Privacy Policy
Taoticket Srl, as a Data Controller in compliance with Italian law (Art. 13 of Legislative Decree (D. lgs.) of 30.06.2003, No. 196) and EU law, is committed to protecting the privacy of users in a clear and transparent manner and declares itself responsible for the security of customer data. This Information Notice establishes the following: What personal data of the user is collected and processed in connection with the relationship with us as a customer and through the use of our websites, Smartphone Apps and web services.What personal information we collect
Personal data means all information relating to users that allows us to identify them, such as name, contact details, booking reference number, payment details and information on their access to our website. Specifically, we could collect the following categories of information:
- Name and surname, home address, e-mail address, telephone number, passport number or identity card details, credit/debit card or other payment details;
- Advance Passenger Information (API), including name, nationality, date of birth, gender, passport or identity card number, expiration date and country of issue;
- Medical conditions for passengers who have special medical needs and/or dietary requirements;
- Travel history, including information on cruises and booked services;
- Information provided on the user's travel preferences;
- Information on purchases of products and services from our trusted partners;
- Information on the use of our website and/or app;
- Communications exchanged with us or addressed to us via letters, e-mail, chat service, telephone calls and social media;
- Location, including real-time geographical location of the computer or device via GPS, Bluetooth, and IP address, along with Wi-Fi crowd-sourced hotspots and repeater positions, if users use location-based features and activate geolocation services on their devices and computers.
What we use personal data for, why and for how long
User data may be used for the following purposes:
- To provide the requested products and services: we use the information provided by the user to perform the services requested in relation to the cruises and/or additional flights, including requests for changes to the cruise and/or flight;
- To contact the user in case of flight time change or flight cancellation: we send you communications about the services you have requested and about any changes to these services. These communications do not have marketing purposes and cannot be deactivated;
- Verification/screening of credit cards or other payment cards: we use payment information for accounting, billing and audit purposes and to identify and/or prevent fraudulent activity;
- Administrative or legal purposes: we use user data for statistical and marketing analysis, system testing, customer surveys, maintenance and development, or to respond to a dispute or complaint. We may perform data profiling based on the information we collect from you for use in statistical and marketing analysis. Any profiling activity will be performed only with the prior consent of the user and making every effort to ensure that all data on which it is based is accurate. By providing any personal data, the user explicitly accepts that we may use it to perform profiling activities in accordance with this Privacy Information Notice;
- Immigration/customs controls: we may be obliged to provide user information to the agencies responsible for border control;
- Security, health, administrative purposes, prevention/detection of crimes: we can also communicate user data to government authorities or bodies in compliance with legal requirements;
- Communications with customer service: we use user data to manage our relationship with you as our customer and to improve our services and improve the user experience with us;
- To provide tailor-made services: we use the user's data to provide information that we believe is of interest, before, during and after the trip with us, and to customise the services we offer to the user, such as special offers for preferred destinations or Family Plus offers;
- Marketing: from time to time we will contact you with information regarding promotions on cruises and ancillary products through electronic communications. However, you will have the chance to accept or not to receive such communications by indicating your preference at the booking stage. The possibility of indicating that you no longer wish to receive our direct marketing material is also given in every electronic communication we send.
- To respect a legal obligation (for example, immigration or customs requirements);
- The user has consented to the use of their personal data (for example, for marketing purposes);
- To protect the health of the user or another person (for example, in the event of a medical emergency);
Security of personal data
We follow strict security procedures in relation to the storage and disclosure of personal data and to protect it against accidental loss, destruction or damage. The data that the users provide to us is protected with SSL (Secure Socket Layer) technology. SSL is the standard method of encrypting personal data and credit card numbers, allowing them to be securely transferred over the Internet. All payment data is transmitted via SSL and stored in compliance with Payment Card Industry Data Security Standards (PCI DSS) managed with the HTTPS certified secure connection on all our sites and apps. We may disclose your information to trusted third parties for the purposes set out in this Privacy Information Notice. We require all third parties to take appropriate technical and operational security measures to protect personal data that is in line with EU data protection legislation.
Cookies and site tracking
This site uses cookies to enable us to improve our service and offer users useful features. Cookies are small text files that are transferred to your computer's hard drive via the web browser to allow us to recognise the user's browser and help us to monitor visitors to our site, allowing us to better understand the products and services that will be more suitable for users. A cookie contains contact information and useful information to help us to identify your computer when you visit our site in order to help you make the reservation. Most web browsers automatically accept cookies, but, if desired, you can change these browser settings by accepting, rejecting and deleting cookies. The "help" menu of the toolbar on most browsers explains how to prevent the browser from accepting new cookies, how to make the browser notify you when you receive a new cookie or how to completely disable cookies. If you choose to change these settings, certain features and functionality may not work as expected. The cookies used do not detect the information contained on the computer. For more information about cookies and how to prevent the browser from accepting them, please visit the following website: http://www.allaboutcookies.org. Data Protection Officer Taoticket Srl, the Data Controller, has appointed an internal Data Protection Officer. The user has the right to file a complaint at any time at the e-mail address privacy@taoticket.com or to Taoticket Srl, Via Brigata Liguria 3/21 - 16121 Genova IT
Rights of the Data Subject
At any time, pursuant to Articles 15 to 22 of the GDPR, you have the right, also in relation to profiling activity, of:
- requesting the correction of your personal data;
- withdrawing your consent at any time to the use and disclosure of your personal data;
- requesting that your personal data is erased;
- receiving your personal data in a structured, commonly used, machine-readable format, and transmitting your personal data to another data controller;
- objecting to the processing of personal data concerning you, including for marketing or profiling purposes;
- obtaining limitations on the processing of your personal data;
- lodging a complaint with a supervisory authority;
- receiving a communication if there is a breach of personal data;
- requesting information on:
- the purpose of the data processing
- the categories of personal data
- the recipients or categories of recipients to whom the personal data have been or will be communicated, in particular if the data is transmitted to recipients in third countries or international organisations and the existence of appropriate safeguards;
- the retention period for the personal data
- where the personal data is not collected from the data subject, any available information as to their source;