Skip to content
Menu Close
enquire
sales@dmafrica.com +27 11 973 0016
enquire
  • privacy policy
  • terms & conditions
Privacy Policy
LST GROUP LIMITED t/a dmAFRICA

 

PRIVACY NOTICE FOR CLIENTS AND POTENTIAL CLIENTS OF LST (Group) Limited t/a dmAFRICA

This privacy notice applies to clients and potential clients of dmAFRICA. It informs you how we look after your personal data and about your privacy rights. We respect your privacy and are committed to protecting your personal data. 

You should read this notice so that you know what personal data we collect about you, what we do with it and how you can exercise your rights in connection with it.

 

  1. Controller
  2. The data we collect about you
  3. How we use your personal data and legal basis for doing so
  4. Who we share your personal data with
  5. International transfers
  6. Data security
  7. Retention of personal data
  8. How to access your information and your other rights
  9. Changes to this privacy notice

 

Controller

A controller is the organisation that makes the decisions about what data is processed and is responsible for your personal data. dmAFRICA is the controller. 

We can be contacted at:

6th floor, 9 Appold street
London EC2A 2AB
United Kingdom

Tel: + 44 208 1238031
E-mail:  sales@dmafrica.com

 

The data we collect about you

In your capacity as our client or prospective client, we may collect personal data from you. Personal data means any information about an individual from which that person can be identified.  

Our primary goal in collecting personal data from you is to help us:

  • verify your identity
  • comply with our legal obligations
  • deliver our services
  • improve, develop and market new services
  • investigate or settle enquiries or disputes
  • comply with any applicable law, court order, other judicial process, or the requirements of a regulator; and
  • enforce our agreements with you.

We use different methods to collect data from and about you, including through:

 

Direct interactionsYou may give us your personal data by filling in forms or by corresponding with us by post, phone, email or otherwise. This includes personal data you provide when you:

  • ask for further information about our services using our contact form or otherwise;
  • subscribe to our emails; 
  • request marketing to be sent to you; or
  • give us some feedback. 

Automated technologies or interactions
As you interact with our website, we will collect data about your device, your browsing actions and patterns when you consent to our use of cookies.

Third parties or publicly available sources
We may receive personal data about you from the UK and USA Sanctions Lists and public sources including Google searches. Such searches are part of our client due diligence process.

 

Individual clients

If you are an individual client in receipt of our services or prospective individual client, we will collect the following data: below: 

  • Name 
  • Former or other names, if any
  • Residential address, email, and phone number
  • Payment information (provided to our payment platform, Stripe. Please read Stripe’s Privacy Notice here: Privacy Policy (stripe.com)
  • Relevant information, such as proof or address or identity, as required by anti-money laundering (AML) We need to check that you are using our services legally. To do this, we use providers that perform various checks for us in relation to anti-money laundering, fraud and other ‘know your client’ related checks, including checking the UK and USA Sanctions Lists
  • Source of payment, including the country of origin.

We also need the following to properly prepare an itinerary for you:

  • Names of all parties 
  • Ages of children
  • Your budget
  • Your expectations of the trip
  • Details on previous trips to Africa or elsewhere
  • Occupation 
  • Scanned copies of all passports 
  • If the trip is a special occasion
  • Details of your international arrival and departure flights. Preferably a copy of all tickets/flight confirmations
  • Preferred name(s) to be used: e.g. Jon or Jonathan, e.g. Jane or Janette
  • Preferred rooming arrangements
  • Medical issues including any allergies. These are allergies or medical conditions that you would like dmAFRICA and the suppliers to be aware of.
  • Any dietary requirements or preferences
  • Any drinks preferences
  • Weight (please specify if lbs or kgs) for domestic flights

We need this data in order to provide you with our services; without it, we are unable to provide our services to you.

 

Corporate clients

When we are engaged by corporate entities, those providing instructions are not data subjects. However, as part of such instructions, personal data may be provided to us (e.g. personal data relating to officers or personnel of our corporate client).

We will ask you to provide us with personal data of the owners, directors, partners and persons with significant control of the business. We will collect, store and process the following personal data of the above-named individuals: 

  • Name 
  • Former or other names, if any
  • Residential address, email, and phone number
  • Payment information, if necessary
  • Relevant information, such as proof or address or identity, as required by anti-money laundering (AML) We need to check that you are using our services legally. To do this, we use providers that perform various checks for us in relation to anti-money laundering, fraud and other ‘know your client’ related checks. 
  • Source of payment, including the country of origin
  • Current, signed passport, driving licence or birth certificate; and
  • Other client due diligence information as required to on-board the company and meet our legal requirements, such as anti-money laundering, fraud prevention, conflict checks and PEP checks.

We also require the following:

  • The name of your company, trust or other entity
  • A certified or notarised copy of its Certificate of Incorporation which shows its full name and its company number or other registration number.
  • Proof of the address of its registered office, and if different, its principal place of business
  • Certified or notarised copy of its constitution (if in English)
  • Identification and Verification requirements (if not already supplied) as set out above for any person who is the ultimate beneficial owner of the entity or owns or controls more than 25% of its capital, voting or income rights.

We need to check that you are using our services legally. To do this, we use providers that perform various checks for us in relation to anti-money laundering, fraud and other ‘know your client’ related checks, including checking both the UK and the USA Sanctions Lists. 

We need this data in order to provide you with our services; without it, we are unable to provide our services to you. We will continue to process personal data to satisfy our client due diligence obligations throughout the time that you are our client.

For the people that are travelling, we require: 

  • Names of all parties 
  • Ages of children
  • Your budget
  • Your expectations of the trip
  • Details on previous trips to Africa or elsewhere
  • Occupation 
  • Scanned copies of all passports 
  • If the trip is a special occasion
  • Details of your international arrival and departure flights. Preferably a copy of all tickets/flight confirmations
  • Preferred name(s) to be used: e.g. Jon or Jonathan, e.g. Jane or Janette
  • Preferred rooming arrangements
  • Medical issues including any allergies. These are allergies or medical conditions that you would like dmAFRICA and the suppliers to be aware of
  • Any dietary requirements or preferences
  • Any drinks preferences
  • Weight (please specify if lbs or kgs) for domestic flights

If you fail to provide personal data

Where we need to collect personal data by law, or under the terms of a contract that we have with you, and you fail to provide that data when requested, we may not be able to perform the contract we have or are trying to enter into with you (for example, to provide you with services). In this case, we may have to cancel a service that you have with us, but we will notify you if this is the case at the time.

 

How we use your personal data and legal basis for doing so 

We may use your information for the following purposes:

ActionReasonLegal basis
Responding to enquiries

 

Our website allows you to request information about our services using an electronic enquiry form. Contact information is required in each case, together with details of other personal data that is relevant to your service enquiry. This information is used to enable us to respond to your requests.We are using your data with your consent to respond to your enquiry. 
Fulfilment of services

 

We collect and maintain personal data that you voluntarily submit to us to enable us to provide our services. In order to do this, we need to enter your data onto our systems. Legitimate interest.
Fulfilment of services

 

It is necessary for us to process your information to perform our obligations in accordance with any contract that we may have with you.We have a contract with you.
Resolving complaints or disputesWe need to be able to resolve any complaints or disputes with you.Legitimate interest.
Legal compliance

 

We use your personal data to comply with our legal obligations, including anti-money laundering, conflicts and/or our regulatory and statutory obligations.It is our legal obligation to use your personal data to comply with any legal obligations imposed upon us.
Marketing communicationsFor clients and prospects, we use your personal data to send you information about our services which may be of interest to you.  We may also conduct surveys to improve our services. It is in our legitimate interest to use your personal data for marketing purposes, and you can unsubscribe at any time. 

 

Our business requirements – legitimate interests

ActionReason for processing – legitimate interests
Managing our global business and marketing strategies (including recording and reporting on our business development activities).We need to have business development and marketing strategies.
Purchasing, maintaining and claiming against our insurance policies.We need to protect our business.
Continuously reviewing and improving our services and developing new ones.We use your feedback to improve our services. 
Obtaining legal advice, establishing, defending, and enforcing our legal rights and obligations in connection with any legal proceedings or prospective proceedings.We need to understand our obligations and establish and defend our legal rights. 
Monitoring and producing statistical information regarding the use of our platforms and analysing and improving their functionality.We need to ensure that our website and other platforms are working properly.
Maintaining the security of our systems, platforms, premises and communications, including detecting and preventing threats. We need to ensure that our premises and our platforms are secure.
Managing the proposed sale, restructuring, transfer or merging of any or all part(s) of our business, including to respond to queries from the prospective buyer or merging organisation.We need to be able to manage or sell parts of our business, if we choose to do so.

We have a legitimate interest in using your personal data for the above purposes. We have balanced your rights and freedoms against our business needs. Please inform us if you object to our processing.

 

Special category data

The UK GDPR defines special category data as:

  • personal data revealing racial or ethnic origin;
  • personal data revealing political opinions;
  • personal data revealing religious or philosophical beliefs;
  • personal data revealing trade union membership;
  • genetic data;
  • biometric data (where used for identification purposes).
  • data concerning health;
  • data concerning a person’s sex life; and
  • data concerning a person’s sexual orientation.

Special category data needs more protection because it is more sensitive than regular personal data, such as name and email. 

In order lawfully to process special category data, the controller must identify both a lawful basis under Article 6 of the UK GDPR and a separate condition for processing under Article 9. These do not have to be linked.

Our reason for processing your data

ActionReason for processing – legitimate interest
  • Medical issues including any allergies. These are allergies or medical conditions that you would like dmAFRICA and the suppliers to be aware of
  • Any dietary requirements or preferences
  • Any drinks preferences
  • Weight (please specify if lbs or kgs) for domestic flights
Explicit consent for us to use your health data
Accidents or emergenciesit is necessary for us protect your vital interests or when you are incapable of giving consent
Religion, ethnic origin, sexual orientationWe will only ask for this information if it is relevant to the country you want to travel to. 

 

Who we share your personal data with

We may share personal data with a variety of the following categories of third parties as necessary:

EntityLegal basis for sharing
Suppliers, such as airlines and hotelsLegitimate interest – we need to share your information with those suppliers involved in your trip
Our professional advisers such as lawyers and accountantsLegitimate interest
Government or regulatory authorities or law enforcement Legal obligation
Professional indemnity or other relevant insurersLegitimate interest
Regulators/tax authorities/corporate registriesLegal obligation
Third parties to whom we outsource certain services such as, without limitation, document processing and translation services, confidential waste disposal, IT systems or software providers, IT support service providers, document and information storage providersLegitimate interest
Third party service providers to assist us with client insight analytics, such as Google AnalyticsConsent

 

Please note this list is non-exhaustive and there may be other examples where we need to share personal data with other parties in order to provide our services as effectively as we can.

We conduct an appropriate level of due diligence and put in place contractual documentation in relation to any sub-contractor to ensure that they process personal data appropriately and according to our legal and regulatory obligations.

International transfers

We have offices around the world.  As such, we will sometimes need to transfer your personal data to recipients in jurisdictions other than your own. Some of these jurisdictions may not provide the same level of protection to your personal data as provided in your jurisdiction. If we transfer your personal data outside the United Kingdom, we will only make that transfer if:

  • that country ensures an adequate level of protection for your personal data;
  • we have put in place appropriate safeguards to protect your personal data, such as a contract with the person or entity receiving your personal data which incorporates specific provisions as directed by the UK government;
  •  the transfer is permitted by applicable laws; or
  •  you explicitly consent to the transfer.

If you would like to see a copy of any relevant safeguards used by us to protect the transfer of your personal data, please contact us.

Data security

We are committed to keeping the personal data provided to us secure and we have implemented appropriate information security policies, rules and technical measures to protect the personal data that we have under our control from unauthorised access, improper use or disclosure, unauthorised modification and unlawful destruction or accidental loss.

All of our employees, consultants, workers and data processors (i.e. those who process your personal data on our behalf, for the purposes listed above), who have access to, and are associated with the processing of personal data, are obliged to respect the confidentiality of such personal data.

Retention of personal data

By law, we have to keep basic information about our clients (including contact, identity and financial) for a minimum of seven years for HMRC requirements. 

We keep all anti-money laundering and client due diligence information for five years from the date you know or have reasonable grounds to suspect the business relationship has come to an end, subject to a long-stop retention period of ten years for records relating to each individual transaction.

How to access your information and your other rights

You have the following rights in relation to the personal data that we hold about you:

  • Your right of access: if you ask us, we will confirm whether we are processing your personal data and, if necessary, provide you with a copy of that personal data (along with certain other details). If you require additional copies, we may need to charge a reasonable fee.
  • Your right to rectification: if the personal data that we hold about you is inaccurate or incomplete, you are entitled to request to have it rectified. If you are entitled to rectification and if we have shared your personal data with others, we will let them know about the rectification where possible. If you ask us, where possible and lawful to do so, we will also tell you who we have shared your personal data with so that you can contact them directly.
  • Your right to erasure: you can ask us to delete or remove your personal data in some circumstances, such as where we no longer need it or if you withdraw your consent (where applicable). If you are entitled to erasure and if we have shared your personal data with others, we will let them know about the erasure where possible. If you ask us, where it is possible and lawful for us to do so, we will also tell you who we have shared your personal data with so that you can contact them directly.
  • Your right to restrict processing: you can ask us to ‘block’ or suppress the processing of your personal data in certain circumstances, such as where you contest the accuracy of that personal data, or you raise an objection with us. If you are entitled to restriction and if we have shared your personal data with others, we will let them know about the restriction where it is possible for us to do so. If you ask us, where it is possible and lawful for us to do so, we will also inform you who we have shared your personal data with so that you can contact them directly.
  • Your right to data portability: you have the right, in certain circumstances, to obtain personal data that you have provided us with (in a structured, commonly used and machine readable format) and to reuse it elsewhere or to ask us to transfer this to a third party of your choice.
  • Your right to object: you can ask us to stop processing your personal data, and we will do so, if we are: 
    • relying on our own or someone else’s legitimate interests to process your personal data, except if we can demonstrate compelling legal grounds for the processing; or
    • processing your personal data for direct marketing purposes.

  • Your right to withdraw consent: if we rely on your consent (or explicit consent) as our legal basis for processing your personal data, you have the right to withdraw that consent at any time.
  • Your right to lodge a complaint with the Supervisory Authority: if you have a concern about any aspect of our privacy practices, including the way we have handled your personal data, you can report it to the Supervisory Authority in your country. We would, however, appreciate the chance to deal with your concerns before you approach the Supervisory Authority, so please contact us in the first instance.

Please note that some of these rights may be limited where we have an overriding interest or legal obligation to continue to process the data, or where data may be exempt from disclosure due to reasons of legal professional privilege or professional secrecy obligations.

Changes to this Privacy Notice

To ensure that you are always aware of how we use your personal data, we will update this privacy notice from time to time to reflect any changes to our use of your personal data. We may also make changes as required to comply with changes in applicable law or regulatory requirements. Where it is practicable, we will notify you by email of any significant changes. However, we encourage you to review this privacy notice periodically to be informed of how we use your personal data.

 

Contract of Service
LST GROUP LIMITED t/a dmAFRICA

The Contract of Service is made between LST GROUP LIMITED t/a dmAFRICA (The Provider) and the introducing travel agent, tour operator, concierge service or other professional body who initiated the request for services (The Agent).

The Agent is in all cases liable for payment to The Provider of all monies due in relation to these services. If, in exceptional circumstances, The Provider agrees payment may be made direct by the travelling passenger(s) or their appointees for any part or in full, this does not in any way relieve The Agent under this Agreement, and both parties shall be held jointly and severally liable.

The Provider is not the tour operator, but acts as a broker for individual suppliers used in connection with the travel itinerary. Therefore it is the full responsibility of The Agent to comply with any relevant EU Package Travel Directives, or similar laws, regulations and guidelines, applying to package holidays or retail travel regulations in their jurisdiction.

Payment Policy

The booking is confirmed after a 30% non-refundable deposit is received. Payment of a deposit is a direct acceptance of these terms and conditions. The deposit is calculated at 30% of the total booking value and is not refundable. Balance of payment is due 90 days prior to arrival.

Payment is due by direct Bank Telegraphic Transfer into the bank account specified on the invoice for services.

If, in exceptional circumstances, The Provider allows payment by Credit Card, Charge Cards or Debit Card of part or all of the invoice amount which is subsequently dishonoured or recalled for any reason by the card provider this in no way relieves the liability for full payment to be made by the Agent or travelling passenger.

Services will only be provided by The provider upon receipt of full payment of all invoices in relation to the itinerary.

Cancellation Policy

In the event of any confirmed reservation being cancelled, the following cancellation fees will be charged:

Penalty of 30% of the total booking value, if cancelled up to 91 days prior to arrival.
Penalty of 100% if cancelled 90 days or less prior to arrival

Cancellation of any booking must be in writing. Cancellations are only effective on receipt of written notification. If prior to 91 days before departure the 30% deposit is forfeited. If any cancellation is made 90 days or less, prior to planned travel date, full payment of the total cost of the confirmed planned trip, then 100% charges will be levied. Should the passenger(s) fail to join a tour, excursion or safari, or join it after departure, or leave it prior to its completion, no refund can be made.

Any exceptions granted to this cancellation policy must be confirmed in writing by The Provider, and will not alter the overall Terms & Conditions of the agreement. All refunds will be subject to a 10% handling charge and bank charges.

Compulsory Insurance

The Agent has a legal responsibility to ensure the travelling passenger(s) take out adequate travel insurance upon confirming the trip. Confirmation of this insurance must be submitted to The Provider upon request.

The compulsory insurance MUST include, but not necessarily be limited to:

Emergency evacuation expenses
Medical expenses
Repatriation expenses
Cancellation or curtailment of trip, including issues related to COVID-19
Damage/theft/loss of personal luggage, money and/or goods