Speak to a Vacation Planner +44 2038082378

Mon-Sat: 8:00–20:00 CET

Menu
Search...

Privacy Policy & Cookies

PRIVACY POLICY

www.sailyachts.com

Effective date: 1st January 2024

  1. Introduction

Welcome to www.sailyachts.com, operated by Y.E. SYSTEMS LTD., a company incorporated in Hong Kong (BR Number: 50379271) with our registered office at Room 1004, Laurels Industrial Centre, 32 Tai Yau St., San Po Kong, Kowloon, Hong Kong. This Privacy Policy outlines our commitment to protecting the privacy and handling the personal data of our users. By accessing and using our services, you agree to the practices described in this policy, compliant with the Personal Data (Privacy) Ordinance (PDPO) of Hong Kong and other applicable laws.

  1. Definitions and Key Terms
  • Personal Data: Refers to any data relating directly or indirectly to a living individual, from which it is practicable to ascertain the identity of the individual.
  • Data Subject: The individual who is the subject of the personal data.
  • Processing: Any operation performed on personal data, including collection, use, storage, disclosure, or deletion.
  • Data Controller: The entity (Y.E. SYSTEMS LTD.) that determines the purposes and means of processing personal data.
  • Data Processor: A person or entity that processes personal data on behalf of the data controller.
  1. Data Collection and Use

We collect personal data in various ways, including through account registration, bookings, customer inquiries, and cookies. The types of personal data we collect include, but are not limited to, your name, contact details, payment information, and usage data. This data is used to:

  • Facilitate yacht charter bookings.
  • Improve our website and services.
  • Communicate with you regarding your bookings and inquiries.
  • Process payments and prevent fraudulent transactions.
  • Comply with legal obligations.
  1. Lawful Basis for Processing

Our processing of your personal data is based on the following lawful grounds:

  • Consent: Where you have given clear consent for us to process your personal data for a specific purpose.
  • Contractual Necessity: Processing necessary for the performance of a contract with you or to take steps at your request before entering into a contract.
  • Legal Obligation: Processing necessary to comply with our legal obligations.
  • Legitimate Interests: Processing necessary for our legitimate interests or those of a third party, provided those interests are not overridden by your rights and interests.
  1. Data Sharing and Disclosure

We may share your personal data with:

  • Yacht owners/operators for booking purposes.
  • Third-party service providers for payment processing and IT services.
  • Law enforcement or regulatory authorities, when required by law.
  • Any other party where we have your explicit consent.
  1. Data Subject Rights

Under the PDPO, you have rights regarding your personal data, including:

  • Access: You can request access to your personal data.
  • Correction: You can request correction of inaccurate data.
  • Erasure: In certain circumstances, you can request the deletion of your data.
  • Objection: You may object to certain types of processing.
  • Restriction: You can request that we restrict the processing of your data.

To exercise these rights, please contact us using the details provided in Section 13.

  1. Data Security and Protection

We employ stringent security measures to protect your personal data from unauthorized access, alteration, disclosure, or destruction. These measures include encryption, access controls, secure data storage, and regular security audits. However, no internet-based service can guarantee absolute security, and we urge you to take your own precautions to protect your personal data.

  1. International Data Transfers

Due to the global nature of our services, your personal data may be transferred to, and processed in, countries outside of Hong Kong. We ensure these transfers are conducted in compliance with legal requirements and offer an equivalent level of protection as provided by Hong Kong privacy laws. This includes implementing standard contractual clauses, ensuring the recipient country has adequate data protection laws, or obtaining your explicit consent for such transfers.

  1. Data Retention Policy

We retain personal data only as long as necessary for the purposes outlined in this policy or as required by law. The retention period varies depending on the nature of the data and the purpose of processing. Upon expiry of the retention period, data is securely deleted or anonymized. We regularly review our data retention practices to ensure compliance with legal obligations and industry best practices.

  1. Use of Cookies and Similar Technologies

Our website uses cookies and similar technologies to enhance user experience, gather usage statistics, and provide targeted advertising. Users have the option to control the use of these technologies through their browser settings. However, disabling cookies may affect the functionality of certain features on our website. Our Cookie Policy provides detailed information on the types of cookies we use and their purposes.

  1. Children’s Privacy

Our services are not directed at individuals under the age of 18. We do not knowingly collect personal data from children. If we become aware that we have collected personal data from a child without parental consent, we will take steps to remove the information and terminate the child’s account.

  1. Third-Party Websites and Services

Our website may contain links to third-party websites and services. These external sites have their own privacy policies, and we are not responsible for their content or data handling practices. We encourage users to read the privacy policies of any third-party sites they visit.

  1. Contact Information and Complaints

For inquiries about our privacy practices, exercising your rights, or lodging a complaint, please contact our Data Protection Officer at:

  • Email: [Insert Email]
  • Postal Address: [Insert Address]

Complaints will be investigated and responded to in accordance with our internal procedures and legal requirements.

  1. Changes to Our Privacy Policy

We reserve the right to modify this Privacy Policy at any time. Changes will be effective immediately upon posting on our website. We will provide notice of significant changes through our website or by other means, ensuring you are aware of the information we collect and how we use it.

  1. Rights of Data Subjects under Hong Kong Law

Under Hong Kong’s Personal Data (Privacy) Ordinance (PDPO), data subjects have specific rights, including the right to access personal data held by us, the right to request correction of inaccuracies, the right to ascertain our policies and practices in relation to data, and the right to be informed of the kind of personal data held by us. Requests for access or correction of data, or for information regarding policies and practices and kinds of data held, should be addressed as per our stated contact details.

  1. Data Security Measures

To protect personal data from unauthorized access, processing, erasure, loss, or use, we employ robust security measures. These include encryption, access control, secure data storage, and other appropriate technologies. Our security protocols are regularly reviewed and updated in line with technological advancements and legal requirements.

  1. Handling Data Breaches

In case of any data breach, we have established procedures to act promptly. This includes assessing the risks to your rights and freedoms, notifying you and relevant authorities where legally required, and taking steps to mitigate the effects of the breach. We maintain records of any data breaches, regardless of their effect.

  1. Compliance with Direct Marketing Requirements

We adhere to Hong Kong’s regulations regarding direct marketing. Users have the right to opt-out of receiving marketing communications. Prior consent is obtained before using your personal data for such purposes, and we ensure clear instructions are provided for opting out in every marketing communication.

  1. Cross-Border Data Transfers

Data transfers outside Hong Kong are conducted in compliance with the PDPO. This includes ensuring overseas jurisdictions have comparable data protection standards or implementing safeguards like data transfer agreements that include standard data protection clauses.

  1. Use of Personal Data for Legal and Compliance Purposes

We reserve the right to use or disclose personal data as necessary to comply with legal obligations, enforce our terms and conditions, protect our rights and property, and ensure the safety of our users, employees, or the public. This includes cooperating with law enforcement agencies as per the legal requirements.

  1. Data Protection Officer

Our Data Protection Officer (DPO) oversees compliance with Hong Kong’s data protection laws. The DPO is responsible for educating the staff regarding compliance, conducting audits, and ensuring our responsibilities are met. The contact details of our DPO are provided for your convenience and assistance.

  1. Personal Data Collection under Singapore Law

In compliance with the Personal Data Protection Act (PDPA) of Singapore, we collect personal data only for legitimate and reasonable purposes. Before collection, we inform users of such purposes and obtain consent where required. Users have the right to withdraw consent at any time, subject to legal or contractual restrictions and reasonable notice.

  1. Accuracy of Personal Data

Consistent with Singapore’s PDPA, we make reasonable effort to ensure that personal data collected is accurate and complete, especially if it is likely to be used to make a decision that affects the individual or disclosed to another organization.

  1. Protection of Personal Data in Singapore

We implement appropriate security arrangements to protect personal data in Singapore as required under the PDPA. This includes safeguarding the data from unauthorized access or disclosure and other similar risks.

  1. Retention Limitation in Singapore

We adhere to the PDPA’s stipulation on retention limitation. Personal data is not kept longer than necessary for fulfilling the purpose for which it is processed. We have policies and processes in place for the timely destruction or anonymization of personal data.

  1. Data Transfers Outside of Singapore

In line with the PDPA, we ensure that overseas data transfers meet Singapore’s data protection standards. We take steps to ascertain that foreign recipients provide a standard of protection comparable to the PDPA’s protection.

  1. Data Breach Notification in Singapore

Following the PDPA, in the event of a data breach, we will assess the situation and, where necessary, notify the Personal Data Protection Commission (PDPC) and affected individuals without undue delay, in accordance with the PDPA guidelines.

  1. Individual Rights under GCC Data Protection Laws

In jurisdictions within the GCC, we recognize and respect individual rights to personal data privacy as per local data protection laws. This includes rights to access, correct, and delete personal data, and to limit or object to its processing, subject to certain exceptions.

  1. Compliance with EU GDPR

Under the General Data Protection Regulation (GDPR) of the European Union, we are committed to ensuring the protection and proper handling of personal data of EU residents. This includes obtaining explicit consent for data processing, ensuring data accuracy, and providing individuals with access to their data, along with the right to rectify, delete, or restrict processing of their data.

  1. Data Controller and Processor Responsibilities

As a data controller and processor, we abide by the GDPR’s requirements. We implement appropriate technical and organizational measures to ensure and demonstrate that data processing is performed in compliance with the GDPR. This includes maintaining necessary documentation, performing impact assessments, and implementing data protection policies.

  1. Data Protection Officer

We have appointed a Data Protection Officer (DPO) in compliance with GDPR requirements. The DPO is responsible for overseeing data protection strategies and ensuring compliance with GDPR regulations.

  1. Cross-Border Data Transfers under GDPR

When transferring personal data outside the EU, we ensure compliance with the GDPR’s provisions on international data transfers. This includes transferring data only to countries deemed to provide an adequate level of data protection or under agreements that meet GDPR standards, such as Standard Contractual Clauses.

  1. Data Breach Notification under GDPR

In accordance with the GDPR, we have procedures in place to detect, report, and investigate personal data breaches. We will notify the relevant supervisory authority and affected individuals of a data breach when it is likely to result in a risk to the rights and freedoms of individuals.

  1. Compliance with the US CCPA

In alignment with the California Consumer Privacy Act (CCPA), we respect the privacy rights of California residents. This includes the right to know about the personal data collected, the purpose for collecting it, and the right to request deletion of their personal data.

  1. Consumer Rights under CCPA

We recognize the rights of consumers under the CCPA, including the right to opt-out of the sale of personal information, the right to non-discrimination for exercising their CCPA rights, and the right to access their personal data.

  1. Handling Consumer Requests under CCPA

We have established procedures for receiving and responding to consumer requests under the CCPA. We ensure timely response and action on such requests, respecting the statutory timeframe outlined in the CCPA.

  1. Data Minimization and Purpose Limitation

We adhere to the principles of data minimization and purpose limitation, collecting only the personal data that is necessary for the purposes for which it is processed. We limit the processing of personal data to the specific purposes informed to the users.

  1. Employee Training and Awareness

We conduct regular training and awareness programs for our employees to ensure they understand the importance of data protection and are familiar with our privacy policies, procedures, and compliance with various data protection laws.

  1. Annual Data Protection Audits

We conduct annual audits to review our data processing activities and ensure compliance with data protection laws. This includes assessing our data handling practices, security measures, and adherence to privacy policies.

  1. Update and Review of Privacy Policy

Our privacy policy is subject to regular reviews and updates to ensure ongoing compliance with evolving data protection laws and standards. We communicate any significant changes to our privacy policy to our users in a timely manner.

  1. Contact Information for Privacy Concerns

We provide clear contact information for users to address their privacy-related inquiries and concerns. Users can contact our designated privacy officer or data protection team through specified channels.

COOKIE POLICY

www.sailyachts.com

Effective date: 1st January 2024

Introduction

This Cookie Policy outlines the use of cookies and similar technologies on www.sailyachts.com, a service operated by Y.E. SYSTEMS LTD. Our platform’s use of cookies is designed to enhance your browsing experience and provide tailored services.

Understanding Cookies

Cookies are small text files stored on your device when you visit certain web pages. They are essential for the smooth functioning of websites and provide a seamless browsing experience, remembering your preferences and settings.

Types of Cookies Utilized on Sailyachts.com

  1. Functional Cookies: These cookies are essential for the basic functionalities of our website, enabling features like secure login, account management, and service continuity.
  2. Performance Cookies: These collect data about your website usage, helping us improve the performance and user experience of Sailyachts.com.
  3. Analytical Cookies: Utilized to understand user interactions with our website, these cookies provide insights into navigation patterns and service preferences.
  4. Personalization Cookies: These cookies remember your settings and preferences for a more personalized browsing experience.
  5. Advertising Cookies: Used for delivering tailored advertising content relevant to your interests, both within and beyond our website.

Your Cookie Choices

Most web browsers automatically accept cookies but allow you to modify your browser settings to decline cookies if you prefer. This may, however, impact your user experience on our website.

Consent

By using Sailyachts.com, you consent to the use of cookies in accordance with this policy, unless you have adjusted your browser settings to decline them.

Updates to Our Cookie Policy

This policy may be updated periodically to reflect changes in our practices or for other operational, legal, or regulatory reasons.

Contact Us

For more information about our cookie practices or if you have questions, please contact our customer service at [Insert Contact Information].

Your continued use of Sailyachts.com signifies your acceptance of our Cookie Policy.

Login

Leaving Early?

Before You Go, Let’s Talk! Need help choosing the perfect yacht package? Reach out to us! We’re here to customise your sailing experiences.

Email

office@sailyachts.com

Phone

+44 2038082378 (United Kingdom)
+30 2111980073 (Europe)
+1 4247380727 (North America)
+852 37027639 (Asia Pacific)

Leaving Early?

Before You Go, Let’s Talk! Need help choosing the perfect yacht package? Reach out to us! We’re here to customise your sailing experiences.