Nan Hwa (Express) Travel Service Limited has been built on trust between our customers and ourselves. We only collect personal information to provide you with better services and products. To ensure you can make informed decisions and feel confident about supplying personally identifiable information relating to you when using our website. We maintain the following privacy principles:
Information Collection and Use
When you browse nanhwa.com and have not registered any online service from Nan Hwa (Express) Travel Service Limited, you browse anonymously. Personal information – such as your name, address, phone number or E-mail address – is not collected as you browse. The types of information we collect, depending on the specific part of the site services channel you are using, are:
- User name and password
- Date of birth
- Mailing address
- Email address
- Telephone number / Fax number
- Company name and job title
- Hong Kong ID Card number / Passport number / Nationality
- Credit card information including name of cardholder, credit card number, credit card billing address and expiry date
We may also use your information to process your request on purchasing our product(s) and service(s); to confirm your travel arrangements; to fulfil your request when you use our online services; to contact you regarding your enquiries; to identify you for login and for our own marketing purposes, such as sending you updates on our special offers, promotions, newsletter subscription, brochure request and so on. If you do not want us to use your contact information to send details of our products to you please let us know in an email to: firstname.lastname@example.org .
We do not pass details of your personal information to third parties except as described in below:
- We may disclose your information to airlines, hotels and / or related travel and booking agents. We will provide only the information necessary to ensure the successful fulfilment of your travel arrangements.
- When paying by credit card we pass your card details to our bank for authorization of the transaction and for payment.
- Apart from sharing your information as mentioned above, we do not disclose your details to any other person without your consent unless there is an emergency situation that requires it and disclose the information when required by law or court order, or as requested by other government or law enforcement authorities, or in the good faith that disclosure is otherwise necessary or advisable including and without limitation to protect the rights. This also applies when we have reason to believe that disclosing the information is necessary to identify, contact or bring legal action against someone who may be causing interference with our rights or properties, whether intentionally or otherwise, or when anyone else could be harmed by such activities.
We may collect information regarding your IP address, browser type, domain name and access time. This information is used for our internal research purposes and is separate from the information. We do not link IP addresses to any personal information.
We take security matters very seriously and treat all personally identifiable information obtained from users of our websites confidential, as well as preventing from unauthorized access and ensuring the correct use of the information. In addition to the firewalls and other sophisticated equipment implemented, we also provide appropriate physical, electronic and managerial measures to protect our system, and the information and data contained in them from accidental or malicious disruption or destruction. When you type in sensitive information, it will be automatically converted into codes before being securely dispatched over the Internet. However, complete confidentiality and security is not yet possible over the Internet, and privacy cannot be assured in your communications to us. You acknowledge that personal information is disclosed at your own risk, and may be subject to unauthorized use by others. This may result in you receiving unsolicited messages from other parties. We are not responsible in any manner for direct, indirect, special or consequential damages, howsoever caused arising out of the communication of information to us.
This site contains links to other sites that have their own seperate privacy statements. Please be aware that we are not responsible their privacy policies or compliance with the law, and do not vouch for their security of such other websites.
You should therefore be fully aware the provision of the link does not constitute an endorsement, approval, or any form of association by or with our company. You should therefore remain alert when you leave our site, and read the privacy statements of other websites. We have no control over data that is submitted to these third parties. You access the data on such websites at your own risk and we recommend you read such statements when entering these sites.
Changes to our Privacy Statement
We will post our new statement on this page once we have changed our privacy statement, so that you are always informed of the way we collect and use the information. If at any point we decide to use the information you submitted under this current statement in the revised condition, you will be given the opportunity via the website, email or in writing to opt out or otherwise prevent from such usage. If you have any queries or concerns regarding our Privacy Statement, or if at any time you need help related to our services, please send email to: email@example.com
Note: In case of discrepancies between the English and Chinese versions, the English version shall apply and prevail.
Payment Card Industry (PCI) and Data Security Standard (DSS) Compliant
The Payment Card Industry Data Security Standard (PCI DSS) is a set of security standards designed to ensure that companies must maintain a secure environment to accept, process, store or transmit credit card information.
All confidential data are not accessible when performing a search without clearance, data are restricted to authorized individuals to access on a need-to-know basis. The company has implemented and maintained a firewall configuration to prevent repositories of sensitive information from making outbound connections.
Credit card information stored in our system will be deleted if it has been inactive for a period of two years.
All transactions credit card records will be erased permanently from the accounting system after two years. Clients would need to produce physical evidence to the company of proof on their credit card transactions for any reimbursement or refund made thereafter.