Personal data is any information that relates to you as a user of a site and through which you can be directly or indirectly identified.
This site collects and processes personal data in accordance with the requirements of international laws and only for the purpose of selling the tourism products in accordance with the public agreement. We transfer personal data only to reliable partners using the secure protocols. We restrict access to personal data by means of password based authentication and secret codes. Personal data is stored in encrypted form and only for the purposes of increasing the usability of the service. The data owner is provided an opportunity to view, edit and delete personal data by means of the “private office” functionality.
If you create an account in our system, your orders will be tied to this account and displayed in your personal “private office”. Nobody except you has the access personal data stored in your personal “private office”. You can delete your account in your personal “private office”. In this case all personal data associated with your account, including your orders, will be deleted from the system.
Personal data related to orders is stored in an encrypted form. Only you and our company’s employees have the access to this data. Our employees use your personal data only for purposes of analysing and solving technical problems (for example, an error during the booking due to an unacceptable format of the data). Use of personal data for other purposes is prohibited by the nondisclosure agreement that is signed by each of our employees. Personal data from the orders will be deleted after the completion of the service execution time, after the end of the acceptable terms of exchanges and refunds for the services and after the end of the reporting period.
We send e-mail and sms notifications only:
• to notify you about the current status of your orders;
• to confirm your e-mail address during the account registration process;
• to change the password after the account registration process.
During the account registration process you can also subscribe to our newsletter in order to receive news about our company, information about profitable promotions and our special offers. You can unsubscribe at any time by clicking the “unsubscribe” link we provide in each letter.
Our system does not obtain or store card data. All payments are processed through reliable and certified systems of banks or payment gateways. We only obtain and process data concerning the successful or unsuccessful result of your payment.
Rights of the subject of personal data
You have the right to obtain, edit or completely delete your personal data.
You have the right to request the following information by e-mail or phone:
• one copy of your personal data (free of charge);
• detailed information about the companies (reservation systems), to which your personal data was or will be transferred, and the country of their location;
• any information related to the purposes and terms of processing of personal data, to the sources of obtain of your personal data (if it does not contradict the requirements of laws).
The system does not process personal data for the purposes of making automated decisions that can affect the order price or decisions restricting your rights as a subject of personal data.
Information collected and processed by our system
We obtain from you the following information:
|Data type||The use||Where is being transferred to||Data storage period|
|Browser language||To determine the language version of the site||Not transferred||Not stored|
|Browser type||To determine specific parameters for the correct display of a website||Not transferred||Not stored|
|Internet Protocol address (IP)||For an approximate definition of the nearest departure airport. To limit the number of attempts of performing the operations that are critical for the security (protection against brute force selection)||Not transferred||Stored in logs up to 1 year (only for analyzing and solving technical problems)|
|Tourists data (purchasing process)||For booking and sale||To reservation systems||Unlimitedly in an encrypted form (until being removed by the user)|
|User’s e-mail address (purchasing process)||For booking. To send etickets and e-mail notifications about the status of the order||Not transferred||Unlimitedly in an encrypted form (until being removed by the user)|
|User’s phone number (purchasing process)||For booking. To send SMS-messages to notify about the status of the order||Not transferred||Unlimitedly in an encrypted form (until being removed by the user)|
|User’s e-mail address (registration process)||To indentify the user. For password recovery.||To the mailing list management system in the case of direct user consent||Unlimitedly in an encrypted form (until the removal of the user)|
|User’s password||For authentication||Not transferred||Unlimitedly in an encrypted form (until the removal of the user), as a hash sum.|
Cookies are files with data related to our system and stored on the side of your device. You manage the stored data yourself and you can delete it at any time. It is not recommended to completely disable the cookies functionality as this can adversely affect the availability of the certain functionality of our system.
We use personal data from these files only for the purposes listed below.
- To improve the quality of the system: we save the site settings that are convenient for you, for example, the language or the currency.
- For effective and useful advertising: we use ad serving systems (for example, Google AdWords, Yandex.Direct) to promote our solution. The ad serving systems collect anonymous statistical data about visitors of the websites for the purposes of an effective and unobtrusive advertising campaign.
Data Storage Policy
1. Security of access to personal data is provided by authentication and authorization.
2. Employees of companies that have access to personal data, sign a non-disclosure agreement and have to authentication.
3. During the process of transmission and storage (including backups) personal data is encrypted. To check the integrity of the encrypted data the checksum algorithm is used. Encryption algorithm: symmetric-key algorithm with 256-bit key and random initialization vector.
4. Secure storage of passwords (via hash value without the ability to restore the user’s original password).
5. Passwords to personal data are protected from brute force selection.
6. Protection against data loss is organized through a real-time replication and daily backups systems.
7. All operations of accessing personal data are logged.
Private enterpreneur Belash Volha, 222410 Republic of Belarus, Minsk region, Vileyka. State registration of 16.11.2019 by the Vileyka district executive committee. Payer’s Identification Number 691186227
Date of publication: 16.11.2019