Personal Data Processing Policy

1. General provisions

This personal data processing policy is made in compliance with the requirements of Regulation (EU) 2016/679 concerning personal data processing (General Data Protection Regulation, GDPR) and defines the procedure for personal data processing as well as measures to ensure personal data safety by SIA Art of Travel (hereinafter referred to as Art of Travel/CG21) acompany incorporated under the laws of Republic of Latvia, having it's registered office at 82-49 Gramzdas Street, Riga, LV-1029, Latvia, registered under number 40103595907.

1. Art of Travel/CG21 sets as its most important goal and condition for the implementation of its activities the observance of human and civil rights and freedoms in the processing of personal data, including the protection of rights to privacy, personal and family secrets.
2. The present policy of Art of Travel/CG21 regarding the processing of personal data (hereinafter referred to as the Policy) shall apply to all information that Art of Travel/CG21 may obtain about visitors to the website http://www.conciergegroup.eu or http://www.artoftravel.lv.

2. Basic concepts used in the Policy

Art of Travel/CG21 processes cookie files in accordance with the specified goals:
1. Automated processing of personal data - processing of personal data using computer technology;
2. Blocking of personal data – temporary termination of personal data processing (except for cases when processing is necessary to clarify personal data);
3. Website – a set of graphic and information materials, as well as computer programs and databases that ensure their availability on the Internet at the network address http://www.conicergegroup.eu and http://www.artoftravel.lv;
4. Personal data information system — a set of personal data contained in databases as well as information technologies and technical means ensuring their processing;
5. Depersonalisation of personal data — actions making it impossible to determine the ownership of personal data by a specific User or another personal data subject without the use of additional information;
6. Personal data processing – any action (operation) or a set of actions (operations) performed with personal data using automation means or without the use of such means, including collection, recording, systematisation, accumulation, storage, clarification (update, change), extraction, use, transfer (distribution, provision, access), depersonalisation, blocking, deletion, destruction of personal data;
7. Art of Travel/CG21 – a state body, a municipal body, a legal or natural person, independently or jointly with other persons organising and (or) carrying out personal data processing, as well as determining the purposes of personal data processing, the composition of personal data to be processed, actions (operations) performed with personal data;
8. Personal data – any information relating directly or indirectly to an identified or identifiable User of the website http://www.conciergegroup.eu or http://www.artoftravel.lv;
9. User – any visitor to the website http://www.conciergegroup.eu or http://www.artoftravel.lv;
10. Provision of personal data – actions aimed at disclosure of personal data to a certain person or a certain scope of persons;
11. Distribution of personal data – any actions aimed at disclosure of personal data to an indefinite scope of persons (transfer of personal data) or at acquaintance with personal data of an unlimited scope of persons, including disclosure of personal data in the media, publishing in information and telecommunication networks or provision of access to personal data in any other way;
12. Cross-border transfer of personal data – transfer of personal data into the territory of a foreign state to the authority of a foreign state, a foreign natural or a foreign legal person;
13. Destruction of personal data – any actions resulting in irrevocable destruction of personal data with the inability to subsequently restore the content of personal data in the information system of personal data and (or) resulting in the material carriers of personal data being destroyed.

3. Art of Travel/CG21 may process the following personal data of the User

1. Full Name;
2. Email address;
3. Phone number;
4. The website also collects and processes depersonalised data about visitors (including cookies) using the Internet statistical services (Google Analytics and others);
5. Data mentioned above is hereafter united by the general concept of Personal data.

4. Purposes of personal data processing

1. The purpose of processing the User's personal data is to inform the User by sending e-mails;
2. Art of Travel/CG21 also has the right to send the User notifications about new products and services, special offers and various events. The User can always unsubscribe from receiving informational messages by sending Art of Travel/CG21 a letter to the email address info@conicergegroup.eu marked "Waiver of notice about new products, services and special offers";
3. Depersonalised User data collected through Internet statistics services is used to collect information about the Users' actions at the website, improve the quality of the website and its content.

5. Legal basis of personal data processing

1. Art of Travel/CG21 processes the personal data of the User only in case it is being filled in and/or sent by the User independently via special forms on the website http://www.conciergegroup.eu. By filling in the appropriate forms and/or sending their personal data to Art of Travel/CG21, the User consents to this Policy;
2. Art of Travel/CG21 processes depersonalised data about the User if it is allowed in the settings of the User's browser (saving cookies and the use of JavaScript technology is enabled).

6. Procedure for collection, storage, transfer and other types of personal data processing

The security of personal data processed by Art of Travel/CG21 is ensured by the implementation of legal, organisational and technical measures necessary to fully comply with the requirements of the current legislation in the field of personal data protection.

1. Art of Travel/CG21 ensures the safety of personal data and takes all possible measures to prevent access of unauthorised persons to personal data.
2. Under no circumstances will the User's personal data be transferred to third parties, except for cases related to the implementation of the current legislation.
3. In case of revealing inaccuracies in personal data, the User can update the data independently by sending a notification to Art of Travel/CG21’s email address info@conciergegroup.eu marked "Updating of personal data".
4. The period of personal data processing is unlimited. The User can at any moment withdraw their consent to the processing of personal data by sending a notification to Art of Travel/CG21 via email to Art of Travel/CG21’s email address info@conciergegroup.eu marked "Withdrawal of consent to the processing of personal data".

7. Cross-border transfer of personal data

1. Prior to the start of the cross-border transfer of personal data, Art of Travel/CG21 is obliged to ensure that the foreign state, into the territory of which the transfer of personal data is supposed to be carried out, provides reliable protection of the rights of personal data subjects;
2. Cross-border transfer of personal data into the territory of foreign states that do not meet the requirements above can be carried out only if the personal data subject agrees in writing to cross-border transfer of their personal data and/or in case of the execution of a contract, to which the personal data subject is a party.

8. Final provisions

1. The User can get any clarifications on issues of interest relating to the processing of their personal data by contacting Art of Travel/CG21 via e-mail info@conciergegroup.eu.
2. The current version of the Policy is available for public access on the Internet at www.conciergegroup.eu and www.artoftravel.lv.