This Policy is written in accordance with the rules of the Regulation (EU) 2016/679 (General Data Protection Regulation) hereinafter referred to as the “GDPR”.
1.1 We collect and process the following types of data:
Personal data that you provide us with, e.g., when creating an account for our Products&Services, filling out the contact form for contacting our Customer Service, such as your email address, first name, last name, phone number, date of birth, billing information, credit card information, bank details for wire-transfer purposes, identification document type and details,
When you create an account on the Website, you will also be asked to set a username and a password in order to sign up for the Products&Services. This information will be used solely for the purpose of providing access to your user account,
Verification information, but only when that is necessary to verify your identity for KYC procedure for the safety and security of your accounts, such as an address, additional email address, passport, ID card or a picture of you holding a verification document,
When you voluntarily complete a customer survey or provide feedback on any of our message boards or via email.
2.1 The provision of these data is a contractual requirement in cases such as entering into a contract by ordering our Products&Services, or by creating an account on our Platform.
2.2 Some of the data processing is required due to our legal obligations, regulatory requirements, or in the public interest. For example, we may need to disclose your data to a law enforcement agency or representatives acting in a legal dispute when investigating criminal offenses or making tax-related inquiries.
2.3 Other information we collect and use because we have legitimate interests (business or commercial) in doing so, taking into account your rights, interests, and freedoms; for example, our legitimate business interests to protect our system and to audit the security of our environment. When conducting security examinations and exercises, if no threat is detected, we will erase the data collected immediately.
3.1 We use the collected personal data to operate, maintain, enhance, and provide all features of the Products&Services, and also to give you the best possible experience when you access our Website and interact with us. That includes using your personal data for the following purposes:
Providing and improving our products&services portfolio: we use your information in order to provide you with the Products&Services ordered. We will use your information to process your application or account request, onboard you as a customer, manage and administer our Products&Services including your account with us, communicate with you regarding your account and orders placed. In order to improve our performance and your experience at our platform, we are tracking your behavior as a customer in the manner that we analyze what you order and what you prefer when choosing our Products&Services.
Protecting and security: We will ask for your information to verify your identity to help you in a situation such as lost account access, lost funds, or suspicion of a security threat.
Marketing: We will use your information to communicate with you and keep you up to date with our activities and those of third parties offering our Website that you may be interested in. Also, to make suggestions and recommendations to you about the Products&Services that may interest you. We will send you such information via email or other communication channels.
4.1 Information you provide us with: All data collected during the process of sending us requests with regard to our Products&Services, corresponding with us by phone, email, or other electronic means (i.e., web chatting systems), or in writing (i.e., via registered letters), as well as all other information you provide directly to us, including in conversations with our employees.
4.2 Information we collect about you when you visit our Website: Each time you visit our Website or use our services, we may automatically collect the information as stated in point 1.1.
6.1 We and selected third parties will use the information you provide on our Website for direct marketing purposes to deliver updates, newsletters, events, or other communications that may be of interest to you.
6.2 Your prior consent will be obtained before we send you direct marketing information. In any event, you will have the opportunity to unsubscribe in every communication sent or to withdraw your consent given before the first marketing interaction we make with you.
6.3 You may object to receiving direct marketing from us at any time by contacting us or selecting the unsubscribe option in our communication messages.
8.1 We will not retain your personal data for longer than is necessary for our business purposes (providing you with Products&Services) or legal or regulatory requirements.
8.2 We will retain your personal data for as long as you have an account, contract, and/or for a period of time after you have closed your account and/or terminated a contract with us. In cases of retaining your personal data after our relationship ends, we will store your personal data in accordance with the applicable law.
8.3 In all situations, we will observe the principles of data minimization, data reduction and ensure the pseudonymization of personal data or restricted access, where necessary. We will continue to protect your personal data in accordance with the terms of this Policy after our business relationship is terminated.
9.1 In accordance with current regulations under the GDPR, you have certain rights. The availability of these rights and how you can use them are set out below in more detail.
Request access to your personal data: You are entitled to ask us if we are processing your personal data and, if we are, you can request access to your personal data. If you wish to obtain a copy of the personal data that we hold about you, you will need to contact us. Before responding to your request, we may ask you to verify your identity and provide further details about your request in order to ensure if someone unauthorized is trying to reach your personal data. We will endeavor to respond within an appropriate timeframe and, in any event, within any timescales required under the applicable law.
Request erasure, rectification, or restriction of processing of your personal data: You are entitled to ask us to delete or rectify personal data in certain circumstances, including the withdrawal of your consent if we no longer need it in connection with your account or for other legitimate reasons. There are also certain exceptions where we may refuse a request for erasure, for example, where the personal data is required for compliance with law or in connection with claims. If you wish to rectify, erase, or restrict the processing of your personal data, you will need to contact us. It is your responsibility to ensure that you submit true, accurate, and complete information to us and keep this information up to date.
Withdraw your consent: Any consent is provided freely. In such situations where the processing of your personal data is based on your prior explicit consent, you may withdraw your consent at any time by contacting us at firstname.lastname@example.org. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal. Please be advised that we will not be able to provide you with our Products&Services without certain personal data.
Request to data portability: You can ask us to help you move some of your data to other companies. To help you with that, you have a right to request that we provide your information in an easily readable format to another company.
Request not to be subject to an automated decision: You may dispute any automated decision made about you where this has a legal or similar significant effect and ask for it to be reconsidered.
Object to processing of your personal data: You have the right to object to our processing of your personal data in certain circumstances. For example, you have the right to object to our processing of your personal data when it is based on our legitimate interests (or those of a third party). You may challenge our reliance on legitimate interests. However, we may be entitled to continue processing your personal data based on our legitimate interests or where this is relevant to legal claims. You also have the right to object where we are processing your personal data for direct marketing purposes.
9.2 If you consider that the processing of personal data we are conducting is against the privacy protection regulations, please let us know in the same written way to the address or email address: email@example.com.
9.3 Intentional misuse of your rights under the GDPR will lead to costs incurring, which we will charge your account for. For example, when you intentionally set us more requests for reconsideration of your data processing (or other actions), knowing in advance that such requests are false, misleading, or set out in order to stall us or to overload our business.
10.1 We are committed to keeping your personal data safe. We apply physical, technical, and administrative measures such as encryption, restricted access measures, reviewing, auditing, and improving plans for the ongoing confidentiality, integrity, availability, and resilience of processing systems and services to protect your personal data that is under our control from unauthorized access, collection, use, disclosure, copying, modification or disposal. All the information we received from you is stored on secure servers, and our Website is hosted on servers in EU/EEA.
10.2 The Internet is generally not regarded as a secure environment, and information sent via the Internet may be accessed by unauthorized third parties, potentially leading to disclosures, changes in content, or technical failures. We are not responsible for the security of information you transmit to us over networks that we do not control, including the Internet and wireless networks.
10.3 Please be aware that you are responsible for keeping your account password, verification codes safe and secure. Do not share those with anyone. If there is unauthorized use or any other breach of security involving your information, you must notify us as soon as possible.
11.1 We may transfer your personal information outside the EEA and EU to service providers and business partners (i.e., Data Processors) who are engaged on our behalf and provide us with technical, operational, and other services.
11.2 Given that the Internet is a global environment, using the Internet to collect and process personal data necessarily involves the transmission of data on an international basis. We generally store all of the personal data that we collect about you in the European Economic Area.
11.3 A transfer of personal data to a third country or an international organization may take place where the Commission has decided that the third country, a territory, or one or more specified sectors within that third country, or the international organization in question ensures an adequate level of protection. Such a transfer shall not require any specific authorization. By using our products and services, you consent to your Personal Data being transferred to other countries, including countries that have differing levels of privacy and data protection laws than your country.
The Products&Services are not directed at persons under the age of eighteen (18).
We will not provide you with our Products&Services if you are a minor.
If you are a parent or guardian and you are aware that your Children have provided us with Personal Data, you will need to contact us. If we discover that a person under the age of eighteen (18) has provided us with Personal Data, we will delete such information from our servers immediately and confirm such deletion.
Please revisit the Travelspot Website periodically to stay aware of any changes to this Policy, which we may update from time to time. If we modify the Policy, we will make it available through the site and indicate the date of the latest revision. In the event that the modifications materially alter your rights or obligations hereunder, we will make reasonable efforts to notify you of the change. If the Website is under construction, some parts of it might be missing. In that event, please contact us.
Travelspot is primarily responsible to you for any questions, concerns, or complaints with regard to this Policy or our handling of your personal data.
You can contact us by email at firstname.lastname@example.org or write to us at:
Republic of Croatia,