Privacy Policy in accordance with the General Data Protection Regulation – GDPR / Regulation (EU) 2016/679 of the European Parliament and of the Council
O-Tours PCO d.o.o. states that all personal information of the clients is collected, processed and stored in accordance with applicable legal regulations. Data processing implies any treatment with the personal data of the client from the moment of receipt. Data required for reservation, conclusion of contract and later realization of contractual obligations and customer service are given voluntary. Only necessary information is required from the buyer for the booking / conclusion of the Contract and the provision / execution of services in accordance with the Contract.
In cases where O-Tours PCO d.o.o. is the intermediary, not the direct service provider, and when the contractor and the execution of the service necessarily pass certain details of the passenger to the executor (eg the data required for the insurance policy of the insurance company, the information required for the reservation of the airline or the shipboard, unit data, guest information that is collected by local tourist boards in accordance with legal provisions on residence taxes, etc.), the contractual partner / enforcer is obliged to comply with the European Data Protection Ordinance – the GDPR complies with the data in the contractual and legal obligations and undertakes to use the data solely for the purpose for which the buyer has a cajolement – concluding the contract and executing contractual obligations and services.
The right to inspect customer data / official documents that contain customer data, according to the legal provisions, have the competent authorities (competent inspectors, police, judicial bodies). Authorized representatives of the competent authorities may, if necessary, make copies of the available documents, copy all storage system contents and collect other relevant information. The legal basis for the transfer and processing of data for these purposes is the fulfillment of legal obligations.
The standard customer information collected through the booking forms is: name and surname, address, date of birth, contact telephone / mobile phone number, contact email, self-signed signature (in case the client contracts the service personally in the branch office and fills the physical entry form, on the payment instrument (eg account number or card data in case of filling out the remote authorization form).
In order to better organize travel and better service delivery, O-Tours PCO d.o.o. may ask the customer for some additional information that the client voluntarily provides. In the case of contracting specific services, O-Tours PCO d.o.o. has the right to request additional information from the client (eg OIB, ID number or passport with expiration date, etc.) and which should be forwarded to the contractual partners for the purpose of contracting and executing the requested service. In the event that the client delivers data from a category of specially protected personal data (eg health data), the client gives his / her privilege to process such data for the purposes of the Contract – provision of special services.
O-Tours PCO d.o.o. collects and processes the following client data for the purpose of communicating with clients, providing information on new offers, providing required information, and enforcing legal and contractual obligations: data that clients enter into contact form on the official website www.otours.hr and the associated subdivisions / pages of projects organized by O-Tours PCO doo; information that clients enter into pre-registration and newsletter forms; information provided by clients via electronic mail / official correspondence.
When client visits the web site, it collect cookies (http://www.allaboutcookies.org) that allow enhanced search experience based on location, language, and other preferences and client preferences. Also, each client has the option in Internet Browser settings that he uses at any time to delete and / or block “cookies”.
The main systems through which data are collected and processed, or produced the necessary documentation, and communicating with clients and carrying out marketing activities are:
- Reservation system: Travel Ray – http://www.travelraysoftware.com/web/content/4232
- Online registration and payment – Eventrify https://get2.events
- MailChimp: https://mailchimp.com/legal
According to the legitimate interests of the clients and the legitimate interests of O-Tours PCO d.o.o., the contact information provided by the clients is used to inform the clients about: payment deadlines and outstanding debts; all relevant information or any modifications to the offers and contracts; final notices before the voyage; discounts that the client can make; new offers that the client might be interested in based on the previously stated interest. The Client reserves the right to withdraw from the newsletter list at any time (by clicking “Unsubscribe”) and will no longer receive notifications about new offers and discounts. Likewise, the client may at any time re-apply to the newsletter list / renew his / her privacy to use the data for marketing purposes.
The Client is entitled to request information from O-Tours PCO d.o.o. about how his personal data is processed and stored, as well as request correction in case of inaccurate data or deleting of certain data for which there is no legitimate basis for custody. Regarding the solution of such an application O-Tours PCO d.o.o. will inform the client within the statutory deadline of not later than one month. This deadline, given the explanation given to the client, may, if necessary, be extended for an additional two months, taking into account the complexity and number of requests.
O-Tours PCO d.o.o. can not comply with the Client’s request for deleting of data and / or documents necessary for the performance of Contractual Services, as well as the data and / or documents required by the Agency pursuant to the legal provisions until the expiration of the statutory deadlines of custody (eg bids, contracts, invoices, etc.).
The customer can enforce his rights by submitting the application by e-mail to otours@otours.hr or by written request addressed to the address of O-Tours PCO d.o.o, Gajeva 6 / 1kat, 10 000 Zagreb.
The Supervisory Authority in the territory of the Republic of Croatia is the Personal Data Protection Agency (Martićeva ulica 14, 10000 Zagreb, Croatia; azop@azop.hr; +385 1 4609 080).
Internet pages where you can find in Regulation (EU) 2016/679 of the European Parliament and Council: http://azop.hr/images/dokumenti/626/opca-uredba.pdf and the Implementation Act of the General Data Protection Act: https: / /narodne-novine.nn.hr/clanci/sluzbeni/2018_05_42_805.html