1. Introduction

Bountiful Safaris and its subsidiary Bountiful Cares (hereafter referred to as “the Company”) are committed to protecting the privacy and security of personal data collected from our clients, employees, partners, and other stakeholders. This policy outlines our approach to data protection in compliance with relevant data protection laws and regulations.

  1. Scope

This policy applies to all personal data processed by the Company, regardless of the medium on which that data is stored or whether it relates to past or present employees, clients, or any other individuals.

  1. Definitions

  • Personal Data: Any information relating to an identified or identifiable natural person.
  • Data Subject: The individual to whom the personal data relates.
  • Processing: Any operation performed on personal data, including collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure, dissemination, restriction, erasure or destruction.

  1. Data Protection Principles

The Company adheres to the following principles:

  1. a) Lawfulness, fairness, and transparency
  2. b) Purpose limitation
  3. c) Data minimization
  4. d) Accuracy
  5. e) Storage limitation
  6. f) Integrity and confidentiality
  7. g) Accountability
  8. Data Collection and Use

5.1 The Company will only collect and process personal data for specified, explicit, and legitimate purposes.

5.2 Personal data will be adequate, relevant, and limited to what is necessary for the purposes for which it is processed.

5.3 The Company will ensure that personal data is accurate and, where necessary, kept up to date.

  1. Data Retention and Disposal

6.1 Personal data will be kept in a form that permits identification of data subjects for no longer than necessary for the purposes for which it is processed.

6.2 The Company will implement appropriate technical and organizational measures to ensure the secure disposal of personal data when it is no longer required.

  1. Data Subject Rights

The Company respects and upholds the rights of data subjects, including:

  1. a) Right to access
  2. b) Right to rectification
  3. c) Right to erasure
  4. d) Right to restrict processing
  5. e) Right to data portability
  6. f) Right to object
  7. g) Rights related to automated decision-making and profiling
  8. Data Security

8.1 The Company will implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk.

8.2 All employees, contractors, and third parties who have access to personal data are required to comply with this policy and associated security procedures.

  1. Data Breaches

9.1 The Company will maintain a data breach response plan.

9.2 Any suspected data breach must be reported immediately to the designated Data Protection Officer or responsible person.

9.3 Where required by law, data breaches will be reported to the relevant supervisory authority and affected data subjects within the stipulated timeframes.

  1. International Data Transfers

10.1 The Company will only transfer personal data to countries or international organizations that ensure an adequate level of protection or where appropriate safeguards are in place.

  1. Training and Awareness

11.1 All employees will receive data protection training appropriate to their role.

11.2 The Company will promote a culture of data protection awareness.

  1. Compliance and Audit

12.1 The Company will regularly review its data protection practices to ensure compliance with this policy and relevant laws.

12.2 Internal and/or external audits will be conducted periodically to assess compliance.

  1. Policy Review

This policy will be reviewed annually or when significant changes occur in data protection laws or the Company’s data processing activities.

  1. Contact Information

For any questions or concerns regarding this policy or data protection matters, please contact:

dpo@bountifulsafaris.com