1. IDENTITY OF THE DATA CONTROLLER
- Company: Top Atlântico DMC - Viagens e Turismo,SA.
(hereinafter
"TOP ATLÂNTICO DMC")
- Registered
Office: Rua Açoreano Oriental 16, 9500-013 Ponta Delgada, Portugal
- Juristic Person
ID Number: 500269220
- Telephone: +351 289
887 400
- Email: protecaodados@topatlanticodmc.com
2. INFORMATION AND CONSENT
The Personal Data Protection Law (Law no. 67/98, of 26 October,
hereinafter referred to as the "LPDP") and the General Data
Protection Regulation (Regulation (EU) 2016/679 of the European Parliament and
of the Council of 27 April 2016, hereinafter referred to as the
"GDPR") ensure the protection of natural persons in relation to the
processing of personal data and the free movement of that data. "Personal
data" is any information, of any type and on any support, including sound
and image, regarding a natural person, who is identified or identifiable. The protection of natural persons therefore
does not extend to legal persons. An identifiable person is a person, who can
be identified directly or indirectly, e.g. by reference to an identification
number, or to one or more specific aspects of his/her physical, physiological,
mental, economic, cultural or social identity (for example his/her name
associated with his/her telephone number or email address).
By accepting this Privacy Policy, the user gives his/her express, free,
unequivocal and informed consent to the inclusion of the personal data provided
via site www.topatlanticodmc.com in data processing by TOP ATLÂNTICO DMC, in accordance with the LPDP and
the GDPR, with regard to organisational and technical security measures.
TOP ATLÂNTICO DMC, keeps a database with the record of its clients. The
data stored on this database is limited to the data provided by the data
subjects when they register and is collected and processed automatically, by TOP
ATLÂNTICO DMC., the entity that is responsible for the corresponding file, in a
manner approved by the National Data Protection Commission.
The making of reservations via our website involves the entering by
users of personal identification data such as aspects relating to their
personal preferences, special circumstances that affect them and other data
regarding debit and credit cards, which will be used to facilitate and enable
the purchase and reservation of specific services that meet the client's
requirements, as well as to provide information regarding the products and
services of TOP ATLÂNTICO DMC.
In no circumstances will information be requested regarding philosophical
or political beliefs, membership of political parties of trade unions,
religious beliefs, private life or racial or ethnic origin or with regard to
health and sex life, including genetic data.
When personal data is collected via the "Newsletter" form, or
via other forms related to the activity of the website, it will be necessary
for users to complete at least the fields marked with an asterisk, for, if this
necessary data is not provided, TopAtlântico will be unable to accept or manage
the web service or the consultation requested by the user. In no circumstances
will we effect any of the following activities in relation to the personal data
provided to us via this site:
· Communication of personal data to other persons, or
other bodies, without your prior consent;
· Transfer of personal data to other States, without
your prior consent.
3. PURPOSE OF THE PROCESSING OF PERSONAL DATA
The personal data that we process via this page will only be used for
the following purposes:
(i) Purposes linked to the business of a wholesale and retail travel
agency;
(ii) The provision of data to those involved in the services requested
by the user, in order to implement the reservation/ service purchased by the
User;
(iii) Management, administration, supply, expansion and improvement of
the services subscribed or registered for by the user, or the use and
adaptation of these services to users' preferences and tastes, as well as for shopping cart recovery actions.
(iv) Checking of credit cards and other types of cards, indicated by the
User, which are used to make payments;
(v) Study of the use of the services by users;
(vi) Checking, maintenance and development of systems and statistical
analyses;
(vii) Advertising, promotion and commercial prospecting, where duly
authorized and consented to by the User;
(viii) Sending of questionnaires, to which the user is not required to
respond;
(ix) Sending of SMS messages for direct selling, advertising or other
purposes related to the service purchased, where duly authorized and consented
to by the User.
The user may permit TopAtlântico to process his/her Personal Data in
order to establish his/her profile and offer products and services. These
services can be provided either by TopAtlântico, or third parties.
Furthermore, the user consents to the accessing of information regarding
the service purchased from TopAtlântico, in order to enable it to offer other
services to the user.
When the Personal Data is collected, the user may, with the exception of
the fields the completion of which is obligatory, provide the Personal Data on
a voluntarily basis. Absence of a reply will not (in the absence of other
indication) affect the quality or quantity of the corresponding services. Nevertheless,
failure to provide data that is considered to be obligatory, will involve an
inability to access the service for which the data was requested.
4. TRANSFER OF PERSONAL DATA
TOP ATLÂNTICO DMC may only reveal users' information to third parties in
order to complete the reservation requested and for administrative reasons, in
accordance with the legislation in force applicable to travel to / services for
certain countries.
All data collected in this way on the website will be transmitted to the
entities involved in order to purchase the services required to the extent
absolutely necessary for the reservation / service and compliance with the
legislation of destination countries.
Furthermore, the user will expressly consent to the possible transfer of
the Personal Data to:
(i) Proper national and international authorities responsible for
tourism, terrorism or crimes against human rights;
(ii) Any legal person that is a subsidiary or affiliate of TopAtlântico,
or of the company that has provided the service purchased (hotels, water, land,
rail or air transport companies, rental companies, etc.), to be used in order
to ensure a proper provision of each service requested by the user.
The user warrants that the information provided is true, accurate,
complete and up-to-date, and is responsible for all direct or indirect loss or
damage, which may be caused as a result of breach of the said obligation. Where
the data provided belongs to a third party, the user warrants that he/she has
informed the third party of the aspects referred to in this document and has
obtained the third party's permission to provide their data to TopAtlântico for
the purposes indicated.
5. APPROPRIATE SECURITY MEASURES IN THE PROCESSING OF
PERSONAL DATA
TOP ATLÂNTICO DMC. declares and warrants that it has implemented and has
and will continue to implement the technical and organisational security
measures necessary to ensure the security of personal data that is provided to
it, in order to prevent the alteration, loss, processing and/or unauthorized
accessing thereof, taking into account the current state of the technology, the
nature of the data stored and the risks to which it is exposed.
The Personal Data obtained via registration on the websites are
incorporated in a computer application, which belongs to TOP ATLÂNTICO DMC. The
accessing, by employees of TOP ATLÂNTICO DMC, of the information stored is only
possible via the insertion of access codes, which access is registered and
documented. The data stored in the files can be altered and a record is kept of
the date and the code of the user responsible for the alteration.
The Personal data is processed with the level of protection required by
law in order to ensure the security thereof and to prevent the alteration, loss,
processing or unauthorized accessing thereof, taking into account the state of
the technology, and the user is aware and accepts that Internet security
measures are not impregnable.
TOP ATLÂNTICO DMC has peripheral control infrastructures, i.e. network firewalls, private circuits and VPNs
that comply with the security requirements. The servers are housed with a data centre operator, which provides a
digital information security service for servers so housed. The service
includes file backup, storage thereof
in accordance with the policy agreed and restoration thereof at the request of TOP
ATLÂNTICO DMC.
TOP ATLÂNTICO DMC uses SSL - Secure Socket
Layer technology to secure users' communications, which ensures the
security of all credit card transactions. This technology encodes the credit
card data and transfers it via Internet, in individual modules, which are
subsequently recombined. Credit card data is used solely in order to make the
payment and is deleted from our records once the transaction has been effected.
Because of security issues in relation to certain countries, the
inclusion of data such as name, passport number, sex, age and nationality in
reservations, is compulsory. This information which is included in the
reservation may be consulted by the customs authorities of the countries of
origin or destination, in accordance with the applicable legislation.
When TOP ATLÂNTICO DMC accesses any personal data, it undertakes:
· To store personal data using the technical and
organisational security measures required by law, which ensure the security of
the data, in order to prevent the alteration, loss, processing or unauthorized
accessing thereof, in accordance with the state of the technology from time to
time, the nature of the data and the possible risks to which it is exposed;
· To use the data solely for the purposes previously
defined;
· To ensure that the data is processed solely by
employees, whose intervention is necessary for the provision of the service and
who are subject to a duty of secrecy and confidentiality. Where there is a
possibility that the information may be revealed to third parties, they shall
be required to comply with due confidentiality in accordance with the
provisions of this document.
6. COMMERCIAL AND PROMOTIONAL COMMUNICATIONS
One of the reasons why we process personal data provided by users is in
order to send electronic communications containing commercial and promotional
information.
Communications of this type will only be sent to those users, who have
previously and expressly consented to this.
Where a user no longer wishes to receive commercial or promotional
communications from TOP ATLÂNTICO DMC, he/she may object to the service, in
accordance with the provisions of Decree-Law 7/2004, of 7 January, by sending an e-mail to the following
address: protecaodados@topatlanticodmc.com or via the link
provided for that purpose in the corresponding communications.
7. EXERCISE OF RIGHTS
According to the provisions of the LDPD and the GDPR, users may exercise
their right to access, correct, delete and object, by making the corresponding
request in writing in either of the following ways, including, in all cases, a
copy of a document proving the user's identity and specifying the right or
rights that he/she wishes to exercise.
- Postal address: Praça Paul Harris, nº2
loja A, 8000-123 Faro, Portugal
- Email:protecaodados@topatlanticodmc.com