Privacy Policy
Privacy Policy
GENERAL INFORMATION
MB "Atravel", registered office No K 306161910, registered office address - Parko g. 41B-6, Panevėžys (hereinafter - Data Controller) this privacy policy ("Privacy Policy") Privacy Policy) lays down the conditions for the processing of personal data using the website operated by the Data Controller www.atravel.lt (hereinafter referred to as Website). The terms and conditions set out in this Privacy Policy apply each time you visit the website, regardless of the device you are using (computer, mobile phone, tablet, TV, etc.).
It is very important that you read this Privacy Policy carefully because each time you visit the Website owned by the Data Controller, you agree to the terms and conditions described in this Privacy Policy. If you do not agree to these terms and conditions, please do not visit our website or use our content and/or services.
By submitting his/her personal data (including data provided directly or indirectly by visiting the website and using its services), the Data Subject consents and does not object to the Data Controller's management and processing of such data for the purposes and in accordance with the purposes and procedures provided for in this Privacy Policy, the Data Subject's consent and the legislation.
Participant - a person participating or intending to participate in games, promotions and/or competitions organised by the Data Controller.
Data subject for the purposes of this Privacy Policy, the Applicant, Customer, Candidate, Telephone Caller or any other natural person whose personal data is processed by the Data Controller.
Person applying - a natural person interested in the services provided by the Data Controller or wishing to contact the Data Controller on other issues.
Client - a person who has purchased goods, services from the Data Controller or who has entered into a contract with the Data Controller for the provision of business and leisure travel services.
Candidate - a person participating or intending to participate in a recruitment exercise conducted by the Data Controller.
Phone caller - a person who calls the contact telephone number indicated on the Website in relation to the provision of the Data Controller's services and/or other matters.
The Data Controller will collect personal data in accordance with the applicable requirements of the European Union and the Republic of Lithuania legal acts and the instructions of the controlling authorities. All reasonable technical and administrative measures shall be taken to ensure that the data collected about Data Subjects is protected against loss, unauthorised use and alteration.
Persons under the age of 16 may not submit any personal data through the Data Controller's Website. If you are a person who is under the age of 16, you must obtain the consent of your parents or other legal guardians before submitting personal information.
This Privacy Policy has been drawn up in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (hereinafter referred to as the "General Data Protection Regulation"), the Law on Legal Protection of Personal Data of the Republic of Lithuania, and other legal acts of the European Union and the Republic of Lithuania. The terms used in this Privacy Policy shall be understood as defined in the General Data Protection Regulation and the Law on Legal Protection of Personal Data of the Republic of Lithuania.
WHAT INFORMATION DO WE COLLECT ABOUT YOU?
Information provided directly by you.
Information about your use of our Website.
If you visit our Website, we also collect information that reveals the characteristics of the use of our services or automatically generated visit statistics. For more information on this, please see "Cookies".
Information from third party sources
We may obtain information about you from public and commercial sources (to the extent permitted by applicable law) and link it to other information we obtain from or about you. We may also receive information about you from third party social networking services when you access them, for example through your Facebook accounts.
Other information we collect
We may also collect other information about you, your device or your use of our website content with your consent.
You may choose not to provide us with certain information, but this may prevent you from using our service.
PROCESSING OF PERSONAL DATA FOR THE PURPOSE OF A CONSULTATION, ENQUIRY
Processing of personal data of persons contacting the Data Controller, including telephone callers, for the purpose of consultation, enquiry and/or other matters. The Data Controller shall process such personal data of applicants, including Telephone Callers:
Name;
Name;
Telephone number;
Email address.
In the event that the Data Controller is contacted by a representative of the applicant, the Data Controller shall process such data of the applicant's representative:
Name;
Name;
Contact with the requesting Data Subject;
Telephone number;
Email address.
Applicants' data are not passed on to third parties.
PROCESSING OF PERSONAL DATA FOR THE PURPOSE OF PROVIDING THE TOUR OPERATOR'S SERVICES
Customer data management. The Data Controller processes the following Customer Data:
Name;
Name;
Date of birth;
Personal code;
Details of identity documents;
Workplace data;
Telephone number;
Email address;
Other information related to the product and/or service you are buying.
In the event that the Client is represented by another person, the Data Controller shall process such personal data of the Client's representative:
Name;
Name;
Contact with the requesting Data Subject;
Telephone number;
Email address.
Data received directly from Customers or their representatives, with their consent, or in the performance of a contract with a Customer, and/or from other third parties who have a relationship with the Data Subject, shall be passed on to such recipients as necessary:
Partners providing tourism and transport services (airlines or reservation systems for airline tickets or other transport tickets, hotels, companies providing transport, rental, excursions, guides and other services requested by the Customer).
The Data Controller undertakes not to transfer your personal data to any unrelated third parties, except in the following cases:
- if you have consented to the disclosure of personal data;
- in the provision of services - to our partners to deliver the services you have requested. We will only provide these service providers with as much of your personal information as is necessary to perform the specific service;
- to pursue the legitimate interests of the Data Controller (e.g. in the case of debt recovery);
- to the authorised institutions, in accordance with the procedure provided for by the legislation of the Republic of Lithuania.
The Data Controller may provide the personal data of Clients and other Data Subjects to Data Processors not specified in this Privacy Policy who provide services (perform work) to the Data Controller and process the personal data of Clients and Data Subjects on behalf of the Data Controller. Data Processors shall have the right to process personal data only in accordance with the instructions of the Data Controller and only to the extent necessary for the proper performance of their obligations under the Contract. When using processors, the Data Controller shall take all necessary measures to ensure that the processors have implemented appropriate organisational and technical security measures and maintain the secrecy of personal data.
The processing of personal data for the purposes of the provision of services by the tour operator is based on: the consent of the data subject and/or the performance of a contract with the data subject (Article 6(1)(a) and (b) of the General Data Protection Regulation).
PROCESSING OF PERSONAL DATA FOR THE PURPOSES OF RECRUITMENT OF JOB APPLICANTS
The Data Controller shall process, for the purposes of recruitment, the personal data voluntarily provided by the Candidate to the extent to which the personal data have been provided.
The data is obtained directly from the candidates and/or from third party job posting websites. This data is not passed on to third parties.
Candidates' data are processed on the basis of the consent expressed by the submission of their data and the intention to take action by the Candidate's affirmative act and/or request before the conclusion of the contract (Article 6(1)(a) and (b) of the General Data Protection Regulation).
PROCESSING OF PERSONAL DATA FOR THE PURPOSES OF ORGANISING GAMES, PROMOTIONS, COMPETITIONS
The Data Controller may process personal data for the purposes of running competitions or promotions only with the consent of the Data Subject. The Data Controller may collect the following personal data from Entrants:
Name;
Name;
Photos;
Telephone;
Email.
Data is obtained directly from Data Subjects participating in games, promotions and/or competitions. These data are not communicated to third parties, but may be made public on the Data Subject's website and/or on the Data Controller's Facebook accounts. The Data Controller may publish: name, surname, photo.
The processing of personal data is based on the consent expressed by providing your personal data (Article 6(1)(a) of the General Data Protection Regulation.
PROCESSING OF PERSONAL DATA FOR DIRECT MARKETING PURPOSES
The Data Controller aims to share only relevant news about travel and flight services, discounts, offers, competitions and other useful information with the recipients of the newsletters. It does so in accordance with this Privacy Policy.
The Data Controller shall only process personal data for the purpose of direct marketing with the explicit consent of the Data Subject. For the purpose of direct marketing, the following personal data of Customers and other Data Subjects are processed:
Name;
Name;
Telephone number;
Email address.
By sending a newsletter, the Data Controller may collect statistical data on the Data Subject's behaviour in relation to the use and content of the newsletter (for example, whether the newsletter has been read, which links have been opened by the Data Subject).
The data subject's email address may be used to serve advertising via Facebook, Google and other advertising platforms, tailoring advertising to the target audience.
Based on the personal data you provide, for the purpose of direct marketing, profiling of your personal data may be carried out in order to offer you tailored solutions and offers. You may at any time withdraw your consent to or object to the processing of your personal data by automated processing, including profiling (should such processing be applicable).
Personal data is obtained directly from Data Subjects. The Data Controller may only transfer Personal Data to third parties providing specialised services for the purpose of sending emails, tailoring the type of advertising ordered through advertising platforms.
The personal data of customers and other Data Subjects shall be processed on the basis of the consent expressed by providing their data and agreeing to the processing of personal data for the purpose of direct marketing (Article 6(1)(a) of the General Data Protection Regulation).
Please be informed that the Data Subject shall have the right to object to or withdraw his or her consent to the processing of his or her personal data for direct marketing purposes, including profiling in relation to such direct marketing, at any time, without having to provide any reasons for objecting:
- By clicking on the "unsubscribe" link at the end of the newsletter or on the website
- By emailing info@atravel.lt or calling +370 615 25019.
Withdrawal of consent shall not affect the lawfulness of processing based on consent carried out before the withdrawal of consent.
WHAT DO WE DO TO PROTECT YOUR INFORMATION?
Personal data is protected against loss, unauthorised use and alteration. We have put in place physical and technical measures to protect all information we collect for the purposes of providing our services. We remind you that while we take reasonable steps to protect your information, no website, online transaction, computer system or wireless connection is completely secure.
The Data Controller applies different retention periods for Personal Data in accordance with the requirements of legal acts and taking into account the purposes of the processing of Personal Data.
Storage periods for personal data:
| Purpose of processing personal data | Storage period |
| Processing of data subjects' personal data for consultation, fulfilment of queries | 1 year from the date of the consultation or enquiry. Except where the Data Subject makes a request for the provision of services by the Data Controller. In this case, the general 10-year time limit applies |
| Customer personal data - for the purposes of providing services | 10 years since last contact |
| Processing of candidates' personal data for recruitment purposes | 4 months after the Candidate is recruited. Longer storage of Candidates' CV and other data requires the Candidate's consent |
| Processing of personal data of data subjects for the purpose of video surveillance | 1 month |
| Processing of data subjects' personal data for the purposes of organising games, promotions, competitions | 1 year from the date of award |
| Processing of personal data of data subjects for direct marketing purposes | 5 years from the date of consent, unless the Data Subject wishes to extend this period |
Exceptions to retention periods may be made to the extent that they do not prejudice the rights of Data Subjects, comply with legal requirements and are properly documented.
At the end of the time limits, if they have not been extended, the data will be erased in such a way that they cannot be reproduced.
YOUR RIGHTS
The data subject whose data are processed in the course of the Data Controller's activities has the following rights:
- Know (be informed) about the processing of your data (right to know);
- To know your data and how it is processed (right of access);
- Request rectification or, depending on the purposes of the processing of personal data, completion of incomplete personal data (right to rectification);
- To have your data erased or to stop the processing of your data (except for storage) (right to erasure and right to be forgotten);
- Have the right to require the Data Controller to restrict the processing of personal data on one of the legitimate grounds (right to restrict);
- You have the right to data portability (right to port);
- To object to the processing of personal data where such data is processed or intended to be processed for direct marketing purposes, including profiling in relation to such direct marketing;
- File a complaint with the State Data Protection Inspectorate of the Republic of Lithuania.
If you no longer wish to have your personal data processed for the purpose of direct marketing, you may send an email to info@atravel.lt or call +370 615 25019 to object to the processing of your personal data for the purpose of direct marketing, without giving reasons for your objection.
The controller shall respond to such a request or instruction and shall carry out or refuse to carry out the actions specified in the request within one month of the request. Where necessary, the period referred to may be extended by a further two months, depending on the complexity and number of requests. In that case, the Data Controller shall inform the Data Subject of such extension within one month of receipt of the request, together with the reasons for the delay.
The Data Controller may refuse to allow data subjects to exercise the rights listed above, except for the refusal to process personal data by direct marketing, where, in cases provided for by law, it is necessary to ensure the prevention, investigation and detection of crimes, breaches of professional or professional ethics, as well as the protection of the rights and freedoms of the Data Subject, the Data Controller or other persons.
THIRD PARTY WEBSITES, SERVICES AND PRODUCTS ON OUR WEBSITES
The Data Controller's website may contain third-party banners, links to their websites and services that are not under the Controller's control, for example, a link to the Facebook profile of the Data Controller. The Data Controller is not responsible for the security and privacy of information collected by third parties. You must read the privacy statements applicable to the third-party websites and services that you use.
If you have provided your details via Facebook, we understand that you agree that we may contact you with the contact telephone number and email address you have provided to provide service offers.
SLAPS
When you visit the Controller's website, we want to provide you with content and features that are tailored to your specific needs. This requires the use of cookies. These are small pieces of information that are automatically created when you browse the website and are stored on your computer or other terminal device. They help the Data Controller to recognise you as a previous visitor to a particular website, to store your visit history and to tailor the content accordingly. Cookies also help to ensure the smooth running of websites, to monitor the duration and frequency of visits to websites and to collect statistical information about the number of visitors to websites.
Descriptions of the cookies used on our website
| Cookie name | Description/ Purpose of use |
Moment of creation | Period of validity | Data used | Additional information |
| PHPSESSID | A cookie is used for web website functionality realise |
Entering the page | Until the website window closes | ||
| __cfduid | Cookie to support additional services: cloudfare | Entering the page | 1 year | ||
| __utma | These cookies are used to collect statistical information about website traffic. The data obtained is used to compile reports and to improve the site | Entering the page | 2 years | IP addresses and unique ID numbers are used for accounting purposes. The result of the accounting is statistical. Counter accounting is carried out via Google analytics | Google Analytics |
| __utmb | Entering the page | 30 minutes | |||
| __utmc | Entering the page | Until the website window closes | |||
| __utmz | Entering the page | 6 months | |||
| _ga | Entering the page | 2 years | |||
| _gid | Entering the page | 24 hours | |||
| _ym_isad | These cookies are used to collect statistical information about website traffic. The data obtained is used to compile reports and to improve the site | Entering the page | 25 hours | IP addresses and unique ID numbers are used for accounting purposes. The result of the accounting is statistical. Counter accounting is performed via Yandex Metrica | Yandex Metrica |
| _ym_uid | Entering the page | 2 years | |||
| _ym_visorc | Entering the page | 30 minutes | |||
| cdrUID3 | Used to collect statistical information about website traffic | Entering the page | 10 years | IP addresses and unique ID numbers are used for accounting purposes. The result of the accounting is statistical | |
| clipboard_id | Used to save selected travel offers | Entering the page | 30 days | ||
| formHash | Used to store booking data | Entering the page | 10 minutes | ||
| lastUrlProductOffer | Used to save the last viewed offer | Entering the page | 24 hours | URL with the last offer readings | |
| cookie-info | Used to confirm the use of cookies | Entering the page | 2 years | Meaning "1" | Cookie request form, |
| jwplayer.captionLabel | Used to maintain the functionality of the website | Entering the page | Until the website window closes | ||
| childDates | Used to store the date of birth | Entering the page | 100 days | Date of birth | SearchForm.js - search results |
| FilterTailsPrice | Used to save price filters | Entering the page | 7 days | Filtered ID | SearchForm.js - search results |
| browserupdateorg | Used for the purpose of setting cookies | Entering the page | 1 day | Meaning "1" | Pop-up window if using an older version of Internet Explorer |
How to manage and delete cookies
When you use your browser to access the content we provide, you can configure your browser to accept all cookies, refuse all cookies, or to notify you when a cookie is sent. Every browser is different, so if you don't know how to change your cookie preferences, please check your browser's help menu. Your device's operating system may have additional cookie controls. If you do not want information to be collected by cookies, you can use a simple procedure in most browsers that allows you to opt out of cookies. To learn more about how to manage cookies, please visit: http://www.allaboutcookies.org/manage-cookies/.
However, please note that in some cases, deleting cookies may slow down the speed of your browsing experience, restrict certain features of the website or block access to the website.
Our website may contain links to the websites of other individuals, companies or organisations. Please note that the Data Controller is not responsible for the content of such websites or the privacy practices they use. Therefore, if you click on a link from the Data Controller's website to other websites, you should consult their privacy policies separately.
FINAL PROVISIONS
Amendments or changes to the Privacy Policy shall come into force from the date of their publication on the Website.
When, after the addition or modification of the Privacy Policy, the Data Subject uses the Website and/or the services provided by the Data Controller, it shall be deemed that the Data Subject does not object to such additions and/or modifications.
CONTACT US
If you have any questions about the information contained in this Privacy Policy, please contact us in any way that is convenient for you:
Telephone +370 615 25019
E-mail: info@atravel.lt
English 
Lithuanian