EU Regulation 679/2016 General data protection regulation
With this policy, SOS TRAVEL SRL intends to inform users visiting the website “www.felix.tours” (hereinafter the “Site”) of the policy adopted regarding the protection of personal data, underlining its commitment and attention with reference to the protection the privacy of visitors to the Site. Please read carefully our Privacy Policy which applies both if you access the Site and simply decide to browse it, and if you intend to use our services.
The navigation within the Site is free and does not require any registration, with the exception of a reservation in which case the insertion of personal data and the creation of a user account is required.
Therefore, where the user intends to provide his personal data to access these additional services, he will be expressly informed pursuant to EU Regulation 679/2016 General Data Protection Regulation (the “Regulation”) and will be given full information on the processing of personal data.
Pursuant to and for the purposes of art. 13 of EU Regulation 679/2016 General data protection regulation SOS Travel Srl provides you with the following information.
Extract of the information on data processing
The data controller of personal data is SOS TRAVEL S.r.l. The person in charge of data processing is Stefano Iannucci in compliance with the principles of protection of personal data and who can be contacted at the following email: info@sostravelagency.co.uk. The staff of SOS TRAVEL S.r.l. is in charge of processing.
Pursuant to Article 13 of EU Reg. 679/2016, we inform you that SOS TRAVEL S.r.l. processes personal data of interested parties who have voluntarily communicated their personal data to our offices in person and / or via forms, telephone, fax or e-mail.
According to the law indicated, the Data Controller guarantees that the processing of personal data is carried out in compliance with the fundamental rights and freedoms, as well as the dignity of the interested party, with particular reference to confidentiality, personal identity and the right to protection of personal data. The provision of such personal data is not mandatory, but any refusal to provide them prevents, in relation to the relationship between the data and the services requested, the execution of our services. Furthermore, with regard to specific customer requests, the Data Controller may process particular categories of your personal data such as allergies, for which specific explicit consent to the processing will be required.
The personal data that the interested parties have voluntarily communicated to our offices will be disclosed to the extent that it is necessary to provide the requested service.
The personal data of the interested parties, due to the need to provide the service, may be communicated to: 5.1. to all subjects to whom the right of access is recognized by virtue of regulatory provisions; 5.2. airlines, hotel facilities, transfer services and excursions; 5.3. insurance companies; 5.4. to our collaborators, employees and suppliers, as part of their duties and / or any contractual obligations with them, relating to commercial relations with the interested parties; 5.5. to post offices, shippers and couriers for the eventual sending of documentation and / or material; 5.6. to all those public and / or private subjects, natural and / or legal persons (legal, administrative and tax consultancy firms, Judicial Offices, Chambers of Commerce, Municipality of Rome, etc.), if the communication is necessary or functional to the performance of our activity and in the ways and for the purposes described above; 5.7. banking institutions for the management of receipts and payments deriving from the execution of contracts. In these cases, only essential data will be communicated, and not excessive, with respect to the purposes for which they are communicated.
The Data Controller may transfer personal data to third countries for services functional to the contract stipulated with the Data Controller and in this case the service providers will be selected from those who provide adequate guarantees, as required by art. 46 GDPR 2016/679 processing concerns common identifying personal data and possibly of a particular type. The processing of personal data takes place using both paper and computer media with the observance of every precautionary measure, in order to guarantee security and confidentiality. The data will also be managed and protected in environments whose access is under constant control in particular, all technical, IT, organizational, logistical and procedural security measures will be adopted, so that the appropriate level of data protection provided for by law, allowing access only to the persons in charge of processing by the Data Controller or by the Managers designated by the same.
The user may, at any time, exercise the rights indicated below.
a. Access to personal data: obtain confirmation or not that data concerning you is being processed and, in this case, access to the following information: the purposes, the categories of data, the recipients, the retention period;
b. Request for rectification or cancellation of the same or limitation of processing concerning him, as well as the existence of an automated decision-making process; “limitation” means the marking of stored data with the aim of limiting their processing in the future;
c. Opposition to processing: oppose for reasons related to your particular situation to the processing of data for the performance of a task of public interest or for the pursuit of a legitimate interest of the Data Controller;
d. Data portability: in the case of automated processing carried out on the basis of consent or in execution of a contract, to receive the data concerning him in a structured format, commonly used and readable by an automatic device; in particular, the data will be provided to you by the Data Controller in .xml format, or similar;
e. Revocation of consent to processing for direct marketing and market research purposes; the exercise of this right does not in any way prejudice the lawfulness of the treatments carried out before the revocation;
f. Submit a complaint pursuant to art. 77 RGPD to the competent supervisory authority based on his habitual residence, workplace or place of violation of his rights; for Italy, the Guarantor for the protection of personal data is competent and can be contacted via the contact details listed on the website http://www.garanteprivacy.it.
The aforementioned rights may be exercised with a request to the Data Controller, at the addresses indicated in this information. The data subject’s right to object to the processing of their personal data for marketing purposes extends to traditional ones and in any case the possibility remains for the data subject to exercise this right in part, that is, in this case, by opposing, for example, to the sole sending of promotional communications carried out through automated tools.
Requests relating to the exercise of the user’s rights will be processed without undue delay and, in any case, within one month of the request; only in cases of particular complexity and the number of requests can this deadline be extended by a further 2 (two) months.