Fair Data Processing
Your personal safety is our prime motivator on Gapforce School group or Individual expeditions. As part of our Personal Safety Package we also aim to secure your digital information. However we cannot guarantee your data security. We aim, where possible, to assess the risks and then reduce the risks to your data security.
We will typically collect you names, address, contact details and Next of kin as well as the choice of program that you are booking.
In addition to the above personal information we will require your banking information to pay for your chosen program. As a small organisation we have outsourced the collecting, storage and processing of your at risk financial information to Stripe. Stripe advise us they are GDPR compliant. Additional information about them can be found at : https://stripe.com/guides/general-data-protection-regulation
To reduce risk, Gapforce will not request, store or retain your financial information on our systems.
Subject Access Rights
It is important that you know what information we hold about you. You should also be able to update and delete the information we hold about you. To enable this, you will have your own password protected online Gapforce account. As well as details about what clothing to pack, your program itinerary and medical forms, your own online account is where you input your name and correspondence address, flight details and program choice.
Once you book with us you will have direct access to the data in your online account. We may monitor and record the dates and times you access your account. If you are under 18 your parent or guardian will have to positively confirm they allow data access and participation on our program.
This is your online account, so you can delete the information at any time after the program, should you desire.
Gapforce programs typically operate outside the European Union. Gapforce programs are run in challenging and remote locations where there may be limited or no electricity and therefore no computer access. Gapforce will work with non secure and therefore none compliant partners. A Maasai Village, a Peruvian hostel or a Sumatran bus service (examples only) will have limited or no data security. There is a high chance of data theft, if you are concerned by this do not book to go to our locations. We therefore aim to have additional risk reduction measures in relation to our none complaint partners:
Single Stage Security Layer: Personal information provided to overseas partners will where possible be limited to your name, gender and age only. We will not provide contact details to our overseas parties.
Two Stage Security Layer: Financial information will not be provided by Gapforce to our project partners. As a second stage and to reduce mistake, Gapforce (See Section 1) will not hold financial information about you, this reducing but not removing the ability to forward financial information to none secure partners.
You should be aware that if you provide your email details in a hostel guest book or feedback form or your banking details to purchase items overseas, or leave your passport for security then you will be running an increased risk of data theft.
If you have any concerns as a participant, parent or educator about the transmission, storage or processing of your data please call the Gapforce office, email us or use our online chat.
We will arrange where possible, for the Gapforce Advisor who helped you discuss your options and assisted your booking to be your point of contact in the case of data theft or abuse.
Help Us Help You
Finally, data theft and abuse is a worldwide issue. Please look after your passport, personal and financial information when overseas If you notice any potential breach however small, please do not hesitate to contact us.