Personal data controller
The personal data controller is Intoit Travel Group. The protection of your personal data is important to us. The protection is also regulated by law in the Personal Data Act, which is replaced by the Data Protection Regulation (GDPR, General Data Protection Regulation) on 25 May 2018. Below you can read about how we handle your personal data and what rights you have.
You are welcome to contact us at firstname.lastname@example.org if you want to know more about how we protect your data.
What personal data is collected
Personal data that will be processed includes, but is not limited to, name, date of birth, address, email address and telephone number.
We may also process requests for special diets or special information from you before the trip that is relevant to being able to complete the trip.
You provide the personal data yourself in connection with ordering a trip, ordering a brochure or newsletter, by phone, by ordering from our retailers, by e-mail, via our website or when visiting us.
Purpose of the personal data processing
Your personal data will be processed so that we can fulfill our commitments in ordered trips and additional products and keep you informed about current trips and the like. Processing of your personal data may also take place in order for us to be able to fulfill obligations according to laws, regulations and to handle questions about your travels.
In addition to the purposes stated above, you agree that your personal data may be used for the purposes below and form the basis for our market and customer analyses, risk management and statistics in order to provide you with a better travel offer and better service.
Storage of personal data
We store personal data as long as it is necessary to fulfill the purposes above. We normally store your personal data for 2 years from the time your last trip was completed or from the time you had contact with us otherwise. You can contact us at any time by email as above to have all your data removed.
In some cases, we may need to store data for a longer period of time when required by law, (e.g. accounting law).
Who may process the personal data
Your personal data is processed by our staff as well as by our partners for system services and administrative services with whom we have agreements on the protection of personal data, personal data processing agreements.
Your personal data may also be processed within the travel industry, for example by airlines, bus companies, hotels and local partners at the destination. Only necessary information is provided on each such occasion.
Processing of personal data in countries outside the EU and EEA
Depending on where your destination is located and which partners are used, your personal data may be processed outside the EU and EEA. Even if the final destination of a trip is within the EU / EEA, e.g. transport companies and hotels can be based outside the EU / EEA. Only the information needed for the implementation of the trip and other services is provided to partners.
By submitting your personal data to us, you agree that we process personal data outside the EU and EEA and are aware that legislation for the protection of personal data may be lower than within the EU and EEA.
Your rights to information about you.
You have the right, at any time, to withdraw your consent to us processing the data you have provided to us.
This means that you can also request correction or deletion of your personal data. Such a request is made to us in writing. Your data will then be corrected or deleted within one month. If you have a current trip that has not been completed or completed, or have an ongoing complaint or similar, the data will be deleted within one month after this has been completed.
You can also contact us with a request to access the registered information we hold about you, which we will provide within one month.
Do you want to know more about the General Data Protection Regulation (GDPR)?
On the Swedish Data Protection Authority's website, datainspektionen.se, there is more information about the General Data Protection Regulation (GDPR).