Bucharest Tours by Travel Express
The General Data Protection Regulation (GDPR), EU Regulation 2016/679 entered into force on 25th May 2018.
The correct information of the users of this site is important for us, so we will explain in detail, in the following rows, what data we collect from you, how we use it, what purpose we use and what your rights are in this context.
SC EXPRESS TRAVEL SOLUTIONS SRL – TRAVEL EXPRESS DMC is committed to protecting your privacy. Please contact us at firstname.lastname@example.org if you have any questions or concerns about the use of your personal information and we will be happy to assist you.
- Definitions used
- Data protection principles
- What rights do you have regarding the use of personal data
- What personal data we collect
- How we use your personal information
- Who else has access to your personal data
- Secure your data
- Cookie Information
- Surveillance Authority – Contact information
Personal data – any information about an identified or identifiable individual.
Processing – any operation or set of operations that is performed on personal data or personal data sets.
Target person – Individual whose personal data are processed.
Child – a physical person below the age of 18.
2. Data protection principles
We are committed to follow these principles of protection and processing of personal data:
- The processing is legal, correct, and transparent.
- Our processing activities have legal grounds.
- We always consider your rights before processing your personal data.
- We will provide you with information on processing, on request..
- Processing is limited in scope.
- Our processing activities correspond to the purpose for which personal data was collected.
- Processing is done with minimum data.
- We only collect and process the minimum amount of personal data required for any purpose.
- Processing is limited to 10 years.
- We will not store personal data for a longer period than required or in accordance with other laws.
- We will do our best to ensure the accuracy of the data.
- We will do our best to ensure the integrity and confidentiality of the data.
3. Rights of data subjects
The person concerned has the following rights:
The right to information – which means you need to know if your personal data is being processed; what data are collected, where they are obtained, and why and by whom they are processed.
Right of access – which means you have the right to access the data collected from / about you. This includes your right to request and obtain a copy of your collected personal data.
The right to update / rectify – which means you have the right to ask for the rectification or deletion of your personal data, which is inaccurate or incomplete.
The right to delete – which means that in certain circumstances you may require that your personal data be deleted from our records.
The right to restrict processing – that is, if certain conditions apply, you may restrict the processing of your personal data.
The right to oppose processing – that is, in some cases you have the right to oppose the processing of your personal data, for example in the case of direct marketing.
The right to oppose automatic processing – which means you have the right to object to automatic processing, including profiling; and not be the subject of a decision based solely on automatic processing. This right may be exercised whenever there is a result of profiling which produces legal effects which significantly affects you.
Right to data portability – You have the right to get your personal data in an appropriate format or, if possible, transfer it directly from one processor to another.
The right to file a complaint – if we refuse your application under Access Rights, we will give you a reason why. If you are not satisfied with the way your request was handled, please contact us.
The right to assistance from the supervisory authority – which means you are entitled to the assistance of a supervisory authority and the right to other remedies, such as the claim for damages.
Right to withdraw consent – You have the right to withdraw any given agreement to process your personal data.
4. What personal data we collect
Contact form and on-line commands from the site pages.
- Delivery address.
5. How we use your personal information
We use your personal data to:
- management of commercial and contractual relations;
- identifying customer needs and coming to meet customized solutions for the benefit of both customers and SC EXPRESS TRAVEL SOLUTIONS SRL – TRAVEL EXPRESS DMC.
- fulfilling an obligation in accordance with law or contract;
- company reports and internal statistics
Based on the conclusion of a contract or the fulfillment of the contractual obligations, we will process your personal data for the following purposes:
- to identify you;
- to provide you with a service or to send / offer you a product;
- in order to communicate with you either for sales or billing purposes;
- in the company’s internal reports and statistics
Based on your agreement, we will process your personal data if appropriate for the following purposes:
- to send you newsletters and / or offers in different marketing campaigns;
- for other purposes for which we have requested your agreement;
We process your personal data to fulfill the obligations arising out of the law and / or to use your personal data for the options provided by the law. We save your billing information and other information gathered about you for as long as it is necessary for accounting purposes or other obligations arising from legal terms but no more than 5 years.
The processing of personal data will be done until:
- customers go out of the target:
- we close the business;
- we agree that we do not have a valuable collaboration;
- we will inform you about any further processing and purposes.
6. Who else has access to your personal data
We keep data via email / email client and cPanel, a cloud solution hosted on the Romanian servers located in Cluj or Bucharest.
We will not disclose personal data to third parties or public institutions unless we are legally bound to do so. We may disclose your personal data to third parties if you have given your consent or if there are other legal grounds for doing so.
7. How can we secure your data?
- We do our best to keep your personal data safe;
- We use secure communications and data transfer protocols (such as HTTPS);
- We use anonymization and pseudonymization where appropriate;
- We monitor our systems for possible vulnerabilities and attacks;
- Even if we try everything we can, we cannot guarantee the security of the information.
- However, we are committed to notifying the competent data breach authorities. We will also let you know if there is a threat to your rights or interests. We will do our utmost to prevent security breaches and to assist authorities in case of violations;
- Restricted access to cPanel with user and password;
- Limitation of functionality that can export data, communicate mass mails;
- We have cPanel documentation in which they assume that they are making the necessary efforts to store and manipulate these data safely.
Below are some essential information provided by cPanel:
cPanel regularly updates all applied software to protect known attack surfaces at all levels (colleagues, server operating systems, virtualization layer, guest operating system, application).
Our servers are one of the safest data centers in Europe (Cluj / Bucharest).
Daily encrypted data salvage of data that is transferred to another data center is performed on a daily basis, as in the case of emergency situations, it is possible to restore the data.
7.b. Protection against access
Physical access to infrastructure is extremely limited. In all cases, appropriate identification is required.
7.c. Network security
Data storage servers are separated from the outside world by multi-level firewalls. Only load balancing servers have an Internet connection. Application and data storage servers work on separate internal networks, the connection between them is provided by a firewall / intermediate load balancing level.
Clear data / test / integration / development tests work on different networks.
Stored data is protected against intrusion and phishing attack. Unused services, protocols, and software will be removed. All our software works from minimal bases, installs only the required software.
The effectiveness of internal procedures and rules is controlled by external security audits.
The policy towards minors
We do not intend to knowingly collect information from minors. We do not target minors as potential beneficiaries of our services.
8. Cookies and other technologies we use
A cookie is a text file stored on your computer. Cookies store information that is used to help sites work better. Only we can access the cookies created by our site. You can control cookies at the browser level. Choosing to disable cookies may prevent some features from being used.
Required cookies – these cookies are required to be able to use some important features on our site, such as logging in. These cookies do not collect personal information.
Function Cookies – These cookies provide functionality that makes our service more convenient and makes more personalized features possible. For example, they might remember their name and e-mail address in their comment forms so you do not have to re-enter this information the next time you make a comment in the site blog section.
Analysis Cookies – These cookies are used to track the use and performance of our website and services.
You can remove cookies stored in your computer through your browser settings. Alternatively, you can control certain third-party cookies using a privacy enhancement platform such as optout.aboutads.info or youronlinechoices.com. For more information about cookies, visit allaboutcookies.org.
9. Surveillance Authority – Contact information
Phone: +40 701 200 700
Address: 216 Victoriei Avenue, 1st floor, office 21 Bucharest, Romania