Suggested text: Our website address is: https://traviatourprague.com.
At Traviatour s.r.o, a company located in Prague, Czech Republic, we value and respect the privacy and protection of personal data of our users and customers. Therefore, in compliance with the applicable laws and regulations on the protection of personal data, we have implemented policies and procedures to ensure the proper and secure processing of personal information that you provide us on the website www.traviatour.com.
We inform you that by using our website, you are accepting our Privacy Policy, as well as the conditions included in the Legal Notice.
We want to inform you that we comply with current regulations on the protection of personal data, as established in Organic Law 3/2018, of December 5, on the Protection of Personal Data and Guarantee of Digital Rights (LOPD GDD) and in Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data (GDPR).
This website is owned by Traviatour s.r.o (hereinafter, “Traviatour”), a limited liability company with Fiscal Identification Number (DIČO): CZXXXXXXX and registered office at Kurzova 2222/16, 155 00, Prague, Czech Republic.
Data subjects or their representatives may access the information about them that is registered in Traviatour’s database through its channels of attention. If you wish to contact our Data Protection Officer, you can do so through the email support@traviatour.com, or by phone at +420 606 751 307.
DATABASE: It is the organized set of personal data that is subject to processing.
DATA SUBJECT: Natural person whose personal data is subject to processing.
PERSONAL DATA: Any information related to a natural person or that can be associated with them.
PUBLIC DATA: It is that which does not have a semi-private, private, or sensitive character, and can be contained in public records, official documents, among others.
SENSITIVE DATA: That which affects the privacy of the data subject or whose misuse may generate discrimination. It includes information about racial or ethnic origin, political orientation, religious or philosophical convictions, health, sexual life, and biometric data.
DATA PROCESSOR: Natural or legal person, public or private, that carries out the processing of personal data on behalf of the data controller.
DATA CONTROLLER: Natural or legal person, public or private, that decides on the database and/or processing of the data.
PROCESSING: Operation or set of operations carried out on personal data, such as collection, storage, use, circulation, or deletion.
TRANSFER: Sending of personal data from the data controller and/or data processor, located in Colombia, to a recipient responsible for processing within or outside the country.
TRANSMISSION: Processing of personal data that involves its communication within or outside the territory of Colombia when its purpose is processing on behalf of the data controller.
AUTHORIZATION: Prior, express, and informed consent of the data subject for the processing of their personal data.
PRIVACY NOTICE: Verbal or written communication by the data controller addressed to the data subject to inform them about the information processing policies that apply to them, how to access them, and the purposes of the processing given to personal data.
HABEAS DATA: Right of any person to know, update, and rectify the information that has been collected about them in databases and archives of public and private entities.
a) Principle of legality: The processing of data must comply with what is established by law and other provisions that develop it.
b) Principle of purpose: The processing of data must obey a legitimate purpose and must be informed to the owner.
c) Principle of freedom: Processing can only be carried out with the prior, express, and informed consent of the owner.
d) Principle of truthfulness or quality: The information must be truthful, complete, accurate, updated, verifiable and understandable.
e) Principle of transparency: The owner must have the right to obtain information about the existence of data that concerns him/her.
f) Principle of access and restricted circulation: The processing is subject to the limits derived from the nature of personal data, from the provisions of the law and the Constitution.
g) Principle of security: The information subject to processing must be handled with the necessary technical, human, and administrative measures to provide security to the records.
h) Principle of confidentiality: Traviatour is obliged to guarantee the confidentiality of the information, even after the end of its relationship with any of the tasks that comprise the processing. The supply or communication of personal data can only be carried out when it corresponds to activities authorized by law.
The holder of personal data has several rights in relation to their information, including the right to know, update, and rectify their data with respect to Traviatour as the data controller. They also have the right to request proof of the authorization granted and to be informed about the use that has been given to their personal data. In addition, they may revoke the authorization and request the elimination of their data if legal and constitutional principles are not respected.
Furthermore, in the processing of data of children and adolescents, respect for their prevailing rights will be ensured. In general, the processing of personal data of children and adolescents is prohibited, except for data that is of a public nature.
The policy establishes rules and procedures for data processing by Traviatour, a company that processes personal data. The policy stipulates that collected data must be relevant and appropriate for the purpose for which it was obtained and must not be collected using fraudulent or deceptive means. Additionally, the company must ensure that it only uses personal data for the purposes for which it was collected and must provide Habeas Data rights to data subjects in a timely and effective manner.
Traviatour must take reasonable measures to maintain the security of data and prevent unauthorized access, alteration, or loss of personal data. The company must also update, rectify, or delete data in accordance with its procedures. Traviatour must provide electronic communication or other appropriate means to promptly respond to inquiries and complaints from data subjects.
Information requested by data subjects must be provided by Traviatour free of charge and must be easily readable, without technical barriers to access. The company may only charge data subjects for expenses incurred in obtaining and sending the requested information but must provide proof of such expenses. Traviatour must take measures to keep the information it collects up to date and must rectify any inaccurate information.
Traviatour may not circulate information that is subject to controversy and whose blocking has been ordered by the Superintendency of Industry and Commerce. The company must establish mechanisms to obtain data subjects’ consent to the processing of their data. This consent must be provided in physical or electronic format and must include specific information, such as the purpose of the data processing and the procedures for exercising Habeas Data rights. Traviatour must maintain a record of this consent and provide a copy to the data subject if requested.
The company must provide simple and free mechanisms for data subjects to request information, modifications, deletions, or updates to their data. Traviatour must protect the personal data it processes using technical, human, and administrative measures to prevent unauthorized access or fraudulent use. Personnel processing data must maintain confidentiality and protect information even after leaving the company. Traviatour must appoint a Data Protection Officer to oversee compliance with the policy and the processing of personal data.
The processing of personal data of children and adolescents is generally prohibited by law, except when the data is of a public nature or is processed in accordance with the best interests of the child. When processing data of minors, the company must ensure that the child’s rights are respected, and their data is protected with appropriate measures. Finally, the policy establishes procedures for data breach notification, periodic data reviews, and data deletion.
Without prejudice to the exceptions provided by law, the processing of the owner’s personal data requires prior and informed authorization, which must be obtained by any means that can be subject to subsequent consultation.
Traviatour must have the Owner’s authorization for the Processing of their data, which is explicitly stated in the universal contract of our services at the time of their collection. Likewise, Traviatour must inform the Owner of the personal data that will be collected, as well as all the specific purposes of the Processing for which consent is obtained.
Traviatour has developed and made available to its clients, suppliers, workers, and collaborators a system of data collection/update forms that include the respective authorizations for the processing of personal information, always and at all times respecting the expressed purpose.
Traviatour, in the terms provided by law, generated a notice in which it communicates to the owners that they can exercise their right to the processing of personal data through its website, social networks, and through a widely circulated newspaper, by going to the service channels.
As evidence of the authorization, any of the following are established:
a) Email messages sent by clients authorizing the processing of their personal information.
b) Completion of the forms established by the Company, to request authorization.
c) Completion of the “AUTHORIZATION FOR THE PROCESSING OF PERSONAL INFORMATION” format.
d) Authorization granted by the client through any other means (web form, written communication, etc.).
The custody of the evidence of authorization for the processing of personal data is the responsibility of the information processing manager.
The authorization of the data subject shall not be necessary in the following cases:
a) Information required by a public or administrative entity exercising legal functions or by court order.
b) Data of a public nature.
c) Cases of medical or health emergency.
d) Processing of information authorized by law for historical, statistical, or scientific purposes. Data related to the Civil Registry of persons.
The rights of data subjects established by the Law may be exercised by the following persons:
a) By the data subject, who must prove their identity sufficiently.
b) By the successors in title of the data subject, who must prove such quality.
c) By the representative and/or attorney-in-fact of the data subject, after proving their representation or power of attorney.
d) By stipulation in favor of another or for another. The rights of children and adolescents shall be exercised by persons authorized to represent them.
The processing of personal data of all individuals involved in Traviatour’s social object, including customers, employees, suppliers, and consumers, will be framed within the legal framework and in accordance with the following purposes:
a. Internal management and commercial relationship management of its clients, distributors, and suppliers of the different business segments.
b. Sending communications, correspondence, emails or telephone contact with its customers, distributors, and consumers in relation to its commercial, advertising, marketing, promotional, sales and other related activities.
c. Personnel selection processes, contractual relationship management, labor relations and ensuring compliance with the obligations derived from them, granting benefits to its employees themselves or through third parties.
d. Potential analysis for essentially commercial purposes, either for suppliers, distributors and/or customers.
e. Manage procedures (requests, complaints, claims), perform risk analysis, conduct satisfaction surveys regarding the company’s goods.
f. Create databases for the purposes described in this authorization.
g. Comply with obligations contracted with our clients, suppliers, and employees.
h. Inform about changes in our products and/or services.
i. Evaluate the quality of our products and/or services.
j. Conduct internal studies on consumer habits.
In the case of sensitive personal data, they may be used and processed when:
k. The Owner has given explicit authorization for said Processing, except in cases where such authorization is not required by law.
l. The Processing is necessary to safeguard the vital interest of the Owner and he/she is physically or legally incapacitated. In these events, legal representatives must give their authorization.
m. The Processing refers to data that is necessary for the recognition, exercise, or defense of a right in a judicial process.
n. The Processing has a historical, statistical, or scientific purpose. In this event, the measures conducive to the suppression of the identity of the Owners must be adopted.
Consultations. The owners or their heirs may inquire about the personal information held in any of Traviatour’s databases. The owner may send questions or inquiries related to their personal data collected and processed by Traviatour through the email support@traviatour.com or by phone at +420 606 751 307.
Claims. The owner (or their heirs) who considers that the information contained in any of Traviatour’s databases must be corrected, updated, or deleted, or who notices the alleged non-compliance of any legal duties, may file a claim through the email support@traviatour.com or by phone at +420 606 751 307.
Traviatour’s customer service department will be responsible for ensuring the protection of personal data and will also monitor that requests for the exercise of rights of access, consultation, rectification, updating, deletion, and revocation referred to in this manual are processed through the appropriate channels, in accordance with the regulations related to the topic. Consultations and claims must be processed through the email support@traviatour.com or by phone at +420 606 751 307.
Information that meets the conditions established by law may be provided to the following persons:
a. To the owners, their heirs (when they are absent), or their legal representatives.
b. To public or administrative entities in the exercise of their legal functions or by court order.
c. To third parties authorized by the owner or by law.
