IMPORT
In «TRAVEL IDEA» we fully respect our customers and rely on protecting your privacy as our priority. For all our services, the data controller - the company responsible for protecting your privacy - is the «TRAVEL IDEA»
In «TRAVEL IDEA» we have as a strategic goal to ensure the maximum protection of our customers' personal data, we consider it our duty to inform you of our practices as well as the choices and rights you have with regard to the collection and processing of your personal data.
Our principles and our values- We fully respect our customers and take privacy protection into our company's priority.
- We apply full transparency to the way I manage your personal data.
- We collect and process your data only for legitimate, legitimate, unambiguous and predetermined purposes.
- We manage all of our customer information as confidential, applying any necessary and organizational means to protect them.
- We do not disclose and transmit your personal data to third parties without your consent, unless permitted by law or by our contractual relationship.
- In general, we adhere to the applicable legislation and comply with all our obligations arising from it as a controller.
THE PERSONAL DATA WE COLLECT
The types of personal data we collect from you depend on the products or services we choose to provide you. Generally, the type of personal data we collect is the information that we need to enable you to make your travel arrangements and bookings. This includes information such as:
- Your personal information (e.g. your name and your VAT number, date of birth or other identifying information, gender, your ID or your passport ).
- Your contact information (e.g., phone number, home address, e-mail address)
The personal data we must receive to provide you with the travel arrangement you booked via our websites is the only data that is mandatory to provide. Depending on the kind of travel services you use, we may also collect your:
- The frequent flyer program number ( Frequent Flyer Nomber / Million Card),
- Information about your dietary requirements and health information you give us (if you have one)
- Other items related to your travel or required by another travel provider (such as airlines and hotels).
This is not an exhaustive list.
HOW WE COLLECT YOUR PERSONAL INFORMATION
- When you fill in the online platform on our website to make your reservation.
- When you contact us by phone with a partner to make your reservation.
- When you call our customer support department, we will collect the data you provide during the phone call.
- If you book someone else through our site, we will ask for personal data about that person. In these circumstances, we rely on you to inform these persons about this privacy policy.
SENSITIVE PERSONAL DATA WE COLLECT
In some cases, we may handle so-called "special categories of personal data" about you, which may be considered sensitive. This would be the case, for example, if you (i) have submitted a medical certificate for a refund from an airline; (ii) have a medical or health condition affecting your trip and for which you request assistance or where certain clearance is needed, or (iii) have made a request revealing some other sensitive personal data about you.
Before we handle sensitive personal data about you, we require your consent to do so. Such consent may of course be withdrawn at any time. We will not handle any sensitive personal data that we are not permitted by you to handle, or that you have not provided us with. A limited amount of our personnel will have access to your sensitive personal data, and after handling your sensitive data in accordance with your request we will erase the data as soon as possible.
WHAT WE DO WITH YOUR PERSONAL DATA
In order for us to be able to handle your personal data, the applicable data protection laws oblige us to have the so-called "legal basis" for each of our purposes for the processing of your personal data. We use your information in a variety of ways - what we do depends on the information. The following tables detail this subject, showing what we do and why we do it.
What we do (our purposes regarding the handling of your personal data) |
Our legal basis |
Storage time |
Enable the travel arrangements and bookings you have requested from us (i.e. booking of travel services mediated by us, as well as provision of our own services). |
Performance of our contract with you. - Consent for sensitive personal data |
365 days from the date of purchase. Consent for sensitive personal data may be withdrawn at any time. |
Create a user account on our website (username and password) |
Performance of our contract with you. |
Data for your travel and any personal information will be automatically deleted by the deletion of your account |
Starting the booking process and not completing it, email registration |
Our legitimate interest to conduct business and enable you to complete your purchase without having to fill out all information once more. If you do not want these e-mails, you may opt-out at any time within the e-mail or on our website. |
Within five weekdays of terminating the process In ninety days, for request groups |
We will provide you with additional information and offers related to your specific travel arrangement, like extra baggage and other information of use for your travel. |
Our legitimate interest to offer you a more convenient travel, and to enable you to easily find more information of relevance to you. If you do not want this information, you may opt-out at any time within the e-mail. |
Data for your travel and any personal information will be automatically deleted by the deletion of your account |
We may provide you with our newsletter containing recommendations on other travel arrangements and travel related products and services that might be of interest to you. Also, if you have submitted your e-mail address on our website for the purpose of receiving our newsletter. |
Our legitimate interest to conduct business and enable you to complete your purchase without having to fill out all information once more. If you do not want these e-mails, you may opt-out at any time within the e-mail or on our website. |
If you have specifically requested our newsletter as a service, we may send our newsletter until you decide to discontinue the service (end of contract). |
Use of cookies to, for example, improve the usability of this website, provision of a personalized experience and for collecting usage statistics. We also use session cookies to improve the security of this website. |
Our legitimate interest to (i) improve our website, (ii) show you offers of interest to you, and (iii) have a secure service offering and website. If you don't want us to store cookies on your computer, you may change the settings in your browser at any time. |
Depending on the type of cookie. See below for more detailed storage times. |
No need to give us any of this personal information. If you do not, you may not be able to complete your purchase from this e-shop. But this is your choice – and we respect that.
FOR ALL REASONS WE COLLECT DATA AND PROCESS IT
We collect and process your personal data as well as the details of your current online booking in order to issue your invoice and to inform you about the correct sending and receiving of your reservation and to manage, provide, adapt and improve our services and business activities.
In particular, your personal data may be collected and processed by our company for the following purposes deemed necessary for the performance of our contractual relationship:
- To issue your service invoice.
- In order to guarantee the products and services you buy, based on the specially defined transaction between us.
- In order to notify you of any major changes or developments regarding your online reservation, until it is complete.
- For your communication with us, by email, telephone or other means, for any matter arising in the course of the execution of the contractual relationship between us and until its completion, upon completion of the transaction between us, as indicative of answers to questions , complaints or cancellations of our products and services.
- For assigning a search for any changes or cancellations and in any case of abnormal development of our transaction.
- To defend our rights before any Court and any Authority, and for the purposes of our enforcement and compliance with court rulings or legal provisions, directives, rules, circulars.
NOTIFICATION OF YOUR PERSONAL DATA
In order to facilitate the achievement of our purposes, we may transmit, disclose, give access to your personal data or share it with third parties. In this case, third parties may be:
- Partners and subcontractors who provide our company with data hosting or data hosting or support for our e-shop.
- Companies that work with us to complete your booking and make a successful end to our transaction, such as airlines, hoteliers, insurance companies and Global Distribution Systems (GDSs) to facilitate your travel arrangements and bookings.
- Public Services and Bodies, Legal Entities, judicial authorities, regulatory bodies and agencies, irrespective of jurisdiction or degree, if required by law, court order, regulation, directive, mandate, opinion, circular etc.
- Our successors in case of sale, disposal, merger, liquidation of our business.
Each partner is responsible for its own handling of your personal data after it has received it from us, meaning that you must contact the partner in question for any requests related to your rights under applicable data protection legislation. We recommend that you read the partners' respective privacy policies for information on their handling of your personal data.
Due to the global nature of the travel industry, your personal data may be processed in different locations around the world when the parties we share your personal data with reside in a country outside the EU/EEA. Our sharing of personal data outside the EU/EEA requires certain legal ground under applicable data protection legislation. Where a country is regarded by the European Commission to be a country with adequate level of protection for personal data, this will be our legal ground. Otherwise there are three main types of legal ground on which that we may base such sharing. These are:
- that the transfer is necessary for our performance of the contract with you (for example when you have booked a flight with an airline residing in a country outside the EU/EEA);
- that the transfer will be based on the standard data protection clauses for transfer of personal data to countries outside of the EU/EEA adopted by the European Commission (a copy of these standard data protection clauses can be found at http://ec.europa.eu/justice/data-protection/international-transfers/transfer/);
- and the EU-U.S. Privacy Shield, where the transfer is made to the United States and the recipient is duly certified.
HOW WE GUARANTEE THE PROTECTION OF YOUR PERSONAL DATA
Our Company, in order to ensure the proper use and integrity of the personal data it collects, and to prevent unauthorized or accidental access to processing, erasure, alteration or other use of them, implements specific internal compliance policies while taking all appropriate organizational, technical, of course, electronic and procedural security measures, as well as technological standards, in accordance with applicable laws and regulations.
YOURS RIGHTS
According to the applicable data protection legislation, you have certain rights as a so-called "data subject". Below, we have listed your rights. Your rights include the following:
Right to access ‐ You are entitled to access the personal data that we handle. You are also entitled to receive certain information about what we do with the personal data. Such information is provided in this document.
Right to rectification ‐ Under certain circumstances, you are entitled to correct inaccurate personal data concerning you and to have incomplete personal data completed. Please note that we might not be able to correct inaccurate personal data provided by you due to e.g. the airlines rules, and that such particular change may incur a cost.
Right to erasure ‐ Under certain circumstances, you are entitled to have your personal data erased. This is the so-called "right to be forgotten".
Right to restriction of processing ‐ Under certain circumstances, you are entitled to restrict how we use your personal data.
Right to data portability ‐ You are entitled to receive your personal data (or have your personal data directly transmitted to another data controller) in a structured, commonly used and machine-readable format from us.
Right to object ‐ You are entitled to object to certain types of handling of personal data that we carry out. This applies to all our activities that are based on our "legitimate interest".
Right to complain to your data protection regulator - in Greece, the data protection authority http://www.dpa.gr/
In any case, we wish to ensure the accuracy of your personal data. Therefore, if you find that any of your personal data is inaccurate or incomplete, please do not hesitate to ask us for your correction or completion.
In addition, we would like to inform you that you have the right to ask for your personal data to be deleted if (a) these are no longer necessary for the fulfillment of the purposes of our online transaction; (b) they have been processed illegally the purposes as described in detail in this; (c) is required by law.
You also have the right to withdraw (in whole or in part) your consent to the collection and processing of your personal data by our company. In this case, please note that any withdrawal of your consent may result in the failure of completing our electronic transaction. In any case, you have the right to have recourse to the Personal Data Protection Authority if you feel you are concerned about the processing of your personal data.
We shall report any unlawful violation of the database of this third party data processing database or database to any and all relevant stakeholders as well as to the authorities within 72 hours of the breach if it is obvious that the personal data stored in a recognizable form, have been stolen.
HOW TO CONTACT WITH US
We always want to hear from our customers (especially if you feel we have neglected you or we could serve you better).
If you:
- Have questions or comments about this notice / update.
- Would you like to stop using your personal nformation.
- You want to exercise any of your rights as described above or you have to make a complaint.
Please do not hesitate to contact our Customer team, who will be happy to answer any questions you may have and for more information or clarifications on the policy that our company has to protect your privacy, contact us either by mail to the contact details we provide below or by e-mail, at dataprotection@bookandgo.gr or dataprotection@bookandgo.eu
Or you can write to us at:
"Travel Ideas General Tourism Office Ltd" and the distinctive title "TRAVEL IDEA", Athens, 5th Akadimias street
If we change how we handle your personal data or how we use cookies, we will promptly update this privacy policy and publish it on this website.
Last updated: 07/1/2019