Privacy Policy
Updated: July 14, 2021
This privacy policy applies to the
services provided by the company AMP TRAVEL LTD, Company Number 13500131 with registered office at 138, Chapel Street - Salford – United Kingdom - M3 6DE, hereinafter
referred to as AMP TRAVELS , through the websites www.amplitur.com and www.amp-travels.com .
1. GENERAL INFORMATION
This section contains information
regarding the processing of the user's personal data, totally or partially,
automated or not, carried out by AMP TRAVELS system and which
may or may not be stored. The purpose is to provide guidance regarding the
information collected, the reasons for collection and how the user can update,
manage, export or delete this information.
The privacy policy of AMP TRAVELS
system is in accordance with Brazilian Federal Law n. 12.965 of
April 23, 2014 (Marco Civil da Internet), with Brazilian federal law
n. 13.709, of August 14, 2018 (Personal Data Protection Law) and with EU
Regulation no. 2016/679 of 27 April 2016 (European General Regulation for
the Protection of Personal Data).
This privacy policy may be updated as a
result of any regulatory update, which is why the user is invited to
periodically consult this section.
2. USER RIGHTS
The AMP TRAVELS system is
committed to complying with the rules laid down by the General European
Regulation for the Protection of Personal Data (RGPD), in respect of the
following principles:
- Your personal data will be processed in a
lawful, fair and transparent manner (lawfulness, loyalty and transparency);
- Your personal data will only be collected
for specific, explicit and legitimate purposes, and may not be further
processed in a way that is incompatible with these purposes (purpose
limitation);
- Your personal data will be collected in an
appropriate, relevant and limited way to the needs of the purpose for which
they are processed (data minimization);
- Your personal data will be accurate and
updated whenever necessary, so that inaccurate data will be erased or rectified
when possible (accuracy);
- Your personal data will be kept in a way
that allows the identification of the data subjects only for the period
necessary for the purposes for which they are processed (retention limitation);
- Your personal data will be treated
securely, protected from unauthorized or unlawful processing and against
accidental loss, destruction or damage, adopting the appropriate technical or
organizational measures (integrity and confidentiality).
The user of AMP TRAVELS system has the following rights, granted by Federal Law n. 13.709, of August 14, 2018 (Personal Data Protection Law) and by the General European Personal Data Protection Regulation (RGPD):
- Right of confirmation and access: it is
the user's right to obtain from AMP TRAVELS system confirmation
that personal data relating to him or her are or are not the object of
processing and, if this is the case, the right to access their personal data ;
- Right of rectification: it is the user's
right to obtain from AMP TRAVELS system, without undue delay, the
rectification of inaccurate personal data concerning him;
- Right to data deletion (right to
oblivion): it is the user's right to have their data deleted from AMP
TRAVELS system;
- Right to limit data processing: it is the
user's right to limit the processing of their personal data, and may obtain it
when they dispute the accuracy of the data, when the processing is unlawful,
when the AMP TRAVELS system no longer needs the data to the
proposed purposes and when you have opposed the processing of data and in case
of unnecessary data processing;
- Right of opposition: it is the user's
right, at any time, to object, for reasons related to his particular situation,
to the processing of personal data concerning him, and may also object to the
use of his personal data for profile definition marketing (profiling);
- Right of data portability: it is the
user's right to receive the personal data concerning him/her which he/she has
provided to AMP TRAVELS system, in a structured format, currently
used and automatically read, and the right to transmit this data to another Web
site;
- Right not to be subjected to automated
decisions: it is the user's right not to be subject to any decision taken
solely on the basis of automated processing, including the definition of profiles
(profiling), that produce effects in their legal sphere or that affect them
significantly similarly.
The user may exercise his rights by means of a written communication sent to AMP TRAVELS system with the subject "RGDP-PRIVACY POLICY", specifying:
- Full name or company name, fiscal number
(Individual Taxpayer Registration, Federal Revenue Service) or IVA/VAT (National Legal Entity Register, Federal Revenue Service) and e-mail
address of the user and, if applicable, from your representative;
- Right you wish to exercise with the AMP
TRAVELS system;
- Order date and user signature;
- Any document that can demonstrate or
justify the exercise of your right.
The request must be sent to the
email: policy@amp-travels.com
, or by mail, to the following address:
AMP TRAVELS LTD.
138, Chapel Street
Salford – United Kingdom
M3 6DE
The user will be informed in case of
rectification or deletion of their data.
3. INFORMATION COLLECTED
3.1. Type of data collected
The personal data collected by AMP
TRAVELS system are only those necessary for the identification of the
user, not being collected sensitive user data, defined in articles 9 and 10 of
the General European Regulation for the Protection of Personal Data (RGPD) and
article 11 of the federal law n. 13.709, of August 14, 2018.
All data necessary for user registration
will be collected, such as full name or company name, CPF or CNPJ number,
e-mail and user address, requirements necessary to access certain services
offered by AMP TRAVELS system .
Furthermore, the necessary data will be
collected for the execution of the contract of sale or provision of services
eventually concluded between the AMP TRAVELS system and the
user, referring to the services offered, without which its execution will not
be possible.
Occasionally, other categories of data may
be collected, provided they are provided with the user's consent, or due to
legitimate interest or other reasons permitted by law.
The user undertakes to exclusively provide
his/her personal data and not those of third parties.
3.2. Legal basis for the processing
of personal data
By using the AMP TRAVELS
system services, the user is consenting to this term and its privacy
policy.
The user has the right to withdraw his
consent at any time, without compromising the lawfulness of the personal data
processed prior to their withdrawal. The withdrawal of consent can be done
by email: policy@amp-travels.com or
by post sent to the following address:
AMP TRAVELS
138, Chapel Street
Salford - United Kingdom
M3 6DE
The consent of the relatively or
absolutely incapable, especially of children under 16 (sixteen) years old, can
only be done, respectively, if properly assisted or represented.
Personal data necessary for the execution
and fulfillment of the services contracted by the user in AMP TRAVELS
system may also be collected.
The processing of personal data without
the user's consent will only be carried out for reasons of legitimate interest
or for the cases provided for by law, among others, the following:
- for compliance with a legal or regulatory
obligation by the controller;
- to carry out studies by a research body,
ensuring, whenever possible, the anonymization of personal data;
- when necessary for the execution of a
contract or preliminary procedures related to a contract to which the user is a
party, at the request of the data subject;
- for the regular exercise of rights in
judicial, administrative or arbitration proceedings, the latter pursuant to Law
No. 9,307, of September 23, 1996 (Arbitration Law);
- for the protection of the life or physical
safety of the data subject or third party;
- for the protection of health, in a
procedure carried out by health professionals or health entities;
- when necessary to meet the legitimate
interests of the controller or third party, except where fundamental rights and
freedoms of the data subject that require the protection of personal data
prevail;
- for credit protection, including the
provisions of the relevant legislation.
3.3. Purposes of processing personal data
The user's personal data collected by AMP
TRAVELS system is intended to facilitate, streamline and fulfill the
commitments established with the user and to enforce requests made by filling
out forms.
Personal data may also be used for
commercial purposes, to personalize the content offered to the user, as well as
to support the AMP TRAVELS system to improve the quality and
operation of its services.
The AMP TRAVELS system collects
user data in order to define profiles (profiling), that is, automated
processing of personal data that consists of using this data to assess certain
personal aspects of the user, mainly to analyze or predict aspects related to
your professional performance, your economic situation, health, personal
preferences, interests, reliability, behavior, location or displacements.
The registration data will be used to
allow the user to access certain contents of AMP TRAVELS system that are exclusive to
registered users.
Finally, necessary data will be collected
for the execution of the sales contract or the provision of services eventually
concluded between the AMP TRAVELS system and the user,
referring to the services offered.
If the AMP TRAVELS system intends
to process the user's personal data for other purposes, it must be informed
about the other purposes, which must be done in compliance with the same rights
and obligations.
3.4. Period of retention of personal
data
The user's personal data will be kept for a maximum period of: 05 (five) years, unless the user requests its deletion before the end of this period.
The personal data of users can only be
saved after the end of their treatment in the following cases:
- for compliance with a legal or regulatory
obligation by the controller;
- for study by a research body, ensuring,
whenever possible, the anonymization of personal data;
- for transfer to a third party, provided
that the data processing requirements laid down in the legislation are
respected;
- for the exclusive use of the controller,
its access by a third party is prohibited, and provided that the data is
anonymized.
3.5. Recipients and transfer of
personal data
The transfer can only be made to another
country if the country or territory in question or the international
organization in question ensure an adequate level of protection of the user's
data.
If there is no adequate level of
protection, the AMP TRAVELS system undertakes to guarantee the
protection of your data in accordance with the strictest rules, through
specific contractual clauses for a given transfer, standard contractual
clauses, global corporate standards or seals, certificates and codes of conduct
issued regularly.
4. THE PROCESSING OF PERSONAL DATA
4.1. The data controller (data
controller)
The controller, responsible for the
processing of the user's personal data, is the natural or legal person, the
public authority, the agency or other body that, individually or together with
others, determines the purposes and means of processing personal data.
In this AMP TRAVELS system,
the person responsible for processing the personal data collected is AMP
TRAVELS who can be contacted by e-mail: policy@amp-travels.com or
in person at:
138, Chapel Street – Salford – United
Kingdom – M3 6DE
The data controller will directly handle
the processing of the user's personal data.
4.2. Data protection officer
The data protection officer is the
professional in charge of informing, advising and controlling the data
controller, as well as the workers who process the data, regarding the
obligations of the AMP TRAVELS system under the General
Regulations European Data Protection (RGDP), Federal Law n. 13.709, of
August 14, 2018 (Personal Data Protection Law) and other data protection
provisions present in national and international legislation, in cooperation
with the competent supervisory authority.
In this AMP TRAVELS system,
the data protection officer is AMP TRAVELS and can be contacted by email: policy@amp-travels.com
.
5. Security in the processing of the
user's personal data
The AMP TRAVELS system undertakes
to apply the appropriate technical and organizational measures to ensure a
level of security adequate to the risk, considering the most advanced
techniques, the application costs and the nature, scope, context and purposes
of the treatment, as well as the risks, of varying probability and severity, to
the rights and freedoms of the user.
However, the AMP TRAVELS
system is exempt from liability for the sole fault of a third party,
such as in the case of a hacker or cracker attack, or the sole fault of the
user, who, for example, transfers his data to a third party, unless the piracy
occurred due to security failure of the AMP TRAVELS system. The AMP
TRAVELS system also undertakes to notify the user within an adequate
period of time in the event of any type of breach of the security of their
personal data that could pose a high risk to their personal rights and
freedoms.
A breach of personal data is a breach of
security that causes, accidentally or unlawfully, the destruction, loss,
alteration, disclosure or unauthorized access to personal data transmitted,
stored or subject to any other type of treatment.
Finally, the AMP TRAVELS system undertakes to treat the user's personal data with confidentiality, within legal limits.