Your Privacy.

Thank you for visiting our website and your interest in our company and services. Data protection and data security are very important to us. For your further visits to our website, we would like to inform you about data collection, processing and use when visiting, registering and using our service. As well as objection, revocation and other rights to which you are entitled as a person affected by data collection and use.

This we do in compliance with the applicable data protection legislation and have committed to a vast selection of Privacy Laws form across the globe based on our customer base. In particular we adhere to the;

EU General Data Protection Regulation (GDPR)
New Zealand Privacy Act 1993
New York State “Stop Hacks and Improve Electronic Data Security Act” (SHIELD Act)
EU-US Privacy Shield Framework and the Swiss-US Privacy Shield Framework published by the US Department of Commerce
Federal Trade Commission FIPs
Department of Homeland Security FIPPS at Work
California Consumer Privacy Act,
Swiss data protection law (FADP)

IO Group Limited with Company number 6263033 of 100 Moorhouse Avenue, Addington, Christchurch, 8011, New Zealand is the Controller of your personal data.

This Data Protection Policy describes how we handle and protect your personal data and the choices available to you regarding collection, process, access, and how to update, correct and delete your personal data. Additional information on our personal data practices can be found in our Terms of Service. This Data Protection Policy is intended for you as a user of our website and services.

It is important that the data we hold about you is accurate and current, therefore please keep us informed of any changes to your personal data.

What is personal data?

Personal data refers to any information relating to an identified or identifiable natural person (“Personal Data”).

What data do we collect?

We may collect data or ask you to provide certain data when you use our website and services. The sources from which we collect Personal Data are:

Name, email address, telephone number; and home, business, and billing addresses
Government-issued identification as required for booking or identity verification, such as passport, driver’s license, and government redress numbers; and for vacation-property owners and managers, tax identification numbers
Payment information such as payment card number, expiration date, and billing address
Travel preferences, preferred destinations and accommodation types;
Reward program and membership information;
Birth date and gender;
Geolocation;
Images, videos, and other recordings;
Communications with us;
Your Property searches on our website, transactions into which you enter, and interactions with you;
Data you provide about other people, such as your travel companions or others if you are making a booking on their behalf;
Information we receive about you from other companies and third parties such as our business and affiliate partners and authorized service providers;

We organise collected Personal Data as Account Data and Billing Data.

Account Data is everything we need to set up your account and includes your email address and username, and information connected with our services, such as license keys, your First and Last Name, your Business address and phone number.

Billing data is everything we need to set up your payment including your name, email address, masked credit card number and in certain circumstances, your billing address and your phone number if this is not already collected.

As described above, we link data and if we have already collected some of your data, we will only ask you for the remaining data that is necessary to carry out the service contracted for.

How personal data is collected

We collect personal data in the following ways:

Direct interactions - you may provide personal data when you complete online forms, request products/services, subscribe to our services, create a user account, join our mailing list, use our feedback form or otherwise or correspond with us (by post, phone or email)

Automated technology - we automatically collect personal data (technical and usage) when you browse or interact with our website, by using cookies, and other similar technologies. We may also receive technical data about you if you visit other websites which use our cookies.

On what grounds do we use Personal Data?

We use your Personal Data for the following purposes and on the following grounds:

On the basis of fulfilling our contract (when you use our service)
On the basis of your consent (when you subscribe to our newsletter or marketing services)
On the basis of legal obligations (for obligations such as tax, accounting, anti-money laundering, or when a court or other authority asks us to)
On the basis of our legitimate interest (for communications about security, privacy and performance improvements of our services. Or for establishing, exercising or defending our legal rights.)

Of course, before relying on any of those legitimate interests we balance them against your interests and make sure they are compelling enough and will not cause any unwarranted harm.

When do we disclose your Personal Data?

We disclose your Personal Data in response to your business enquiry or your request for information within our Company in order to provide the best service possible and within our legitimate interest.

We may share your information with organisations that help us provide the services described in this Data Protection Policy and who may process such data on our behalf and in accordance with this Data Protection Policy, to support this website and our services. For example, with our legal other professional advisors.

We will be creating accounts on various platforms on behalf of the host, platforms such as Airbnb, Booking.com, HomeAway, Trip Advisor.

We may also share information with our secure payment gateway provider (Stripe.com), and you may need to provide credit or debit card information directly to the provider in order to process payment details and authorise payment following a secure link. The information which you supply to in such cases is not within our control and is subject to the payment gateway provider’s own Privacy Notice and Terms and Conditions.

In relation to information obtained about you from your use of our website, we may share a cookie identifier and IP data with analytic and advertising network services providers to assist us in the improvement and optimisation of our website which is subject to our Cookies Policy.

We may disclose personal information in other circumstances such as when you agree to it or if the law, a Court order, a legal obligation or regulatory authority ask us to. If the purpose is the prevention of fraud or crime or if it is necessary to protect and defend our right, property or personal safety of our staff, the website and its users.

Data retention

We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.

Details of retention periods for different aspects of your personal data are available in our retention policy which you can request from us. However, we are legally required to keep basic information about our customers (including contact, identity, financial and transaction data) for six years after they cease being customers, for tax purposes.

You can learn how long your information is held and when it is destroyed from our Data Retention Policy which you can request using our contact form.

Your Rights

You have the right to:

information about the processing of your personal data
obtain access to the personal data held about you
ask for incorrect, inaccurate or incomplete personal data to be corrected
request that personal data be erased when it’s no longer needed or if processing it is unlawful
object to the processing of your personal data for marketing purposes or on grounds relating to your particular situation
request the restriction of the processing of your personal data in specific cases
receive your personal data in a machine-readable format and send it to another controller (‘data portability’)
request that decisions based on automated processing concerning you or significantly affecting you and based on your personal data are made by natural persons, not only by computers. You also have the right in this case to express your point of view and to contest the decision
Where the processing of your personal information is based on consent, you have the right to withdraw that consent without detriment at any time through our contact form.

If you feel that your request is not satisfactorily resolved by us, you may approach your local data protection authority.

How do we protect your Personal Data?

We protect your data using state of the art technical, and physical safeguards and operate a firm system of policies, confidentiality agreements, digital safeguards and procedures to ensure the highest level of administrative protection.

In more detail to access our database the user must be authorised, is challenged through a two-way authentication system and use an encrypted VPN. Also, the removal of Personal Data from our location is forbidden and made by using a complex encryption system very difficult. We use cutting edge antivirus and anti-malware software and up-to-date firewall protection. Moreover, authorised personnel must have a legitimate need to know interest such as being your point of contact or service your user account.

The data we collect from you may be stored, with appropriate technical and organisational security measures applied to it, on our servers. In all cases, we follow generally high data protection standards and advanced security measures to protect the personal data submitted to us, both during transmission and once we receive it.

To exercise any of your rights, or if you have any questions or complaints about our use of your Personal Data and this policy, please contact us using our contact form.

International transfers

We are a global business that provides its products and services all around the world. In order to reach all of our users and provide all of them with our software, we operate on an infrastructure that spans the globe. The servers that are part of this infrastructure may therefore be located in a country different to the one where you live. In some instances, these may be countries outside of the European Economic Area. Regardless, we provide the same level of protection to all Personal Data it processes and rigorously apply the GDPR principles across our Company.

At the same time, when we transfer Personal Data outside of the EEA, we always make sure to have appropriate and suitable safeguards. For example, standardised contracts that are approved by the European Commission and specific documents that legally bind the receiving party to adhere to a high level of data privacy and data protection. As well as encryption and several algorithms such as Blowfish, Triple DES and RSA encryption.

California Privacy Rights

Sources and Categories of collected personal information: (you can find all sources and categories of collected personal information above)

Business or commercial purpose for collecting information: (you can find all purposes of processing personal information above)

Categories of third parties with whom the business shares personal information: (you can find all categories of recipients of personal information listed above)

In addition to the rights as explained, under California’s “Shine the Light” law, California residents who provide personal information (as defined in the statute) to obtain products or services are entitled to request and obtain from us, once per calendar year, information about the personal information we shared, if any, with other businesses for marketing uses. If applicable, this information would include the categories of personal information and the names and addresses of those businesses with which we shared such personal information for the immediate prior calendar year (e.g., requests made in the current year will receive information about the prior year).

To obtain this information please write to us at: IO Group Limited trading as Abodeio, 100 Moorhouse Avenue, Addington, Christchurch, 8011, New Zealand

Changes

This Data Protection Policy and our commitment to protecting the privacy of your personal data can result in changes to this Data Protection Policy. Please regularly review this Data Protection Policy to keep up to date with any changes.

Queries and Complaints

Any comments or queries on this policy should be directed to us using the following contact details.

IO Group Limited trading as Abodeio
Company number:6263033
100 Moorhouse Avenue, Addington, Christchurch, 8011, New Zealand