- What information do we collect?
- What should you know about our email list?
- What should you know about posting reviews?
- What should you know about making payments?
- What should you know about our social media profiles?
- How do we use your personal information? Do we sell or share your information?
- What privacy choices are available to you?
- How do we protect your information?
Below is our policy detailing how we (Friendly Planet, Inc.) collect, use, share, store and protect your personal information, especially information gathered through our website, www.friendlyplanet.com.
TL;DR (too long; didn't read)
We're a small, family-owned company, not a big multi-national. We sell travel, not data. We don't sell your personal information, ever. You trust us with your vacation; you should be able to trust us with your privacy too.
Making travel arrangements requires you entrust us with some sensitive personal information (like passport details). We take every precaution to safeguard this information and to only share it as necessary to organize your trip.
Like most websites, we do collect some data automatically as you browse our site, some of which could be personally identifiable (such as your IP address). But generally speaking, we only use this data to maintain our website or monitor traffic to it, and we purge data when we no longer need it.
We do advertise on online ad networks such as Google AdWords, Microsoft Bing, and Facebook, and we use their tracking "pixels" on our website. These pixels may track your activity (pages you've visited, links you clicked, etc.) as you browse our site and other sites, which is primarily used to personalize ads to you on those networks. If you are uncomfortable being tracked like this, there are many ways to opt-out of it, which we have detailed below under Online Advertising. Opting out is a personal choice and, in most cases, does not affect your ability to browse our site or buy our products.
What information do we collect?
Information that you provide to us
You may browse the majority of our website without being required to supply any personal information.
We do collect information that you provide to us when you:
- communicate with us with a question or comment about our products or services or a booking you have made, or request a proposal for a trip
- request a catalog
- subscribe to our email newsletter
- provide feedback and reviews on our products or services
- complete a survey or enter a contest we're sponsoring
- interact with us via our social media profiles
This information may include your name, address, phone number and/or email address, the content of any messages, comments, reviews, or surveys that you submit to us, and recordings of phone calls you have made to our offices.
If you book travel with us (or request a quote for travel), we may request or require additional personal information for the purposes of arranging your trip, processing payments, supplying required information to airlines and other travel vendors, applying for foreign travel visas, complying with various laws and regulations, and ensuring your safety, wellbeing, and comfort. This may include:
- Your date of birth and gender
- Your mailing and/or physical address
- Your country of citizenship and/or residency, your citizenship and/residency status, and current passport information
- Your mother's maiden name (where necessary to comply with some countries' entry requirements)
- Your meal preferences
- Any physical disabilities or limitations that may affect your travel arrangements or ability to participate in a tour
- Your credit card, PayPal or bank account information when making a payment
If you apply for a job with us, we may request:
- Your résumé, employment history, educational transcripts, writing samples, references, and other data as necessary to consider you for that job
Information provided by others
Your personal information may be submitted to us by others when they:
- Plan a private or custom tour or package and list you as a planned or prospective traveler on that trip
- Make a booking on your behalf, or make a booking and request to share a room with you
- Make a booking and enter you as someone to contact in case of any emergencies while traveling
- Tell us that you referred them, or were referred by them, to us for the purposes of claiming referral credits under our Refer-a-Friend Rewards Program
- Purchase a gift certificate for you
- Apply for a job and list you as a reference or previous employer
Information that may be automatically collected
We and our partners automatically collect certain information when you visit our website, read our emails, watch our videos, click on our online advertisements, visit our social media profiles, or otherwise engage with us. Examples of information we collect:
- browsing data, such as webpages viewed, length of time spent on our site and on each page, links clicked, and referring websites from which you arrived at our site
- device configuration data, such as the type of device or browser you use, your operating system, your Internet service provider, and your device's regional & language settings
- search terms you enter into our site-search feature
- device identifiers, such as your IP address
- approximate geographic location, based on your IP address and/or internet service provider
This information may be collected by our website and stored on our server or in our database, or may be collected and stored by our partners. This may be done with a variety of common technologies:
- Web server logs. Whenever you access a webpage, image, or any other file on the Internet, your browser or device sends the requested URL, along with your IP address and the version of your browser or device, to the server from which you are requesting the file. Like most web servers, our server automatically records these requests in a web server log.
- Cookies. A cookie is a simple data file written to your device by your browser. As webpages by themselves have no knowledge of any previous webpages you have visited or tasks you were doing, cookies provide a way for your browser to "persist" (remember) data between different webpages. (Without cookies, it would be much more difficult to securely log into a website or to complete a multi-step checkout.) Cookies enhance security, make it easier for you to navigate our website, and help with personalizing your experience and remembering your preferences. They may also be used to track how you use our site to target ads to you on other websites. Cookies may often serve as a unique tag to identify your device and browser. Session cookies last only as long as your browsing session and are cleared when you close your browser, or after a certain amount of inactivity. Persistent cookies remain on your device after closing your browser, until you delete them or they expire.
- Location-Identifying Technologies. Based on your IP address and Internet service provider, it is often possible to determine your approximate geographical location. We do not collect this data ourselves, but our partners (including Google Analytics and Mailchimp) may collect and store this data.
For further information on how we use tracking technologies, see Online Advertising, Remarketing, and Third-Party Tracking below. To find out about your rights and choices regarding these tracking technologies, including how to block or clear cookies or block tracking, see What privacy choices are available to you? below.
What should you know about our email list?
You may subscribe at to our email newsletter at any time. Only your email address is required.
When you start a booking on our website, we automatically subscribe you (the person making the booking) to our newsletter, if you are not already subscribed. We do not automatically subscribe any secondary travelers.
You may also subscribe to our newsletter via our Facebook profile, which requires your first and last name in addition to your email address.
As a subscriber to our newsletter (by any of the methods above), you may choose from several options regarding the frequency and topics of the emails we send you. (If you do not make a selection, the default is to send you all emails.) You can expect periodic emails from us as per the frequency and topics you select, as well as occasional surveys, contests, or notices.
If you are a past customer but not subscribed to our newsletter, we may also send you occasional emails (usually not more than 1-2 times per year) through Mailchimp related to your past bookings or special opportunities for which you may be eligible as a past customer.
Should you wish at any point to unsubscribe from these emails, click the unsubscribe link at the bottom of any of the emails; fill out this form; or contact us. The first two methods are effective immediately. When you unsubscribe (or are automatically purged from our lists due to undeliverability), we retain your information indefinitely on a separate list to ensure that your unsubscribe request is respected and/or that you are not inadvertently re-subscribed. Should you wish for your information to be completely deleted from our mailing lists, including our unsubscribed list, please contact us and we will promptly honor your request.
What should you know about posting reviews?
After you book with us or return from travel, Feefo may send you an email requesting that you complete a survey about your experience and satisfaction with our customer service or with your trip. All surveys are completed on the Feefo site and stored by Feefo. As an impartial third party, Feefo publishes all reviews received about Friendly Planet (unless they contain inappropriate content) on their website, ensuring the reviews are an honest and unbiased representation of our service or products. Select surveys may also appear on the Friendly Planet website, in our emails, or in other publications. When you submit a review, you may opt to show or hide your name with your review.
In order to solicit these reviews, we periodically transmit lists of customer names, email addresses, and products purchased to Feefo through a secure upload. No other personal information is shared with Feefo.
What should you know about making payments?
We accept payments by check, credit card, or from your PayPal account. Any payments made by credit card or with your PayPal account are processed by PayPal on our behalf.
When you enter your credit card information into our site (or supply it to one of our agents) to make a booking or payment, we relay this information directly to PayPal's secure processing gateway, which responds with the transaction status (success or failure) and a reference number. To protect your payment information, we DO NOT save your full credit card number, expiration date or security code; we only retain the last four digits of your card number to cross-reference transactions.
If you select the option to make a payment from your PayPal account, you are transferred from our site to the secure PayPal website to log into your account. Once the payment is complete, PayPal transmits the transaction status and a reference number back to our server. We do not have access to your PayPal account, including your login information.
What should you know about our social media profiles?
With your permission, we may use comments about our service and products that you have provided on our social media profiles in our advertising or on our website.
How do we use your personal information? Do we sell or share your information?
We use the information that we collect to conduct our business, including but not limited to:
- processing your bookings and providing you with the products or services you request
- communicating with you, especially regarding your bookings, and responding to your comments, questions, and requests
- developing and improving our travel products
- operating and maintaining our website
- measuring website traffic and usage trends
- understanding how people use our website
- understanding the interests and demographics of our users as a whole
- improving our website, booking process, site content, accessibility, and customer experience
- conducting market research and measuring the performance of various marketing campaigns and channels
- maintaining our relationship with our customers and improving their experience and satisfaction
- addressing breaches of policies or terms, threats, or harm
- complying with laws and responding to mandated legal notices
- considering you for a job
If you have completed a booking or payment, requested a proposal, requested a printed catalog, or communicated with us via phone or email about a booking or other questions or requests, we may keep this information indefinitely. If you have started a booking on our website but failed to complete it, we purge this information after 90 days.
Security, Abuse & Fraud Prevention, and Website Maintenance
Some of the information we automatically collect, including your IP address, may be used to address or prevent fraud (including credit card fraud), address or prevent abuse of our email (including spam) or website (including attempts to log into secure or private areas), to troubleshoot technical difficulties and errors, or to ensure the privacy and security of our customers or the security of our website. Where practical and possible, we try to delete information after it is unlikely to help serve these purposes, as detailed below under Data Security.
If you complete a service or product survey through Feefo, we may use your review (along with your name, if you have opted to show it), in full or in part on our website or in printed and/or online advertisements to promote our business or products. With your permission, we may also use other comments about our service and products that you have provided on our social media profiles, in surveys, in our communications with you, or on other websites, in our advertising. We keep reviews indefinitely, or until you request that we delete them.
Surveys & Contests
From time to time, we may offer you the opportunity to participate in contests or surveys. If you participate, we may request some personally identifiable information from you, such as your name and email address. Participation in these surveys or contests is completely voluntary. We use the information you provide only to conduct the contest or survey, including notifying contest winners and awarding prizes. We will not use it for any other purpose, unless otherwise stated and with your explicit consent. We may use a third party (such as SurveyMonkey) to conduct these surveys or contests, and such companies are prohibited from using any personal information collected for any other purpose.
If you have a mailing address in the United States or Canada and are a past customer, or have requested it, we may ship you printed catalogs and other printed advertisements.
Online Advertising, Remarketing, and Third-Party Tracking
We use Google Google AdWords, Microsoft's Bing Ads, and Facebook, and may use other advertising platforms, to serve online ads promoting our business and travel products, both in search engines and on other websites. Some of this is done through "remarketing", which displays advertisements relevant to pages or products you have previously viewed on our website. We do this to offer tailored advertisements that may be of interest to you if you have shown an interest in our products.
To do this, our site utilizes tracking scripts from Google AdWords, Bing Ads, Facebook, and may utilize tracking pixels and scripts from other third parties, to collect information about your use of our website over time in order to display remarketing ads relevant to your interests and/or to measure the success of our advertising campaigns. These third-party tracking pixels and scripts may set cookies on your browser and use various tracking technologies, as described above under Information that may be automatically collected.
For advertising purposes, we occasionally use information about our customers to generate a "lookalike audience" or similar audience of prospective customers through the Facebook or Google advertising platforms. This allows us to target advertisements on their networks to potential customers who appear to have shared interests or similar demographics to our existing customers, based on the platforms' own data. We typically do this by uploading a list of email addresses. Facebook's policy is to irreversibly hash (encrypt) such lists prior to uploading, match the hashed data against their own customers, generate the lookalike audience, then delete the uploaded list and use it for no other purpose. We do not have access to the identity of anybody in the lookalike audience, unless they choose to click on the ads. Based on this, we believe that generating lookalike audiences poses little or no threat to the privacy of our customers. If you wish to opt out of "similar audiences" in Google, you can do so through your Ads Settings; see Online Advertising below for more information.
We use Google Analytics and may use other third-party analytics tools to help us collect data and measure traffic and usage trends for our website; to understand more about the interests and demographics of our users as a whole; to measure the performance of various marketing campaigns and channels; to understand how people are using our website; and to continually improve our website, booking process, site content, accessibility, and customer experience. In general, this is aggregate data that does not personally identify individual users and simply measures overall trends. To further ensure the privacy of our users, we have enabled an optional feature in Google Analytics to anonymize IP addresses, so that your IP addresses is not stored or processed.
Aggregate and Non-Identifying Information
We may use aggregate data and information that does not personally identify you (including information that has been de-identified) for various purposes, share this information with third parties and affiliates, and store this information indefinitely, without obligation to you except as prohibited by applicable law.
We may occasionally use location data automatically collected by Mailchimp to send targeted emails for promotional or legal reasons. We generally do not use this information for any other purpose.
Information Provided by Others
When somebody provides us your personal information as an emergency contact, as a referral to us or somebody who referred you to us, as the recipient of a gift certificate, or as a reference when applying for a job, we shall only use your personal information for that purpose alone.
We will never sell your personal data to anyone, for advertising or other any reason. Ever.
We may share your personal data:
- With third-party vendors, service providers, contractors, and agents performing services on our behalf, as needed to carry out the tasks listed above and other work for us, which may include providing mailing services, providing financial services, web hosting, or providing analytic services. These service providers are prohibited from using your information except as needed to perform our work or as required by law, although we may permit them to use aggregate information which does not identify you or de-identified data for other purposes.
- With the Friendly Planet Foundation, our non-profit philanthropic organization, for the purposes of advertising our philanthropic projects or soliciting donations;
- With third parties as we deem necessary to protect the security or integrity of our website or database or to investigate suspected breaches of security.
- With third parties, including law enforcement, legal advisers, and insurers, as required by law or subpoena or if we reasonably believe that such action is necessary to (a) comply with the law, a judicial proceeding or court order, or the reasonable requests of law enforcement; (b) exercise, investigate, or protect the rights, property, or personal safety of Friendly Planet, our customers, our site visitors, or others; or (c) investigate, prevent, or take action regarding illegal activities, suspected fraud and/or counterfeiting, or as evidence in litigation in which Friendly Planet is involved.
- With third parties in connection with re-organizations, mergers, bankruptcies, or acquisitions of all or part of our business.
- For any other purpose with your consent.
In addition, if you book travel with us, we may share relevant personal data with:
- The U.S. or foreign governments as necessary or required by law to make international travel arrangements on your behalf;
- Embassies, consulates or other official entities, or companies such as our partner VisaHQ, to obtain travel visas on your behalf;
- Airlines, hotels, cruise ship companies, coach services, land operators, and other vendors with whom we contract to provide travel services to you;
- Our tour leaders, escorts, or guides, as necessary to conduct our tours and ensure your safety, comfort, and wellbeing.
What privacy choices are available to you?
Modifying or Deleting your Information
If you have any questions about reviewing, modifying, correcting, deleting, or obtaining a copy of information you have provided to us, or if you want to remove your name or comments from our website, social media profiles, or advertising, please contact us. We may not modify or delete your information in all circumstances, unless required by law.
Tracking Technology: Cookies & Tracking pixels
Most web browsers automatically accept cookies, but you can usually modify your browser settings to display a warning before accepting a cookie, to accept cookies only from certain websites, and/or to block or refuse all cookies. You may also clear existing cookies for specific websites, or for all websites. If you use multiple browsers or devices, you will need to adjust the settings in each browser separately. Note that if you choose to block or limit the ability for websites to set all cookies, you may worsen your overall online experience, lose the ability to access some services or features, and/or be unable to save some customized settings, like login information. (For example, you will not be able to make a booking on our website without cookies enabled.) Many browsers also have a privacy mode (such as Google Chrome's Incognito mode or Microsoft's InPrivate mode) that accepts cookies during your browsing session but erases them when you close your browser. For more information or to see if cookies are enabled in your browser, visit this checker.
"Do Not Track" (DNT) is a browser setting that requests that a website or application disable its tracking of an individual user. If you turn on the DNT setting in your browser, your browser sends a special signal to websites, analytics companies, ad networks, and other web services to not track your activity. As our website does not track personal information about your browsing activities over time, our website does not respond to Do Not Track signals; but the third-party tracking pixels used on our site should. To learn more about DNT, to see if you are being tracked, or to change your settings, visit AllAboutDNT.com. Or learn how to enable DNT in Google Chrome and Microsoft Edge.
You can specifically prevent your data from being collected and used by Google Analytics by downloading and installing the Google Analytics Opt-out Browser Add-on.
Google, Microsoft, Facebook, and other ad networks may tailor the ads they serve based on your interests, sites or pages you have visited, web searches you've done, and other data they gather while you browse sites they manage or that use their tracking pixels.
To modify your interests or turn off personalization for ads served by Google, you can visit Google's Ad Settings. You can also turn off ad personalization with Google's "Interest-Based Advertising Opt-out" browser plug-in, which opts you out of the advertising cookie that Google uses to show you interest-based ads.
To turn off personalization for ads served by Microsoft, you can visit Microsoft's Ad Settings.
To modify your preferences or turn off personalization for ads served by Facebook, you can visit Facebook's Ad Preferences.
In addition, on your iPhone, iPad or Android, you can change your device settings to opt out of interest-based ads.
Many of the companies that display interest-based advertising are members of the Network Advertising Initiative ("NAI") and/or Digital Advertising Alliance ("DAA"). To learn more about interest-based advertising and how you may be able to opt-out of interest-based advertising, tracking, and/or sharing of tracking data by their members, visit their online resources at www.networkadvertising.org/choices and www.aboutads.info/choices, respectively. Other resources (not affiliated with NAI or DAA) include http://preferences-mgr.truste.com/, or for EU residents, www.youronlinechoices.eu.
Please note that if you opt-out of interest-based advertising using any of these methods, the opt-out may only apply to the specific browser, device or account from which you opt-out. Further, opting-out only means that the selected advertising platform(s) should no longer deliver certain interest-based advertising to you, but does not mean you will no longer see any online ads or stop seeing targeted content and/or ads from other ad networks. We cannot be responsible for effectiveness of, or compliance with, any third-parties' opt-out options or programs.
To unsubscribe or request deletion from our email list, see What should you know about our email list? above.
If you wish to opt-out of receiving printed catalogs or other printed advertisements via postal mail, please contact us to request removal from our mailing list.
European Privacy Rights
We are a U.S.-based business that does not target European residents or consumers (though we do not prohibit European residents from visiting our website, subscribing to our mailing list, or purchasing our products). If you are a "data subject" in Europe as defined by the EU's General Data Protection Regulation, you may have additional rights in regard to your personal data. If you wish to discuss or exercise any of these rights, please contact us.
How do we protect your information?
We use industry standard physical, electronic, and organizational safeguards to protect your personal information against loss, theft, unauthorized access, or disclosure. We employ many different security techniques to protect your data.
We have chosen to protect our entire website with SSL (actually, TLS 1.2) encryption, the current standard for bank-grade website encryption. Whenever you visit our website, make a booking or payment, or otherwise submit any information to us through our site, that transmission between your device and our server is protected by 256-bit SSL encryption. To confirm, look for the padlock icon in your browser. To provide additional peace of mind, we have opted to use an "Extended Validation" SSL certificate issued by a trusted authority that also verifies our company's identity. As a result, most browsers will show our company name in green in the address bar, so you can be confident that you're visiting our legitimate site and not an imposter.
We periodically review our server configuration to ensure we're employing the latest and most secure SSL cyphers and features. However, secure SSL encryption requires that your device or browser also support the latest and most secure SSL cyphers and features. To check your device for vulnerabilities, please visit HowsMySSL.com. Using the latest version of a popular browser is generally sufficient to ensure this.
Session Security & Shared Computers
When you start a booking on our site, we drop a cookie on your device that ensures that only that device and browser have access to that booking and the information you have entered. After a certain number of minutes of inactivity, that session expires, and you will no longer be able to access that booking through your browser. (To complete your booking, you may call one of our friendly agents who can pick up where you left off.) When you complete your booking, we clear the cookie, so that neither you nor anybody else may access the information you entered during the booking process.
At present, we do not have a "my account" feature, so neither you nor anybody else may access your personal or purchase information through our website.
If you are using a shared computer to make a booking or payment, or to send us any personal information through our website, we recommend that you take the precaution of closing your browser and/or clearing the browser's history to ensure that nobody else may access that information.
Unlike many companies that store customer data "in the cloud" on many servers or in distributed data centers, our website and customer database are hosted on an enterprise-grade database and a dedicated server, located in the United States and managed by a professional team of hosting experts. We have gone to great lengths to secure access to this server using multiple layers of security, and because we are a small company, we are able to severely limit the people who have access to this server. (When it comes to security, bigger is not necessarily better.)
Note that, as described above, we do employ third parties to manage our mailing list, product & service reviews, and occasional surveys we may send out. But the personal information we share with them is generally limited to your name, email address, and the products you have purchased. We have selected these companies based on their reputations, and we trust them to take all appropriate precautions to safeguard your data.
Deleting obsolete data
Where practical and possible, we try to delete personal information after it is no longer needed or unlikely to be useful, including (but not limited to):
- Purging your passport details after you return from travel (except for tours to Cuba, where we are required by U.S. law to retain passport details for Americans for 5 years after travel)
- Purging all information associated with unfinished bookings after 90 days
- Purging IP addresses collected with bookings, requests for proposals, and for other purposes from our database after 60 days
- Purging web server logs after 60 days
Should we become aware of any breaches of security (either on our server or with one of the third parties we employ) that may have exposed your personal information, we shall notify you as soon as reasonably possible about the breach and let you know what information might have been exposed. If you are concerned that your privacy may have been breached, please contact us.