WHO ARE WE?
We are “SPOT TOURS” and we are located in Terceira, in the Azores. Our area of activity is tourism, more specifically tourist entertainment.
WHY THIS PRIVACY AND PERSONAL DATA PROTECTION POLICY?
The purpose of this Policy is to inform the Clients/Users of “SPOT TOURS” about the general rules of privacy and processing of personal data, which are collected and processed in strict compliance with the provisions of the personal data protection legislation in force at any given time, namely Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 (“GDPR”).
“SPOT TOURS” respects the best practices in the field of security and protection of personal data and to this end has taken the necessary technical and organizational measures to comply with the GDPR and to ensure that the processing of personal data is lawful, fair, transparent, and limited to the authorized purposes.
“SPOT TOURS” is committed to the protection and confidentiality of personal data and has taken the measures it deems appropriate to ensure the accuracy, integrity, and confidentiality of personal data as well as all other rights of data subjects.
WHAT DOES THE PRESENT POLICY COVER?
This Policy applies exclusively to the collection and processing of personal data for which “SPOT TOURS” is responsible for the respective processing, within the scope of the services and products made available to its Customers/Users and in all situations where the processing of personal data occurs.
WHAT IS PERSONAL DATA?
Personal data is any information, of whatever nature and whatever its means, including sound and image, concerning an identified or identifiable natural person.
An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to a name, identification number, location data, electronic identifiers or to one or more factors specific to his or her physical, physiological, genetic, mental, economic, cultural or social identity.
WHAT DOES THE PROCESSING OF PERSONAL DATA CONSIST OF?
Processing of personal data consists of an operation or set of operations which is performed upon personal data or sets of personal data, whether or not by automated means, including collection, recording, organization, structuring, storage, adaptation, retrieval, consultation, use, disclosure, dissemination, comparison, interconnection, restriction, erasure or destruction.
WHO IS IN CHARGE OF DATA PROCESSING?
The entity responsible for the treatment of personal data is “SPOT TOURS”, which determines the purposes and means of their treatment.
To this effect, should the holder of the personal data need to contact the data controller, he/she may do so through the means and contacts indicated below: firstname.lastname@example.org .
WHAT TYPES OF PERSONAL DATA ARE PROCESSED?
“SPOT TOURS”, within the scope of its activities, processes personal data necessary for the provision of services and/or supply of products, processing data such as name, telephone number and e-mail address, according to information provided by the owners of personal data.
Personal data may also be processed for marketing purposes or for the promotion of offers of goods and services from “SPOT TOURS” if the data subject has consented to this.
In case of prior consent of the holder, this may be withdrawn at any time, without the lawfulness of the processing carried out based on the consent previously given being compromised.
WHEN AND HOW DO WE COLLECT YOUR PERSONAL DATA?
“SPOT TOURS” collects your personal data, namely by telephone, in writing, through its website, ensuring, whenever necessary, the previous consent of the holder of the personal data.
Some personal data is indispensable to the execution of the contract, without which “SPOT TOURS” may not provide the product or service in question.
In case the owner of the personal data is not a Customer/User of “SPOT TOURS”, his/her personal data will only be treated when they are made available, in which case the rules of this Policy will apply.
The personal data collected may be processed by computer in an automated or non-automated way, ensuring in all cases the strict compliance with the personal data protection legislation, being stored in specific databases created for that purpose and, under no circumstances, the data collected shall be used for purposes other than those for which they were collected, or consent was given by the data owner.
WHO ARE THE RECIPIENTS OF THE PERSONAL DATA?
Without prejudice to the recipients indicated throughout this Policy, “SPOT TOURS” may communicate the Customer’s/User’s personal data with the purpose of complying with legal obligations, namely to police, judicial, tax and regulatory entities.
WHAT ARE THE PURPOSES OF THE PROCESSING OF PERSONAL DATA AND RESPECTIVE LEGAL GROUNDS?
In general, the personal data collected is based on and intended for the management of the contractual and commercial relationship, the provision of the contracted services, the adequacy of the services to the needs and interests of the Customer/User, namely for the purposes of access to specific features of the services, information and marketing actions.
Additionally, personal data may also be processed for the purpose of complying with legal obligations.
FOR HOW LONG DO WE KEEP YOUR PERSONAL DATA?
The period of time during which personal data is stored and retained varies according to the purpose for which the information is processed.
In fact, there are legal requirements that oblige us to retain data for a minimum period of time. Thus, and whenever there is no specific legal requirement, the data will be stored and kept only for the minimum period necessary for the pursuit of the purposes that motivated their collection or their subsequent processing, under the terms defined by law.
WHAT ARE YOUR RIGHTS AS A DATA OWNER?
As owners of personal data, Clients/users are guaranteed, at any time, the right to access, rectify, update, limit and delete their personal data (except for data that are indispensable for the provision of services to “SPOT TOURS” or to comply with legal obligations to which the person responsible for the treatment is subject), the right to oppose the use of such data for commercial purposes by “SPOT TOURS” and to withdraw consent, without this affecting the lawfulness of the treatment carried out under such consent, as well as the right to data portability.
HOW CAN YOU ACCESS, RECTIFY, UPDATE, LIMIT, DELETE, OPPOSE THE PROCESSING OF YOUR PERSONAL DATA, OR REMOVE CONSENT?
Without prejudice to the provisions of the GDPR, the holder of the personal data may do so, directly or by written request, addressed to the respective Responsible for processing, through the contacts provided for this purpose in this document, as well as other contacts made available by “SPOT TOURS”.
HOW CAN I OPPOSE THE RECEPTION OF CONTACTS FOR MARKETING PURPOSES?
“SPOT TOURS” may promote actions of promotion of new products or services to its Clients/Users, namely through telephone, e-mail, SMS, or any other electronic communication service, in case the owner of the personal data has given his/her consent.
If the holder of the personal data does not wish to continue to receive these communications, he/she may, at any time, withdraw his/her consent to the use of his/her data for marketing purposes.
HOW CAN YOU COMPLAIN?
Without prejudice to the possibility of presenting complaints directly to “SPOT TOURS” through the contacts made available for that purpose, the Customer/User may complain directly to the Control Authority, which is the National Commission for Data Protection (CNPD), using the contacts made available by this entity for that purpose.
WHAT MEASURES HAVE “SPOT TOURS” ADOPTED TO ENSURE THE SECURITY OF YOUR PERSONAL DATA?
“SPOT TOURS” is committed to ensuring the protection of the security of the personal data made available to it and has approved and implemented strict rules in this regard. Compliance with these rules is an obligation of all those who legally access them.
Considering the concern and commitment that “SPOT TOURS” reveals in the defense of personal data, several technical and organizational security measures have been adopted to protect personal data provided against diffusion, loss, improper use, alteration, unauthorized treatment or access, as well as any other form of illicit treatment.
Additionally, third parties who, within the scope of the provision of services, process the Customer(s)/User(s) personal data on behalf of “SPOT TOURS” are obliged, in writing, to implement adequate technical and security measures that, at all times, meet the requirements foreseen by the legislation in force and ensure the protection of the rights of the data holder (namely, the protection of privacy and personal data).
UNDER WHAT CIRCUMSTANCES IS DATA COMMUNICATED TO OTHER ENTITIES (THIRD PARTIES AND SUBCONTRACTORS)?
“SPOT TOURS”, within the scope of its activity, may use third parties to provide certain services. Sometimes, the provision of these services implies access, by these entities, to Customers/Users personal data. When this happens, “SPOT TOURS” takes the adequate measures in order to ensure that the entities that have access to the data are reputable and offer the highest guarantees at this level, which is duly established and safeguarded contractually between “SPOT TOURS” and the third party(ies).
Therefore, any entity subcontracted by “SPOT TOURS” will process the personal data of our Customers/Users on behalf of and in the name of “SPOT TOURS” and will adopt the necessary technical and organizational measures to protect the personal data against destruction, accidental or illicit, accidental loss, alteration, unauthorized disclosure, or access and against any other form of illicit treatment.
In any case, “SPOT TOURS” remains responsible for the personal data made available to it.
In this case, “SPOT TOURS” uses Mailchimp, as a marketing platform. By agreeing to our policies, you acknowledge that your information will be transferred to Mailchimp. Learn more about Mailchimp’s privacy policies here https://mailchimp.com/legal/. You can unsubscribe at any time by clicking the link in the footer of our emails. For more information on our privacy policies, please visit our website.
IN WHAT CIRCUMSTANCES DO WE TRANSFER YOUR PERSONAL DATA?
The provision of certain services by “SPOT TOURS” may imply the transfer of your data outside Portugal, including outside the European Union or to International Organizations.
In such case, “SPOT TOURS” will strictly comply with the applicable legal provisions, namely regarding the determination of the adequacy of the destination country(ies) in what concerns the protection of personal data and the requirements applicable to such transfers, including, whenever applicable, the celebration of adequate contractual instruments that guarantee and respect the legal requirements in force.
HOW DO WE USE “COOKIES”?
“Cookies” are small software tags that are stored on your computer through your browser, retaining only preference-related information, and as such do not include personal data.
To learn more about cookies and how “SPOT TOURS” uses them on its website, please see the “About Cookies” section below.
HOW CAN YOU LEARN ABOUT ANY CHANGES TO THE PERSONAL DATA PROTECTION POLICY?
“SPOT TOURS” reserves the right to adjust or make changes to the present Personal Data Protection Policy at any time.
What are cookies?
“Cookies” are small software tags that are stored on access equipment through the browser, retaining only preference-related information, and as such do not include personal data.
What are Cookies used for?
Cookies are used to help determine the usefulness, interest and number of uses of websites, allowing faster and more efficient browsing, eliminating the need to repeatedly enter the same information.
What kind of cookies are there?
There are two groups of cookies that can be used:
Permanent cookies – these are cookies that are stored at browser level in the access equipment (PC, mobile and tablet) and are used whenever a new visit is made to one of “SPOT TOURS” websites. They are generally used to direct navigation to the user interests, allowing for a more personalized service.
Session cookies – these are temporary cookies that remain in the cookie file of the browser until you leave the website. The information obtained by these cookies is used to analyze web traffic patterns, allowing us to identify problems and provide a better browsing experience.
- Strictly necessary cookies – These allow you to navigate the website and use the applications, as well as access secure areas of the website. Without these cookies, the required services cannot be provided.
- Analytical cookies – These are used anonymously to create and analyze statistics, so that the functioning of the website improves.
How can you manage cookies?
All browsers allow you to accept, refuse or delete cookies, and also to inform you when a cookie is received, namely by selecting the appropriate settings in your browser. You can configure cookies in the “options” or “preferences” menu of your browser.
It should be noted, however, that by disabling cookies you may prevent some web services from working properly, affecting website navigation in whole or in part.