privacy policy
The CTS Privacy Policy (“Privacy Policy”) applies to how we collect, use, and process your personal information when you use any of the CTS Services, Website, and any Applications. Please read the Privacy Policy carefully. Please note the sections in bold, as these sections may limit our liability or risks, require you to assume risks and responsibility for certain matters, or acknowledge certain facts.
Privacy Policy Scope
Introduction and scope
1.1 – CTS Luxury Travel is a private company registered in the Republic of South Africa (hereinafter referred to as “Cape Travel Solutions”, “CTS”, “CTS”, “we”, “us” or “our”). We provide travel-related services to the tourism industry, including but not limited to the Republic of South Africa (“Services”).
1.1.2 – This Privacy Policy, which should be read in conjunction with our Website Terms and Conditions as set out above (“Terms”), sets out the basis on which any personal information (defined in paragraph 2 below) we collect from you or that you provide to us will be used, stored, and processed by us when you use the Website and/or the Services. Unless defined elsewhere, terms in this Privacy Policy have the same meaning as those ascribed to them in the Terms.
1.1.3 – Please read this Privacy Policy carefully to understand our views and practices regarding your personal information and how we will handle it.
1.1.4 – CTS Luxury Tourism is committed to protecting and respecting your privacy. We strive to ensure that our use of your personal information is lawful, reasonable, and relevant to our business activities, with the ultimate goal of improving our services and your experience.
1.2 – Your acceptance of the terms of the Privacy Policy
1.2.1 – By using the Website or accepting the Terms, you agree to be bound by this Privacy Policy. By accepting this Privacy Policy, you provide us with your explicit consent and agreement that we may collect, obtain, receive, record, organize, collate, store, update, change, retrieve, read, process, use, and share your personal information in the ways described in this Privacy Policy. When we perform any of these actions with your personal information, we are “processing” your personal information.
1.2.2 – If you do not agree with this Privacy Policy or are concerned about any aspect of your personal information, please do not continue to use the Site.
Paragraph 1.2 has important legal consequences for you. In this paragraph, you expressly give us permission to collect, classify, process, share, and use your personal information in the manner and for the purposes set out in this Privacy Policy. By doing so, you acknowledge and accept that you are giving up certain parts of your right to privacy. You will not be able to take any action against us for using your personal information in the manner for which you gave your consent, even if you suffer loss or damage.
1.3 – What does this Privacy Policy apply to?
1.3.1 – This Privacy Policy applies to us and our successors; and
1.3.2 – You personally, i.e. the person who:
1.3.2.1 – browse, use, access, refer to, display and/or download the information we provide on the Site (“Content”) and/or make any information available to us through the Site; and/or
1.3.2.2 – He or she or any person who has applied to be part of our membership program (“Member”).
Regardless of the device you use to access the Website, including, but not limited to, internet-connected mobile devices and tablets (“Access Device”).
1.3.3 – This Privacy Policy does not apply to other third-party websites, products or services that are linked to or advertised on the Website.
What is personal information?
1 – “Personal Information” refers to private information about an identifiable individual, which includes your name, surname, age, date of birth, contact details (such as your home address, postal address, email address, or telephone number), physical location, social media account details, and profile pictures.
2.2 – Other information that may be personal information may include:
2.2.1 – “Access Device and Event Device Information”: We may collect information such as your Internet Protocol (IP) address, unique device identifier, the nature of the access device you used to access the Website (e.g., a tablet or smartphone), the geographic location from which you accessed our Website (i.e., the geographic location of your access device), hardware model and settings, operating system type and version, browser language, system activity, and crashes;
2.2.2 – “Log Information” When you use the Website, we may automatically collect and store certain information in server logs (for example, our web servers automatically record and keep a record of their activities when users access the Website, which may include “Website Activity Information”, such as details of how, when and for how long you accessed the Website, the links you navigated to, the content you accessed, the amount of content viewed, the order of that content and the amount of time you spent on that specific content;
2.2.3 – “Profile Information”: We may collect, process information and use data for each profile to provide targeted recommendations to that profile when you log in using the Website;
2.2.4 – “Location Information”: We may use various technologies to determine your actual location, such as geographic data from your access device (which is typically based on GPS or IP);
2.2.5 – “Member Information”: Members must provide their email address, name, title, company name, contact number, business address, job title and location in order to submit a membership inquiry (“Membership Inquiry”) and Members will need to create a username and password to access their Member Benefits.
2.3 Some of the information we receive is personal information, and some is non-personal information that becomes personal. In some circumstances, we will de-identify, anonymize, or disaggregate information so that we can use it in aggregate form without treating it as personal information.
When will we process your personal information?
1 – In addition to paragraph 4 below, we may process personal information in several ways, including when:
3.1.1 – Your access to, browsing or use of the Website and/or Services;
3.1.2 – You may stream, access or make use of the Content;
3.1.3 – We provide you with the Service;
3.1.4 – you register a membership inquiry or access your membership account;
3.1.5 – Contact us via email or phone;
3.1.6 – We conduct demographic research.
3.1.7 – you sign up for our newsletters (“Newsletters”) and/or enter any competitions or promotions (“Competitions”) we run; and
3.1.8 – You provide your personal information to us for any other reason, or authorize third parties to do so.
How we collect your personal information
1 – We collect your personal information in various ways, i.e. actively from you, passively from your access device when you use the website, or from our affiliates and third-party service providers.
4.2 – Active collection from you
4.2.1 – If you contact us, we may keep a record of that correspondence.
4.2.2 – The personal information that we may actively collect from you may include your identifying information (such as your name, title, and physical location), and contact details (such as your email address and phone number).
4.2.3 – We may ask you to provide certain information in order to submit a membership inquiry or access your online membership account, including, but not limited to, your company name, contact number, business address, job title and location.
4.2.4 – We may ask you to provide certain information in order to subscribe to our newsletters and/or enter any competitions, including but not limited to your name, email address and location.
4.3 – Collection from your access device
4.3.1 – We passively collect some of your personal information from the access device you use to access the Website using various technological means, for example, using server logs to collect and maintain log information.
4.3.2 – We also use cookies and anonymous identifiers that enable our computer system to recognize you when you next visit the website or use the Al-Kabeeb Travel and Tourism Solutions Company application to distinguish you from other users and to improve our service to you, and to make the website much easier to use, in addition to providing a more personalized experience.
4.3.3 – A cookie is a small piece of data (an alphanumeric identifier) that our computer system transfers to your access device through your web browser when you visit the website or use the Al-Kabeer Travel and Tourism Solutions application, and it is stored in your web browser. When you visit the website or use the Al-Kabeer Travel and Tourism Solutions application again, the cookie allows the website to recognize your browser. Cookies may store user preferences and other information.
4.3.4 – You may disable the use of cookies by configuring your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do so, you may not be able to enjoy all the features and functionality of the Site.
4.3.5 – The information we may collect indirectly from your Access Device may include your identification information, contact details, device and device event information, location activity information, log information, location information, and any other information that you permit us, from time to time, to collect indirectly from your Access Device.
How we use your personal information
1 – We use the information we collect to provide, maintain, and improve the Services, to develop new Services, and to protect ourselves, our Services, and our users. We constantly strive to improve our users’ experience, so we also use the information we collect to provide you with more relevant information and content.
5.2 – We may use your personal information to:
5.2.1 – Maintaining and making information available to you on the Website;
5.2.2 – Prove and verify your identity on the Website;
5.2.3 – Fulfilling your requests for certain services;
5.2.4 – Diagnose and address technical problems, support inquiries and other user inquiries, such as problems with our server, determine the optimal and fastest route for your access device to use in connecting to the Website, and administer, maintain and secure the Website;
5.2.5 – detect, prevent or address actual or alleged fraud, security, abuse, misuse or unauthorized use of the Site and/or violation of this Privacy Policy;
5.2.6 – Providing you with the latest information about our Services (including via our newsletters), in accordance with your communication preferences;
5.2.7 – to communicate with you and keep records of our communications with you, including notifying you of any changes to the Website, our Services, our Terms, this Privacy Policy or any other changes relevant to you;
5.2.8 – Collecting non-personal statistical information about browsing habits, click patterns and access to the Site;
5.2.9 – Improve the Website, analyze trends, and administer the Website, including requesting feedback on the Content and Services;
5.2.10 – to fulfil any contractual obligations we may have to you or any third party;
5.2.11 – Improve your user experience and the overall quality of our Services;
5.2.12 – For security, administrative and legal purposes;
5.2.13 – If you are a member, create your own membership account and ensure that we do not duplicate an existing user account on the Website; and
5.2.14 – Other activities not specifically mentioned that are lawful, reasonable, relevant to our business activities and the minimum necessary and sufficient for us to provide the Website and our Services.
5.3 – Under certain circumstances and subject to your preferences as indicated when providing the relevant personal information, you agree that we may also make your personal information available to our affiliates, members, or strategic/industry partners (“Partners”) for their use in [providing you with the latest information about their services]. Such use by the Partner must be consistent with this Privacy Policy, to the extent applicable.
Sharing personal information
1 – We will not intentionally disclose any of your personal information to third parties, except (1) when we have your permission to do so (as we do in relation to partners under paragraph 3 and in relation to the circumstances set out in paragraph 6.2), (2) for the purposes of our legitimate business interests, or (3) when we are required to do so by applicable law or regulation.
6.2 – You agree that your personal information may be shared under the following circumstances:
6.2.1 – with affiliates, agents, consultants, service providers and suppliers who have agreed to be bound by this Privacy Policy;
6.2.2 – with our employees, contractors and agents if they need to know that information in order to process it for us and/or provide services to us or to us, and to the extent they need to, such as hosting, developing and managing the website, technical support, marketing services and other support services;
6.2.3 – in order to enforce or apply our Terms or any other contract between you and us;
6.2.4 – in order to protect our rights, property, or safety or the rights of other users, employees, contractors, agents, and any third party;
6.2.5 – in order to mitigate any actual or reasonably perceived risks to us, other users, employees, contractors, agents or any third party; and
6.2.6 – With government agencies, exchanges and other regulatory or self-regulatory bodies if we are required to do so by law or if we reasonably believe that such action is necessary.
6.3 – We may use your personal information to compile profiles for statistical purposes, provided that the profiles or statistical data cannot be linked to you by a third party.
6.4 – We will obtain your permission before disclosing your personal information to any third party for any other purpose.
Storage and transfer of your personal information
1 – We store your personal information on our servers and/or on third-party servers.
7.2 – We reserve the right to transfer and/or store your personal information on servers in a jurisdiction other than the one in which it was collected, and that jurisdiction may not have similar data protection legislation.
7.3 – If the location to which the personal information is transferred does not have substantially similar laws that provide for the protection of personal information, we will take reasonably practicable steps to ensure that your personal information is adequately protected in that jurisdiction.
protection
1 – Although absolute security cannot be guaranteed on the Internet, we take reasonable technical and organizational security measures to protect your personal information from accidental or intentional manipulation, loss, misuse, destruction, or against unauthorized disclosure or access to the information we process online.
8.2 – Although we cannot guarantee or warrant the security of any personal information you provide to us, we will continue to maintain and improve these security measures over time in line with legal and technological developments.
8.3 – We will take reasonable and practical steps to ensure that persons to whom your personal information may be disclosed under this Privacy Policy have implemented and maintained appropriate technical and organizational measures designed to prevent unauthorized access to or disclosure of your personal information.
Paragraph 8 has important legal consequences for you:
excludes or limits the legal liabilities of Al-Kabeeb Travel and Tourism Solutions;
limit or exclude the rights and claims you have against Al-Kabeeb Travel and Tourism Solutions Company; and
Places responsibilities, obligations and legal risks on you.
You understand and accept that the internet is not completely secure and that there is a risk that your personal information may not be secure when transmitted over the internet. We do not promise that we can keep your personal information completely secure online. You also understand and accept that we cannot promise the complete security of your personal information. You will not be able to take action against us if you suffer loss or damage in these circumstances.
Keeping your personal information
1 – We may retain all personal information we collect from you for as long as it remains necessary for the purposes for which it was collected unless there is a valid technical, legal or business reason for us to delete, destroy or de-identify it.
9.2 – Furthermore, we may retain some of your personal information for as long as we are required to do so by law or our Code of Conduct or we reasonably need it for legal purposes related to our functions and activities; we reasonably need it for evidential purposes or you agree to us keeping it for a specified period.
Keeping your personal information up to date and correct
1 – To the extent required by law, we will take the necessary steps to ensure that your personal information is accurate, complete, not misleading, and up-to-date, taking into account the purpose for which the information was collected or used.
10.2 – You must tell us if you believe that any information we have about you is incorrect, incomplete, misleading or out of date by notifying us at the contact details set out in paragraph 16.
10.3 – You may request that we delete your personal information if it is no longer required for the purposes for which it was collected or is required by us under any applicable law.
Third party websites
1 – We are not responsible for the privacy practices of any third party website to which there may be a link on the Site and/or any content on the Site.
11.12 – We advise you to read the terms and conditions and privacy policy of each website you visit and to set your privacy settings according to your personal preferences.
Paragraph 11 has important legal consequences for you. It:
excludes or limits the legal liabilities of Al-Kabeeb Travel and Tourism Solutions;
limit or exclude any rights you may have against Al-Kabeeb Travel and Tourism Solutions Company; and
Places legal responsibilities, obligations and risks on you.
Al-Kabeeb Travel and Tourism Solutions shall not be liable for any loss or damage incurred by you when visiting a third-party website, including a Member’s, by following a link to this website from the Website. You accept that there may be risks involved in using such third-party websites, including Members, and that you do so at your own risk.
direct marketing
1 – When you use the Site and/or the Services, you may receive marketing communications from us.
12.2 – You may refuse to accept or ask us to proactively stop or block any approach or communication from us if such approach or communication is primarily for the purpose of direct marketing (“Direct Marketing Communications”).
12.3 – You may opt out of receiving direct marketing communications from us at any time by asking us (in any form, whether by telephone, electronically, in writing or in person) to stop initiating any direct marketing to you.
12.4 – If you unsubscribe, we may send you written confirmation (which may include electronic writing) of receipt of your unsubscribe request, and we will not send you any further direct marketing communications.
12.5 – You may (under the Consumer Protection Act 2008) register a protective prohibition against direct marketing communications. If you do so, we will not send you direct marketing communications unless you have expressly consented to receive direct marketing communications from us.
Changes to this Privacy Policy
1 – We change this privacy policy from time to time.
13.2 – You agree to review the Privacy Policy each time you visit the Site for any changes. Except as expressly stated otherwise in this Privacy Policy, the revised version of the Privacy Policy supersedes all previous versions.
13.3 – We will not use or disclose the personal information provided to us under this Privacy Policy in ways other than those described above, without notifying you and providing you with the opportunity to consent to these revised terms relating to the use and disclosure of your personal information.
CPA, POPI, and other laws
1 – If this Privacy Policy or any provision of this Privacy Policy is governed by or subject to the Consumer Protection Act No. 68 of 2008 (“CPA”), the Protection of Personal Information (“POPI”) Act No. 4 of 2013, or other laws, no provision of this Privacy Policy shall be deemed to conflict with any provision of the CPA, the POPI, or any other laws. Therefore, all provisions of this Privacy Policy shall be treated as qualified, to the extent necessary, to ensure compliance with the provisions of the CPA, the POPI, and other laws.
14.2 – There is no provision in this Privacy Policy that:
14.2.1 – does or purports to limit or exempt us from any liability (including, without limitation, any loss attributable directly or indirectly to our gross negligence or wilful default or the default of any other person acting for or controlling us) to the extent that such limitation or exclusion is not permitted by law;
14.2.2 – requires you to assume risks or liability for the type of liability or loss, to the extent that such assumption of risk or liability is not permitted by law; or
14.2.3 – Any warranties or representations contained in this Privacy Policy are limited or excluded by the Consumer Protection Act (to the extent applicable), the Personal Information Protection Act (to the extent applicable), or other applicable laws or made by us under the Consumer Protection Act (to the extent applicable), the Personal Information Protection Act (to the extent applicable), or other applicable laws, to the extent that the law does not permit their limitation or exclusion.
Governing law
1 – The contents of this Privacy Policy are subject to South African law.
15.2 – If any provision of this Privacy Policy is deemed unlawful, void, or unenforceable by applicable law or by order of a court of competent jurisdiction, it will be deemed deleted, and the remaining provisions will continue in full force and effect. They will not be affected unless a court of competent jurisdiction determines that the essential purpose of this Privacy Policy has been defeated, in which case you may contact Al-Kabeeb Travel and Tourism Solutions Company at the address listed in paragraph 16 below to opt out of the Privacy Policy.
How can I contact Al-Kabeeb Travel and Tourism Solutions?
If you have any questions or concerns or would like to request permission to use any part of the Site, including linking, framing and searching, please contact us at: info@mycts.co.za
This privacy notice forms part of your agreement with Activitar.
During our interactions, you share personal information with Tornado Tour Systems (Pty) Ltd, trading as Activitar, registration number 2004/000954/07.
This notice tells you what to expect when we collect information from you and how we use it.
It is part of our agreement with you, and we may need to update it occasionally. When we do, we will inform you. You should read this notice along with our terms and conditions that apply to the products and services you use.
If you have any questions about this policy, please contact us by email at privacy@activitar.com or by phone on +2787 250 0276
We collect your information in the circumstances outlined below. Sometimes we are required by law to collect your information, for instance, if tax legislation forces us to collect personal information.
We need some general information before we can enter into an agreement and you can begin to use our reservation system and online distribution service.
We collect your:
company name
contact details
VAT number
banking details
details related to your operating processes and offerings
details contained in your company registration documents
identity documents of your mandated officials
proof of address of your mandated officials
proof of banking details
We use this information to:
load you on our services and configure the system
set up and process payments via the payment gateway
communicate with you
provide training
process orders
provide your offerings to clients via activitar.com
provide support
send you statements, receipts, invoices or any other legal documents that relate to your transaction
fulfill our legal obligation to use or disclose your information
Legal basis for processing: Data protection legislation allows us to process personal information when it is necessary for the performance of a contract with you. In other instances, we are required by law to collect your information, for instance tax legislation forces us to collect personal information. |
In order for our service to function properly, ‘customer data’ is generated and collected. This includes your, and your clients’ personal information. We collect your clients’ names, contact details, and details about their bookings.
We use customer data to process bookings and reservations on our reservation system and distribution service, to analyse and improve our services and to identify and solve problems where they may appear.
Legal basis for processing: Data protection legislation allows us to process personal information when it is necessary for the performance of a contract with you. |
When you contact us by social media, email, our support service or telephone with a query, complaint, or request, we collect the information contained in your message. We use the information we collect to reply to, investigate, and resolve your query, complaint, or request.
Legal basis for processing: Data protection legislation allows us to process personal information when it is in our interest and we have chosen the least invasive way to process the information. It is in both our interest to reply to, investigate, and resolve your queries, complaints, and requests. |
We have a monthly newsletter that is delivered by email.
We’ll ask you whether you want to receive the newsletter, if you agree it is important that you know you can unsubscribe at any time by following the unsubscribe link at the bottom of the email or by contacting us.
Legal basis for processing: Data protection legislation allows us to process personal information when you have given us your express consent. |
We do not knowingly collect the personal information of children without the consent of a parent or guardian.
We use service providers and suppliers who we trust to assist us in providing our services to you. They have agreed to keep your information secure and confidential, and to only use it for the purposes for which we have sent it to them.
We share your information with service providers when they help us to:
store information
process payments
ensure you have access to the services you paid for
deliver our newsletter
help monitor the effectiveness of our promotions and advertising
help us manage our business, for instance accountants and professional advisors.
maintain our website
find and fix errors and performance issues on our website
Sometimes we will be required by law to share your information. For instance, we may be required to share your information with the South African Fraud Prevention Services. We will not sell your information or share information with third parties for the purposes of direct marketing (we don’t like spam either).
Some of the service providers that we use may be located in other countries; for instance, our cloud storage service. These countries may not have the same levels of protection of personal information as South Africa. If this is the case, we require that they undertake to protect the personal information of our customers to the same level that we do.
We will not retain your information for longer than we need to, unless we are legally required to do so. Most of your personal information will be retained for 5 years from the date of your last transaction with us. However, we may keep your contact details for longer for marketing and mailer purposes.
We have implemented reasonable security measures based on the sensitivity of the information we hold. These measures are in place to protect the information from being disclosed, from loss, misuse, and unauthorised access, and from being altered or destroyed.
We regularly monitor our systems for possible vulnerabilities and attacks, but no system is perfect and we cannot guarantee that we will never experience breach of any of our physical, technical, or managerial safeguards. If something should happen, we have taken steps to minimise the threat to your privacy. We will let you know of any breaches that affect your personal information and inform you how you can help minimise the impact.
You also have a role to play in keeping your information secure. For example, you should never share personal information with us in an email, because while our servers are protected, it is still possible that email can be intercepted. Instead, contact the Activitar support team at +2787 250 0276, which will connect you to Chris Coetzee, our information officer.
You have the right to know what kind of personal information we have about you, to correct it, and to opt out of marketing.
You have the right to
ask us what we know about you;
ask what information was sent to our suppliers, service providers, or any other third party;
ask us to update, correct, or delete any out-of-date or incorrect personal information we have about you;
unsubscribe from any direct marketing communications we may send you; and
object to the processing of your personal information.
You can request access to the information we have about you, or correct your personal information by contacting our deputy information officer at privacy@activitar.com. It can take us up to 21 days to respond to your request because there are procedures that we need to follow. In certain cases, we may require proof of your identity, and sometimes changes to your information may be subject to additional requirements such as valid proof of residence.
If you are in the European Union, you have these rights in terms of the GDPR:
The right to be informed about the collection and use of your personal information.
The right to access your personal information. You may make such a request from us by contacting privacy@activitar.com. We may take one month to respond to your request and may charge a fee in some circumstances. We will let you know if this is the case.
You have a right to have inaccurate personal information corrected or completed if it is incomplete. You may make such a request from us by contacting privacy@activitar.com. We may take one month to respond to your request and may refuse in certain circumstances.
You have the right to have your personal information erased, also known as the ‘right to be forgotten’. You may make such a request from us by contacting privacy@activitar.com. We may take one month to respond to your request and may refuse in certain circumstances.
You have the right to request that we restrict or suppress your personal information. You may make such a request from us by contacting privacy@activitar.com. We may take one month to respond to your request and may refuse in certain circumstances.
You have the right to reuse your personal information for your own purposes across different services, also known as the right to data portability.
You have the right to object to us processing your personal information in certain circumstances. You may make your objection by contacting privacy@activitar.com. We may take one month to respond to your request. There are legitimate reasons why we may refuse your objection, which depend on why we are processing it.
You have the right to complain to a supervisory authority in the Member State where you live or work, or where the infringement took place.
You have the right to object to automated decision-making and profiling.
You may ask that a human review any automated decisions that we make about you, express your point of view about it, and obtain an explanation of the decision. You may challenge any automated decision made about you by contacting privacy@activitar.com. We may take one month to respond to your request.
© 2025 Tornado Tour Systems (Pty) Ltd ta Activitar.