

  6. provide your offerings to clients via activitar.com

  7. provide support

  8. send you statements, receipts, invoices or any other legal documents that relate to your transaction

  9. fulfill our legal obligation to use or disclose your information

Legal basis for processing:

Data protection legislation allows us to process personal information when it is necessary for the performance of a contract with you. In other instances, we are required by law to collect your information, for instance tax legislation forces us to collect personal information.

When you use our service

In order for our service to function properly, ‘customer data’ is generated and collected. This includes your, and your clients’ personal information. We collect your clients’ names, contact details, and details about their bookings.

We use customer data to process bookings and reservations on our reservation system and distribution service, to analyse and improve our services and to identify and solve problems where they may appear.

Legal basis for processing:

Data protection legislation allows us to process personal information when it is necessary for the performance of a contract with you.

When you contact us, we collect information from your message

When you contact us by social media, email, our support service or telephone with a query, complaint, or request, we collect the information contained in your message. We use the information we collect to reply to, investigate, and resolve your query, complaint, or request.

Legal basis for processing:

Data protection legislation allows us to process personal information when it is in our interest and we have chosen the least invasive way to process the information. It is in both our interest to reply to, investigate, and resolve your queries, complaints, and requests.

We use your information to send you our newsletter

We have a monthly newsletter that is delivered by email.

We’ll ask you whether you want to receive the newsletter, if you agree it is important that you know you can unsubscribe at any time by following the unsubscribe link at the bottom of the email or by contacting us.

Legal basis for processing:

Data protection legislation allows us to process personal information when you have given us your express consent.

What about children’s information?

We do not knowingly collect the personal information of children without the consent of a parent or guardian.

We share your information with trusted service providers

We use service providers and suppliers who we trust to assist us in providing our services to you. They have agreed to keep your information secure and confidential, and to only use it for the purposes for which we have sent it to them.

We share your information with service providers when they help us to:

  1. store information

  2. process payments

  3. ensure you have access to the services you paid for

  4. deliver our newsletter

  5. help monitor the effectiveness of our promotions and advertising

  6. help us manage our business, for instance accountants and professional advisors.

  7. maintain our website

  8. find and fix errors and performance issues on our website

Sometimes we will be required by law to share your information. For instance, we may be required to share your information with the South African Fraud Prevention Services. We will not sell your information or share information with third parties for the purposes of direct marketing (we don’t like spam either).

We send your information to other countries

Some of the service providers that we use may be located in other countries; for instance, our cloud storage service. These countries may not have the same levels of protection of personal information as South Africa. If this is the case, we require that they undertake to protect the personal information of our customers to the same level that we do.

We don’t keep your information longer than we need to

We will not retain your information for longer than we need to, unless we are legally required to do so. Most of your personal information will be retained for 5 years from the date of your last transaction with us. However, we may keep your contact details for longer for marketing and mailer purposes.

We have taken reasonable steps to minimise the impact of a breach

We have implemented reasonable security measures based on the sensitivity of the information we hold. These measures are in place to protect the information from being disclosed, from loss, misuse, and unauthorised access, and from being altered or destroyed.

We regularly monitor our systems for possible vulnerabilities and attacks, but no system is perfect and we cannot guarantee that we will never experience breach of any of our physical, technical, or managerial safeguards. If something should happen, we have taken steps to minimise the threat to your privacy. We will let you know of any breaches that affect your personal information and inform you how you can help minimise the impact.

You also have a role to play in keeping your information secure. For example, you should never share personal information with us in an email, because while our servers are protected, it is still possible that email can be intercepted. Instead, contact the Activitar support team at +27 61 541 3986, which will connect you to Chris Coetzee, our information officer.

You have the right to be informed about the personal information we have, and what we do with it

You have the right to know what kind of personal information we have about you, to correct it, and to opt out of marketing.

You have the right to

  1. ask us what we know about you;

  2. ask what information was sent to our suppliers, service providers, or any other third party;

  3. ask us to update, correct, or delete any out-of-date or incorrect personal information we have about you;

  4. unsubscribe from any direct marketing communications we may send you; and

  5. object to the processing of your personal information.

You can request access to the information we have about you, or correct your personal information by contacting our deputy information officer at privacy@activitar.com.

It can take us up to 21 days to respond to your request because there are procedures that we need to follow. In certain cases, we may require proof of your identity, and sometimes changes to your information may be subject to additional requirements such as valid proof of residence.

Your rights in terms of the GDPR:

If you are in the European Union, you have these rights in terms of the GDPR:

  1. The right to be informed about the collection and use of your personal information.

  2. The right to access your personal information. You may make such a request from us by contacting privacy@activitar.com. We may take one month to respond to your request and may charge a fee in some circumstances. We will let you know if this is the case.

  3. You have a right to have inaccurate personal information corrected or completed if it is incomplete. You may make such a request from us by contacting privacy@activitar.com. We may take one month to respond to your request and may refuse in certain circumstances.

  4. You have the right to have your personal information erased, also known as the ‘right to be forgotten’. You may make such a request from us by contacting privacy@activitar.com. We may take one month to respond to your request and may refuse in certain circumstances.

  5. You have the right to request that we restrict or suppress your personal information. You may make such a request from us by contacting privacy@activitar.com. We may take one month to respond to your request and may refuse in certain circumstances.

  6. You have the right to reuse your personal information for your own purposes across different services, also known as the right to data portability.

  7. You have the right to object to us processing your personal information in certain circumstances. You may make your objection by contacting privacy@activitar.com. We may take one month to respond to your request. There are legitimate reasons why we may refuse your objection, which depend on why we are processing it.

  8. You have the right to complain to a supervisory authority in the Member State where you live or work, or where the infringement took place.

  9. You have the right to object to automated decision-making and profiling.

  10. You may ask that a human review any automated decisions that we make about you, express your point of view about it, and obtain an explanation of the decision. You may challenge any automated decision made about you by contacting privacy@activitar.com. We may take one month to respond to your request.


© 2022 Tornado Tour Systems (Pty) Ltd ta Activitar.

Help & Support