eviivo's Privacy Policy
We are committed to ensuring that your privacy is protected and We understand the need for appropriate protection of all Personal Information provided by You to Us. This Privacy Policy has been created in order that You understand the importance that we attach to this issue and Our commitment to ensure that we comply with UK legislation and the General Data Protection Regulations (“GDPR“).
This Privacy Policy (“Privacy Policy”) describes the treatment of any personal data provided to or collected by eviivo Limited, a company registered in England and Wales under number 5002392 with offices at Fora Clerkenwell, 2nd floor, 9 Dallington Street, London, EC1V 0LN (eviivo, We, Us), and by its wholly-owned subsidiaries including eviivo Ireland Limited, a company registered in Ireland under number 721661 with offices at Trinity House Charleston Road, Ranelagh, D06 C8X4 Dublin 6, Ireland.
1. Definitions
Booking(s) refers to the reservation of accommodation with a specified Establishment.
Booking Confirmation refers to the notification issued by Us, to confirm a Booking made with an Establishment.
Booking Service refers to the accommodation search facility operated by Us which may be used to search for, book and pay for accommodation.
Communication Facility refers to any bulletin boards, chat rooms, web based forms, or other messaging or communication facilities between You and Us (if any), as may be available from time to time on any Website or Booking Service operated by Us.
Establishment refers to accommodation included in and displayed via eviivo’s Booking Service.
Form refers to a web-based or an email-based data entry form designed by Us and used to help Us collect information about You.
eviivo refers to eviivo Limited (a company registered in England and Wales under the number 05002392 and having its registered offices at Camburgh House, 27 New Dover Road, Canterbury, Kent, CT1 3DN), and to its wholly-owned subsidiaries including eviivo Ireland Limited (a company registered in Ireland under number 721661 and having its registered offices at Trinity House Charleston Road, Ranelagh, D06 C8X4 Dublin 6, Ireland). eviivo Limited’s VAT number is 877374571. eviivo operates the www.toprooms.com and www.eviivo.com Websites and the eviivo Booking Service, which includes the processing of online payments for bookings made via the Booking Service.
Intellectual Property Rights refers to all patents, copyright, database rights, design rights, moral rights, registered designs, trademarks or service marks, trade names, or know-how (whether registered or not and including any applications or rights to apply for registration) and all rights or forms of protection of a similar nature whether subsisting now or at any time in the future anywhere in the world.
You (and related expressions like “Your” and “Yours” and “Yourself”) refers to you, a user of the Website or the Booking Service or the Communication Facility operated by Us.
Your Content refers to business contact information, ratings, reviews, comments, photographs or other information and material, including personal information which may include, without limitation, Your name, address, town, postcode, country, email and phone number as well as billing information or payment card details (“Personal Information“) which You consent to share with Us when you submit a Form, a Booking or a Guest Review.
We (and related expressions like “Us” and “Our” and “Ours” and “Ourselves”) refers to eviivo as the operator of the toprooms Website and Booking Service.
Website refers to a website operated by Us, which includes a Communications Facility or a Booking Service operated by Us. The Website may refer to any website using a domain or sub-domains owned by us including but not limited to eviivo.com, toprooms.com, bookdirectrooms.com, and on.eviivo.com
2. Your consent
When using this Website, or the Booking Service or Guest Review Service operated by Us on the Website, and providing your personal details, We collect, use and retain Your personal information for the sole purpose of fulfilling our services to You or completing a Booking transaction (contractual obligation), including the sharing of any necessary Personal Information with the relevant third parties (for example an accommodation provider or a travel agency) where this is necessary to allow us to fulfil Our obligations under the terms of this Privacy Policy.
Where you have expressly provided consent online when asked to do so, we may also use Your Personal Information to communicate information to You about our products and services and to improve our understanding of the needs of potential and existing users of our services.
3. Collection, use & retention of Personal Information
We collect, use and retain Personal Information about you only to the extent that is reasonably required to conduct our business effectively.
The information collected by Us varies depending on the service you request from us.
We may collect personal details such as but not limited to Your name, address, accommodation details, credit/debit card number and expiry date, billing details and telephone numbers (“Personal Information”) either when You use Our Communication Facility, or when You use Our Booking Service. Your credit/debit card details are only used to process the transaction You have requested, and are NOT stored or used in any other way by Us.
We may also collect Personal Information directly from You when You speak to Us over the telephone or send Us correspondence or submit an accommodation review or a review of Our services.
We use Personal Information to complete transactions on Your behalf and to ensure that we can efficiently manage and track transactions that are processed through Our system. We also use Personal Information to monitor Our system’s efficiency and usability, and to test and develop enhancements and changes to the way We do business.
We may also collect Your Personal Information when we undertake market research, or ask a third party to undertake market research on Our behalf, in accordance with the terms of this Privacy Policy. When You agree to participate in any such market research, and give us consent to Use Your Personal Information where asked to do so, Your Personal Information shall remain confidential in compliance with the terms of this Privacy Policy, and shall be used for the sole purpose of improving our services to You, or analysing, compiling and publishing general market trends. For the avoidance of doubt, published market trend information shall be provided at aggregate level only and shall not disclose any Personal Information.
The Personal Information that We collect is stored securely on servers in the United Kingdom and processed by our staff based in the United Kingdom, in Tunisia and the European Union. The Personal Information we collect may also be accessed by staff outside the European Economic Area (EEA) who work for us, including our affiliated subsidiary in Tunisia.
The Personal Information we collect may also be shared with third parties where this is necessary to process and complete Bookings or payment transactions on Your behalf, to fulfil Our contractual obligation to You, or allow the relevant third parties to fulfil their obligations to You in providing the service You requested. Such third parties may be located outside the EEA and may store the data we share with them outside the EEA. Third parties may include without limitations:-
An accommodation provider that You selected via the Booking Service, a third party operating the website which made the Booking Service available to You (for example: an online travel website, or regional and local tourism organisations), or a payment processor (for the processing of card payments) (“Booking Partners”).
one of our contracted suppliers (for example: the data centre hosting our services, or a market research company handling surveys on our behalf). (“Suppliers”).
Booking Partners and Suppliers operating under a contractual agreement with Us are either bound by the terms of this Privacy Policy or required to comply with current applicable data protection regulations.
Although this Privacy Policy applies to Personal Information about You that may have been shared with third parties under the terms of this Privacy Policy, or provided to Us by third parties, We are not responsible for the privacy policies of those third parties or the operators of the sites that offer our Booking Service, and We will not be liable for those third parties’ data protection policies and practices.
If You are an accommodation provider or business partner concerned with the protection of Your Personal Information, We recommend that you use a distinct separate business email, business address, business phone line and business bank account rather than use Your personal data.
Should You, as an accommodation provider or business partner, choose to provide Personal Information to Us in response to a specific request for business contact details (for example a business email, address, and phone number), You understand and agree that any Personal Information provided in this context shall be deemed to be Your business contact data, and Your consent to its use as business information, and that this data will NOT be protected by the provisions of this Privacy Policy and GDPR. You understand and agree that when you provide business contact data and business Content to Us, You give us the right to use and publish said business Content and contact data via the internet, via email, and/or share it or publish it via Our travel distribution partners.
4. Protection of Personal Information
We maintain appropriate security standards and procedures in relation to the collection, use and retention of Your Personal Information in order to prevent unauthorised access or disclosure.
We are compliant with the Payment Card Industry security standard (PCI-DSS Level 1). We are audited annually by an independent expert and the card schemes, including a full review of our systems and procedures, and the relevant penetration tests, to ensure that we provide the highest level of card payment security. Card details processed on eviivo.com, toprooms.com or via on.eviivo.com are encrypted and fully tokenised and are not held beyond the scope of the booking duration. We cannot be held liable for the security of any card information that You may have passed on to an accommodation provider or to a travel agency by means other than Our Website or Booking Service.
5. Disclosure to third parties
Personal Information is shared with our group companies, contractors, data processing companies including operators of global distribution systems and payment clearing houses, banks and professional advisers. We share only the Personal Information necessary to deliver any supply of products and/or services by Us to You or in order to ensure the successful completion of a transaction processed through our system or for other related purposes. We may also disclose Your Personal Information when necessary to protect against fraud or any other crime (usually by providing such information to a reputable information reporting organisation) or in the event that we sell our business then to the purchaser of that business.
Your Personal Information will also be processed by Our Merchant Bank Ingenico Financial Solutions SA/NV, for the sole purpose of being able to process your card payment where applicable. The processing of Your card payment includes fraud monitoring and fraud management and other checks related to the fight against money laundering and the financing of terrorism. Ingenico’s privacy policy is available at https://www.ingenico.com/epayments/legal/account-holder
We may in addition from time to time share non-personal, non-individual information in aggregate form with third parties for business purposes, for example we may tell our Booking Partners including regional tourism agencies and commercial distributors the number of customers or level of bookings in certain demographic groups. The sharing of aggregate data does not involve the disclosure of Personal Information which can identify any particular individual.
Third parties may publish or use Your Personal Information if you have expressly provided this Personal Information to Us as your business contact information, as part of the Content You supply when advertising Your accommodation on certain travel sites, to ensure that third parties and potential guests are able to contact You.
Finally, we may disclose your Personal Information to the relevant competent authorities (for example police, customs, central banks and tax authorities) at any time and where required to do so by law.or to comply with any legal obligation or requirement, such as an order of the court.
6. Employee access to Personal Information
Your Personal Information is disclosed to our employees, agents and representatives on a “need to know” basis and we confirm that all such persons understand the importance of client confidentiality and privacy.
We, and our business partners, may use Your Personal Information in order to contact You to perform the fulfilment or payment of any Bookings made via the Booking Service, or to respond to or follow-up any enquiries You have made via the website(s) we operate.
7. Share facility
If you use any social media share facility on our Website and give us details of another person (e.g. their name and email address), you should make sure that the other person is content to share their personal information with Us and receive information from Us. We will only use their data for the purpose of sharing information via email or social media.
8. Updating, maintenance and accuracy of your information
We do our best to ensure that all information held relating to You is kept up-to-date, accurate and complete.
Data populated by You (including your personal details entered in any fields) is Your sole responsibility and any changes to any aspect of Your personal data should be updated directly by You.
If you have any questions or comments about our Privacy Policy, please contact us on [email protected] and we will endeavour to respond as soon as possible. All of our processes and data storage methods have been approved by the Information Commissioner’s Office ( www.informationcommissioner.gov.uk ) and our registration number is Z1431368.
9. Cookies and other non-personal information
Cookies are tiny files placed onto the hard drive of Your device when You register or fill-out a Form or subscribe and cookies enable Our server to recognize who You are each time You return. Cookies may be either “persistent” cookies or “session” cookies: a persistent cookie will be stored by a web browser and will remain valid until its set expiry date, unless deleted by the user before the expiry date; a session cookie, on the other hand, will expire at the end of the user session, when the web browser is closed.
Our Website uses cookies to store certain information and this includes both session and persistent cookies, and We may automatically use cookies to collect non-personal information about You, such as the type of internet browser You use, the website from which You have come to Our Website. Cookies also allow us to collect Your IP address (the unique address which identifies Your computer on the internet and classifies as Personal Information) which is automatically recognised by Our web server. Where we need to collect an online digital signature from you, we will also collect the IP address used when you submit this signature.
This information is only used to assist Us in providing an effective service on the Website and to collect broad demographic information for aggregate use. We may make limited use of cookies to deliver content specific to Your interests, retain Your personal preferences or hold session information in order to improve the Website’s usability, analyse how Our Website is being used, administer the Website, prevent fraud and improve the security of the Website, or personalise the Website for each user. We use Google Analytics to analyse cookies.
We ask You to consent to our use of cookies in accordance with the terms of this policy when you first visit Our Website. By using Our Website and agreeing to use cookies when asked to do so, You consent to Our use of cookies in accordance with the terms of this policy.
We may use third-party advertising companies to serve ads on Our behalf. These companies may employ cookies and action tags (also known as single pixel gifs or web beacons) to measure advertising effectiveness. Any information that these third parties collect via cookies and action tags is completely anonymous. If You would like more information about this practice and Your choices, please visit the Network Advertising Initiative website (//www.networkadvertising.org).
You can erase or block cookies from Your device if You want to (Your device manual or Help information for Your browser should tell You how to do this). If You block or delete cookies, you may not be able to use all the features of Our Website or you may find the Website less usable.
10. Your rights
You have the right to request a copy of the Personal Information we hold about You, and you have the right to request that Your Personal Information be rectified, transferred elsewhere, and/or deleted from our systems. You also have the right to withdraw any consent previously given to Us with regard to the collection and processing of Your Personal Information.
To the extent that We have a legal obligation to hold Your Personal Information – for example the requirement to hold invoice information for up to seven (7) years and the requirement to provide guest registration information to the local health & safety or police authorities – the minimum information required, including Personal Information, shall be held until the legal requirement expires and this minimum required Information shall be passed to the relevant authorities.
Our security procedures mean that we may request proof of identity before we are able to disclose any Personal Information to You.
11. Complaints Procedure
Where applicable, if as part of our Booking Service and under the terms of this Privacy Policy, we have passed Your Personal Information to an accommodation provider or to a travel agency for the sole purpose of completing a Booking on Your behalf, You may need to direct your request to these third parties also.
If You wish to make a complaint about eviivo’s data protection and privacy policy, including the rights given to You under GDPR, you may contact us by telephone, email, letter or fax. We do not require complaints to be made in writing. Wherever possible, complaints will be dealt with promptly, and you will receive a response under thirty (30) working days.
If you are dissatisfied with the outcome of your complaint, you may choose to escalate the complaint internally by contacting Us at [email protected]. A response to an escalated complaint will be made within a further ten (10) working days.
Our contact details are as follows:
eviivo Limited
Address: Fora Clerkenwell, 2nd floor, 9 Dallington Street, London, EC1V 0LN
Telephone & Fax: +44 (0) 844 880 3000
General enquiries: [email protected]
Accommodation Providers: click on the Help button, then on Chat with an eviivo expert within eviivo suite.
Data Privacy complaints: [email protected]