Privacy policy

PRIVACY POLICY 1. Terms and Changes 1.1 For the best service and proper fulfillment of contractual relationships, %info_company% collects, stores, publishes, transmits, and retains customer data in accordance with the laws of the Republic of Estonia and European Union legislation. 1.2 The personal data submitted during the booking and payment for services in the online booking environment are confidential and processed in accordance with the requirements of the Personal Data Act. 1.3 %info_company% does not disclose client personal data to third parties without the Client's consent, except as provided by law. 1.4 By starting to use the booking engine, you have become acquainted with and agreed to these principles and terms. We reserve the right to change the general terms of the privacy policy if necessary, notifying through the website %info_link%. For any questions or concerns about the privacy policy or data processing, please contact us at %info_email%. 2. Data Processed and Their Retention 2.1 The personal data processed are the data asked from the Client during the order process (first and last name, phone number, email address). 2.2 Identification of the responsible processor and the processor. Certain jurisdictions' data protection law distinguishes between the responsible processor and the processor. Generally, the Client is the responsible processor for client data. Generally, Booklux is the processor for client data and the responsible processor for other information. In providing the booking service (Service), Booklux OÜ processes personal data for the provision of the Service (booking the service and enabling payment for the service) and to fulfill obligations imposed by law (e.g., retaining accounting data). Responsible and authorized processor. In the provision of the Service, the authorized processors of personal data are the service provider %info_company% and the payment solution provider, who may process personal data only to the extent necessary for the provision of the Service and enabling payment for the service. Booklux OÜ is responsible for the actions of the authorized processors, and the authorized processors fully adhere to the principles of personal data processing by Booklux OÜ. 2.3 Collection of Other Data - We also collect anonymized data that cannot be directly associated with any specific individual (browser version, language preference, location, time spent on page, etc.) and treat these as generalized customer activity behavior in %info_company% booking engine. These data are aggregated and used to improve the booking engine service/product. 2.4 Booklux OÜ (company mediating and managing the booking engine) retains personal data until it is necessary to fulfill various data processing purposes and for the handling of permanent client data. Clients have the right at any time to access their personal data and information about their transactions. Clients also have the right at any time to request corrections to their personal data if the data has changed or are otherwise inaccurate. For modifications/additions or removal of data, please contact %info_company% at %info_email%. 2.5 In addition, the client's billing account number is processed during the payment process. 3. Payment System Security and Data Processing 3.1 The security of payment via bank link and/or bank card is protected by SSL security protocol, which ensures that the information exchanged cannot be intercepted or altered by unauthorized persons. %payment_platform% securely stores the cardholder's data and never shares them with merchants or third parties. The information accessible to the merchant is limited to the type of card (e.g., Visa or MasterCard) and the last two digits of the card number. 3.2 The amount payable during the booking or in the selection of tickets can be paid using the payment methods offered by the payment platform, mediated by the payment solution provider. %info_company% is the responsible processor of personal data and transmits the necessary personal data to the authorized processor who provides the service according to the offered payment methods.