Privacy policy

PRIVACY POLICY 1. Terms and Changes 1.1 To best serve clients and correctly fulfill contractual relationships, :company collects, stores, publishes, transmits, and retains client data according to the laws of the Republic of Estonia and European Union legislation. 1.2 Personal data submitted during service booking and payment in the online booking environment are confidential and processed in accordance with personal data law requirements. 1.3 :company does not disclose client personal data to third parties without client consent, except as required by law. 1.4 By using the booking engine, you acknowledge and agree to these principles and terms. We reserve the right to change the privacy policy terms if necessary, notifying on :link website. For questions or concerns about the privacy policy or data processing, please contact us by email at :email. 2. Processed Data and Retention 2.1 Personal data processed includes information requested from the client during order placement (first and last name, phone number, email address). 2.2 Identification of the responsible processor and processor. Data protection law in certain jurisdictions differentiates between the responsible processor and the processor. Generally, the client is the responsible processor of client data. Booklux is generally the processor of client data and the responsible processor of other information. In providing the booking service (Service), Booklux OÜ processes personal data for service provision (booking and payment facilitation) and to fulfill legal obligations (e.g., accounting data retention). Responsible and authorized processor. In service provision, authorized processors of personal data are the service provider :company and the payment solution provider, who may process personal data only to the extent necessary for service provision and payment facilitation. Booklux OÜ is responsible for the actions of authorized processors, and they adhere fully to Booklux OÜ personal data processing principles. 2.3 Collection of Other Data - we also collect anonymized data not directly linked to a specific individual (browser version, language preference, location, time spent on the page, etc.) considered as generalized customer behavior in :company booking engine. These data are aggregated and used to improve the booking engine service/product. 2.4 Booklux OÜ (booking engine provider and manager) retains personal data as long as necessary for various data processing purposes and handling permanent client data. Clients have the right to access their personal data and information about their transactions at any time. Clients can also request corrections to their personal data if the data has changed or is otherwise inaccurate. For data modification/addition or removal, please contact :company by email at :email. 2.5 In addition, client billing account numbers are processed during the payment process. 3. Payment System Security and Data Processing 3.1 The security of payments made via bank link and/or credit card is protected by the SSL security protocol, ensuring that the exchanged information cannot be overheard or altered by third parties. The payment service provider ensures the security of the Customer's card details and never shares them with merchants or third parties. The merchant can only access information limited to the card type (e.g., Visa or MasterCard) and the last two digits of the card number. 3.2 The payment service provider is PCI-DSS compliant and offers payment solutions, including processing Visa and MasterCard payments for merchants and other service providers operating within the European Union. If :company needs to cancel, modify, or refund an order in accordance with the conditions outlined, the amount paid will be refunded to the Customer in a secure payment solution environment. :company is the data controller and forwards the necessary personal data for payment processing to the authorized processor providing the service in accordance with the payment solution terms.