Traviatour’s privacy policies, processing and protection of personal data

At Traviatour s.r.o., a company based in Prague, Czech Republic, we value and respect the privacy and protection of the personal data of our users and clients.
For this reason, in compliance with applicable privacy, data processing, and personal data protection laws, we have implemented policies and procedures to ensure the proper and secure handling of the personal information provided through the websites www.traviatour.com and www.traviatourprague.com.

We inform you that by using our websites, you are accepting our Privacy Policy, as well as the conditions included in the Legal Notice.

LEGAL BASIS

We hereby inform you that we comply with current regulations regarding the protection of personal data, as established in Organic Law 3/2018 of December 5 on the Protection of Personal Data and Guarantee of Digital Rights (LOPD GDD) and in Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016 (GDPR)on the protection of natural persons with regard to the processing of personal data.

GENERAL DATA

This website is owned by Traviatour s.r.o. (hereinafter, “Traviatour”), a limited liability company, with Tax Identification Number (DIČO): CZ08962693, and registered office at Kurzova 2222/16, 155 00, Prague, Czech Republic.

Contact Channels

Data subjects or their successors may access the information registered in Traviatour’s databases through its service channels.
If you wish to contact our Data Protection Officer, you may do so via email at support@traviatourprague.com or by phone at +420 606 751 307.

II. DEFINITIONS

DATABASE: An organized set of personal data subject to processing.
DATA SUBJECT: A natural person whose personal data is being processed.
PERSONAL DATA: Any information related to or associated with a natural person.
PUBLIC DATA: Data that is not private, semi-private, or sensitive, and may be contained in public records or official documents.
SENSITIVE DATA: Data affecting the privacy of the data subject or whose misuse may lead to discrimination, including racial or ethnic origin, political opinions, religious or philosophical beliefs, health, sexual life, and biometric data.
DATA PROCESSOR: A natural or legal person, public or private, that processes personal data on behalf of the data controller.
DATA CONTROLLER: A natural or legal person who decides on the database and/or processing of personal data.
PROCESSING: Any operation performed on personal data, such as collection, storage, use, circulation, or deletion.
TRANSFER: Sending personal data from the controller and/or processor to another controller.
TRANSMISSION: Communication of personal data for processing on behalf of the controller.
AUTHORIZATION: Prior, express, and informed consent of the data subject for data processing.
PRIVACY NOTICE: Verbal or written communication informing the data subject of applicable data processing policies, access methods, and purposes.
HABEAS DATA: The right of any person to know, update, and rectify information collected about them in public or private databases.

III. PRINCIPLES

a) Legality Principle: Data processing must comply with the law.
b) Purpose Principle: Processing must have a legitimate, informed purpose.
c) Freedom Principle: Processing requires prior, express, and informed consent.
d) Accuracy Principle: Data must be truthful, complete, accurate, and updated.
e) Transparency Principle: Data subjects have the right to know if data exists about them.
f) Restricted Access Principle: Processing is limited by the nature of the data and the law.
g) Security Principle: Technical, human, and administrative measures must protect data.
h) Confidentiality Principle: Traviatour must guarantee confidentiality even after termination of any relationship involving data processing.

RIGHTS AND DUTIES

Rights of the Data Subject

Data subjects have the right to access, update, correct, revoke consent, request deletion of their data, and be informed about data usage.
Children’s data is protected under special regulations, and its processing is generally prohibited unless legally permitted.

DUTIES OF TRAVIATOUR

Traviatour must:

• Process only relevant and appropriate data

• Use data solely for authorized purposes

• Ensure data security and confidentiality

• Provide Habeas Data rights effectively

• Maintain updated, accurate records

• Respond promptly to inquiries and complaints

• Offer free access to personal data

• Obtain and store valid consent

• Protect data through technical and administrative measures

• Appoint a Data Protection Officer

• Establish breach notification procedures

V. AUTHORIZATION POLICY

Personal data processing requires prior, informed consent, obtained through physical or electronic means.

Consent may be evidenced by:

• Email authorization

• Signed forms

• Web forms

• Written communications

• Digital consent systems

Authorization is not required in cases such as:

• Legal or judicial orders

• Public data

• Medical emergencies

• Historical, statistical, or scientific purposes

• Civil registry data

VI. PURPOSE OF DATA PROCESSING

Data is processed for:

• Commercial and business management

• Communications and marketing

• Contractual and employment management

• Risk analysis

• Customer service

• Legal compliance

• Product and service improvement

• Market analysis

• Internal studies

• Satisfaction surveys

Sensitive data is processed only when legally authorized.

VII. PROCEDURES

Inquiries and Complaints

Data subjects may submit inquiries or complaints via:
📧 support@traviatourprague.com
📞 +420 606 751 307

Responsible Area

The Customer Service Department of Traviatour is responsible for data protection and handling all data-related requests, including access, correction, update, deletion, and revocation.