Grand European Travel Logo
 
1-877-622-9109
CALL US 1-877-622-9109
We're not available
Contact

Call Us

Mon - Fri: 7am - 5pm PST

Closed Sat & Sun

Contact us HERE

Shop Hot Deals

Privacy Policy

Last updated: December 2024 

About This Policy  

This privacy policy explains how Grand European Tours (2003), Inc. (DBA Grand European Travel) uses and protects personal information related to our customers, website users, and others who interact with us. We are committed to protecting your personal data, and it is important that you read this privacy policy along with any other privacy notices we may provide when collecting or processing personal data, so you fully understand how and why we use your data. This notice supplements other privacy notices and does not override them. 

Grand European Tours (2003), Inc. (referred to as “we,” “us,” or “our” in this notice) values your privacy and strives to provide a secure, trustworthy experience across all interactions, whether you are making a purchase, managing an account, or using our website. 

Our Commitment 

We respect your right to privacy and aim to ensure you have a positive experience with us, whether visiting our website, making bookings, or interacting with our brand. We know your personal data is important to you, and we want you to feel confident in our data protection practices, which reflect our commitment to handling your information with care. 

How we collect your Personal Data 

We collect personal data in various ways, including but not limited to: 

  • Direct Interactions: You may share personal information with us when you fill out forms, contact us by mail, phone, or email, or leave feedback about us on TripAdvisor or other platforms. This includes comments or photos posted on our social media platforms, as well as content where you have tagged us. 
  • Automated Technologies: As you interact with our website, we may automatically collect technical data about your equipment, browsing actions, and patterns. This data is collected using cookies, server logs, and other similar technologies. 
  • Third Parties: We may receive personal data about you from various third parties and public sources. 

Categories of Personal Data 

  • Identity Data: Includes first name, last name, username or similar identifier, title, date of birth, and gender. 
  • Contact Data: Includes billing address, delivery address, email address, and telephone numbers. 
  • Financial Data: Includes bank account and payment card details. 
  • Transaction Data: Includes details about payments to and from you and other details of products and services you have purchased from us. 
  • Technical Data: Includes internet protocol (IP) address, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform, and other technology on the devices you use to access this website. 
  • Profile Data: Includes your username and password, purchases or orders made by you, your interests, preferences, feedback, and survey responses. 
  • Usage Data: Includes information about how you use our website, products, and services. 
  • Marketing and Communications Data: Includes your preferences in receiving marketing from us and your communication preferences. 
  • Call Recordings: Includes recordings of calls made to our reservation centres. 

Legal Bases for Processing  

We process your personal data under the following legal bases: 

  • Consent: You have given clear consent for us to process your personal data for a specific purpose. 
  • Contract: Processing is necessary for a contract we have with you or because you have asked us to take specific steps before entering into a contract. 
  • Legal Obligation: Processing is necessary for compliance with a legal obligation to which we are subject. 
  • Legitimate Interests: Processing is necessary for our legitimate interests or those of a third party, provided your rights and interests do not override those interests. 

Records of Processing Activities 

We process personal data for the following activities, along with their respective legal bases:  

Activity Purpose Legal Bases Source
Customer Payments Process customer payments while meeting legal obligations and contractual agreements. Legal Obligation, Contract Live chat interactions, Customer support
Customer Master Data Processing Manage and maintain accurate customer information for operational needs and contractual obligations. Legitimate Interests, Contract Internal business operations, Data analysis
Customer Self-Service Enable customers to independently manage their accounts and services. Contract Customer requests, Document distribution
Abandoned Cart Follow-Up Re-engage customers who abandoned bookings to complete transactions. Legitimate Interests Marketing campaigns, Customer interactions
Booking Services (Ecommerce) Facilitate and fulfill bookings made through ecommerce platforms. Contract Marketing campaigns, Prospective customer interactions
Customer Booking Process and manage customer bookings for various services. Contract Direct mail campaigns, Customer preferences
Booking Cruise Reservations Handle and confirm cruise reservations. Contract Competition entries, Customer interactions
Customer Servicing via Genesys Provide customer support using the Genesys platform. Contract Customer inquiries, Interaction records
Travel Agent/Partner Data Processing Manage data related to travel agents and partners for collaborative services. Contract, Legitimate Interests Partner relationships, Customer interactions
Booking Bus Tours Facilitate and confirm bus tour bookings. Contract Customer feedback, Survey responses
Customer Tour/Trip Logistics Manage logistics and arrangements for customer tours or trips. Contract Customer feedback, Review submissions
Candidate Data Processing Process data of candidates applying for positions within the organization. Legitimate Interests Website interactions, Marketing analytics
Paid Media Marketing Conduct marketing activities through paid media channels (e.g., paid search, social ads). Legitimate Interests Advertising campaigns, Prospective customer interactions
Customer Live Chat Provide real-time customer support via live chat. Legitimate Interests Offline marketing campaigns, Customer preferences
Business Intelligence Reporting Analyze data for business insights and reporting. Legitimate Interests Live chat interactions, Customer support
Customer Document Distribution Distribute relevant documents to customers. Contract Internal business operations, Data analysis
Customer Marketing Campaigns Execute marketing campaigns targeting existing customers. Legitimate Interests Customer requests, Document distribution
Prospect Marketing Conduct marketing activities targeting prospective customers (e.g., email, digital marketing). Legitimate Interests Marketing campaigns, Customer interactions
Brochure Direct Mail Send marketing brochures via direct mail. Legitimate Interests Marketing campaigns, Prospective customer interactions
Customer Competitions Organize and manage competitions for customers. Legitimate Interests Direct mail campaigns, Customer preferences
Customer Inquiries (RAQ) Handle and respond to customer inquiries (Request a Quote). Contract Competition entries, Customer interactions
Customer Management with Ground Handlers and Third Parties Manage customer relationships with ground handlers and third parties. Contract, Legitimate Interests Customer inquiries, Interaction records
Customer Survey Conduct surveys to gather customer feedback. Legitimate Interests, Consent Partner relationships, Customer interactions
Customer Reviews Collect and display customer reviews on our platforms. Legitimate Interests Customer feedback, Survey responses
Website Visitors Marketing Conduct marketing activities targeting website visitors who have interacted with us. Legitimate Interests Customer feedback, Review submissions
Prospect Advertising Advertise to prospective customers through various channels. Legitimate Interests Website interactions, Marketing analytics
Customer Offline Mailings Send marketing materials via offline mail to customers. Legitimate Interests Advertising campaigns, Prospective customer interactions

Marketing Communications 

You may receive marketing communications from us if you have requested information or purchased goods/services from us unless you have opted out. By opting in to receive marketing communications, you may also receive materials from our affiliated brands or partners offering related products, as well as through completed request-a-quote (RAQ) forms or brochure requests. 

We may also receive your contact information from third-party lists, where you have provided consent to share your data with us for marketing purposes. This allows us to share information and offers related to our services with you. 

If you prefer not to receive email marketing from us or our affiliated brands, you can opt out at any time by unsubscribing through any marketing email sent to you or by contacting us. 

For direct mail, you can unsubscribe by calling us at 1-800-552-5545. 

Business-Related Information 

If you are associated with a business or organization that is our customer, we may collect personal data, including: 

  • Business Details: Name, address, contact information, payment details, and financial information of the business. 
  • Role Within the Business: Your position (e.g., owner, partner, director, employee, agent). 
  • Work Contact Details: Work address, telephone numbers, fax number, and work email. 

Purpose: This data is collected to fulfill contractual obligations and manage our business relationships effectively. 

Legal Bases: The processing is necessary for the performance of a contract and is based on our legitimate interests in managing customer relationships and providing services. 

Data Generated by Us 

We and our suppliers or subcontractors may generate personal data about you in the following ways: 

  • Enquiries, Bookings, Complaints: Data generated when handling enquiries, bookings, or complaints. 
  • Fulfillment of Contracts: Data generated during the fulfillment of bookings or contractual agreements. 
  • Analysis of Personal Data: Insights gained through data analysis to improve services and customer experience. 
  • Website Usage: Data collected from your use of our website, as detailed in our cookie policy. 
  • Telephone Calls: Recordings of telephone calls for training and quality purposes. 

Purpose: This data is used for operational purposes such as improving customer service, service delivery, and business analytics. 

Legal Bases: The processing is based on legitimate interests to maintain and improve our services, fulfill contractual obligations, and comply with legal requirements. 

Account, Registration, and Loyalty Information 

We collect information regarding your accounts, registrations, and participation in loyalty programs. 

Purpose: This data is used to manage your account, facilitate registrations and memberships, and administer loyalty programs. 

Legal Bases: Processing is necessary for the performance of a contract and is based on our legitimate interests in providing personalized services and improving customer loyalty. 

Correspondence 

We process messages and communications related to bookings, enquiries, or contracts between you, us, and third parties. 

Purpose: Correspondence data is essential for confirming bookings, responding to inquiries, resolving issues, and fulfilling contractual obligations. 

Legal Bases: Processing is necessary for the performance of a contract and is based on our legitimate interests in providing efficient customer service and managing relationships. 

Website Usage Information 

We collect personal data from your use of our website, including: 

  • Data Collection: Information about your visits and interactions, including IP address, device details, browser type, operating system, and time-zone. 
  • Cookies and Web Beacons: Data collected through cookies and web beacons to enhance user experience and analyze website performance. 
  • Page Interactions: Data about the pages visited, services/products viewed, duration of interaction, etc. 

Purpose: This data helps us improve website functionality, personalize user experience, and optimize marketing efforts. 

Legal Bases: Processing is based on legitimate interests to understand user preferences, improve performance, and deliver relevant content and advertising. 

User-Generated Content (UGC) 

We may process content you provide related to your experiences with us, including: 

  • Feedback, Blogs, Reviews, and Images: Content submitted to our platforms. 
  • Marketing Use: Use of such content in marketing materials, on our website, in emails, or shared with trade partners. 

Purpose: User-generated content enhances marketing, promotes engagement, and provides authentic testimonials. 

Legal Bases: Processing is based on consent when you submit content and is necessary for our legitimate interests in promoting services and engaging with our audience. 

Sharing data with Third Parties 

We may obtain personal data about you from third parties, including: 

  • Providers of Vacations, Accommodation, and Travel Services: Data obtained to fulfill bookings and provide comprehensive travel services. 
  • Credit, Fraud, and Identity Verification Agencies: Data obtained for identity verification, fraud prevention, and secure transactions. 
  • Businesses You Are Associated With: Data to enhance customer service and manage business relationships. 
  • Purchased Third-Party Lists: We may also receive personal data from third-party providers, including purchased marketing lists, where you have opted in to allow your information to be shared for marketing purposes. 
  • Social Media Platforms: We may collect personal data through interactions on social media platforms (e.g., Facebook, Instagram), including engagement with our advertisements and campaigns. 

Sharing with Affiliated Brands: 
We may share your personal data with other affiliated brands under The Travel Corporation (TTC) if you have explicitly opted in, requested a quote (RAQ), or requested a brochure from those brands. Your data will only be shared under these specific circumstances, and we do not sell or share your personal information for any other purposes. 

Cookies 

Cookies are small data files that allow a website to collect and store a range of data on your desktop computer, laptop or mobile device. Cookies help us to provide key features and functionality on our websites and we use them to improve your customer experience. Please see our separate Cookie Notice 

Location of Personal Data  

We (and any affiliate of the Travel Corporation Group, subcontractor, or other entity processing your personal data on our behalf) may transfer, store, and process your personal data within the European Economic Area ("EEA") and the United States. We may also transfer your personal data outside the EEA and the United States only to companies within our group or to parties with whom we have a contract based on the Standard Contractual Clauses issued by the European Commission. We ensure that your personal data is protected by requiring all our group companies and contracted parties to adhere to the same data protection standards. This ensures that adequate safeguards are in place for such transfers outside the EEA and the United States. 

Data Privacy Framework 

Grand European Tours (2003), Inc. complies with the Data Privacy Framework, which ensures the protection and proper management of personal data. We adhere to the principles of transparency, accountability, and user control over personal data. 

Grand European Tours (2003), Inc. complies with the EU-U.S. Data Privacy Framework (EU-U.S. DPF) and the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF) as set forth by the U.S. Department of Commerce.  Grand European Tours (2003), Inc. has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) with regard to the processing of personal data received from the European Union and the United Kingdom in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF.  Grand European Tours (2003), Inc. has certified to the U.S. Department of Commerce that it adheres to the Swiss-U.S. Data Privacy Framework Principles (Swiss-U.S. DPF Principles) with regard to the processing of personal data received from Switzerland in reliance on the Swiss-U.S. DPF.  If there is any conflict between the terms in this privacy notice and the EU-U.S. DPF Principles and/or the Swiss-U.S. DPF Principles, the Principles shall govern.  To learn more about the Data Privacy Framework (DPF) Program, and to view our certification, please visit https://www.dataprivacyframework.gov/.  

In compliance with the EU-U.S. Data Privacy Framework (DPF), the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. DPF, Grand European Tours (2003), Inc. is committed to cooperating with and complying with the advice of the EU data protection authorities (DPAs), the UK Information Commissioner’s Office (ICO), and the Swiss Federal Data Protection and Information Commissioner (FDPIC) to address unresolved complaints regarding our handling of personal data received under these frameworks. 

Under certain conditions, individuals may invoke binding arbitration to resolve complaints that are not addressed through other DPF mechanisms. For more details, please refer to Annex I of the DPF Principles

As part of our participation in these frameworks, our organization is subject to the investigatory and enforcement powers of the Federal Trade Commission (FTC). We may also disclose personal information in response to lawful requests by public authorities, including to meet national security or law enforcement requirements. 

We comply with the DPF Principles regarding the onward transfer of personal information to third parties. If we transfer personal information to a third party acting as a controller, we will ensure this is done in accordance with the Notice and Choice Principles. For transfers to third parties acting as agents on our behalf, we remain liable under the DPF Principles if the agent processes personal information in a manner inconsistent with the Principles, unless we prove that we are not responsible for the event leading to the damage. 

If you have questions or complaints regarding our compliance with the DPF Principles, individuals should first contact our Compliance Team at: compliance@ttc.com.  

Children’s Personal Information  

Our website is not meant for children, as defined by data protection laws, and we cannot always know the age of those using it. If a child has shared personal information without permission from a parent or guardian, the parent or guardian should contact us. If we find out that a child’s personal information was collected without proper consent, we will delete the child’s account, if they have one. 

In some cases, we may need to collect children’s personal information, such as for bookings, buying travel-related services, or other special situations (like family-focused features). When we handle children’s information, we follow strict rules to ensure it is used lawfully, only when necessary, and kept secure. 

If you have questions about how we protect children’s personal information, or if you are a parent or guardian who wants to delete or update your child’s information, please contact us at compliance@ttc.com

Data Retention 

We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for satisfying any legal, accounting, or reporting requirements. Specific retention periods for different aspects of your personal data are available upon request. 

Your Rights  

Depending on your state of residence and applicable U.S. privacy laws, you may have certain rights regarding your personal data. These rights may include the ability to: 

  • Access Your Personal Data: Request details about the personal data we collect, use, or disclose. 
  • Correct Your Personal Data: Request corrections to any inaccuracies in your personal information. 
  • Delete Your Personal Data: Request deletion of certain personal information we have collected about you, subject to certain exceptions. 
  • Opt-Out of Sale or Sharing of Personal Data: In certain states, you may have the right to opt out of the sale or sharing of your personal data for targeted advertising. 
  • Limit Use of Sensitive Personal Data: Where applicable, limit our use of specific types of sensitive personal data. 
  • Transfer Your Personal Data: Request a copy of your personal data in a portable format, where required. 
  • Withdraw Consent: Where consent is required for data processing, withdraw your consent at any time. 

To exercise any of these rights, please use our dedicated online Data Request Form at Data Request Form | The Travel Corporation (ttc.com), or email your request to compliance@ttc.com.  

Right to lodge a complaint with a supervisory authority 

We comply with applicable U.S. state privacy laws, including those in California, Virginia, Colorado, and Connecticut, as well as any other states that enforce specific data protection regulations. For privacy-related concerns, you may contact your state’s consumer protection or privacy authority. Please refer to your state's website for the most current contact information. 

California residents may contact the California Privacy Protection Agency (CPPA), responsible for enforcing the California Privacy Rights Act (CPRA): 

California Privacy Protection Agency (CPPA) 
2101 Arena Blvd 
Sacramento, CA 95834 
Phone: (916) 445-9555 
cppa.ca.gov 

For additional assistance, please reach out to us directly. We are committed to addressing any concerns about your personal data and are available to help with any inquiries before you consider contacting state regulatory authorities. 

Data Security  

We prioritize your data security with strict measures to prevent unauthorized access, loss, or disclosure: 

  • Physical Security: Secure premises and controlled access to storage areas. 
  • Encryption and Network Security: Data encryption, firewalls, and advanced security protocols. 
  • Access Control: Restricted data access with strong authentication. 
  • Data Minimization: Collect and retain only necessary data. 
  • Audits and Monitoring: Regular checks for vulnerabilities and compliance. 
  • Staff Training: Ongoing education on data protection practices. 
  • Incident Response: Rapid action plan for data breaches. 
  • Third-party Compliance: Ensured through contracts. 
  • Privacy by Design: Privacy integrated into our systems from the start. 
  • Continuous Improvement: Regular updates to security measures. 

These measures ensure your personal data is safe and handled responsibly at all times. 

Changes to This Privacy Policy 

We keep our privacy policy under regular review. Any changes we make to our privacy policy will be posted on this page and, where appropriate, notified to you by email. 

Contact Us  

The data controller responsible for the processing of your personal data is Grand European Tours (2003), Inc. located at 7632 SW Durham Road, Tigard OR 97224. You can contact us at info@getours.com  or by mail. 

If your data is shared with affiliated brands under TTC, those brands will process your data in accordance with their own privacy policies, and personal data will only be shared under the circumstances outlined in this policy. 

Back to Top
Call Us Tap To Call Free Brochure Free Brochure

Order Your Free Brochure

Sign up to order your FREE travel brochure subscription and get exclusive offers only available to our subscribers

Brochures can only be mailed to United States addresses. Please call us for assistance at 1-877-622-9109

Thanks for signing up to receive our latest brochure. As a subscriber, you'll be the first to receive our new brochures as they are released, plus great deals in your inbox.

 

Download Brochure

View Brochure Online

Shop Deals Icon Shop Deals