Privacy policy
Privacy Policy
Last Updated: 10 October 2024
This Privacy Policy explains how Nomadic Adventures Pty Ltd ABN: 27664591155 trading as Nomadic Scuba (“Nomadic Scuba”, “we”, “us”, “our”) collects, uses, shares, and protects your personal information when you use our scuba diving holiday booking services. We are committed to protecting your privacy and handling your information in an open and transparent manner.
By engaging with our business, using our Services, or providing your personal information to us, you consent to the practices described in this policy.
Categories of Information We Collect
Booking Information
· Full name and date of birth
· Contact details (email address, telephone number)
· Passport information for international travel
· Travel preferences and requirements
· Emergency contact details
· Information about other travellers in your booking
Payment Information
We use Shopify as our payment processor for merchandise and physical products. When you make a payment for these items:
Shopify collects your payment card details.
We receive confirmation of payment but do not store your full payment card information.
Your transaction data is stored by Shopify according to their privacy policy.
For more information, please refer to Shopify's Privacy Policy at https://www.shopify.com/au/legal/privacy.
For bookings, we issue invoices upon confirmation of your reservation. Payment for these bookings is processed through Wise, which provides options for card payments or bank transfers. Please note that we do not retain your complete payment information for bookings. All payment data related to bookings is subject to Wise's privacy practices. For comprehensive information regarding how Wise manages your data, please refer to Wise's Privacy Policy at https://wise.com/en/legal/terms-and-conditions.
Sensitive Information - Medical and Health Data
All dive operators require a completed Recreational Scuba Training Council (RSTC) medical statement prior to providing any dive services. We provide a copy of the form here – RSTC link.
Important Note: We will always obtain your explicit consent before collecting or processing any medical or health information. You will be presented with a separate consent form for this data.
Passports and Visas
Customers may choose to provide sensitive information, such as passport details, via WhatsApp. Please note the following:
· We do not store or retain any passport information or other sensitive data transmitted through WhatsApp on our systems.
· All sensitive data shared via this platform is treated with confidentiality and is not saved online.
· We encourage customers to ensure that they are comfortable sharing personal information through third-party messaging services.
Website Usage and Analytics
We collect:
· IP address and device information
· Browser type and settings
· Website usage data
· Cookies and similar tracking technologies
Marketing and Communications
If you opt in to our marketing communications, we collect:
· Marketing preferences
· Response to our marketing campaigns
· Survey and feedback responses
How We Collect Your Information
Direct Collection
· Through our website booking system
· Via email or telephone communications
· From forms you complete
Indirect Collection
· From travel agents or partners (with your consent)
· Through cookies and analytics tools
· From social media interactions
Why We Collect Your Information
Booking Information
· To process your travel bookings
· To communicate about your travel arrangements
· To provide customer support
· To comply with legal requirements
Payment Information
· To process your payments securely through Shopify
· To maintain records of transactions
· To prevent and detect fraud
Sensitive Information
· To ensure your safety during diving activities
· To comply with diving regulations and safety standards
· To provide appropriate medical information to diving operators
Website Usage and Analytics
· To improve our website functionality
· To enhance user experience
· To analyse and optimise our services
Marketing and Communications
· To send relevant offers and updates (with your consent)
· To personalise your experience
· To improve our services based on feedback
How We Use Your Information
Booking Management
· Coordinating with diving operators and accommodation providers
· Arranging transportation and activities
· Managing changes or cancellations
Payment Processing
For bookings, Wise handles all of your payment information. We use transaction records to:
· Confirm your bookings
· Issue refunds when necessary
· Maintain accurate financial records
Safety and Compliance
· Verifying diving certifications
· Ensuring appropriate safety measures based on medical information
· Complying with travel and diving regulations
Service Improvement
· Analysing booking patterns to enhance our offerings
· Using analytics data to improve website performance
· Developing new services based on customer feedback
Marketing Activities
With your consent:
· Sending newsletters and promotional materials
· Personalising marketing communications
· Conducting market research and surveys
Information Sharing
Essential Service Providers
We share necessary information with:
· Diving operators
· Accommodation providers
· Transportation services
Payment Processing
· Wise processes all payments
· We do not share your payment details with other third parties
Medical Information Sharing
With your explicit consent, we share relevant medical information with:
· Diving operators for safety purposes
· Medical professionals if needed during your trip
Data Retention
Booking Information
· Retained for 7 years for tax and legal purposes
Payment Information
· Transaction records kept for 7 years
· Shopify retains payment details according to their policy
Medical Information
· Retained for 2 years after your last diving activity
· Can be deleted earlier upon request (where legally permissible)
Data Storage and Security
We implement appropriate technical and organisational measures to protect your personal information against unauthorised or unlawful processing, accidental loss, destruction, or damage.
Please note that the transmission of information via the internet is not completely secure. While we do our best to protect your personal information, we cannot guarantee the security of data transmitted to our website or through electronic communication channels. Any transmission is at your own risk.
To keep your personal data secure, we have chosen a secure web hosting service, Shopify which is SSL certificate encrypted.
Do not track
Please note that we do not alter our data collection and usage practices when we detect a do not track signal.
Employee Access
· Strict access controls based on need-to-know
· Regular privacy and security training for staff
Your Privacy Rights
All Customers:
· Right to be informed about our data practices
· Right to access your personal data
· Right to have inaccurate data corrected
· Right to request deletion of your data
· Right to lodge a complaint with supervisory authorities
Australian Privacy Rights
Under the Australian Privacy Principles:
· Right to Anonymity or Pseudonymity
· Right to Access and Correction
· Right to Complain
GDPR Rights (EU/UK Customers)
· Right to Access
· Right to Rectification
· Right to Erasure ('Right to be Forgotten')
· Request deletion of personal data
· Right to Restrict Processing
· Right to Data Portability
· Right to Object
· Rights Related to Automated Decision Making
CCPA Rights (California Customers)
· Right to Know
· Right to Delete
· Right to Opt-Out
· Right to Non-Discrimination
You can exercise your rights by:
Emailing us at info@nomadicscuba.com
Calling us at. +61 499 021 920
Writing to us at 10 Dalleys Road, Naremburn, 2065 Australia
When you contact us:
Please let us know which right you want to exercise
· We may need to verify your identity
· We will respond within 30 days
· If we need more time, we will let you know
By using our services:
· You agree to the practices described in this policy
· You confirm you have permission to provide any information about other travellers
· You understand how we will use and protect your information
You can always change your mind about:
· Marketing communications
· How we use your information (where possible)
Overseas Data Transfer
We primarily store and process your personal information within Australia. However, in some cases, your data may be stored or processed outside of Australia:
Our website is hosted by Shopify, which may store data on servers located outside Australia.
When your data is stored or processed overseas, it may be subject to the laws of those countries. We take all reasonable steps to ensure that our service providers adhere to appropriate data protection standards.
Data Breach Notification
We are committed to protecting your personal information and comply with the Notifiable Data Breaches (NDB) scheme under the Privacy Act 1988. In the event of a data breach that is likely to result in serious harm we will promptly investigate and assess the breach.
If we determine that it is an eligible data breach, we will:
· Take steps to contain the breach and mitigate potential harm to affected individuals
· Notify affected individuals directly or, if not possible, publish a statement on our website and publicise it
· Notify the Office of the Australian Information Commissioner (OAIC)
Our notification will include:
· A description of the breach
· The kinds of information concerned
· Recommendations about the steps individuals should take in response to the breach
Changes to This Policy
We may update this privacy policy from time to time and all modifications will be effective immediately upon our posting of the modifications on our Website. Please check from time to time to review our privacy policy.
Contact Us
Email info@nomadicscuba.com