Privacy policy

1. INTRODUCTION

Diamond tours s. r. o. (registered office: Eötvösova ul. 3195/21, Komárno 945 01, Slovakia) (hereinafter: Service Provider, Data Controller) acknowledges the contents of this notice as binding. Data processing is conducted in accordance with REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL (General Data Protection Regulation - GDPR).

  • Website covered: https://www.google.com/search?q=ticket-paradise.com

  • Availability: https://paris-seightseeingcruise.com/

  • Governing Law: EU norms and Hungarian law.

2. DATA CONTROLLER DETAILS

  • Name: Diamond tours s. r. o.

  • Registered Office: Eötvösova ul. 3195/21, Komárno 945 01, Slovakia

  • E-mail: info@paris-seightseeingcruise.com

3. DEFINITIONS

  • Personal Data: Any information relating to an identified or identifiable natural person ("data subject").

  • Data Processing: Any operation performed on personal data, such as collection, recording, storage, transmission, or erasure.

  • Processor: A natural or legal person who processes personal data on behalf of the controller.

  • Personal Data Breach: A breach of security leading to the accidental or unlawful destruction, loss, alteration, or unauthorized disclosure of personal data.

4. PRINCIPLES OF DATA PROCESSING

Personal data shall be:

  1. Processed lawfully, fairly, and transparently.

  2. Collected for specified, explicit, and legitimate purposes.

  3. Adequate, relevant, and limited to what is necessary (data minimization).

  4. Accurate and kept up to date.

  5. Stored only for the necessary duration.

  6. Processed in a manner that ensures appropriate security (integrity and confidentiality).

5. DATA MANAGEMENT RELATED TO THE WEBSTORE

Personal Data Purpose of Processing
First and Last Name Contact, purchase, and issuing legal invoices.
E-mail Address Keeping contact.
Date of Birth, Gender Statistics, enabling efficient website use.
Billing Name and Address Issuing legal invoices, contract fulfillment, and debt collection.
Shipping Name and Address Enabling home delivery.
Time of Purchase/Reg. Execution of technical operations.
IP Address Execution of technical operations.

  • Duration: Data is deleted upon cancellation of registration, except for accounting documents, which must be kept for 8 years pursuant to Section 169 (2) of Act C of 2000 on Accounting.

  • Legal Basis: Consent of the data subject and fulfillment of legal obligations.

6. DATA PROCESSORS

  • Hosting Provider: Hostinger UK Limited (https://www.hostinger.com/)

  • Activity: Providing hosting services and ensuring the proper operation of the website.

7. COOKIE MANAGEMENT

  • Essential Cookies: Used for password-protected sessions, shopping carts, and security. No prior consent is required for these.

  • Google Analytics: This website uses Google Analytics to analyze visitor behavior. Information is usually stored on Google servers in the USA, but IP addresses are anonymized.

  • Management: Users can delete cookies in their browser's settings.

8. RIGHTS OF DATA SUBJECTS

You have the right to:

  1. Access your personal data.

  2. Request rectification or erasure (right to be forgotten).

  3. Request restriction of processing.

  4. Object to the processing of your data.

  5. Data Portability (receive your data in a structured format).

9. TIME LIMITS FOR ACTION

  • General Limit: The Data Controller shall inform you of measures taken within 1 month of receiving the request.

  • Extension: This may be extended by 2 months if necessary. You will be notified of any extension within 1 month.

  • No Action: If the controller takes no action, they shall inform you within 1 month of the reasons and your right to lodge a complaint with a supervisory authority.

10. SECURITY OF DATA PROCESSING

The controller implements appropriate technical and organizational measures, including:

  • Pseudonymization and encryption of personal data where applicable.

  • Ensuring ongoing confidentiality, integrity, availability, and resilience of processing systems.

  • Restoration: The ability to restore access to data in a timely manner in the event of a physical or technical incident.

  • Regular Testing: A process for regularly testing and evaluating the effectiveness of security measures.

11. PERSONAL DATA BREACHES

  • Notification: If a breach is likely to result in a high risk to your rights, the controller shall inform you without undue delay.

  • Reporting to Authority: Breaches must be reported to the supervisory authority within 72 hours of becoming aware of them, unless the breach is unlikely to result in a risk to natural persons.

12. RIGHT TO LODGE A COMPLAINT

You may lodge a complaint with the:

National Authority for Data Protection and Freedom of Information (NAIH)

  • Address: 1125 Budapest, Szilágyi Erzsébet fasor 22/C.

  • Mailing Address: 1530 Budapest, Pf.: 5.

  • E-mail: ugyfelszolgalat@naih.hu

  • Web: www.naih.hu