Privacy policy
1. INTRODUCTION
This Privacy Notice (“Notice”) establishes how to Protect the privacy of the Personal Data of our employees, customers, partners or any other entity with which DRAGON TREE TRAVEL – UNIPESSOAL, LDA. relates in the context of its activity.
As a travel agency, DRAGON TREE TRAVEL needs to collect, use and disclose Personal Data to perform business functions and activities, including making and managing travel reservations on behalf of its customers. At DRAGON TREE TRAVEL, we are committed to protecting the privacy and confidentiality of Personal Data and maintaining a controlled environment (physical, electronic, human and procedural controls) in line with operational risks.
In the context of the General Data Protection Regulation 2016/679 (“RGPD”), DRAGON TREE TRAVEL is a “data controller” of any personal information provided to us in the context of the relationship with our customers or any other Interested Parties.
By providing Personal Data, Interested Parties agree that this Notice will apply to how we handle their Personal Data and consent to it being collected, used and disclosed as detailed in this Notice. If you do not agree with any part of this Notice, Interested Parties must not provide us with their Personal Data. If you do not provide us with your Personal Data, as well as if you withdraw the Consent you have provided in accordance with this Notice, this may affect our ability to provide you with services, or negatively affect the quality of services we may provide you. For example, most travel bookings must be made with the traveler's full name and must include contact details and appropriate identification (eg passport details) and we cannot make bookings without this information. It should be noted that there may be cases where local data protection laws impose more restrictive Personal Data processing practices than the practices set out in this Notice. When this occurs, we will adjust our Personal Data handling practices to comply with those same local laws.
2. WHAT PERSONAL DATA DO WE COLLECT?
Personal Data has the meaning given by local data protection laws and, where the GDPR applies, the meaning is deemed given within the scope of the GDPR. Personal Data generally means data relating to an individual who can be identified from that data; or is identifiable from the combination of this data with other available data.
Generally, the type of Personal Data we collect is that which is necessary to facilitate travel arrangements, support bookings or to organize travel-related services and/or products on behalf of our customers.
In this regard, we normally process the following types of Personal Data about our customers:
Contact details (such as name, home/mailing address, telephone number, email address);
Payment data;
Passport details;
Loyalty / frequent flyer program data;
Data on dietary needs and health problems (if any); and
Other data relevant to travel plans or required by the travel service provider(s) (e.g. airlines and accommodation or tourism providers).
When our customers contact us for other purposes, Personal Data related to those purposes may also be collected. For example, we may collect Personal Data in order to be able to contact our customers in the context of a competition/campaign in which they have entered or to respond to questions or comments that they have sent to us. We also collect data necessary for use in our business activities or that of our related entities, including, for example, financial details needed to process transactions, video surveillance footage used for security purposes or other relevant Personal Data that our customers may want us to know. to supply.
Under some circumstances we collect Personal Data that may be considered sensitive data according to local data protection laws. Sensitive data may include (without limitation) racial or ethnic origin, philosophical or religious beliefs or affiliations, sexual preferences or practices, criminal record or alleged criminal record, membership of political, professional or trade associations, biometric and genetic information, data financial and health data. We will only collect sensitive data in accordance with local data protection laws, with the explicit consent of the subjects and where the data is reasonably necessary or is directly related to one or more of our functions or operational activities (for example, to make plans for travel), unless required or authorized to do so by law. To the extent permitted or required by local data protection laws, our customers consent to us using and disclosing their sensitive data solely for the purpose for which it was collected, unless we subsequently receive their consent for another purpose. For example, if our customers provide us with health data related to a travel insurance they intend to take out, customers consent to us using and disclosing this health data on their behalf in contacts made with the entity promoting that travel insurance. Another example happens when our customers want to make known their religious beliefs because they are interested, for example, in certain vacation packages, consenting to the use and disclosure of that information for the operation of the trip. We will not use sensitive data for purposes other than those for which they were collected, unless we receive consent from the holders to do so.
3. HOW DO WE COLLECT PERSONAL DATA?
We only collect Personal Data in accordance with local data protection laws. We generally collect Personal Data in the context of contacts made with our customers, unless it is unreasonable or impractical to do so. Generally, this collection will occur when our customers:
contact us personally, by telephone, letter, e-mail;
visit us through our website; or
contact us through social networks.
We may also collect Personal Data when our customers:
purchase or inquire about travel arrangements or other products and services;
enter contests or register for campaigns/promotions;
sign up to receive marketing communications (e.g. e-newsletters);
ask for brochures or other information.
In some circumstances, it may be necessary to collect Personal Data about our customers from third parties. This includes cases where an individual makes a travel booking on behalf of another person(s) (eg a family booking, a group booking or a booking made by an employer). When this happens, we rely on the authorization of the person making the travel reservation to act on behalf of any other traveler on the reservation, as well as that person's consent to collect, use and disclose Personal Data in accordance with this Notice. Our customers must inform us immediately if they become aware that their Personal Data has been provided to us by another person without their consent or if they did not obtain such consent before providing us with the Personal Data of another individual.
We make every effort to maintain the accuracy and integrity of the Personal Data we store and to ensure that all Personal Data is up to date. However, any Interested Party may contact us immediately if there is any change to their Personal Data or if they become aware that we have inaccurate Personal Data (please see section 13 below). We cannot be responsible for any losses arising from inaccurate, erroneous, defective or incomplete personal information that the Interested Parties, or someone acting on their behalf, provide us.
4. HOW DO WE USE PERSONAL DATA?
We will only process Personal Data when:
We have been given consent for such processing (which we may withdraw at any time, as detailed in section 8 of this Notice);
Such processing is necessary for us to provide our services;
Such processing is necessary for compliance with legal obligations; and/or
Such processing is necessary for our legitimate interests or that of any third party receiving this Personal Data (as detailed in sections 5 and 6 of this Notice).
When a customer contacts us in the context of an inquiry or booking of our services, the purpose for which we collect their Personal Data is generally to provide advice on booking products and/or services related to our activity. However, the purpose of collection may differ depending on the specific circumstances disclosed in this Notice (eg collection of Personal Data for the purpose of participating in a campaign, collecting feedback, etc.).
When a customer makes a booking for travel or products / services with our support, we generally act as an agent for the travel service providers (eg for a hotel). In that case, we process Personal Data as necessary to provide the requested services, including collecting Personal Data for our internal purposes as described in this Notice, and for the travel services provider for whom we act as an agent (for example, to provide the contracted services). For example, if you book a flight through DRAGON TREE TRAVEL, we will use Personal Data to enable the flight to be booked and we will disclose the Personal Data to the airline to enable it to provide the flight service.
We may share data with our travel service providers (hotels, airlines, car rental companies or other providers related to reservations for contracted services). These service providers may also use Personal Data as described in their respective privacy policies to obtain additional information to facilitate booking travel or providing requested services. We recommend that our Customers review the privacy policies of any travel service providers purchased through DRAGON TREE TRAVEL. We will provide copies of all relevant terms, conditions and privacy policies of the travel service providers upon request.
We act as agents for many travel service providers around the world, so it is not possible to list in this Notice all the travel service providers for which we act (in particular their locations). For more information on disclosure of Personal Data to travel service providers located outside the GDPR context, please see section 6 of this Notice.
If there is any concern regarding the transfer of Personal Data to a provider of our services, or if further information is required, please refer to section 13 of this Notice.
The purposes for which we collect Personal Data include:
provide services or tools that our Customers choose to use (for example, saving preferences on our website in a wish list or saving Personal Data to allow advance filling of online forms);
identification of fraud or errors;
legal or regulatory compliance;
develop and improve our products and services;
maintain or improve the relationship with our Customers, namely, creating and maintaining a customer profile that allows the provision of a service in line with their preferences;
market research, evaluation of Customer satisfaction and collection of feedback on the services we provide;
facilitate the participation of our Customers in loyalty programs;
perform analysis in connection with our services, including, but not limited to, trends in sales and travel destination preferences;
support internal organization and accounting;
support compliance with legal obligations or applicable customs/immigration requirements related to travel; and
other purposes, as authorized or required by law (for example, to avoid a threat to life, to protect health or safety, or to enforce DRAGON TREE TRAVEL legal rights).
Where permitted by local data protection laws, we may use Personal Data to carry out marketing activities relating to our (and third-party) products and services that we believe may be of interest to our Customers, unless they have asked us not to receive such information. These campaigns may include, but are not limited to, sending email, digital marketing and other electronic notifications. Personal Data will be used to send digital marketing material (including e-newsletters, e-mail, SMS, MMS and IM) if Customers have chosen to receive them. Customers can sign up to receive e-newsletters and other promotional / digital marketing materials by following the relevant links on our website or asking one of our employees to do so.
Any individual who does not wish to receive promotional or marketing material from us, or participate in market inquiries or receive other types of communications, should refer to sections 8 and 13 of this Notice.
5. WHAT PERSONAL DATA IS DISCLOSED TO THIRD PARTIES?
At DRAGON TREE TRAVEL we do not sell, rent or exchange Personal Data. Personal Data will only be disclosed to third parties as set out in this Notice and in accordance with local data protection laws (note: in this Notice, reference to “disclose” includes transferring, sharing verbally or in writing, sending or making available Personal Data to another entity).
Personal Data may be disclosed to the following types of third parties:
contracted entities, suppliers and service providers, including:
the situations of each of the circumstances described in section 4 of this Notice (“How do we use Personal Data?”);
ICT solution providers who support us in providing products and services (such as any third-party data hosting providers we may use);
publishers, printers and distributors of marketing material;
event and exhibition organizers;
marketing agencies or market consultation;
courier services or courier services; and
outside consultants (such as lawyers, accountants, auditors or recruitment consultants);
travel service providers such as travel wholesalers, tour operators, airlines, hotels, car rental companies, transfer managers and other related service providers;
any third party to whom we assign or transfer any of our rights or obligations;
persons who make travel reservations on behalf of others (for example, a family member, friend or co-worker);
employers, in the context of business travel by corporate, business or government clients;
contact persons (e.g. a family member) where our Customers are not contactable and the contact is, in our opinion, in the Customer's interest (e.g. where the person is concerned about their well-being or needs to take action on behalf of the Client due to unforeseen circumstances);
as required or authorized by applicable law, and to comply with DRAGON TREE TRAVEL'S legal obligations;
customs or immigration services to comply with legal obligations applicable in the context of the trip;
government agencies or public authorities to comply with valid and authorized requests, including court orders or any other valid legal process;
regulatory bodies or law enforcement authorities, including for fraud protection and related security purposes; It is
enforcement agencies where there is suspicion of illegal activity and where Personal Data is a necessary part of investigating or reporting the matter.
In addition to the foregoing, we will not disclose Personal Data without consent unless we believe disclosure is necessary to lessen or prevent a threat to an individual's life, health or safety, public health or safety, or for a particular action is carried out by an enforcement body (e.g. prevention, detection, investigation or punishment of criminal offences), or where such disclosure is authorized or required by law (including applicable data protection / privacy laws).
On DRAGON TREE TRAVEL websites or social networks, users can choose to use certain third-party resources with which we associate. These features, which may include social networking and geolocation tools, are operated by third parties and are clearly identified as such. These third parties may use or share Personal Data in accordance with their own privacy policies, so we recommend consulting their privacy policies if you consider these tools relevant.
6. WHAT PERSONAL DATA IS TRANSFERRED ABROAD?
We may disclose Personal Data to certain overseas recipients as described below. We will ensure that such cross-border transfers are necessary for the performance of a contract between our Customers and the overseas third party or that they are subject to appropriate or adequate safeguards as required by local data protection laws (eg GDPR). We will provide copies of relevant safeguards documents on request (see section 13 of this Notice).
It is possible that Personal Data will be transferred to an overseas entity located in a jurisdiction where it is not possible to guarantee a level of data protection equal to that existing in the context of the GDPR. In these cases, DRAGON TREE TRAVEL cannot be responsible for how these recipients handle, store and process Personal Data.
(a) Related entities abroad
DRAGON TREE TRAVEL operates a global business, including operations in EU and non-EU countries. Personal Data may be disclosed with our related entities abroad for support in booking travel and / or to allow the performance of administrative, advisory or technical services, including the storage and processing of such data.
(b) Travel service providers located abroad
In order to provide our services, it may be necessary for us to disclose Personal Data to relevant overseas travel service providers. We deal with many different travel service providers around the world, so the location of a relevant travel service provider will depend on the travel services provided. Relevant travel service providers will, in most cases, receive Personal Data in the country where they will provide the services or on which their business is based.
(c) Our service providers located abroad
We may also have to disclose Personal Data to service providers located abroad for the purpose of supporting the provision of the services, including the storage and processing of such data. We will generally only disclose Personal Data to these overseas recipients in the context of a travel reservation and/or to enable the provision of administrative and technical services provided on our behalf.
If there is any specific doubt about where or to whom Personal Data may be sent, please refer to section 13 of this Notice.
7. INFORMATION SECURITY
At DRAGON TREE TRAVEL we are committed to protecting Personal Data by implementing and maintaining adequate technical, organizational and human control measures to guarantee a level of security in line with the risks related to:
accidental or unlawful destruction;
loss; unauthorized alteration or disclosure;
or improper access to Personal Data transmitted, stored or processed.
DRAGON TREE TRAVEL regularly monitors and reviews security controls and strives to protect Personal Data in the same way that it protects your sensitive business information.
DRAGON TREE TRAVEL destroys or de-identifies Personal Data whenever it is no longer relevant to the business or as required by law.
8. RIGHTS IN RELATION TO THE PERSONAL DATA WE COLLECT
If any interested party, that DRAGON TREE TRAVEL has Personal Data, and that intends to:
update, modify, delete or obtain a copy of Personal Data; or
restrict or prevent DRAGON TREE TRAVEL from using any personal information, including withdrawing any consent you have previously given for the processing of such information; or
obtain a copy of personal information that has been processed based on your consent or as necessary to perform a contract to which you are a party,
must formally make the request to DRAGON TREE TRAVEL through the contacts identified in section 13 of this Notice. After the request, an acknowledgment will be made of the same and information will be given on the period within which the Information will be made available.
DRAGON TREE TRAVEL will make every effort to respond to such requests within a month or less, although it may be necessary to extend this period for complex requests.
Additionally, DRAGON TREE TRAVEL reserves the right to deny access to the Information for any reason permitted by applicable law. If the request for access or correction of the Information is denied, the reasons for such refusal will always be communicated in writing, unless it is unreasonable to do so or when required by local data protection laws.
All communications related to requests for access to Personal Data must be made formally in writing through the contacts identified in section 13 of this Notice.
If DRAGON TREE TRAVEL is asked to restrict or stop using Personal Data, withdrawing the consent previously provided for the processing of Personal Data, the ability to provide services or their quality may be negatively impacted. For example, most travel bookings must be made under the traveler's full name and must include contact details and appropriate identification (eg passport details) and bookings cannot be made without this information.
Personal Data shared with DRAGON TREE TRAVEL must be accurate and individuals agree to update them whenever necessary. Additionally, they agree that, in the absence of any update, DRAGON TREE TRAVEL may assume that the data sent is correct.
Any individual may, at any time, request DRAGON TREE TRAVEL to stop sending marketing communications, using the unsubscribe links provided in the marketing emails or through the contacts indicated in section 13 of this Notice.
In any of the situations listed above, it may be requested to provide a valid means of identification of the applicant to ensure that DRAGON TREE TRAVEL fulfills its security obligations and prevents the unauthorized disclosure of Personal Data.
DRAGON TREE TRAVEL reserves the right to charge a reasonable administrative fee following any manifestly unfounded or excessive requests regarding access to Personal Data or for any additional copies of the Personal Data requested.
9. INTEGRATIONS WITH SOCIAL NETWORKS
DRAGON TREE TRAVEL websites and mobile applications may use social networking features and tools (such as “Like” and “Share” buttons). These features are provided and operated by external companies (e.g. Facebook) and hosted either by external companies or directly on our website or mobile application. Social Tools may collect data related to the page visited on the website / mobile application, the IP address and may set cookies to improve the functioning of Social Tools.
In case the user has activated social network accounts, these may be able to share data about the visit and use of our website or mobile application with these same social network accounts. Accordingly, interactions with Social Tools may be recorded by third parties. In addition, external companies may share Personal Data with DRAGON TREE TRAVEL in accordance with their policies, such as their name, profile picture, friend lists or any other information that individuals have chosen to make available to these same companies. In these cases, we may share this data with a third party company for the purpose of promoting targeted marketing through these same social media platforms. In this situation, users have the option to manage data sharing and be able to disable targeted marketing in the privacy settings of their social networks.
All interactions with Social Tools are governed by the privacy policy of the external company providing them. More information about the data protection practices of these companies should be consulted directly in the privacy policy of these same companies.
10. IP ADDRESSES
When a user accesses the website, uses any mobile application, or opens digital correspondence from DRAGON TREE TRAVEL, the servers may record data referring to the device or network to which the user is connected, including the IP address. An IP address is a series of numbers that identify a computer and are assigned when accessing the Internet.
IP addresses may be used by DRAGON TREE TRAVEL for system administration, investigation of security issues and compilation of anonymous data on the use of the website and / or mobile applications. IP addresses may also be associated with other Personal Data available about individuals for the purposes described above (for example, to better tailor marketing and advertising materials, provided you have opted-in to receive digital marketing).
11. TRACKING TECHNOLOGIES / COOKIES
Due to the way Internet communication standards work, access to websites may involve the use of cookies. Cookies are small files that are saved on the Customer's computer and that only serve to identify the computer that is accessing the website. These files do not contain any personal information. Cookies generally have a limited duration in time. No cookie can extract information from the hard drive of the Customer's computer, steal personal information or read cookie files created by other providers:
Thanks to cookies, it is possible for Intertours to recognize duly registered Customers, provided they use the same equipment and browser, without having to register on each visit to access areas and services reserved exclusively for them. The Customer is free to reject our cookies if the browser allows it, but doing so may be compromising the full functionality of the website.
Cookie Policy
Our websites use cookies to provide you with a better browsing experience.
session cookies
They keep a unique and random identifier that allows identifying an individual session. They only remain active during your visit, being deleted after closing the browser.
User experience cookies
They save your preferences to improve your experience on future visits.
statistics cookies
They keep anonymous data about the use of our website, so that we can analyze and improve the service provided. These cookies are placed on our behalf by third parties (Google and BySide).
Cookie settings can be changed in your browser preferences. Please select the browser you are using below for more information:
chrome
firefox
Safari
internet explorer
All other internet browsers (browsers) Please look in the "help" menu of the browser (browser) or contact the provider of the browser (browser).
12. ASSOCIATED WEBSITES
DRAGON TREE TRAVEL websites may contain links to third party websites over which DRAGON TREE TRAVEL has no control. DRAGON TREE TRAVEL is not responsible for the privacy practices or the content of associated websites. DRAGON TREE TRAVEL recommends reading the privacy policies of any associated websites that are visited, as their practices and privacy policies may differ from those of DRAGON TREE TRAVEL.
13. FEEDBACK / COMPLAINTS / CONTACT
Any questions, comments or complaints about this Notice or about the processing of Personal Data; or if you intend to inform DRAGON TREE TRAVEL about a change or correction of Personal Data; or if you wish to receive information about the Personal Data processed by DRAGON TREE TRAVEL; or for any complaint or comment relating to data protection; should be sent to DRAGON TREE TRAVEL through the contacts below:
DRAGON TREE TRAVEL contact name: JULIUSZ KRZYSZTOF DRAK
E-mail: [email protected]
Address: Estrada João Gonçalves Zarco nº 435 - Ribeira da Caixa
District: Ilha da Madeira Concelho: Câmara de Lobos Freguesia: Estreito de Câmara de Lobos
9325 - 033 ESTREITO CÂMARA DE LOBOS, Madeira – Portugal
www.gettohikes.com
DRAGON TREE TRAVEL will respond to any inquiries or complaints received as soon as possible.
14. AMENDMENTS TO THE NOTICE
This Notice may be amended and updated. If an amendment is made to the Notice, the revised version will be duly filed and published and dated on the DRAGON TREE TRAVEL website, when it exists. If justified, in addition to updating the Notice, we may ask customers for consent to include other types of treatment.
This Privacy Notice was last updated on May 1, 2023.