Who we are
We are Transylvania Live Expert in Transylvania SRL, a licenced travel agency working under European Union laws based in Transylvania.
Our website address is: https://halloweenintransylvania.co.uk.
What personal data we collect and why we collect it
We understand that how we collect, use, disclose and protect your information is important to you and we are doing this in respect of General Data Protection Regulations (GDPR) which were introduced in the European Union.
When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.
If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.
We collect personal information about you so that we can perform our business activities and functions and to provide the best possible quality of customer service. We have the following reason for collecting information:
- administering services we are providing to you such as arranging your tour booking
- manage our relationship with you, including updates about your tour booking and handling complaints
- to contact you in the event of an emergency
- combining information collected from you at different times for the purpose of research and analysis to provide a better customer experience
- to identify and tell you about services we think you may be interested in, including sending emails or sending printed materials to your postal address
- providing relevant information, which may include sensitive personal information, to medical staff in circumstances where we/they need to act on your behalf or in the interest of passengers or in an emergency.
- to make improvements to our site and make it easier to find the information you are looking for
- for identification of fraud or error or for regulatory reporting and compliance
If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.
If you have an account and you log in to this site, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.
When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.
If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.
Embedded content from other websites
Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.
Who we share your data with
- We may share aggregated non-personal information with third parties, such as our travel industry partners to analyse trends and further improve our service to you.
- We may share information with third parties in limited circumstances without your consent where we reasonably believe the disclosure is necessary to lessen or prevent a threat to life, health or safety, or for certain action to be undertaken by an enforcement body (e.g. prevention, detection, investigation, prosecution or punishment of criminal offences), where disclosure is authorised or required by law or disclosure is otherwise permitted by applicable privacy laws.
- In order for you to travel abroad, we may disclose your personal information where disclosure is required by government authorities at the point(s) of departure and/or destination to process your information for immigration, border control, security and anti-terrorism purposes.
How long we retain your data
If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.
For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.
What rights you have over your data
If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.
Where we send your data
Visitor comments may be checked through an automated spam detection service.
How we protect your data
We have implemented various physical, electronic and managerial security procedures in order to protect personal information from loss and misuse, and from unauthorized access, modification, disclosure and interference.
Credit card security
- All online payments are transmitted over a secure socket layer (SSL) connection.
- Credit card information is transmitted immediately to a payment gateway solution via an encrypted port.
- Our company does not store your credit card number in any of our systems, it is used only within the context of the transaction then destroyed upon receipt from an acquiring bank.
- All credit card payments receive an identification number that is proof of the transaction’s acceptance into the banking system. This identification number can be used to trace any transaction back to the credit card issuer (for example, the bank that issued the MasterCard, or VISA credit card).
- Personal information is destroyed or de-identified when no longer needed.
Whilst we take reasonable steps to ensure that your personal information is secure, as the internet is inherently insecure, any personal information or other information you transmit to us online is transmitted at your own risk.
What data breach procedures we have in place
In the event of a personal data breach we will proceed according with EU legislation Article 33 – “Notification of a personal data breach to the supervisory authority” – and Article 34 of the GDPR – “Communication of a personal data breach to the data subject”.
Once we assess that a personal data breach is likely to result in high risk to the rights and freedoms of the data subject we must notify with undue delay the affected data subjects.
The Notification to the data subjects must be written in clear and plain language and must contain the following:
• A description of the nature of the breach
• Categories of personal data affected
• Approximate number of data subjects affected
• Name and contact details of the Data Breach Response Team Leader/ Data Protection Officer
• Consequences of the personal data breach
• Measures taken to address the personal data breach
• Any information relating to the data breach
We will record the data breach into the Data Breach Register.
What third parties we sell or rent data
We comply with the Spam Act 2003 and do not sell or rent information to any third parties for the purposes of direct marketing.
You can contact us by:
- calling us on 0 808 101 6781 (UK free line) or
- direct line +40 364 411 666
- emailing us at firstname.lastname@example.org
We will contact you within a reasonable time after receipt of your complaint to discuss your concerns and outline options regarding how they may be resolved.
We will aim to ensure that your query or complaint is resolved in a timely and appropriate manner.