CTO Privacy Policy

Your privacy is important to us and the Caribbean Tourism Organization (CTO) is committed to protecting your privacy and the information that you share in connection with our services.

This Privacy Policy governs our data collection, processing and usage practices. It also describes your choices regarding use, access and how to update or request deletion of your personal information. If you do not agree with the data practices described in this Privacy Policy, you should not use the CTO websites or provide Personal Data to CTO to access our services.

We periodically update this Privacy Policy. We will post any privacy policy changes on this page and, if the changes are significant, we will provide a more prominent notice by sending you an email notification. While we will notify you of any material changes to this Privacy Policy, we encourage you to review this Privacy Policy periodically. We will also keep prior versions of this Privacy Policy in an archive for your review.

If you have any questions about this Privacy Policy or our treatment of the information you provide us, please  email us –  [email protected] or send mail to:
Caribbean Tourism Organization,
7th Floor, Baobab Tower,
Warrens, St Michael,
BARBADOS. Attn: Privacy.

 

What is Personal Data?

This refers to any information that you voluntarily submit to us and that identifies you personally, including contact information, such as your name, e-mail address, company name, address, phone number, title, company information and other information about yourself or your business. Personal Data can also include information about any transactions, both free and paid, that you enter into on the websites, and information about you that is available on the Internet, such as from Facebook, LinkedIn, Twitter and Google, or publicly available information that we acquire from service providers.

What information does CTO collect about me?

  • We will collect Personal Data that you voluntarily provide us, for example, when you join CTO as an Allied member, when you send emails to CTO, when you purchase tourism statistical data or when you register to attend CTO conferences, events or webinars. We may also collect Personal Data when you sign up for marketing emails, events, or other opportunities through CTO.
  • When you participate in one of the CTO surveys, we may collect additional profile information.
  • Billing and transactional information pursuant to your purchase of Allied membership through CTO sites or purchase of statistical documents or tickets for CTO events.
  • When you visit CTO websites you are free to explore the websites without providing any Personal Data about yourself. To make CTO sites and service more useful to you, our servers (which may be hosted by a third party service provider) collect information from you, including your hardware model, operating system version, browser type, Internet Protocol (“IP”) address (a number that is automatically assigned to your computer when you use the Internet, which may vary from session to session), domain name, and/or a date/time stamp for your visit, broad geographic location and other technical data collected through cookies, pixel tags or other similar technologies as collected through Google Analytics.
  • Log Files. As is true of most websites, we gather certain information automatically and store it in log files. This information includes IP addresses, browser type, Internet service provider (“ISP”), referring/exit pages, operating system, date/time stamp, and clickstream data. We use this information to analyze trends, administer the sites, track users’ movements around the sites, gather demographic information about our user base as a whole, and better tailor our sites to our users’ needs. For example, some of the information may be collected so that when you visit the sites again, it will recognize you and the information could then be used to serve information appropriate to your interests.  We do not link this automatically-collected data to Personal Data.
  • Cookies. Like many online services, CTO uses cookies to collect information. “Cookies” are small pieces of information that a website sends to your computer’s hard drive while you are viewing the website. We may use both session Cookies (which expire once you close your web browser) and persistent Cookies (which stay on your computer until you delete them) to provide you with a more personal and interactive user experience. This type of information is collected to make CTO sites and services more useful to you.
  • Flash LSOs. When CTO posts videos, third parties may use local shared objects, known as “Flash Cookies,” to store your preferences for volume control or to personalize certain video features. Flash Cookies are different from browser Cookies because of the amount and type of data and how the data is stored. Cookie management tools provided by your browser will not remove Flash Cookies. To learn how to manage privacy and storage settings for Flash Cookies, click here: http://www.macromedia.com/support/documentation/en/flashplayer/help/settings_manager07.html.
  • Google Analytics. We use Google Analytics to help analyze how users use the CTO sites. Google Analytics uses Cookies to collect information such as how often users visit the sites, what pages they visit, and what other sites they used prior to coming to the CTO sites. We use the information from Google Analytics only to improve the CTO sites. Google Analytics collects only the IP address assigned to you on the date you visit the sites, rather than your name or other personally identifying information. CTO does not combine the information generated through the use of Google Analytics with your Personal Data. Although Google Analytics plants a persistent Cookie on web browsers to identify you as a unique user the next time you visit the sites, the Cookie cannot be used by anyone but Google. Google’s ability to use and share information collected by Google Analytics about your visits to the CTO sites is restricted by the Google Analytics Terms of Use and the Google Privacy Policy

How CTO Uses Personal Data

In general, Personal Data you submit to CTO is used either to respond to requests that you make or to aid CTO in serving you better. We use your Personal Data in the following ways:

  • facilitate the creation of and completion of your profile for use with the CTO sites;
  • identify you as a member of our membership sites;
  • provide improved administration of the sites;
  • provide the sites and service;
  • improve the quality of experience when you interact with the sites and service;
  • send you a welcome e-mail to verify ownership of the e-mail address provided when your membership was created;
  • send you administrative e-mail notifications, such as information about membership offers, or event discounts or security or support and maintenance advisories;
  • respond to your inquiries related to requests;
  • make telephone calls to you, from time to time, as a part of he CTO service to solicit your feedback or to respond to your queries;
  • send newsletters, surveys, offers, and other promotional materials related to the CTO and for other marketing purposes;

User Testimonials And Feedback

We often receive testimonials and comments from users who have had positive experiences with CTO. We occasionally publish such content. When we publish this content, we may identify users by their first and last name and may also indicate their home city. We obtain the user’s consent prior to posting his or her name along with the testimonial.

Compliance with laws and for other legitimate business purposes: CTO may share your Personal Data when it believes disclosure is necessary or required by law, regulation, to protect users, the integrity of CTO sites or services and to defend or exercise CTO’s legal rights. CTO may also disclose your Personal Data when it may be necessary for other legitimate purposes as reasonably determined by CTO.

Does CTO share my data with third parties?

Business Partners: We may share your Personal Data with CTO partners to fulfill obligations and requests, to deliver support, and to provide users with information about CTO.  CTO does not control how a business partner may use your Personal Data. Our business partners are responsible for managing the use of Personal Data collected in these circumstances.

Service Providers: We may share some or all of your personal information with third parties, such as vendors and service providers who provide assistance with billing, payment processing, marketing, data analytics support and service associated with CTO sites or services, to conduct quality assurance testing; to facilitate the creation of membership accounts; to provide technical support; and/or to provide other services to CTO. We may share your personal data with affiliated companies within our corporate family, with third parties with which we have partnered to allow you to integrate their services into our own services, and with trusted third party service providers as necessary for them to perform services on our behalf. Examples of when we share data include processing payments, communicating with you through surveys or email, and interest based advertising. We only share the minimum information necessary, and third parties are prohibited from using your information for any other purpose as indicated in our Privacy Policy.

Compliance with laws and for other legitimate business purposes: CTO may share your Personal Data when it believes disclosure is necessary or required by law, regulation, to protect users, the integrity of CTO sites or services and to defend or exercise CTO’s legal rights. CTO may also disclose your Personal Data when it may be necessary for other legitimate purposes as reasonably determined by CTO.

Third Parties Designated By You: When you use the CTO sites or services, the Personal Data you provide may be shared with the third parties that you designate to receive such information such as other CTO members.

Public Profile: Certain portions of the information you provide to us may also be displayed in your profile on the CTO membership sites. Most of the Personal Data you explicitly provide to us when you are added to the membership sites is displayed to you when you log in to your account on the site. By default, this information is not visible to other users of the sites.

Your Choices Regarding Information

You have several choices regarding the use of information on CTO:

(a) Email Communications

We will periodically send you free newsletters and e-mails that directly promote the use of CTO or CTO sites or service. When you receive newsletters or promotional communications from us, you may indicate a preference to stop receiving further communications from us and you will have the opportunity to “opt-out” by following the unsubscribe instructions provided in the e-mail you receive or by sending an email to [email protected] You may also indicate what you wish to be contacted about by filling in the CTO Opt-in/Opt-out Form. Despite your indicated e-mail preferences, we may send you service-related communications regarding CTO membership.

(b) Cookies

If you decide at any time that you no longer wish to accept Cookies from CTO sites for any of the purposes described above, then you can instruct your browser, by changing its settings, to stop accepting Cookies or to prompt you before accepting a Cookie from the websites you visit. Consult your browser’s technical information. If you do not accept Cookies, however, you may not be able to use all portions of the CTO sites

(c) Changing Or Deleting Your Personal Data

You may change any of your Personal Data in your site membership by editing your profile within your site membership account or by sending an e-mail to us at [email protected] You may request deletion of your Personal Data by us, and we will use reasonable efforts to honor your request, but please note that we may be required to keep such information and not delete it (or to keep this information for a certain time, in which case we will comply with your deletion request only after we have fulfilled such requirements). When we delete any information, it will be deleted from the active database, but may remain in our archives. We may also retain your information for fraud or similar purposes.

How Long CTO Retains Your information

We will retain personal information collected from you for the period allowable by law and where we have a justifiable business need to do so, unless a longer period is required or permitted by law. You can request deletion of your Personal Data at any time and we will consider your request in accordance with applicable law.

External Links

The CTO sites may link to other websites or services. Other websites may also contain links to the CTO sites. CTO does not control those websites or their privacy practices. The personal information you choose to give to such parties is not covered by this Privacy Policy.

Security Of Your Personal Data

CTO is committed to protecting the security of your Personal Data. We use a variety of industry-standard security technologies and procedures to help protect your Personal Data from unauthorized access, use, or disclosure. We also require you to enter a password to access your site membership account information. Please do not disclose your membership site account password to unauthorized people.

Data Processing Agreement (Siteground.com & GoDaddy.com)

Siteground, which hosts some of the CTO websites has issued a DPA  that provides more transparency and information on how they handle and protect the data uploaded to their servers. The existence of this document guarantees that CTO has a GDPR compliant relationship with Siteground as a data processor. This fulfills the requirement that CTO be GDPR compliant in the relationship with our website users, whose data may end up stored on Siteground servers. Read the Siteground DPA.

GoDaddy also hosts some of the CTO websites and has issued a Data Processing Addendum (“DPA”), which explains how they handle and protect the data uploaded to their servers in accordance with the applicable laws.

Changes To This Privacy Policy

This Privacy Policy may be updated from time to time for any reason. We will notify You of any changes to Our Privacy Policy by posting the new Privacy Policy and we will change the “Last Updated” date above. You should consult this Privacy Policy regularly for any changes. Continued use of the CTO sites or service, following the posting of such changes, shall indicate your acknowledgment of such changes and agreement to be bound by the terms of such changes. If you do not agree, You should immediately discontinue your use of the CTO sites or Service.

A Note About Children

We do not intentionally gather Personal Data from visitors who are under the age of 16. If a child under 16 submits Personal Data to CTO and we learn that the Personal Data is the information of a child under 16, we will delete the information as soon as possible. If you believe that CTO might have any Personal Data from a child under 16, please contact us at [email protected]

Privacy Rights

You may modify the information you have provided to CTO at any time by sending an email to [email protected] or filling in the form located here (insert link to change of personal info page on OneCaribbean.)  You can also opt-out of receiving marketing communications, newsletters, press releases or any other communications from CTO by sending us an email at [email protected] or filling in the CTO Opt-in/Opt-out Form.

Additional Rights for EEA users or similar international areas

If you live in the European Economic Area, or a similar international area, you may have additional privacy rights available to you under applicable laws. We will process your requests in accordance with applicable data protection laws. If you would like to exercise any of the below rights, please contact [email protected] so that we may consider your request in accordance with applicable law:

  • Right not to provide or withdraw consent: You have the right not to provide or withdraw your consent at any time.
  • Right of access: You may have the right to access the Personal Data that you provided us.
  • Right of erasure: You may have the right to the erasure of Personal Data that CTO holds about you.
  • Right to object to processing: You may have the right to request that CTO stop processing your Personal Data and/or to stop sending you marketing communications.
  • Right to rectification: you may have the right to require CTO to correct any of your Personal Data.