Privacy Statement
Welcome to the website (the “Website”).
This Privacy Statement outlines Olympia Europe's ("we", "our"
or the "Company") practices with respect to information
collected from users and customers who access the Website or communicate with
us in any other way, including without limitation, our API, support calls,
emails and letters and so on (collectively: "the Service").
This Privacy Statement is based on our goal to provide our clients and visitors
with quality information in our field of practice while maintaining personal
privacy.
1. Overview
1.1.
In this Privacy Statement we
will explain to you about the information we collect from you when you visit
our Website or communicate with us directly in any
other way. In collecting this information, we are acting as a data controller
and, by law, we are required to provide you with information about us, about
why and how we use your data, and about the rights you have over your data.
Please note that we may also act as a data processor in certain instances, if
our business partners provide us with information for their own processing
needs. It is
important to note that such information is provided to us only for the purposes
of processing it in accordance with the instructions of our business partners.
We cannot process this information for our own needs and cannot decide on any
new purposes for its processing without our business partner's instructions.
Therefore, such information is not subject to the provisions of this Privacy
Statement.
1.2.
As you use our Website or communicate with us in any other way or provide
us with information in order to access and/or use our services, we may collect
and process information related to you as an individual and which allows you to
be identified, either directly or together with additional information. This
information can be collected by us both when you choose to provide it (e.g.,
when you request any services provided by us over the Website or when you
submit an enquiry via our Website) or simply by analysing
your behaviour on the Website.
1.3.
For certain services, such as
for when you book any of the travel products offered on our Website,
you will be asked to provide certain personal information. It is not mandatory
for you to provide us with any of your information, including personal
information; however, if you will choose not to, we may not be able to provide
you certain services requested by you and your usage of our Website
may be limited in scope.
Any personal information you provide us with or
which we collect is provided or shared on a voluntary basis.
2.1.
We are Olympia Europe Travel
Agency Limited. Our address is 6A Pont Street SW1X 9EL, London, United Kingdom.
2.2.
. You can contact us either by
post at the above address, by email at gdpr.compliance@olympiaeurope.com
or by telephone on +44 (0) 207 591 0811.
2.3.
For EU-related questions, you
may contact us by the above email or by post at 255 Mihai Bravu
St., 3rd floor, District 3 Bucharest, Romania; Phone: +40-31 1050210;
3.
What information do we
collect, How we use it and for how long we retain it?
We
generally collect two types of information:
The first type of information is un-identified and
non-identifiable information pertaining to a user(s), which may be made
available or gathered via the user's use of the Services (“Non-personal
Information”). We are not aware of the identity of the user from which the
Non-personal Information was collected. Non-personal Information which is being
collected may include your aggregated usage information and technical
information transmitted by your device, including certain software and hardware
information (e.g. the type of browser and operating
system your device uses, language preference, access time and the domain name
of the website from which you linked to the Services; etc.), in order to
enhance the functionality of our Services. We may also collect information on
your activity on the Service (e.g. pages viewed,
online browsing, clicks, actions, etc.).
The second type of information is individually identifiable
information, namely information that identifies an individual or may with
reasonable effort identify an individual (“Personal Information”). Such
information may include:
3.1.
When you submit an enquiry
via our Service (including, without limitation, booking a travel product or
purchase of other products), we ask you for your name, contact telephone number
and email address. In order to complete purchases we
may also ask for identification number and VAT registration number; address;
bank details and/or credit card information; and any additional information
requires for billing (e.g. authorization codes, passport number or national ID
number).
3.2.
If you sign up to receive our
newsletter, we will ask for your name and your email address.
3.3.
We also record your IP
(Internet Protocol) address, which is the internet address of your computer.
3.4.
If we combine Personal
Information with Non-personal Information, the combined information will be
treated as Personal Information for as long as it remains combined.
We process Personal Information for the
following purposes:
·
To
set up your account and to provide our Services;
·
To
optimize our Service using, among other things, research and analytics in order
to improve and customize the Service;
·
To
generate aggregated statistics about the users of our Service for the purposes
of producing analysis of quality assurance of our Services;
·
To
identify and authenticate your access to certain features of the Services;
·
To
communicate with you in order to keep you informed of our latest updates and features;
·
To
detect and prevent illegal activity or any other type of activity that may jeopardize
or negatively affect the integrity of the Services;
·
To
support and troubleshoot our Services, to respond to your queries and
communicate with you;
·
To
investigate violations and enforce our policies, and as required by law, regulation or other governmental authority, or to comply
with a subpoena or similar legal process or respond to a government request.
Retention of data
We keep Personal Data for as long as necessary
to provide our services, respond to requests, comply with our legal obligations and resolve disputes. Retention periods shall be
determined considering the type of information that is collected and the
purpose for which it is collected for, bearing in mind the requirements
applicable to the situation and the need to destroy outdated, unused
information at the earliest reasonable time.
Note
that we do not retain your credit card information.
As part of our Services, the Personal Data of
clients and end users of our customers may be shared with us. This data may
include, for example, specific information regarding travel arrangements for
individual clients.
Such data is provided to us solely by the customer
and is processed by us as a “data processor”, acting under the sole direction
of its customers. Therefore, in processing such information we will act in
accordance with the provisions of a data processing agreement we will sign with
our customers and in accordance with their documented instructions and the
provisions of this Privacy Statement will not apply directly to such
processing.
4.
Our legal basis for
processing your information
We collect and process your Personal Data based on your consent, where
it is necessary for the performance of contract between us and where it is
necessary for our legitimate interest.
5. Who will be able to access your personal
information?
5.1.
In the framework of our activity
and for the purposes specified above, your information, including your Personal
Information may be shared with the following: suppliers of Travel Products
offered on our Site, providers of infrastructure services, payment service
providers, other third party providers who assist us in providing our Service
such as storing
or processing information on our behalf (e.g. on cloud computing services) or
assist us with our business operations, to authenticate your access and to
provide and improve our Service.
5.2.
In addition, your
information, including Personal Information, may be disclosed to third parties
in the event we shall enter into a corporate
transaction.
5.3.
We may also disclose Personal
Information if we have a good faith belief that disclosure of such information
is helpful or reasonably necessary to: (i) comply
with any applicable law, regulation, legal process or governmental request;
(ii) enforce our policies, including investigations of potential violations
thereof; (iii) investigate, detect, prevent, or take action regarding illegal
activities or other wrongdoing, suspected fraud or security issues; (iv) to
establish or exercise our rights to defend against legal claims; (v) prevent
harm to the rights, property or safety of yourself, our users, us or any third
party; or (vi) for the purpose of collaborating with law enforcement agencies
or in case we find it necessary in order to enforce intellectual property or
other legal rights.
6. International transfers of data
Please note that some
data recipients may be located outside the EEA. In such cases we will transfer
your data only to such countries as approved by the European Commission as
providing adequate level of data protection or enter into legal agreements
ensuring an adequate level of data protection.
7. Your rights as a data subject
7.1.
Right to rectification. You can ask us if and what information we hold
about you, and you can ask us to correct it if it is inaccurate, incomplete or out of date.
7.2.
Right to withdraw your data
processing consent.If
we have asked for your consent to process your personal data, you may withdraw
that consent at any time, and, if we process your personal data solely on the
basis of your consent, we will stop processing, subject to our overriding
rights, if applicable.
7.3.
Right to porting data. If we are processing your personal data for
reasons of consent or to fulfil a contract, you can ask us to give you a copy
of the information in a machine-readable format so that you can transfer it to
another provider.
7.4.
Right to data erasure. (“right to be forgotten”). If we are
processing your personal data for reasons of consent or legitimate interest,
you can request that your data be erased.
7.5.
Right to restrict the
processing. In certain circumstances, you
have the right to ask us to stop using your information for a
period of time if you believe we are not doing so lawfully.
Please note that these rights are not absolute
and may be subject to our own legitimate interests and regulatory requirements.
If you have a complaint about our use of your
information, we would prefer you to contact us
directly in the first instance so that we can address your complaint. However,
you can also contact our authority "Autoritatea
de Supraveghere a Prelucrarii
Datelor cu Caracter Personal In
Romania" (A.N.S.P.D.C.P.), address: B-dul G-ral Gheorghe Magheru nr. 28-30, District 1, zip code: 010336, Bucharest,
Romania
9. How do we safeguard your information?
We take great care in
implementing and maintaining the security of the Website and your information.
We employ industry standard procedures and policies to ensure the safety of the
information we collect and retain, and prevent unauthorized use of any such
information, and we require any third party to comply with similar security
requirements, in accordance with this Privacy Statement. Although we take
reasonable steps to safeguard information, we cannot be responsible for the
acts of those who gain unauthorized access or abuse our Site, and we make no
warranty, express, implied or otherwise, that we will
prevent such access.
10. Updates to this privacy policy
We regularly review and, if appropriate, update
this privacy policy from time to time, and as our services and use of personal
data evolves. If we want to make use of your personal data in a way that we
haven’t previously identified, we will contact you to provide information about
this and, if necessary, to ask for your consent.
We will update the version number and date of
this document each time it is changed.
Last
Updated: October
2021