P

PRIVACY POLICY AND DATA RETENTION

PRIVACY POLICY

Alive Portugal is a Travel Agency specializing in corporate and personalized travel. Our main form of business is business travel management as well as organization of meetings and event management for corporate clients hired. We also offer VIP, Leisure and Mice services.

Alive Portugal – Agencies of Travel, SA (hereinafter referred to as ALIVE), a legal person with NIPC 510144160 and headquartered at Avenida da Boavista nº 5083 – 4100-141 Porto – Portugal, is the entity responsible for the collection and treatment of its data for the purposes stated in this privacy policy.

The above address is the address to which all formal communication should be addressed.

The address of our website is www.alivetravel.com. Our privacy policy contact email is data.protection@alivetravel.com.

Alive undertakes to safeguard the privacy of its clients and to process their personal data in accordance with the Law of Protection of Personal Data – Law 67/68, of October 6, and other legislation in force in this matter, namely the European Regulation (Regulation 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of personal data. hereinafter referred to as “RGPD”, shall enter into force on 25 May 2018.

WHAT ARE “PERSONAL DATA”?

In legal terms, “personal data” means any information of any nature and regardless of its support, including sound and image, relating to an identified or identifiable natural person (“data subject”); an identifiable person, directly or indirectly, is identified by reference to an identifier such as name, address, personalized email address, age, marital status, location data, an identification number, or more specific elements of their physical, physiological, mental, economic, cultural or social identity.

Personal data relating to philosophical beliefs, party or trade union membership, religious belief, private life and racial or ethnic origin, as well as data on health and sex life, including genetic data, are considered “sensitive data”, not will be requested / treated by Alive without the express authorization of the data subject.

Any and all personal data submitted to Alive will be treated in accordance with the RGPD and maintained in secure domains for as long as they are processed and stored by us.

DATA PROTECTION

The personal data that Alive collects are the appropriate data, relevant and not excessive for the purpose for which they are intended, that is, to make reservations for travel requested of us, to issue their travel documents, to send invoices and to produce reports .

They shall not be further processed in a manner incompatible with the purpose of collection.

ASSIGNMENT OF PERSONAL DATA THROUGH RELATIONS WITH BUSINESS CLIENTS

Alive may transmit personal data to third parties solely for the purpose of completing the requested reservation, and for administrative reasons, in accordance with the legislation in force for travel to certain countries.

Any personal data collected will be transmitted, in accordance with the legislation on data protection in force, to the entities involved to contract the required services to the extent strictly necessary for the realization of the reservation / service sought, and to comply with the laws of the countries of destination.

Alive will not transfer personal information outside the European Economic Area (EEA) without the prior written consent of Customer, unless Alive and the recipients of such personal data have standard contractual clauses.

In all our customer agreements, it is explicitly stated that it is the customer’s responsibility to request permission for ALIVE to use personal data in order to fulfill its obligations with respect to our customers’ requests and, unless instructed otherwise, ALIVE will assume that such permission has been requested and given if an authorized travel request is received.

Each contractual customer acknowledges and agrees from the outset that in order to fulfill the services covered by a particular contract, it is impossible to ensure that the data is stored in any geographically designated area.

Each customer also agrees that the Alive GDS – Travelport Galileo operating system requires data storage in the US.

Alive will only treat and transfer minimum customer data to any location – in accordance with the “Purpose Limitation Principle” – “Personal Data will be requested only for one or more specified and legal purposes, and will not be further processed in any way inconsistent for that purpose, “that is, the data collected are intended for specific purposes, explicit and legitimate for the continuation of the service that is hired. Subsequent processing for statistical purposes is not considered incompatible with the initial purposes.

Alive warrants to Customer (and its employees submitting personal data) that:

 It only processes personal data in accordance with Customer’s instructions and for the fulfillment of its obligations associated with the provision of the contracted service, and makes no other use of the data without the express permission of its owner.

 It adopts appropriate technical and / or organizational measures to protect personal data, including protection against unauthorized or unlawful processing and loss, destruction or accidental damage (principle of integrity and confidentiality, as set out in the RGPD).

In addition, the data subject will expressly consent that his / her personal data may be transmitted to:

 National and international authorities competent in the field of tourism, combating terrorism or crimes that violate human rights;

 Embassies and / or Consular Services to obtain visas:

The data subject warrants that the information provided is true, accurate, complete and current and is responsible for any direct or indirect loss or damage that may be caused as a result of breach of this obligation. In case the data provided belongs to a third party, the data owner guarantees that he has informed the third party of the aspects contained in this document and has obtained his authorization to provide his data to ALIVE for the indicated purposes.

GOOD HABITS

Alive takes and will continue to take all reasonable steps, in accordance with the relevant legal responsibilities, to ensure the reliability of any of its employees who will have access to Customer’s personal data. If Alive receives any claim, notice, request (including any request for access to the data) or communication related directly or indirectly to the processing of the Personal Data or to the parties’ compliance with the Data Protection Laws, we will promptly notify Customer in writing considered as acting from then on behalf of its employee), and ALIVE will provide Customer with all reasonable assistance in connection therewith.

Alive Portugal is PCI-DSS certified, whose certification standards provide best practices for data protection. Further details are available on request via electronic mail to data.protection@alivetravel.com.

DATA RETENTION POLICY

Information Retained

Alive owns and maintains two records of data held:

The first covers the data necessary to carry out our business, ie provide the requested service, to our customers.

 The second covers the data of our employees. This is maintained in the Human Resources program database.

These documents are updated at least once a year, as will verify the review history.

Information Collected

Alive may collect, store and use the following types of personal data:

a) information about the computer and its visits and use of our services including our website and customer-oriented technology;

b) information that the data subject provides us with for the purpose of recording his / her travel profile;

c) any other information that the holder of the data decides to send us, that is pertinent to the type of service for which we are contracted or to the fulfillment of personal requests of travel – information can extend in this case to the family members;

Cookies

We reserve the right to use cookies on our official website. A cookie is a text file sent by a web server to a Web browser and stored by the browser. The text file is then sent back to the server each time the browser requests a page from the server. This allows the web server to identify and crawl the web browser.

All Internet browsers allow you to refuse to accept cookies, but restricting such access can have a negative impact on the use of many websites.

Disclosures

In addition to the disclosures described in this policy, we may disclose your personal information:

a) in the fulfillment of legal obligations

b) in judicial proceedings

c) to establish, exercise or defend our legal rights – including providing information to third parties for fraud prevention and credit risk reduction purposes.

EXERCISE OF INDIVIDUAL RIGHTS OF THE DATA HOLDER

In accordance with the provisions of the RGPD, the data subject may exercise his rights of access, rectification, erasure or forgetfulness, limitation, opposition and portability of data at all times, and the right not to be subject to automated of written request to the email data.protection@alivetravel.com, including, always, a certified copy of a document proving the identity of the data subject and specifying the right or rights that he wishes to exercise.

CONTROL AUTHORITY

Under the legal terms, the holder of the personal data has the right to submit a complaint regarding the protection of personal data, to the competent control authority, the National Data Protection Commission (CNPD) www.cnpd.pt.

DATA BREACHES

Alive Portugal is PCI-DSS certified and has a documented incident management process.

In case of violations of personal data (eg improper access to data, or loss of data) Alive will immediately notify the National Data Protection Authority, and in cases where the law also determines the data subject.

Further details are available upon written request to email data.protection@alivetravel.com. Guidelines on when and how to report a data breach are documented by Alive, which has tools to deter them.

THIRD PARTY WEBSITES

Alive is not responsible for the privacy policies or practices of third-party websites that may be inserted directly into our technology tools for accessing our customers.

CHANGES TO PRIVACY POLICIES

We reserve the right to update this privacy policy whenever warranted, we will publish the most updated version on our site at any time, without prior notice.