This GDPR Compliance Policy explains how itravelthere.com handles personal data in compliance with the General Data Protection Regulation (GDPR). We are committed to protecting the privacy and rights of individuals visiting our website and ensuring that their personal data is processed lawfully, transparently, and securely.
Data Collection and Processing:
- Lawful Basis: When collecting and processing personal data, itravelthere.com relies on one or more lawful bases as defined in the GDPR, such as the necessity of processing for the performance of a contract, compliance with a legal obligation, consent, or legitimate interests pursued by the data controller.
- Data Minimization: We only collect and process personal data that is necessary and relevant for the intended purpose. We take reasonable steps to ensure that the data we collect is accurate, up-to-date, and limited to what is necessary for the purpose of processing.
- Consent: When required by law, we obtain explicit consent from individuals before collecting and processing their personal data. Consent may be requested through a clear and specific statement or by using cookie consent management tools.
- Right to Access: Individuals have the right to request access to their personal data held by itravelthere.com. We will provide this information free of charge and within one month, except in cases where requests are unfounded or excessive.
- Right to Rectification: If personal data is inaccurate or incomplete, individuals have the right to request its rectification or completion. We will take reasonable steps to ensure the accuracy of the personal data we hold and promptly correct any inaccuracies.
- Right to Erasure: Individuals have the right to request the erasure of their personal data under specific circumstances, such as when the data is no longer necessary for the purposes for which it was collected, or when consent is withdrawn. We will comply with valid erasure requests, subject to legal obligations and legitimate interests.
Data Security and Storage:
- Security Measures: itravelthere.com implements appropriate technical and organizational measures to ensure the security and confidentiality of personal data, and to protect it against accidental or unlawful destruction, loss, alteration, or unauthorized disclosure.
- Data Retention: Personal data is retained for as long as necessary to fulfill the purposes for which it was collected, or as required by law. When data is no longer needed, it will be securely deleted or anonymized.
- Data Transfers: In certain circumstances, personal data may be transferred to countries outside the European Economic Area (EEA). When such transfers occur, we will ensure appropriate safeguards are in place to protect the data in accordance with GDPR requirements.
If you have any questions, requests, or concerns regarding the processing of personal data on itravelthere.com or would like to exercise your rights under GDPR, please contact us at email@example.com.