Travelwings
Travelwings

Privacy Policy

Informações conforme a Comissão Nacional de Protecção de Dados

Travelwings.pt Agência de Viagens Online, Lda. Respects the privacy of its travelers and takes every precaution to protect their information, in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council, of April 27, 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46 / EC (General Regulation on Data Protection). This privacy policy consists of providing the information we collect and how we can use it, as well as the security rules adopted to protect your identity and personal data.

Personal information may be requested, such as your name, address, date of birth, gender, e-mail address, TIN, etc.

The above information can be requested when you register, subscribe to the newsletter, make your reservation request, or when you receive or send e-mails. All personal information we obtain will be recorded, used and protected in accordance with current EU data protection legislation and this privacy policy.

When you visit our website, we collect data known as “click path” (server address, domain name, etc.).

This information / data is stored anonymously and serves only for generalized statistical analysis, webmining, with the aim of improving our services.

No external entity has access to or can consult the Travelwings.pt Database.

All employees of the entity responsible for the processing of personal data are covered by a duty of secrecy and confidentiality in relation to the data they have access to in the scope of data entry operations in the respective computer database, being duly informed of the importance of complying with this legal duty of secrecy and the corresponding responsibility is required.

All personal information we obtain will be recorded, used and protected in accordance with current EU data protection legislation and this privacy policy.

The information collected is intended to send information / disclosure by e-mail or SMS messages about our products, and services

The sending of information only occurs when the data subject has expressly chosen to receive e-mails and / or SMS messages from Travelwings.pt. If you do not wish to receive any more e-mail or SMS messages, please contact us by email or letter to our address.

The information you provide to us when you visit our website is protected in the context of implementing the various security measures, namely through conditioned access, and safeguarding the confidentiality of information. However, we warn that when providing personal information online, there is a risk that third parties may intercept and use this information, so in terms of the security of any information you disclose online; it will do so at its own risk and in cases that require the consent of minors, the processing of personal data is only lawful with additional authorization from the holders of parental responsibilities of the child. If you wish, you can cancel your registration or use at any time and you can choose not to receive any e-mails and / or SMS messages, and you can also choose to delete all your personal information from our database. If you wish you can also unsubscribe, delete or modify your personal information.

If you have any questions or comments regarding our website and / or our privacy policy, write them to the address on our website.

By using our website you confirm that you accept the terms of this Privacy Policy, as well as our Terms and Conditions. If you do not agree with the terms of our Privacy Policy and our Terms and Conditions, you are requested not to provide us with personal information and to cease use on our website.

Customers also have a telephone line at their disposal, through which our employees can change or delete their personal data, by means of their identification (name, surname and e-mail) or by sending e-mail to geral@travelwings.pt.

The data subject has the right to receive a copy of his personal information in our possession.

The company reserves the right to charge a small fee (amount to be defined) for administrative and IT costs of any order placed.

If you are a user of our website through the user registration process, your data will be stored in a specific user control database.

However, the Data Subject may request its elimination whenever he wishes, through a written request to our official address on the website.

The online privacy policy applies only to information collected through our website and not to information collected offline.

For detailed consultation, please consult: National Data Protection Commission http://www.cnpd.pt/index.asp.

By filling in the field below you accept the terms of this Privacy Policy, as well as our Terms and Conditions. If you do not agree with the terms of our Privacy Policy and our Terms and Conditions, you are requested not to accept them, as well as not to provide us with personal information and cease your process.

REPUBLIC DIARY
I SERIES A No. 247 - 10/26/1998
“ASSEMBLY OF THE REPUBLIC

“Law No. 67/98 of 26 October Law on the Protection of Personal Data (transposes Directive 95/46 / EC of the European Parliament and of the Council of 24 October 1995 on the protection of personal data into Portuguese law) individuals with regard to the processing of personal data and the free movement of such data). The Assembly of the Republic decrees, under the terms of paragraph c) of article 161, of paragraphs b) and c) of paragraph 1 of article 165 and paragraph 3 of article 166 of the Constitution, to be valid as the general law of the Republic , the next:…"

“… For the purposes of this law, the following definitions apply: a)“ Personal data ”: any information, of any nature and regardless of its support, including sound and image, relating to an identified or identifiable natural person (“ data subject »); an identifiable person is one who can be identified directly or indirectly, namely by reference to an identification number or to one or more elements specific to his physical, physiological, psychological, economic, cultural or social identity; b) «Processing of personal data» («processing»): any operation or set of operations on personal data, carried out with or without automated means, such as the collection, registration, organization, conservation, adaptation or alteration, retrieval, consultation, use, communication by transmission, diffusion or any other form of provision, with comparison or interconnection, as well as blocking, deletion or destruction;

c) "Personal data file" ("file"): any structured set of personal data, accessible according to certain criteria, whether centralized, decentralized or distributed in a functional or geographic way; d) «Responsible for the processing»: the natural or legal person, the public authority, the service or any other body that, individually or together with others, determines the purposes and means of processing personal data; whenever the purposes and means of processing are determined by laws or regulations, the controller must be indicated in the law of organization and operation or in the statute of the legally or statutory entity competent to process the personal data concerned; e) «Subcontractor»: the natural or legal person, the public authority, the service or any other body that processes personal data on behalf of the controller; f) «Third party»: the natural or legal person, the public authority, the service or any other body that, other than the data subject, the controller, the subcontractor or another person under the direct authority of the controller or controller subcontractor, is empowered to process the data; g) "Recipient": the natural or legal person, the public authority, the service or any other body to whom personal data is communicated, regardless of whether or not it is a third party, without prejudice to the fact that the authorities to whom data is communicated under a legal provision; h) «Consent of the data subject»: any free, specific and informed expression of will, under which the data subject accepts that his / her personal data be processed; i) «Data interconnection»: form of treatment that consists in the possibility of relating the data in a file to the data in a file or files maintained by another or other persons responsible, or maintained by the same person for another purpose…. ”

“… SECTION III

Security and confidentiality of treatment

Article 14

Security of processing 1 - The controller must implement the appropriate technical and organizational measures to protect personal data against accidental or unlawful destruction, accidental loss, alteration, dissemination or access, namely when the treatment involves its transmission by network, and against any other form of illicit treatment; these measures must ensure, taking into account the available technical knowledge and the costs resulting from its application, an adequate level of security in relation to the risks that the treatment presents and the nature of the data to be protected. 2 - The controller, in case of processing on his own behalf, must choose a subcontractor that offers sufficient guarantees in relation to the technical security measures and the organization of the treatment to be carried out, and must ensure that these measures are complied with. 3 - The performance of subcontracting treatment operations must be governed by a contract or legal act that binds the subcontractor to the controller and that stipulates, in particular, that the subcontractor only acts upon instructions from the controller and which is also responsible for the compliance with the obligations referred to in paragraph 1. 4 - Evidence of the business declaration, contract or legal act relating to data protection, as well as the requirements relating to the measures referred to in paragraph 1, are recorded in writing in a supporting document. with legally recognized probative value.

Article 15
Special security measures

1 - Data controllers referred to in paragraph 2 of article 7 and paragraph 1 of article 8 shall take appropriate measures to: a) Prevent unauthorized persons from accessing the facilities used for processing such data ( control of entry to the premises); b) Prevent data media from being read, copied, altered or removed by an unauthorized person (control of data media); c) Prevent unauthorized entry, as well as unauthorized disclosure, alteration or deletion of inserted personal data (insertion control); d) Prevent automated data processing systems from being used by unauthorized persons through data transmission facilities (usage control); e) Ensuring that authorized persons can only access data covered by the authorization (access control); f) Guarantee the verification of entities to whom personal data may be transmitted through data transmission facilities (transmission control); g) To ensure that it is possible to verify a posteriori, within a period appropriate to the nature of the treatment, to be established in the regulations applicable to each sector, which personal data are introduced when and by whom (control of introduction); h) Prevent that, in the transmission of personal data, as well as in the transport of its support, the data may be read, copied, altered or deleted in an unauthorized manner (transport control). 2 - Taking into account the nature of the entities responsible for the processing and the type of facilities in which it is carried out, CNPD can dispense with the existence of certain security measures, ensuring that the rights, freedoms and guarantees of the data subjects are respected. . 3 - The systems must guarantee the logical separation between health and sexual life data, including genetic data, from other personal data. 4 - CNPD may determine that, in cases where the circulation of personal data referred to in Articles 7 and 8 on the network may jeopardize the rights, freedoms and guarantees of the respective holders, the transmission is encrypted. 

Article 16
Professional secrecy

I - Those responsible for the processing of personal data, as well as persons who, in the exercise of their duties, are aware of the personal data processed, are bound by professional secrecy, even after the end of their duties. 2 - Equal obligation falls on CNPD members, even after the end of their mandate. 3 - The provisions of the preceding paragraphs do not exclude the obligation to provide mandatory information, under the legal terms, except when they appear in files organized for statistical purposes. 4 - Employees, agents or technicians who provide advisory functions to CNPD or its members are subject to the same obligation of professional secrecy ... ”
 
Contact
Use of cookies
We use our own and third-party cookies to improve our services and your experience on the web by analyzing your browsing habits. If you continue browsing, we consider that you accept its use. You can obtain more information, or know how to change the configuration, in our Cookies Policy