Updated: July 14, 2021
1. GENERAL INFORMATION
This section contains information regarding the processing of the user's personal data, totally or partially, automated or not, carried out by AMP TRAVELS system and which may or may not be stored. The purpose is to provide guidance regarding the information collected, the reasons for collection and how the user can update, manage, export or delete this information.
2. USER RIGHTS
The AMP TRAVELS system is committed to complying with the rules laid down by the General European Regulation for the Protection of Personal Data (RGPD), in respect of the following principles:
- Your personal data will be processed in a lawful, fair and transparent manner (lawfulness, loyalty and transparency);
- Your personal data will only be collected for specific, explicit and legitimate purposes, and may not be further processed in a way that is incompatible with these purposes (purpose limitation);
- Your personal data will be collected in an appropriate, relevant and limited way to the needs of the purpose for which they are processed (data minimization);
- Your personal data will be accurate and updated whenever necessary, so that inaccurate data will be erased or rectified when possible (accuracy);
- Your personal data will be kept in a way that allows the identification of the data subjects only for the period necessary for the purposes for which they are processed (retention limitation);
- Your personal data will be treated securely, protected from unauthorized or unlawful processing and against accidental loss, destruction or damage, adopting the appropriate technical or organizational measures (integrity and confidentiality).
The user of AMP TRAVELS system has the following rights, granted by Federal Law n. 13.709, of August 14, 2018 (Personal Data Protection Law) and by the General European Personal Data Protection Regulation (RGPD):
- Right of confirmation and access: it is the user's right to obtain from AMP TRAVELS system confirmation that personal data relating to him or her are or are not the object of processing and, if this is the case, the right to access their personal data ;
- Right of rectification: it is the user's right to obtain from AMP TRAVELS system, without undue delay, the rectification of inaccurate personal data concerning him;
- Right to data deletion (right to oblivion): it is the user's right to have their data deleted from AMP TRAVELS system;
- Right to limit data processing: it is the user's right to limit the processing of their personal data, and may obtain it when they dispute the accuracy of the data, when the processing is unlawful, when the AMP TRAVELS system no longer needs the data to the proposed purposes and when you have opposed the processing of data and in case of unnecessary data processing;
- Right of opposition: it is the user's right, at any time, to object, for reasons related to his particular situation, to the processing of personal data concerning him, and may also object to the use of his personal data for profile definition marketing (profiling);
- Right of data portability: it is the user's right to receive the personal data concerning him/her which he/she has provided to AMP TRAVELS system, in a structured format, currently used and automatically read, and the right to transmit this data to another Web site;
- Right not to be subjected to automated decisions: it is the user's right not to be subject to any decision taken solely on the basis of automated processing, including the definition of profiles (profiling), that produce effects in their legal sphere or that affect them significantly similarly.
- Full name or company name, fiscal number (Individual Taxpayer Registration, Federal Revenue Service) or IVA/VAT (National Legal Entity Register, Federal Revenue Service) and e-mail address of the user and, if applicable, from your representative;
- Right you wish to exercise with the AMP TRAVELS system;
- Order date and user signature;
- Any document that can demonstrate or justify the exercise of your right.
The request must be sent to the email: firstname.lastname@example.org , or by mail, to the following address:
AMP TRAVELS LTD.
138, Chapel Street
Salford – United Kingdom
The user will be informed in case of rectification or deletion of their data.
3. INFORMATION COLLECTED
3.1. Type of data collected
The personal data collected by AMP TRAVELS system are only those necessary for the identification of the user, not being collected sensitive user data, defined in articles 9 and 10 of the General European Regulation for the Protection of Personal Data (RGPD) and article 11 of the federal law n. 13.709, of August 14, 2018.
All data necessary for user registration will be collected, such as full name or company name, CPF or CNPJ number, e-mail and user address, requirements necessary to access certain services offered by AMP TRAVELS system .
Furthermore, the necessary data will be collected for the execution of the contract of sale or provision of services eventually concluded between the AMP TRAVELS system and the user, referring to the services offered, without which its execution will not be possible.
Occasionally, other categories of data may be collected, provided they are provided with the user's consent, or due to legitimate interest or other reasons permitted by law.
The user undertakes to exclusively provide his/her personal data and not those of third parties.
3.2. Legal basis for the processing of personal data
The user has the right to withdraw his consent at any time, without compromising the lawfulness of the personal data processed prior to their withdrawal. The withdrawal of consent can be done by email: email@example.com or by post sent to the following address:
138, Chapel Street
Salford - United Kingdom
The consent of the relatively or absolutely incapable, especially of children under 16 (sixteen) years old, can only be done, respectively, if properly assisted or represented.
Personal data necessary for the execution and fulfillment of the services contracted by the user in AMP TRAVELS system may also be collected.
The processing of personal data without the user's consent will only be carried out for reasons of legitimate interest or for the cases provided for by law, among others, the following:
- for compliance with a legal or regulatory obligation by the controller;
- to carry out studies by a research body, ensuring, whenever possible, the anonymization of personal data;
- when necessary for the execution of a contract or preliminary procedures related to a contract to which the user is a party, at the request of the data subject;
- for the regular exercise of rights in judicial, administrative or arbitration proceedings, the latter pursuant to Law No. 9,307, of September 23, 1996 (Arbitration Law);
- for the protection of the life or physical safety of the data subject or third party;
- for the protection of health, in a procedure carried out by health professionals or health entities;
- when necessary to meet the legitimate interests of the controller or third party, except where fundamental rights and freedoms of the data subject that require the protection of personal data prevail;
- for credit protection, including the provisions of the relevant legislation.
3.3. Purposes of processing personal data
The user's personal data collected by AMP TRAVELS system is intended to facilitate, streamline and fulfill the commitments established with the user and to enforce requests made by filling out forms.
Personal data may also be used for commercial purposes, to personalize the content offered to the user, as well as to support the AMP TRAVELS system to improve the quality and operation of its services.
The AMP TRAVELS system collects user data in order to define profiles (profiling), that is, automated processing of personal data that consists of using this data to assess certain personal aspects of the user, mainly to analyze or predict aspects related to your professional performance, your economic situation, health, personal preferences, interests, reliability, behavior, location or displacements.
The registration data will be used to allow the user to access certain contents of AMP TRAVELS system that are exclusive to registered users.
Finally, necessary data will be collected for the execution of the sales contract or the provision of services eventually concluded between the AMP TRAVELS system and the user, referring to the services offered.
If the AMP TRAVELS system intends to process the user's personal data for other purposes, it must be informed about the other purposes, which must be done in compliance with the same rights and obligations.
3.4. Period of retention of personal data
The user's personal data will be kept for a maximum period of: 05 (five) years, unless the user requests its deletion before the end of this period.
The personal data of users can only be
saved after the end of their treatment in the following cases:
- for compliance with a legal or regulatory obligation by the controller;
- for study by a research body, ensuring, whenever possible, the anonymization of personal data;
- for transfer to a third party, provided that the data processing requirements laid down in the legislation are respected;
- for the exclusive use of the controller, its access by a third party is prohibited, and provided that the data is anonymized.
3.5. Recipients and transfer of personal data
The transfer can only be made to another country if the country or territory in question or the international organization in question ensure an adequate level of protection of the user's data.
If there is no adequate level of protection, the AMP TRAVELS system undertakes to guarantee the protection of your data in accordance with the strictest rules, through specific contractual clauses for a given transfer, standard contractual clauses, global corporate standards or seals, certificates and codes of conduct issued regularly.
4. THE PROCESSING OF PERSONAL DATA
4.1. The data controller (data controller)
The controller, responsible for the processing of the user's personal data, is the natural or legal person, the public authority, the agency or other body that, individually or together with others, determines the purposes and means of processing personal data.
In this AMP TRAVELS system, the person responsible for processing the personal data collected is AMP TRAVELS who can be contacted by e-mail: firstname.lastname@example.org or in person at:
138, Chapel Street – Salford – United Kingdom – M3 6DE
The data controller will directly handle the processing of the user's personal data.
4.2. Data protection officer
The data protection officer is the professional in charge of informing, advising and controlling the data controller, as well as the workers who process the data, regarding the obligations of the AMP TRAVELS system under the General Regulations European Data Protection (RGDP), Federal Law n. 13.709, of August 14, 2018 (Personal Data Protection Law) and other data protection provisions present in national and international legislation, in cooperation with the competent supervisory authority.
In this AMP TRAVELS system, the data protection officer is AMP TRAVELS and can be contacted by email: email@example.com .
5. Security in the processing of the user's personal data
The AMP TRAVELS system undertakes to apply the appropriate technical and organizational measures to ensure a level of security adequate to the risk, considering the most advanced techniques, the application costs and the nature, scope, context and purposes of the treatment, as well as the risks, of varying probability and severity, to the rights and freedoms of the user.
However, the AMP TRAVELS system is exempt from liability for the sole fault of a third party, such as in the case of a hacker or cracker attack, or the sole fault of the user, who, for example, transfers his data to a third party, unless the piracy occurred due to security failure of the AMP TRAVELS system. The AMP TRAVELS system also undertakes to notify the user within an adequate period of time in the event of any type of breach of the security of their personal data that could pose a high risk to their personal rights and freedoms.
A breach of personal data is a breach of security that causes, accidentally or unlawfully, the destruction, loss, alteration, disclosure or unauthorized access to personal data transmitted, stored or subject to any other type of treatment.
Finally, the AMP TRAVELS system undertakes to treat the user's personal data with confidentiality, within legal limits.