Privacy Policy

What are Personal Data

Personal Data (PD) refers to any information relating to an identified or identifiable natural person. An identifiable natural person is one whose identity can be determined, directly or indirectly, particularly by reference to an identifier such as a name, identification number, location data, an online identifier, or to one or more factors specific to the physical, physiological, genetic, psychological, economic, cultural, or social identity of that natural person. This also includes more personal information such as habits, preferences, biometric data, etc.

Collection and Processing of Personal Data

The company must collect PD (i.e., personal information) for the effective execution of daily business operations and services and, in some cases, to comply with legal and/or regulatory requirements. The collection of PD is a form of processing, as are storage, organization, structuring, modification, retrieval, consultation, use, deletion, or destruction.

When you contact us by phone, visit our website, cooperate with us, submit inquiries, or request collaboration, we may ask you for information (i.e., PD such as name, address, email, phone number, etc.) depending on the nature of our relationship. You may also voluntarily provide additional PD (e.g., when sending a CV) or extra information (such as tax or business details in the context of cooperation or inquiries).

We collect information directly or indirectly in the following ways:

• Information you provide to us when communicating with us or visiting our website by electronic or other means.
• Information we receive from your use of our services or our partners’ services.
• We use various technologies to collect and store information, including cookies.
• We may use information from advertising networks, our clients, or third parties to inform you about services that may interest you.
• Our website itself does not collect any information related to user behavior, activities, or location.

We use the information we collect, always with your consent, to:

• Process and fulfill your request for tourism services
• Provide personalized and updated services and/or products
• Communicate with you and inform you about our new products (e.g., via newsletters)
• Process payments
• Respond to your inquiries
• Implement this Privacy Policy

When you contact us, we keep records of communications to help resolve any issues you may encounter.

We do not allow unauthorized entities access to your data without your consent, except in the following cases:

• With your consent: We share personal data with companies, organizations, or individuals when we have your explicit consent.
• For external processing: We provide personal data to trusted partners to process it on our behalf under our instructions and in accordance with this Privacy Policy and applicable confidentiality and security measures, including Regulation EU 679/2016.
• For legal reasons: We share personal data with competent public authorities when necessary to comply with laws, regulations, legal processes, or governmental requests.

All of the above require your consent.

Personal Data Protection

Any company handling personal data of living individuals within the EU must comply fully with Regulation EU 679/2016 (GDPR) as of May 25, 2018. The Regulation applies directly to all EU Member States.

Through this Privacy Policy, the company informs individuals about the processing of their PD, helping them make informed decisions about their relationship with the company.

Privacy Policy

This Privacy Policy declares our compliance with GDPR and our respect for privacy and personal data security. Its purpose is to:

• Inform individuals (you) about the PD we collect and process, why, how, and for how long
• Ensure individuals are aware of their rights and our obligations regarding accountability and security
• Provide a clear and simple way to obtain your consent as the legal basis for processing PD and allow you to withdraw it at any time

Your Rights

Customers, users, and website visitors have the following rights under GDPR:

• Right of access to their PD
• Right to rectification
• Right to erasure
• Right to restriction of processing
• Right to be informed about corrections, deletions, or restrictions
• Right to data portability
• Right to object to processing
• Right to object to automated decision-making, including profiling

Company Obligations

Our obligations include:

• The principle of accountability regarding the six principles of data processing (lawfulness, fairness and transparency, purpose limitation, data minimization, accuracy, storage limitation, integrity, confidentiality, and security)
• Processing is lawful only if one of the following applies:
  • Consent of the data subject
  • Necessity for contract performance
  • Legal obligation compliance
  • Protection of vital interests
  • Public interest or official authority
  • Legitimate interests (unless overridden by the individual’s rights and freedoms)

We also implement appropriate technical and organizational measures to protect data from unauthorized access, alteration, disclosure, or destruction. Specifically:

• We review data collection, storage, and processing practices, including physical security measures
• Access to personal data is restricted and controlled, and authorized individuals are bound by confidentiality obligations
• External partners with potential access to PD are contractually bound to GDPR requirements

Throughout the entire data processing lifecycle (from collection to destruction), we ensure confidentiality, integrity, and availability of PD.

We require similar measures from third parties handling PD. Our website is not intended for children under 16. If services are used by minors under 16, parental consent is required.

Access and Updates to Your Data

You may request access, correction, restriction, or deletion of your personal data at any time under GDPR rights.

Permanent Deletion of Personal Data

You have the right at any time to request permanent deletion of your personal data from the Mazi Travel database. Requests should be sent via email to: dpo@mazi.travel.

Changes to the Privacy Policy

Mazi Travel reserves the right to modify this Privacy Policy, provided that such changes are announced on the website at least one (1) week before implementation.

Contact

For any questions or clarifications regarding this Privacy Policy, you may contact us:

• By phone: +30 2310 238025
• By email: info@mazitravel.com, dpo@mazi.travel