1.1. Personal data processing controller shall be a person, who shall determine purposes for which the personal data shall be processed and the way in which it shall be processed. Personal data processing controller shall be Baltic Travel Group – limited liability company “Baltijas Ceļojumu Grupa”, registration No. 40003482252, legal address: Kr. Barona Street 13/15 – 20, Riga, LV-1011.
1.2. The contact information regarding issues related to the processing of personal data shall be: firstname.lastname@example.org. Using this contact information or contacting Baltic Travel Group at the legal address, one may ask a question about the processing of personal data. A request for the exercise of their rights may be filed in accordance with Clause 13.
Providing tourism services (legal basis for personal data processing: enforcement of contractual and legal obligations), including, but not limited to:
To identify the client;
- Contract preparation and signing;
- To provide tourism services
- To provide an Insurance policy
- To assist visa applications
- – For examination of applications and claims
- To prepare accounting documents (Account administration and billing)
- Debt recovery
Commercial communications (personal data processing legal basis: agreement of the client)
To maintain customer affairs (Personal Data legal basis: agreement of the client
To provide information to State and local authorities.
- Clients, travel services providers clients, ex. Travel (tour) wholesalers, tour operators, airlines hotels, car rental companies transfers service providers, tour service providers (guides) and other related tourist service providers
- Embassies Consular Departments
- Insurance companies;
- A person who makes the booking in the name of the tourist itself. (ex. a family member, friend or a colleague)
- Employer if the tourist is an employee in a company goes on a business trip
- 3rd parties with whom the Company has concluded service contracts such as credit institutions, information technology providers, accounting service providers, legal service providers postal and courier providers and other related service providers ensuring the business of the Company
- Persons specified in regulatory enactments after a reasonable request of those persons with procedures and amounts specified in regulatory enactments
In occasions specified in regulatory enactments in certain cases for the protection of legitimate interests of the public, such as in court or other State or local government institutions against a person who has undermined the interests of the Company
Identifying information (name surname, personal code, passport data, and/or personal license (ID) data, home address, bank date, bank payment card data (where a possible on-site settlement or on the Internet), information about health status,(including diet restrictions, disability information).
Baltic Travel Group as a keeper:
- Processing Personal Data according to the law, processing data subject in a transparent manner.
- Processing personal data appropriate; accordingly to those and only that Personal Data which is necessary to provide the service;
- process Personal Data in that manner so the safety of the personal data would be protected including protection against illegal Personal Data processing, accidental loss of data, damage or destroying Personal Data, using appropriate technical or organizational measures;
- Personal Data shall not be kept longer than its needed for its purposes
- Inform the client about why it is necessary to collect Data and what exactly will the Baltic Travel Group do with collected Data
- Process only accurate data and if it’s necessary to update them;
Collect Personal Data only in clear and specified aim and further processing shall not be against any of the above mentioned. Only and only if it will be necessary to accomplish the functions and responsibilities of the
Baltic Travel Group may forward Personal Data to Third World countries if that is necessary for the fulfillment of contractual obligations (providing tourism services)
Baltic Travel Group informs that forwarding clients personal data to European Union, Member States of the European Economic Area, The Territory of the State of Israel, Andorra, Argentina, Jersey, Faroe Islands, Guernsey, Canada, Isle of Man, Switzerland and United States of America and The United States organizations’ which have demonstrated their principles of principle to the Ministry of Commerce of the United States of America and committed to respecting the principles laid down by the European Commission shall provide security of Personal Data corresponding to the relevant level of data protection in Latvia.
– To be informed why Baltic Travel Group process and use clients Personal Data;
– Require information about what kind of Personal Data Baltic Travel Group has. This information will be provided for free/ without payment. Information will be provided within 1(one) month
– Correct Personal Data, meaning, client right is to correct its Personal Data if they are inaccurate or incomplete. Baltic Travel Group is obligated to give an answer within 1 (one) month. If Baltic Travel Group decides not to correct data the customer will be given an explanation of why they will not be corrected;
– To be deleted (right to be forgotten). The client has the right to request to delete client personal data or stop processing them. If Baltic Travel Group decides not to delete client Personal Data he will be given an explanation of why Baltic Travel Group will not delete the data and will provide the client with information about his right to file a complaint in the National Inspection of the Data;
– To limit Data processing. The client has the right (in some cases) to limit Personal Data processing if the information is incorrect. If the Data is limited Baltic Travel Group may maintain relevant information in order to ensure that these rights are respected in the future. If Baltic Travel Group decides to cancel such a restriction, Baltic Travel Group will notify it to the customer;
– To data portability. If Baltic Travel Group processes Personal Data accordingly to the clients’ consent or on the basis of the written contract and they are stored in a structured, widely used and machine-readable format, the client has the right to request a transmission of Personal Data directly from one Data Manager to another if that is technically possible. These rights shall not apply to Personal Data processed to comply with legal obligations acceptable to
– To object to the processing of Personal Data by submitting a written request to the company with specific reasons relating to the client’s special situation.
The client has the right to submit a request to the Baltic Travel Group for the exercise of its rights until the time.
– Arriving at the Baltic Travel Group legal address presenting an existing ID.
– Send the request electronically to Baltic Travel Group email address with a signed application that is secured electronically
The client is obligated to provide information about its personal data changes and demand its correction. (Ex., without informing the Baltic Travel Group about the change of surname Baltic Travel Group cannot provide the client with commitments). In case the client has not informed the Baltic Travel Group in a timely matter Baltic Travel Group shall not bear any responsibility for the damage caused to the customer
After the client’s request, Baltic Travel Group shall check the identity of the client and makes it in accordance with the procedures prescribed by regulatory enactments.
Baltic Travel Group shall give a written answer to the client after the request has been made in one of given ways:
– on arrival of the applicant on presentation of a personal identity document;
– the address of the applicant’s correspondence indicated in the request in the postal mail;
– By sending an answer electronically to an e-mail address specified by the requester, by signing a reply letter with a secure electronic signature.
Baltic Travel Group shall ensure the enforcement of data processing and protection requirements in accordance with regulatory enactments. In the case of client claims, Baltic Travel Group shall take all necessary steps to prevent the reasonable claims incurred. If the parties fail to find a mutual solution, the client has the right to refer to the processing of personal data protection by the company to the supervisory authority, the State Inspection of the Data.
Baltic Travel Group shall store and process clients personal data:
- while in accordance with the procedures prescribed by regulatory enactments, Baltic Travel Group or customer may exercise its statutory legal interests (for example, submit objections, appeal to the Consumer Rights Protection Centre or raise the requirement in court);
- According to Article 10 of the Law On Accounting, 5 (five) years;
- As long as the customer’s consent to the relevant processing of personal data is in force if there is no legal basis for the processing of data.
After the state of affairs expire client’s data shall be deleted.
The provision of personal data is a pre-condition for the conclusion of the Tourism Service Agreement in accordance with Cabinet Regulation No 585 of 21 October 2003 “Regulations on the Sorting and Organization of Accounting”, Directive 2016/681 of the European Parliament and of the Council (EU) 2016/681 and the Aircraft Passenger Data Processing Act, and for complex tourism services of the Cabinet Regulation No 353 of 13 April 2010 “Provisions on the rules on the rights and obligations of the tourism operator, tourism agent and customer, the arrangements for preparing and implementing a complex tourism service, the information to be provided to the client and the procedures for the payment of the security guarantee” and other legal instruments of the security guarantee;
If the client can’t provide Personal Data to Baltic Travel Group then, in that case, Baltic Travel Group can’t provide tourism services to the client.
Baltic Travel Group will follow the laws of law in force in the Republic of Latvia and Regulation 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data.
Baltic Travel Group reserves the right to update this policy as needed. Information on the updated policy will be available on the website of the Public baltic.travel.