Privacy policy | Northeast travel

Privacy policy

This privacy and protection of personal data policy describes what types of personal data NORTHEAST TRAVEL d.o.o. may collect from you and how NORTHEAST TRAVEL d.o.o., its subsidiaries, contractors and partners may be allowed to use it. This policy also provides you with important information about your rights and the protection of your personal data. All transactions of your personal data are carried out in compliance with the regulations in effect and with the law n° 78-17 « Data Processing, Files and Freedom » amended on January 6, 1978.

WHO IS THE CONTROLLER OF YOUR PERSONAL DATA?

When this policy mentions, "we," "us," "our", "the Website", "the Company", it refers to NORTHEAST TRAVEL d.o.o. a Croatian company with registered office at Teslina ulica 10, 52100 Pula, Croatia.

This Privacy Statement, which is in accordance with personal data protection rules, describes the methods applied by the company to collect and process the personal data of:

  • Users who consult and use the website.
  • Users who use the service.

Pursuant to the Federal Law of 19 June 1992 on Data Protection (LPD) and to Article 45 of the Federal Insurance Supervision Law (LSA), Users are hereby informed that their personal data is stored and processed by NORTHEAST TRAVEL according to the methods and for the purposes listed below, in accordance with the methods and purposes allowed by LPD and LSA. and Under the General Regulation (EU) 2016/679, of 27 April 2016, on Data Protection (GDPR).

WHAT CATEGORIES OF PERSONAL DATA WE COLLECT?

We can’t help Users book the perfect boat without information, that’s why we require some basic data when Users use our services. Here are the categories of personal data we process:

  • Personal data provided by users
    • The personal data and product preferences that Users share with us when they request a quotation, register for an account, subscribe to newsletters, request our customer care assistance and which Users provide us with when using any other of our services on our Website, or the data included in Users comments, reviews or messages sent via email or telephone. This data may include Users' name, surname, e-mail address, telephone number, encrypted password, invoice data and boat/holiday preferences which is necessary for the purposes of selecting and purchasing a boat charter and for the additional purposes.
    • Special categories of personal data, for example, information concerning your health or revealing religious or sexual orientation that you might voluntary provide us in the course of making a booking by requesting special transportation or need, by requesting cancellation or by any other means at any moment when making a booking. We will use the special categories of personal data only as strictly necessary to fulfil your request
    • Personal Data of all passengers, copy of their personal documents such as ID card, sailing license and specific sailing certification when filling in the crew list and using the online check-in service.
  • Personal data you give us about others
    • If you plan to submit someone else’s personal data to us, for instance when booking on their behalf, you should only provide us with that third party’s details with their consent and after they have been given access to this privacy policy.
  • Personal data of children
    • Please note, NORTHEAST TRAVEL registration and booking services are not directed at children under 16 years old. In limited cases, as part of passengers’ data collection for reservation, we may collect and use information of children (under 16 years old) only as provided by their parent or guardian or with their consent. If we become aware that we have processed information of a child without the valid consent of a parent or guardian, we reserve the right to delete it.
  • Other personal data provided by users
    • Payment data. We do not store any payment data, we only process these sort of information, and send them to trusted third parties partners.
    • Insurance data. Some of the information provided on our website, when filling insurance form, are shared with trusted third party partners in accordance with data protection law.
  • Personal data collected automatically
    • Information about your visits to and use of our Website, via the computer systems and software procedures used for the operation of the website in the course of their normal operation as a result of the use of Internet communication protocols. This category of data includes IP addresses or domain names of computers of Users connecting to the website, the URIs (Uniform Resource Identifier) of the resources requested, the time of the request, the method used to submit the request to the server, the size of the file received in response, the number code indicating the status of the response given by the server (successful, mistake, etc.) browser type and version, browser language, operating system, geo-location, referral source, length of visit, page views and website navigation paths, as well as information about the timing, frequency and pattern of website use and other parameters related to Users' operating systems and computer environments. This data is used only to obtain anonymous statistical information on the use of the website and to verify its proper operation. The data may be used to establish liability in case of potential computer crimes damaging the website.
    • Connection to other platforms. If you link, connect or login to your account with a third party service (e.g., Facebook, Google), the third party service may send us information such as your registration and profile information (i.e. user name, user ID associated with your social media account, picture, email), and any other information you permit the social network to share with third parties. The data we receive is dependent upon your privacy settings with the social network. You should always review and, if necessary, adjust your privacy settings on third-party websites and services before linking or connecting them to our Website.
    • To the extent permitted by the applicable law wherein we receive additional information about Users, such as fraud detection information and warnings from third party service providers and/or partners for our fraud prevention activities.
  • Personal data collected from third parties
    • Some data are directly or indirectly collected from third parties. Here is an example of third parties that we share information with and that:
      Google analytics – collects information about how visitors use our Website.
      Google Adwords – collects information about how visitors use our Website.

WHY DO WE COLLECT USERS PERSONAL DATA?

Users personal data will be processed by hand or by using electronic means that are such as to ensure, in relation to the purposes for which such data is communicated and collected, data security and confidentiality, as well as to prevent unauthorized access to such data, for the time strictly necessary to achieve the purposes of its collection.

Data will be processed at the legal and operational headquarters of NORTHEAST TRAVEL and at the server farm of NORTHEAS T TRAVEL, and at the offices of the parties to which such data may be communicated.

In general terms, we use Users’ personal data to provide Users with the services requested, process payment, provide customer services, send marketing and promotional communications, notify about important changes to the reservation or to our website and to deliver our content and ads which we think may be of interest to you. More specifically:

  • for data collection, storage and processing for the purposes of establishing and managing, in operational and administrative terms, the contractual relationship connected to the supply of the service requested;
  • to send communications by email, phone or SMS on the contractual relationship, including communications relating to the good progress thereof;
  • to comply with statutory or regulatory obligations and requests;
  • for data collection, storage and processing to carry out anonymous and/or aggregate statistical analyses;
  • to send by email, telephone, mail, SMS or MMS, except where denied by the User, NORTHEAST TRAVEL advertising material on products or services that are similar or related to the services or products offered and purchased on the website;
  • only upon the User's prior express consent, to send by e-mail, telephone, mail, SMS or MMS the best travel/leisure deals and deals for services or products supplied by NORTHEAST TRAVEL or its commercial Partners;
  • to keep our Website and system secure and to prevent and detect fraud, security incidents and other crime;
  • to verify compliance with our terms and conditions and for the establishment, exercise or defense of legal claims.

ON WHICH LEGAL BASIS WE PROCESS USER'S PERSONAL DATA?

We will process User’s personal data where it is necessary on the following legal basis:

  • to fulfill a contract, or take steps linked to a contract, including in order to provide our offering, process your payment and to respond to enquiries and booking made by User;
  • to comply with the law and for establishing, exercising or defending our legal rights;
  • to pursue our legitimate interest:
    • improving our websites, its features and our products;
    • marketing;
    • improving our service and offerings;
    • ensuring the security of the website;
    • where you give your consent.

WHO ACCESS USER’S PERSONAL DATA?

NORTHEAST TRAVEL will make sure that all personal data supplied thereto is not disclosed and is processed in such a way as to guarantee its security and confidentiality, as well as to prevent unauthorized access thereto. All personal data and information provided by Users may be communicated, for the purposes set out above, to the following categories of parties:

  • The company's employees and/or collaborators who assist and advise on Administration, Products, Legal Affairs, User Care, Information Systems, as well as those in charge of maintaining the company's network and hardware/software equipment; and companies in the same group as us.
  • The charter operators and all other parties to whom data communication is necessary for contract performance.
  • The parties whose right to access data is recognized by statutory provisions or by orders issued by the competent authorities
  • The parties that are delegated and/or appointed by the Data Controllers to carry out activities related to service supply.

HOW LONG WE RETAIN YOUR DATA?

We will keep your personal data in relation to the services we provide you with. In addition to the above, if you are subscribed to our newsletters, we will keep your email address for this purpose until you ask to be unsubscribed.

Your personal data will generally be stored for up to 5 years. We may, however, keep your personal data for longer than 5 years if we need it to fulfil our contractual obligations to you, the law requires us to maintain it for a longer period or you have not withdrawn your consent.

TRANSFER OF YOUR PERSONAL DATA OUTSIDE OF EUROPEAN ECONOMIC AREA (EEA)

Some third parties to whom we may transfer your personal data may be located outside of the EEA. In the event of a transfer, we will seek to ensure that appropriate safeguards to protect your data are in place which could include entering into a data transfer agreement with such third parties to ensure adequate protection for your information. Examples of the types of contractual clauses we may use can be found at this link.

WHAT ARE YOUR DATA RIGHTS?

Under the General Regulation (EU) 2016/679, of 27 April 2016, on Data Protection (GDPR), the following rights are recognized in relation to the processing of your personal data:

  • Right of access. Users have the right to know the personal data that we have collected about Users and, if the case, to get a copy of such data and information about the processing.
  • Right of rectification. Users have the right to update, amend errors, modify data that may be inaccurate or incomplete.
  • Right to erasure. Users have the right to erase, or restrict processing of the data or part of the data that we have collected about Users in the case that the processing is illegal or that the purpose for processing or collecting it has disappeared.
  • Right to object. Users have the right to object to the processing of your data in the case that the purpose of the processing is direct marketing or that the processing should be stopped for reasons relating to Users personal situation, unless we can demonstrate compelling legitimate grounds to continue processing them or that the processing is necessary to exercise or defense legal claims.
  • Right to data portability. Users have the right to receive a copy of your personal data Users provided us with in a structured, commonly used format.
  • Right to withdraw. Users have the right to withdraw any consent you have provided in respect of our processing of Users personal data, although we may have other legal grounds for processing Users data for other purposes.

In order to exercise your rights, please, send an email to info@northeast.agency or send your request by post courier to the following address: Data Protection, NORTHEAST TRAVEL d.o.o., Teslina ulica 10, 5100 Pula, Croatia. In your request, you have to clearly state:

  • your personal identity, by indicating your complete name and the email address you used to purchase or create an account
  • the right or rights you are exercising.

The exercise of these rights is free of charge, unless you make unjustified or excessive requests. In this case, we will be entitled to charge you with a reasonable fee based on administrative costs.

Join newsletter

Subscribe to our newsletter and get the latest yacht charter news and offers.