AFEA TRAVEL AND TOURISM S.A. takes seriously its obligation as to the security of your personal data.
This policy defines the following:
- The personal data we collect and process for the performance of our work
- Where we get the data
- What we do with this data
- How we store the data
- To whom do we forward / disclose this data?
- How do we deal with data protection rights
- How do we comply with data protection rules
- All personal data is collected and processed in accordance with the E.U privacy law.
INFORMATION WE COLLECT
Personal data is any information related to an individual and allows us to recognize it, such as name, contact details, payment details, email address, and so on.
We collect the following types of information.
1. Name, address, e-mail address, telephone number, passport number or other identification documents, credit / debit card or other means of payment
2. Further information including name, nationality, date of birth, gender and number, expiry date and country of passport or identity card
3. Travel history, including information on flights and services related to flights for which a reservation has been made.
4. Nutritional and other peculiarities that you declare as participants in events, conferences, and so on.
The data can be used for the following purposes:
1. Services: We use the data to provide the services that the customer asks us to.
2. We communicate about the services you are requesting and any changes to these services. These communications have no advertising purposes.
3. Verify / Check Credit Cards or Other Payment Tools: We use payment information for accounting, billing and control purposes.
4. Marketing: From time to time, we communicate electronically in order to provide information about the company's events. However, you can choose whether or not to receive such communications.
5. Your participation in conferences / events implies that you understand and agree that there will be a video recording and photographs will be taken which may be used in order to promote the conference/event.
We may also process personal data for the following reasons:
- Because you have given us your consent to use your personal data (e.g. for marketing purposes)
- Due to our legitimate interests in our operations as a company (e.g. for administrative/tax purposes).
We do not maintain your data for a longer period than is necessary to fulfill the purpose for which it is being processed. In order to determine the appropriate retention period, we take into account the quantity, nature and sensitivity of personal data, the purposes for which we process it, and the ability to achieve these goals with other means.
We also take into account the time intervals for which we may need to keep personal information in order to meet our tax obligations or to respond to complaints / questions and to protect our legitimate rights in the event of a claim.
When we no longer need your personal data, we are destroying them safely.
All payment information is transferred via a secure connection and stored in accordance with the Payment Card Industry Data Security Standards (PCI DSS).
a. Government authorities, law enforcement agencies and regulators
b. Reliable agents of the Global System through which you book tickets and so on.
c. Associated companies that are required to provide the services you have requested.
d. Reliable service providers with whom we collaborate in order to conduct our business.
Under certain circumstances and according to law, you have the right:
- To be informed if we maintain your personal data.
- Ask for access to your personal data (commonly known as the "data subject request"). This enables you to receive a copy of your personal data that we maintain and check if we process it legally.
- Ask for the correction of your personal data we maintain. This enables you to correct any incomplete or inaccurate information of your data.
- Ask for the deletion of your personal information. This enables you to ask us to delete or remove personal data where there is no reason to continue processing it. You also have the right to ask us to delete or remove your personal data where you have exercised the right to object to their processing (see below).
- Request the transfer of your personal data to you or another party (commonly known as the "data portability" right) in an electronic and structured format. This allows you to receive your data from us in an electronically usable form and you can transfer your data to another party in an electronically usable form.
- Withdrawal of consent. In the limited circumstances where you may have given your consent to the collection, processing and transfer of your personal data for a particular purpose, you have the right to withdraw your consent to such processing at any time. Once we receive the notice that you have withdrawn your consent, we will cease processing your information for the purpose or purposes for which you originally agreed, unless we have another legal basis to do so legally.
In any case, we encourage you to report to our employees and in any way through the contact details listed on our website, in writing or orally, a possible violation of your personal data or any illegal and unconditional behavior from the company, from another user or third party. The company is committed to making every effort to resolve the issue in cooperation with the relevant regulatory authorities if this is deemed necessary. If you have any questions or concerns regarding the processing of your personal data by us or if you wish to exercise your rights under this policy, you may contact us via (firstname.lastname@example.org)