Privacy Policy, Security and Protection of Personal Data
The Personal Data provided will be treated and used by 222TOURS in accordance with Regulation 2016/679 of the European Parliament and of the Council of 27 April 2016 protection of individuals with regard to the which concerns the processing of personal data and the free movement thereof, within the group referred to General Regulation on Data Protection (RGPD). It is understood as the treatment of Personal Data collection, registration, organization, structuring, conservation, adaptation or alteration, recovery, consultation, use, disclosure or transmission dissemination or any other form of availability, comparison or interconnection, erasure or destruction. In order for consent to be considered must be provided by a clear positive act, free, specific, informed and unequivocal. The treatment of Personal Data is considered lawful, in accordance with art. 6 of the RGPD, if it is verified by one of the following conditions:
a) The Data Owner has given his consent, and that while reading this document, as well as all your conditions of service requested, proceed with the reservation and freely provide the data you are accepting and consenting to;
b)Treatment is necessary for the execution of a service contract in which the is an integral part or for pre-contractual agreements at the request of the data subject or third parties with the necessary;
c)For compliance with a legal obligation to which the 222TOURS is subject;
1. All Personal Data is obtained throughout the contractual relationship established with our company and have the purpose of:
a) Provision of services under the activity of retail and wholesale travel agency;
b) Provision to the interveners of the services requested to fulfill the reservation of the contracted service.
c) Offer of information of services in the scope of the activity developed by the 222TOURS, namely Newsletters, sending advertising content and other products and services. You can refuse this type of treatment, free of charge at any time through express written communication.
1.1. The formalization of reservations implies the assignment of Personal Identification Data by the, as well as aspects relating to their personal preferences which affect it or others, which are used to facilitate and allow the contracting and reservation of concrete services that make up the Consumer’s request.
For security reasons, applicable to certain countries, the flights, in addition to the name of the traveler, information regarding data such as passport number or citizen’s card (Law no. 32 of June 1, 2017), sex, age and nationality. Such information contained in the reservation may, in accordance with the applicable legislation, be consulted by the customs authorities of the countries of origin and / or destination. The agency has a legal basis for transferring Personal Data to jurisdictions not recognized as having adequate regulations for the protection of personal data. The consumer consents to these transfers by accepting and effecting the reservation of the contracted service;
1.2. In the transfer of Personal Data, except in the fields where the contrary is indicated, the holder of the duly authorized for this purpose, may voluntarily Personal Data, without the lack of response implying a decrease in quality or quantity services (unless otherwise indicated). However, the lack of response to the data, considered mandatory, will imply the impossibility of accessing the service for which the data were requested;
1.3. The 222TOURS may disclose the information of the Consumer to third parties solely for the purpose of completing the reservation requested and for administrative reasons, in accordance with the legislation in force for the realization of travel and services for certain countries;
1.4. Any data collected will be transmitted, in accordance with the established in the RGPD, to the entities involved to contract the services required to the extent absolutely necessary for the realization of the reservation / service intended and for compliance with the legislation of the Countries and destination.
2. The data owner expressly consents that his / her personal data may be transferred to:
a) National and international authorities competent in the field of tourism, terrorism or crimes against human rights;
b) Any legal entity subsidiary or subsidiary of the agency, as well as the company that needs to provide the contracted service, to use them for the purpose of a correct provision of each service requested by the data holder;
c) For conveyors, Personal Data being processed in accordance with the policy of applicable privacy of the carrier and, if the reservation has been made through a reservation systems (GDS) in accordance with the provider’s privacy policy. These are available on IATA, https://www.iatatravelcentre.com/privacy.htm or directly on the carrier or GDS – https://www.travelport.com/privacy. You may read this documentation that applies to your reservation and specifies how the personnel are collected, stored, used, disclosed and transferred. This notification is in accordance with IATA Resolution 724, 722f / g / h and 725f / g / h
2.1 Where treatment of special categories of data (information revealing racial or ethnic origin, religious beliefs, health or sexual orientation) if it proves necessary for the performance of the contracted services, the Agency may only process the Data if the data subject gives consent for this purpose. Being that when reading this document and after that it informs this data it is considered like express and clear consent of the holder.
3.The data obtained and authorized by the holder shall remain for the entire period necessary for the provision of requested services, such as drawing up reservations, marking, issuing documents and transport tickets, making the trip. After the completion of the provision of services and the respective invoicing and payment in full, if there are no pending irregularities or inherent in the legal obligations of the agency or the knowledge of the client, the data are erased.
4.When accessing any Personal Data, the 222TOURS undertakes to:
a) To safeguard them by means of legally enforceable security measures of a technical and organizational nature that guarantee their safety, thereby preventing unauthorized alteration, loss, processing or access, in accordance with the state of the technology at any given moment, the nature of the data and the possible risks to which they are exposed;
b) Use or apply the data exclusively for the purposes duly anticipated;
c) Make sure that the data is handled only by the employees whose intervention is necessary for the provision of the service and are obliged to the confidentiality and confidentiality obligation due to a contractual obligation with the company.
5. The 222TOURS declares and warrants that it has implemented, is endowed and will continue to implement the technical and organizational security measures necessary to ensure data security to prevent unauthorized alteration, loss, processing and / or access, taking into account the current state of the technology, the nature of the data stored and the risks to which it is exposed.
6. The data subject has the right of access, rectification, cancellation or opposition legally foreseen. If the data subject wishes to exercise the rights of access, restriction, cancellation or opposition that the RGPD grants you, you must send a written, physical or e-mail message to the address protecaodados@222TOURS.pt. If you withdraw your consent, this does not compromise the lawfulness of the treatment made up to that date. You have the right to be notified, under the terms of the Regulation, if there is a violation of the Personal Data, and may submit a complaint to the competent authorities.
Maia, 08 Agosto de 2018
222 Tours – Experiências Turísticas Lda