Privacy Policy

Visita Privacy Policy

Visita (“Visita”) is committed to respecting your privacy and protecting your Personal Information.

We have written this Privacy Policy to let you know how we use your Personal Information. In it, we explain the types of Personal Information we collect, how we collect it, what we use it for and who we may share your Personal Information with.

This Privacy Policy is divided into several sections.

We want to help you understand how we handle your Personal Information when you interact with us and what you need to know about the Personal Information we collect, use and share about you. You can also find out about the rights and controls you have over the information you've entrusted to us, and about the obligations we have to protect it.

Please contact us if you would like to find out more about any matters to do with this Privacy Policy by sending email to admin@visita.org


What this privacy policy covers

This Privacy Policy covers all Personal Information about you that we collect, use and otherwise process in connection with your relationship with Visita as a customer or potential customer. By “Personal Information” we mean information about you where you are, or could be, identified, such as your name and contact details, your travel arrangements and visit request history and information about your access to our website.

As a visitor management platform, we need to collect Personal Information about our customers. We need to use and share this information to offer the best possible experience and to keep our customers and employees, safe and secure. We also need to protect the Personal Information you entrust us with.

When using Visita to request for a visit to our partner destinations, you acknowledge that the following privacy policy will apply. Our commitment to ensuring that your data is safe and secure applies no matter where in the world you use our website and mobile application. 


When do we collect personal information

We collect Personal Information about you whenever you use our services, when you use our website, when you register at the destination, or when you check in using our mobile application.

We need to interact across our business and with external third parties to collect your information and provide you with the experience, products and services you request. This may include interactions about visit requests, online transactions, communications and marketing, programs and membership services, promotions and surveys, visiting our websites and using our apps.

How we collect your information will differ depending on the circumstances when we interact with you and the services or products you request.

We may collect your information through trusted parties, such as travel agents, registration center frontliners, management representatives, and/or third party developers.

What types of personal information do we collect and process

We collect and may process Personal Information about you, about your travel arrangements, about how you use our services and about how you use our websites (including information about which pages you view). This could include information you provide us directly or information collected that you have provided to other sources:

  • Visit Request information - we collect the Personal Information you provide about your visit request, including your name, gender, contact details, date of birth, nationality, information about other people you are travelling with and unaccompanied minors, and/or credit card details and bank account details. This includes information about services we have provided to you in the past, including your previous visit requests and related matters.

Check-in information - when you check in at the destination, we pull out the pre-registered details or ask you to register as a walk in guest

  • Call recording - when you call any of our customer service lines, we may record the call.
  • Compliments, complaints or concerns - we collect information about your interactions with us, our staff and/or crew, including any compliments, complaints or concerns raised or any incidents which involve you or those you are travelling with (e.g. we may note if you have committed any violations  to the destination’s policies, or if you failed to follow instructions by the designated guide / frontliner)


Please note that if you make bookings or request other services for other people, such as your family, friends or employees, you must ensure that you are authorized to provide us with their Personal Information or amend it and that they know about this privacy statement. We will proceed on the basis that you have obtained their authorization.

In some countries, sensitive Personal Information is managed differently to other Personal Information. Sometimes we must disclose sensitive Personal Information to provide services to our customers (passport details for example contain sensitive Personal Information such as your biometric facial image and your credit card transactions contain financial information). Sensitive Personal Information includes Personal Information about the following:

  • Physical or mental health
  • Biometric information
  • Religious beliefs
  • Race
  • Financial (payments)
  • Criminal history

We may collect sensitive Personal Information from you directly (or via a destination representative), for example where you tell us about your health conditions that may impact your experience or the guide assistance you require.

Wherever we have collected it, we will treat sensitive Personal Information carefully.

If you choose not to provide us with any Personal Information we require from you, we may not be able to provide you with the products or services you have requested.


What do we use personal information for

We collect Personal Information about you so that we can provide you with the products and services you've requested from us, safely and effectively. We may use Personal Information to:

  • Verify your identity and contact details
  • Provide the products and services you request, including visits to the destination
  • Communicate with you and process your requests
  • Enable your access to and support for our website
  • Operate our customer relations and support
  • Offer and administer our newsletter and updates
  • Provide electronic funds transfer services, credit card account processing and related services
  • Respond and manage any inquiries, requests, comments, complaints or incidents raised with us
  • Notify you of visit information (including rescheduling and cancellations) and visit reminder alerts
  • Enable the secure and safe travel of unaccompanied minors during their travel with us and to their information post journey
  • Manage the safety and security of our customers, employees, and operations
  • Monitor our employees' performance, the quality and testing of our services and systems and to train our employees and destination partners
  • Other specified and legitimate purposes determined and declared before, or as soon as reasonably practicable after collection


Who do we share your personal information with

In order to facilitate your visit, we will often need to share your Personal Information with third parties including destination representatives, developers, and our guest care associates. 

However, Visita is not responsible for third parties’ use of your information where such use is permitted for their own purposes and you should consult their privacy policies for further information.

We do not sell Personal Information to third parties, and we only allow third parties outside Visita to send you marketing information where we have your permission to do so. To ensure that we can provide you with the products and services you have requested from us, we may need to disclose your Personal Information to trusted third parties, including:

  • Destination representatives such as the destination manager, the frontliners who conduct on-site check-in, and the designated guide who will accompany your group during the visit
  • Other passengers named on your visit request as part of the online check-in process
  • Visita employees who oversee the backend of the system
  • Our data and technology service providers to support our systems, data processing and storage, infrastructure and network communications, and development of software and systems
  • Forensic and investigatory service providers for investigating a data breach or incident
  • Our partners who conduct marketing and market research, statistical or business analysis
  • Providers of information assurance services who we have entered agreements with

How we look after the policy

We will keep this Privacy Policy under review and notify you of any changes by posting the revised policy on our website www.visita.org.ph 

How will we inform you of changes to this privacy policy

If we change this Privacy Policy, we will let you know about the changes by publishing the updated version on our website, www.visita.org.ph . We are committed to protecting and respecting your privacy and will continue to do so in any future changes we make to this Privacy Policy.


When do we collect personal information about you

We collect Personal Information about you when you use our services (whether directly provided by us or by another company or agent), when you visit our destinations, and when you use our website, including, for example:

  • when you request for a visit on our website
  • when you request a visit through other accredited channels, such as through a travel agency
  • if you opt in for updates and newsletters from Visita
  • when you contact our destination representatives or guest care associates
  • when you use Visita to check-in at the destination
  • if you complete a customer survey or provide us with feedback
  • if you choose to interact with us via social media, such as Facebook or Twitter

When and why do we collect sensitive personal information

Certain categories of Personal Information, such as that about race, ethnicity, religion or health, are considered “sensitive Personal Information” under the Data Privacy Act 2012. Generally, we try to limit the circumstances where we process sensitive Personal Information. However, this can occasionally occur because:

  • it may be a requirement of our partner destinations as they also need to verify your fitness to proceed with the experience
  • you have sought clearance from our destination representatives to proceed with the experience with a medical condition or,
  • you have otherwise chosen to provide such information to us (or a third party such as the travel agent through which you made your booking)

In addition, you may have made other requests in connection with making your travel arrangements that may possibly imply or suggest something about you that could be considered as “sensitive Personal Information”. For example, if you request a particular type of special meal this may imply or suggest that you hold particular religious beliefs or have a particular medical condition.

By providing any Personal Information that is, or could be considered to be, “sensitive Personal Information” you explicitly agree that we may collect, use, share with third parties and transfer this Personal Information, as described in this Privacy Policy.

If you withdraw your consent, it may mean we will not be able to provide all or parts of the services you have requested from us. Please be aware that in these circumstances you will not be able to cancel or obtain a refund of any fees you have paid.

How can you get a copy and amend personal information you have provided

Once you successfully send a visit request via the Visita website, you will receive a confirmation email with the details of your visit which may include information about you and your guests. To edit the contents of the information such as the guest details, you may contact the destination manager of your preferred destination. Their contact details are in the destination page at www.visita.org.ph

Providing Tailored Services

We may use your Personal Information to provide services tailored to your requirements and treat you more personally, for example:

  • to deliver messages and information that we think is relevant and may be of interest to you, prior to, during, and after your visit with us
  • to personalize the services, experiences, and content on our websites and
  • to personalize and tailor your visit experience


Service Communications

Even if you have opted-out of receiving news and updates from us, we may still send you communications about the details of your visit request, such as the confirmation email and email reminder. These communications will help you get the most from the experiences we provide. 

We may also send you communications about your previous visits, for example, where you experienced some form of issue or problem and we wish to contact you about it proactively in order to resolve it.

Customer Surveys

We occasionally run customer surveys to understand more about the way people see our experiences and how we could improve them. Participation in any research is confidential and voluntary, and results are handled in such a way that they do not identify individual respondents. For the purpose of analyzing survey data we may combine your answers with other data which we have, but we will do so in a way that does not affect the anonymity of the survey results.

However, in some cases it may help us improve your experience with us in the future if you permit us to record some of the preferences and other information you provide in the survey as part of your visitor record.

Administrative purposes

We may use and retain your Personal Information for administrative purposes, which may include for example, accounting and billing, auditing, credit or other payment card verification, anti-fraud screening (including the use of credit reference agency searches and payment card validation checks), safety, security, health, administrative and legal purposes and systems testing, maintenance and development.


How can you keep your personal information secure

We understand how important it is that your information is kept secure. We take all reasonable steps to ensure that the Personal Information we hold is protected against loss, and unauthorized access, use, modification or disclosure. As part of this, we:

  • Use only secure servers
  • Use industry standard encryption for the transmission of Personal Information on the Visita website, for example when you pay by credit card online. Known as SSL (Secure Sockets Layer) protocol, you can check this is active by looking for the padlock symbol on many browsers. SSL allows a secure connection between your internet browser and our internet server, using a private (or secret) key to encrypt the information
  • Require any third party suppliers we use to agree to confidentiality policies that includes specific reference to our privacy and data protection expectations and requirements for both information and physical security
  • Require any third party suppliers who handle Personal Information to comply with global data protection legislation relevant to the services they are providing and with our internal information security and other relevant policies such as cloud security requirements
  • Ensure that our destination representatives and partners have access to only the Personal Information they need to do their jobs and understand that they should not look for Personal Information about family or friends at any time
  • Train our destination representatives to ensure that they understand how to handle the Personal Information you have entrusted to us
  • Require our destination representatives to be aware of our privacy expectations to respond to any breach of security swiftly and effectively, as set out in Visita’s internal information security policy, privacy policy and data breach response process.

Keep your booking reference confidential

When you make a visit request you will be given a QR Code. This will appear on the email confirmation to you and all the members of your group. You should keep your QR code confidential at all times.

Giving your QR Code to others may allow them to access your visit request details through our system. 


Be aware and protect yourself against internet fraud and phising

There is an Internet fraud practice known as "Phishing" which is the illegal gathering of Personal Information by deception. Unsolicited emails are sent to individuals from lists illegally gathered by a third party, and recipients are asked to enter or reconfirm bank or password details into a 'cloned' or illegal copy website.

For your protection please be aware of the following guidance:

  • You will only be asked for your card payment details if you wish to make a visit request or change your visit request on visita.com. We require this information specifically to credit your card in relation to your visit request.
  • Legitimate emails from Visita will not have been sent from a web-based mail server such as gmail, hotmail or yahoo.

If you have reason to suspect an email claiming to be from Visita is fraudulent, please contact us immediately. We will investigate its authenticity and take appropriate action.


Retention and deletion of your personal information

We retain the Personal Information we collect only if we need it to support justifiable business requirements or when our lawful purposes for using the information are still relevant. When we no longer require Personal Information we or our third party suppliers will securely delete and/or archive the information.