Last modified: 03/05/2024
We at FLEX by Whistle are committed to respecting the privacy and security of the personal information of every individual who uses this site.
This privacy policy describes how we use the information that we collect, receive, and process about individuals in connection with the use of the FLEX by Whistle websites and the affiliated mobile applications (which we refer to in this privacy policy, together with all associated content and functionality, as the “site”).
The site is owned and operated by Whistle Associates SAS, who we refer to, together with our affiliates, as “us”, “we” or “our”. When we refer to “you” and “your” in this privacy policy, we are referring to you as a visitor to and user of the site.
PLEASE READ THIS PRIVACY POLICY COMPLETELY AND CAREFULLY BEFORE USING THE SITE OR SUBMITTING ANY INFORMATION, PARTICULARLY PERSONAL INFORMATION, THROUGH THE SITE. BY USING THE SITE, YOU ARE AGREEING TO THESE PRIVACY TERMS.
This privacy policy applies only to information provided and collected through the site. It does not apply to information that we or other parties may collect through other means, such as information we may learn through a business or employment relationship with you, or information that we collect over the phone. It also does not apply to information collected through social media sites. For example, if you post something on Facebook or another social media or networking site, that information will be governed by the privacy policy of that site, not by this privacy policy.
A. What Is Personal Information? Personal information refers to information that we can use to personally identify a specific individual. Different states and countries define personal information (and similar terms, such as personal data, personally identifiable information, and PII) to include different things, but it generally includes information like your name, mailing address, e-mail address, and phone number. It may also include your computer or mobile device IP address, if that IP address can be linked to a particular person, or geo-location information, again if that information can be used to pinpoint a specific person.
B. Providing Personal Information Is Your Choice. We do not currently require you to provide personal information to have access to general information available on our site. However, if you choose to make use of certain features of the sites, you may need to provide certain personal information to us. For example, if you want to create a trip/itinerary from scratch on our site, submit a trip request, or review a trip, you will need to provide certain mandatory personal information. If you do provide us with any personal information, you agree that it will be accurate and complete, and you understand that it is your responsibility to keep it current.
C. The Personal Information We Collect. The categories of personal information you may be asked to provide, and how we may use that information, are described below. We present the information below based on the categories of information collected, but similar specific pieces of information may apply to multiple categories. For example, your name and email address may be included within each of the “Identification and Contact Information,” “Travel Information,” “Billing Information,” and “User-Provided Information” categories described below.
Identification and Contact Information
→ This is information that identifies you as an individual (like your first and last name), information that allows us to confirm your identity (like your passport or other government-issued ID number), and information that enables us to contact you (like your email address, mailing address, or phone number). This type of information is collected when you submit a trip request and plan a trip through our site, when you opt in to receive newsletters and other promotional materials, and when you participate in any interactive services or features, such as review pages. We will also be provided with your name and email address when you reach out to us using our “Contact Us” or any similar contact features of the site.
→ We collect and use this information for the purposes of (a) managing and personalizing your experience on the site; (b) transacting business with you, which includes administering your account and providing you with travel information, providing your information to our local guides so that they can assist with your travel arrangements, contacting you regarding your account or your planned trip, and seeking feedback on your trips and the services we provide; (c) responding to any inquiry you send to us; (d) subject to your right to opt out and subject to applicable law, sending you newsletters and other promotional materials about services you may be interested in; and (e) preventing and addressing fraud and breaches of our site requirements and policies.
→ Our legal basis for processing this information is our legitimate business interests, specifically our ability to offer our services and to engage in marketing to our customers. In addition, with respect to our newsletter, we require your express opt-in consent to receive these materials.
→ We will retain this information for as long as we continue to have a business need to do so (which will be at least as long as you continue to maintain an active account on the site or have travel arrangements pending), unless a longer period is required by law. Business needs include legal, taxation, accounting, risk management, and other business purposes. However, you are always permitted to opt-out of continuing to receive our newsletters.
Travel Information
→ If you submit a trip request, plan travel, or submit a review of one of your trips, we will collect information regarding your travel plans and/or past trips, including your name, the country or countries visited, and information about your trip (such as whether you traveled solo or as part of a group). We may also collect information about your health (for example, if the local agent needs to accommodate a disability) and diet (for example, if the local agent needs to address dietary restrictions). In addition, we will maintain a record of the correspondence between you and the local agent with respect to planning your trip.
→ We collect and use this information to help you plan your trip, and, if you publish a review, to enable others to learn about your experience.
→ Our legal basis for processing this information is our legitimate business interests, specifically our ability to operate an interactive platform that allows us to provide you with travel related services, and allows our customers and others to learn more about our services.
→ We will retain this information for so long as we continue to have a business need to do so, unless a longer period is required by law.
Billing Information
→ If you purchase travel with one of our local guides, we offer a payment platform to facilitate payment. Accordingly, we will collect applicable billing information from you, such as credit card or bank account information. This information may be collected through one of our third-party service providers.
→ We collect and use this information to process required payments.
→ Our legal basis for processing this information is your contractual agreement to pay for your purchased travel.
→ We will retain this information only as long as necessary to complete your purchase, unless you have opted to save your billing information in your account.
User-Generated Information
→ If you participate in any interactive area of our site, such as by publishing a review of your trips or participating in a contest or promotion, we will collect any personal information that you include as a part of your participation. The specific information collected will depend on the nature of your participation and submission, but may include information such as your name, image, likeness, and voice. For example, when you post a review on our site, you will create a public profile, which will include your name (as you wish for it to be viewed by others), any profile picture you elect to include, and all of the information you choose to share about the trip you are reviewing.
→ We collect and use this information for the purpose of allowing our customers to engage with interactive features on our site, so that others can benefit from your shared experience.
→ Our legal basis for processing this information is our legitimate business interests, specifically our ability to operate an interactive platform that allows us to provide you with travel related services, and allows our customers and others to learn more about our services. In addition, we obtain your express, opt-in consent to share your review when you submit a review through our site.
→ We will retain this information for so long as we continue to have a business need to do so, unless a longer period is required by law. Note that while you can in some circumstances request removal of this type of information, as described in this privacy policy below, in some cases we may not be able to remove personal information voluntarily disclosed by you due to technical limitations (for example, the data may not be searchable). We will inform you if we cannot remove information as requested.
Information About Others
→ If you plan a trip through our site, our service may allow or require you to submit information about others, including the names, email address, birthdates, and other information about your travel companions. By providing us with any of this information about another person, you are representing to us that you have obtained that person’s consent to giving us that information so that we can use it in accordance with this privacy policy.
→ We will ask for and collect this information if we need to provide it to our local guides to plan your travel, and we or they will use it to make the necessary reservations for your trip.
→ Our legal basis for processing this information is our legitimate business interest in providing our customers with services.
→ We will retain this information for so long as we continue to have a business need to do so, taking into account our legal, accounting, and tax obligations, unless a longer period is required by law.
Local Agent Information
→ If you want to work with us as one of our local guides, we will collect information about you and your agency, including identification information of the agency contact persons, information regarding your travel agency licenses, information regarding your data management platform, and information necessary to process payments.
→ We collect and use this information to allow you to serve as one of our local guides through our site platform, all in accordance with our contractual agreement.
→ Our legal basis for processing this information is our contractual agreement.
→ We will retain this information for so long as we continue to have a business need to do so, taking into account our legal, accounting, and tax obligations (which will be at least as long as we maintain a business relationship), unless a longer period is required by law.
We may share personal information with third parties in the following circumstances:
→ When you submit a trip request through the site, we will provide personal information to our local guides, who need to use that information to help you plan your trip and arrange your travel.
→ When you pay for a trip through the site, we will provide personal information to our service providers who assist us with processing and directing payments, refunding payments, and otherwise addressing inquiries relating to payments and refunds. Our current payment services provider is Stripe, and you can review their privacy policy here.
→ We will share your personal information with our other service providers who handle our data management and newsletter and email distribution, and who assist us with, co-sponsor, or otherwise participate in any surveys, contests, events, and promotions. We provide these service providers only with the information they need to perform their services, and work with them to respect and protect your privacy.
→ We will release information, including personal information, if we believe that we need to so so to (a) comply with law, regulations, legal process or governmental request, (b) enforce any policies applicable to the site, including potential violations, (c) detect, prevent or otherwise address fraud, security or technical issues, or (d) otherwise protect the rights, property or personal safety of us, our employees, site users, or others.
→ We may share information, including personal information, in connection with, during negotiations of, or as a part of the closing of, any merger, sale of company assets, financing or acquisition of all or a portion of our business to another company in which personal information about the users of our site is among the assets transferred.
We do not sell, rent, or lease any personal information that we collect about you through the site to anyone for any purpose, other than as disclosed, unless you have given us your separate express “opt-in” consent to do so.
A. What Is Non-Personally Identifiable Information? Non-personally identifiable information, also called NPII, refers to information that is not and cannot be used to identify a specific individual. This may include information about the statistical characteristics of the visitors to our site. While this information may define how you fit into a particular group of people, it is not unique to you, and it cannot be used (without other information) to specifically identify you. This section describes how we collect and use non-personally identifiable information through the site.
B. Log Files. We may (directly or through third parties) make use of log files. The information inside the log files includes internet protocol (IP) addresses, type of browser, internet service provider (ISP), date/time stamp, referring/exit pages, clicked pages and any other information that your browser may send to us. We may (directly or through third parties) use this information to analyze trends, administer our site, track users’ movement around our site, and gather information.
C. Cookies and Other Tracking Technologies. Our site utilizes “cookies”, anonymous identifiers and other tracking technologies which enable us to provide you with information that is customized for you. For more information, see the “Cookie Policy” section of this privacy policy.
D. Analytics Services. Our site may use analytics tools and services to collect information about use of our site, such as how often users visit our site, what pages they visit when they do so, and what other sites they used prior to visiting our site. We use the information we collect from the analytics services to maintain and improve our sites and our products and services. The analytics services we use include Google Analytics, Facebook Ads, Content Square, Criteo, and others.
E. Anonymous Information. Anonymous information refers to information that does not enable identification of an individual user, such as aggregated or demographic information about users of our site. We may use anonymous information or disclose it to third party service providers to improve our site and enhance your experience with our site. We may also disclose anonymous information (with or without compensation) to third parties, including advertisers and partners.
As noted above, our site uses and allows certain third parties to use cookies. We ask for your consent to our use of cookies in accordance with the terms of this policy when you first visit our site. By using the site and agreeing to this policy, you consent to our use of cookies.
A. What Are Cookies? Cookies are small amounts of data that are stored on your browser, device, or the page you are viewing when you visit a website. Some cookies are deleted once you close your browser or application (session cookies), while other cookies are retained even after you exit so that you can be recognized when you return (persistent cookies). Cookies do not typically contain any information that personally identifies a user, but personal information that we store about you may be linked to the information stored in and obtained from cookies.
B. How We Use Cookies. We use both session and persistent cookies on the site. The cookies we use are generally divided into the following categories:
→ Mandatory cookies: These are cookies that are required for the operation of our site, such as cookies that enable you to log into secure areas.
→ Functional cookies: These are cookies that remember choices that you make when you visit our site, such as language options. They help to make your visit more personal and assist your site navigation.
→ Analytics cookies: These are cookies that automatically collect information about your use of the site. These help us understand how many people are using our site and how they navigate through it. As mentioned above, we use analytics services to analyze user behavior, so these third parties will place these types of cookies on our site. However, third parties will only track the behavior of site users who have given their consent to be tracked for marketing purposes.
→ Marketing cookies: These are all other cookies that record your visit to our site, the pages you visit, and the links you followed. They will recognize you as a previous visitor to the sites, and may track your activity on our site and other websites you visit.
C. Your Choices About Cookies. Most web browsers automatically accept cookies, but you can usually change your settings to prevent that, such as by having your device warn you each time a cookie is being sent or choosing to turn off all cookies. On our site, you will be able to disable all site cookies other than mandatory cookies. This can be done through your web browser settings, and because each browser is different, you should look at your browser’s “Help” menu to learn how to modify your cookie settings. You can also learn more how to opt out of targeted behavioral advertising from many major third party network advertisers by reviewing the information here and here.
If you do disable cookies from your browser you may not be able to access certain sections of the site that use essential cookies, and this may make your experiences on the site less efficient.
D. Do Not Track Requests. Currently, certain browsers, including Firefox, Google Chrome, Safari and Internet Explorer, offer a “do not track” (DNT) option. This option, using a technology known as a DNT header, sends a signal to websites visited by the user about the user’s DNT preference, if any, set on the browser. If you activate DNT, we will deactivate all cookies on the site (other than mandatory cookies). However, we do not currently commit to responding to browsers’ DNT signals. We cannot make this commitment because no common industry standard for DNT has been adopted by industry groups, technology companies, or regulators.
Our site may offer social network and similar sharing features, such as Facebook, Twitter, Instagram, and YouTube buttons, which let you share information related to the site through your preferred social media platforms. If you permit a connection between our site and your social network page(s), we (and the social network) may be able to identify you, and associate the information we (and they) receive with information we (and they) already have about you. In addition, depending on how you use those features and your settings with the social network provider(s), the information you share to your social network pages will be available to others, including your friends and/or the public. For more information about how your information may be shared through those social networks once it is provided to them, you should review the privacy policies of those social networks.
We use a variety of industry-standard security measures to maintain the safety of your personal information, including measures designed to secure your personal information from accidental loss and from unauthorized access, use, alteration and disclosure. We store the personal information you provide on secure (password- and firewall-protected) servers. All electronic financial transactions conducted through our site are protected by encryption technology.
Unfortunately, no electronic data transmission over the Internet can be guaranteed to be 100% secure. As a result, while we believe that we use reasonable measures to protect personal information, we cannot ensure or warrant the security of any information transmitted or otherwise provided to us or received from us.
If you have an account on our site, it is your responsibility for keeping the password confidential. We will never ask for your password (except when you create your account and log into our site).
A. General Rights. If you have any questions regarding this privacy policy or our use of your personal information, you can contact us by email at support@flexbywhistle.com.
You can always opt out of receiving promotional communications such as our newsletters by selecting the “unsubscribe” link included in any email communications, or by contacting us at us at support@flexbywhistle.com. Please note that despite your email preferences, we may need to contact you regarding trip requests or planned travel, as required by law, or regarding legal matters. However, we will not send you marketing communications if you have opted out of receiving them.
As noted above, we have standard retention practices with respect to the personal data we collect. If you would like to request any earlier removal of your personal information, please contact us at support@flexbywhistle.com. Please note that we may not be able to completely remove personal information from the site or our systems in certain circumstances. This will be true if the data is not in a searchable format, if it is retained in backup systems or cashed or archived pages, if we need it to prevent fraud or future abuse, or if we are required by law to keep it.
B. Rights of California Residents. California law permits California residents to request certain details about our disclosure of their personal information to third parties for those third parties’ own direct marketing purposes. If are a California resident and you would like to make such a request, please contact us at support@flexbywhistle.com. Please note that there are legal limits on how often you can make such a request, and we are only obligated to respond to one information request per customer per year.
C. RIGHTS OF EU Persons. For our users in the European Union (EU), this privacy policy is intended to comply with Regulation (EU) 2016 of the European Parliament and of the Council of 27 April 2016, known commonly as the General Data Protection act, or the GDPR. If you are in the EU, you have the following rights, subject to certain limitations and exceptions imposed by the GDPR:
→ Right to Access – this is the right to request copies of your personal information from us.
→ Right to Correct – this is the right to have personal information corrected if it is accurate or incomplete.
→ Right to Erasure – this is the right to ask us to delete or remove your personal information from our systems.
→ Right to Restrict Use – this is your right to block us from using, or to limit the ways we can use, your personal information.
→ Right to Data Portability – this is your right to request that certain of your personal information be transferred to a different provider.
→ Right to Object – this is your right to object to our use of your personal information, including when we use it for our legitimate interests, including for marketing purposes.
If you have questions relating to the above rights, you can contact us at support@flexbywhistle.com. If you are not satisfied with how we have responded to any request you make regarding the above rights, you may be able to raise your complaint with the Data Protection Authority in your jurisdiction. You can find your national Data Protection Authority here.
In addition, if you are from the EU or are otherwise located in the European Economic Area (EEA), we are required to give you information about the transfer of your information outside the EEA. When we transfer information outside of the EEA, it is our practice to enter into Standard Contractual Clauses to ensure the protection of the information we shared.
For purposes of the GDPR, if you are located in the EU, the Data Controller of the information you provide is Whistle Associates SAS. We are registered in France under registration number Siren: 908130396. Our Data Protection Officer may be contacted at admin@whistle.associates.
Our site is not targeted to, and we have no interest in collecting information from, children. We do not knowingly gather any personal information from children under the age of 13. If you are a parent or legal guardian who believes that your child has provided us with any personal information, please contact us at support@flexbywhistle.com.
Because of changes in Internet technology and practices, this privacy policy may change from time to time. We will post any changes we make to this privacy policy on this page, and any changes will be effective once the new policy is posted. It is your responsibility to check this privacy policy for updates. You can determine when this privacy policy was last updated by referring to the “Last Modified” legend at the top. By using the site after we post any changes to this privacy policy, you agree to accept those changes, whether or not you have reviewed them.