General Data Protection Regulation
Borghese d.o.o is committed to providing personal data protection by collecting only the essential, basic information about the buyers / customers who are required to fulfill our obligations; informing customers of the way they use the collected data, regularly gives customers the possibility of choice about using their data. All user data is strictly kept and only available to employees who are required to do this job. All Borghese d.o.o employees and business partners are responsible for compliance with the privacy principles.
Personal Data Protection
Pursuant to Article 3 and 7 of the Personal Data Protection Act ( NN 103/03, 118/06, 41 / 08,130 / 11, 106/12), the Borghese Travel Agency (abbreviated to the Agency), cares about protection of all personal data who, for the purpose of fulfilling the obligations in the domain of travel agencies’ business, collects from their clients. Procedures for receiving, storing and preservation of confidential personal information of clients are prescribed by the Book of Rules on Collection, Processing, Use and the Protection of Personal Data.
Reasons of personal data collection
With the prior consent, the personal data of the client in accordance with the rights and obligations of the Law on Provision of Tourism Services, and contractual obligations arising from tourism activities, may be collected, processed and used exclusively for the needs of a single project based on mutual agreements and clearly stated by the Terms of Business – which are part of the process during which the client leaves his or her personal data.
Data is collected for:
registration of guests on eVisitor
organization and booking excursions
signing contracts for renting cars, bicycles and scooters
performing exchange transactions for which transactions are required under the Anti-Money Laundering Act and Terrorist Financing Act to collect data
Personal data is considered to be any information that can undoubtedly determine a person, to identify him or her (such as first and last name, address, OIB, ID number, OI number, passport number, bank card number) as well as any other data whose unauthorized use can cause material and moral damage to the client.
Collect (online and off-line) data
The client’s personal data may be collected and processed further within the scope of the Agency’s activities and obligations – only under the following conditions:
Data may only be collected exclusively for each, individual project (travel, rental and others)
When the client is informed of the purpose of collecting particular data, it is available in advance on the Agency’s and / or third-person’s web site
When the client is undoubtedly informed with the terms and conditions of the application / rental / travel for which his personal data is requested
When the client has voluntarily accepted the above mentioned terms, and with his request or registration,that his or her data may be submitted to other participants in the business process for the purpose of making the request.
Unattended personal data may be collected and processed only in cases determined by the law. Each client has the right at any time to renounce the date of the deposit and request the termination of further processing of his / her data.
All organizational and technological measures are taken to protect your personal information from accidental loss or destruction, from unauthorized access or change, unauthorized disclosure, and any other misuse. The Agency renounces of any responsability arising out of the misuse of data by a third person and for any damages that may arise from the Client’s data misuse. By renouncing the above mentioned responsability, the Agency does not want to reduce their responsibility to act in accordance with the legal regulations.
Right to inspect data
The Client has the right to submit a request to the authorized person of the Agency for the purpose of exercising the right to inspect his personal data and to supplement, modify, delete and similar. An application can be filed by e-mail. A client who considers himself or herself violated any of the rights guaranteed by the Personal Data Protection Act has the right to apply for a violation of the rights to the Personal Data Protection Agency.