Privacy Policy

This Privacy Policy explains what information Wenor Holdings LTD (here and further “the Company”) collects as well as how the information that is provided to or is collected by the Company is used, shared, stored and protected.

Last revised on 21 November 2016

This Market Place is intended to assist customers in searching and collecting information about travel, as well as in searching and purchasing travel related goods and services provided by the relevant suppliers, and not for any other purpose.

Overview

This Privacy Policy explains what information Wenor Holdings LTD (here and further “the Company”) collects as well as how the information that is provided to or is collected by the Company is used, shared, stored and protected. This Privacy Policy is an integral part of the Terms of Use. The processing of Personal Data is carried out in accordance with the Protection of Natural Persons Against the Processing of Personal Data and the Free Movement of this Data Law 125(I) of 2018 and other legislative acts of the Republic of Cyprus and the conditions set forth further. We recommend that you read this Privacy Policy in full to ensure you are completely informed and transfer your data to the Company knowingly and voluntarily. If you have any questions or concerns about our use of your personal information, then please contact us using Contact information at the bottom of this Policy.

By using our applications and services you agree to this Privacy Policy and provide your consent to your personal data processing. If you do not agree with this Privacy Policy, please do not use our applications or services and you should leave this site immediately.

The Company respect your right to privacy and takes privacy of your data very seriously. The Company is committed to taking appropriate technical and organizational steps to protect and safeguard any personal information that is obtained as a result of using our applications and services as well as at the time of you contacting our Company.

What personal data is collected and why

The Company collects information from individuals (hereinafter “you” or “Customer”)

who visit Company’s sites, contact Customer Support, register to use our applications and services or otherwise provide the Company information necessary for the provision of services or the performance of contractual commitments. Personal data may also be acquired from companies who obtained personal information in accordance with applicable laws or be automatically collected and processed during use of the website (for example, through cookies).

The personal information that we may collect about you in general can be described in the following way:

Personal data that is provided by you directly to the Company:

In order for you to use our applications and services for the purposes they were designed for, such as register an account, have an emergency contact, enable travel booking, maintain loyalty programs information, provide information on your bookings, respond to your enquiries etc. the Company asks you to provide personal information directly to us.

This data may include:

  1. information with which we can identify you (personal data), in particular,
  2. first and last name, patronymic, date of birth, gender, nationality, phone number, street address and email address;
  3. your government ID information, such as passport number and series, its validity period, issuing body, a scan copy of the document;
  4. your account profile information: settings, search history, booking history, travel plans and other information;
  5. your payment confirmation, including some metadata (4 digits of the Card, confirmation ID etc.);
  6. If you are an employee of a corporate account, a vendor, supplier or other type of business partner such as a hotel/property owner, hotel/property manager, travel agent, rental service manager, transfer service provider etc., other information collected about you can include employer details, employee identification number, bank details, pricing/commission terms or other relevant data.
  7. other information that you voluntarily submit via our websites or applications.

You may also be required to provide information about any other people on your booking, your marketing preferences, and additional information if you participate in a survey or a draw.

The above-mentioned information may also be connected to Cookies to enable the proper operation of our websites, applications and other online services store your travel searches and collect information on how you used our services and applications. For more information, please refer to the “Automated data collection and cookies” section below.

Information voluntarily provided about third-parties:

When you perform a booking, make a payment or add an employee/partner record on behalf of any other individual(s) by means of our applications or services, you will need to provide personal information and travel preferences for that party. It is your responsibility, prior to providing us with their personal information and travel preferences, to obtain the consent of any other person(s) and ensure that they are aware of this Privacy Policy, the details of processing of their personal data by the Company and give their full consent for such processing by the Company. You must also assure that such individual(s) are aware and agree that access to their personal information on our applications or services in this case will be possible only via your account.

Information voluntarily provided about third-parties is collected and processed by the Company under the same rules and conditions as personal data that is provided by you directly to the Company.

Special Categories of Personal Data:

To be able to provide you with the proper level of service – ensuring appropriate travel accommodations and accessibility or other facility requirements, meeting dietary needs, providing with travel companion or using additional equipment etc., certain types of sensitive personal data (for example, information, using which it is possible to define health condition or religious beliefs of yours or of the third-party you provided information about) may be required. The Company takes reasonable steps to limit the circumstances under which such special categories of information may be collected, however providing of certain services may not be possible without gathering such data. At all times such sensitive information is provided by you voluntarily, in agreement with this Privacy Policy, and is used only for the provision of the services you requested.

Children’s information:

The Company does not target its website, applications and services to children. If you are under 18 years old, please leave the website and/or uninstall the application immediately. Under limited circumstances, when children are a part of a booking, purchase of other travel-related services, the Company may collect and process children information only as provided by the parent or legal guardian or with their consent. If the Company becomes aware of the cases when its applications or services are used by children or when children’s information is processed without the valid consent of a parent or legal guardian, or if the Company receives a request from a parent or legal guardian to delete child’s data, the Company will delete such information within a reasonable timeframe. The Company makes every reasonable effort to prevent collection and processing of children’s data.

Information collected automatically:

When you visit our website or use our applications and services, the Company may collect certain information automatically from your device(s). In some countries, including countries in the European Economic Area, this information may be considered personal information under applicable data protection laws. The information we automatically collect about the device you access our services from includes but is not limited to your IP address, the date and time you accessed our services, the hardware, software or internet browser you use and information about your computer’s operating system, like application versions and your language settings. For website users, details of any referring website, information about clicks and which pages have been shown to as well as exit pages and broad geographic location (e.g., country or city-level location) may also be collected. The Company uses this information for the internal analytics purposes and to improve the quality and relevance of our services and applications for the users. This data also helps detect and prevent fraud.

If you are using a mobile device, The Company may collect data that identifies your mobile device (UID), device-specific settings and characteristics, information about current location (is not collected unless you expressly use a location-based feature), app crashes and error reports as well as other system activity and the functionality of the application you access and use.

Some of this information may be collected using cookies (small data text files and can be stored on your computer’s hard drive if your Web browser permits), web beacons (small graphical files, which are typically used together with cookies and can be placed on a website or on a message, that you receive from the site) and similar tracking technology. Using such tracking technology allows the website recognize you as a previous visitor and save and remember any preferences that may have been set (including remembering your login, if you chose so) while your browser was visiting the site as well as customize the content and advertisements provided to you to make sure you receive information that is most interesting and useful for you. It also helps the Company analyze and assess the effectiveness of website features, offerings and marketing campaigns. The Company may combine the information you give us with information related to your transactions and information we receive about you from third parties who carry out services on our behalf.

Cookies cannot affect your computer (or other device) performance in any way, neither can it carry a virus. The Company’s website uses short-term and permanent cookies, which you can remove from your computer at any time. If website or application functionality requires to store personal data in cookies, such cookie files are encrypted. If you are not registered with our website, cookies on your computer do not store any sensitive information. Please note that if you refuse to accept cookies (or turn them off), you may not be able to access some of the functionality offered on our website and applications. If you are blocking cookies, web beacons cannot be used as well.

Information collected from third-party sources:

There are cases when the Company lawfully receives personal information about you from affiliated entities, business partners and other independent third-party sources and adds it to the account information. Such information includes but is not limited to updated contact information like email, purchase history, and demographic information.

If you are using social networks to register or login to our website or application, we may access information about you (such as your name, profile picture, gender, birthday, email address, town or district and any other information you have chosen to make available) via that social media provider in accordance with their privacy policy. Using Google services and under Google’s privacy policy, the Company may collect information about your behavior on the site and service selection preferences.

If you are contacting our customer support, you shall acknowledge that calls, chats and emails to and from our customer support teams may be recorded and/or monitored for the purpose of quality assurance, training, analytics, usage in legal dispute. These recordings will be maintained consistent with this Privacy Policy. Any personal information obtained from you during the call will be treated in accordance with the provisions of this Privacy Policy.

How the information is used

The Company uses the information collected about you and provided by you about third parties for a variety of purposes supporting services provision, our contract obligations and other business uses, including:

  1. Booking management, including communications in relation to your booking such as confirmations, modifications and reminders;
  2. Account management, including processing payments;
  3. Verification of customer identity for fraud prevention purposes;
  4. Customer service and communications related to the Company website, applications and services;
  5. Responding to inquiries related to booking and its details;
  6. Improving site functionality of the website and applications as well as customer experience and satisfaction;
  7. Personalization and customization of the use of Company website, applications and services;
  8. Fulfillment of contractual requirements with vendors and partners;
  9. Marketing activities, including regular news of travel-related existing and future products and services, showing individual offers on the website or application, information about promotional activities (referral, bonus and loyalty programs). Please note that you can unsubscribe from email marketing communications at any time by sending an Unsubscribe request to our customer support.
  10. Loyalty program management, including bonuses;
  11. Market research, including surveys and feedback requests;
  12. Statistical analysis of the website, applications and services usage;
  13. Dispute resolution, including handling and resolving legal disputes, for regulatory investigations and compliance and to enforce the terms of use of Company website, applications and services;
  14. Reporting and preventing of actual or potential malicious or illegal activities;
  15. Resolving any issues which may come up in relation to the Terms of Service;
  16. Other purposes, which the Company will inform you about.

Payment card information is used for the purpose of confirming payments for your bookings.

If you have any questions or concerns about our use of your personal information, then please contact us using Contact information at the bottom of this Policy.

Information sharing:

There are different parties integrated into the Company’s services in different ways and for various reasons. The primary purpose of sharing is to provide resources relevant to and needed for your booking. The data may be shared in cases, when it is required by applicable law, governmental or other authorities. The Company does not sell or rent your personal data.

By using this website or application and making a Booking, you agree that your data may be transferred to third parties only for the purpose of proper provision of the services you have selected that could not be provided without such transmission of your personal data. By creating a Booking using Company website or applications, you give your consent to transfer personal data to third parties.

The Company may share your personal information with the following third-parties:

  1. Entities affiliated to the Company or groups of affiliates, representatives, officials, agents, employees or partners in order to fulfill the conditions of the Terms of Use;
  2. Travel Suppliers, for example, hotels, airlines, insurance providers, car rentals, property owners or managers, which provide services requested by you during your Booking. All Services on the Company website or applications, offered by a third-party, are described as such. The Company does not share your email address with travel suppliers unless it is necessary to provide the services you requested by you as a part of your Booking. Third parties may use such data shared with them only for the purposes it was shared for. Please note that these suppliers also may contact you as necessary to obtain additional information about you, facilitate your Booking, or respond to a review you may submit in accordance with their own independent Privacy Policy. The Company does impose any other restrictions on the travel suppliers, as to the use or disclosure of other types of your personal data. Therefore, we recommend that you familiarize yourself with the privacy policy of each supplier who provides you with the services Booked using Company website or applications;
  3. Independent service providers, which may offer services or act on behalf of the Company, including providers, who process payment card information, perform business analysis, provide customer management or marketing services, experts help to enhance the security of our website, applications and services and prevent fraud. The Company can allow independent service providers use data on our behalf if necessary for normal functioning of our site or sending online communication that may be of interest and of use to you. Independent service providers access and collect the information which is necessary to perform their services. They are not allowed to share such data or use it for other purposes. Just like the Company, they must comply with the same conditions for personal data protection;
  4. Business partners, whom the Company may jointly offer products or services with, or whose products or services may be a part of an offering on our website or within our application. All products and services provided by a third-party business partner are described as such on our website or applications. In cases you choose to request such additional services the Company may share information about you, including your personal data with a corresponding business partner. Please be aware that the company does not perform any surveillance over business partners’ privacy policies;
  5. Websites, which contain links to our site. If you were redirected to the Company website from another site, we may share certain information about you to the sites, that referred you to us. Please note that the Company does not have any control over the use of your personal information by other websites, thus we strongly recommend reading privacy polices of websites you are following the links at;
  6. Social media providers. If you are using social network applications added to the Company’s website (such as “Like” button, provided by Facebook Ireland Ltd, ‘”Twitter” button, provided by Twitter Inc USA, or  “Instagram” button, provided by Instagram, LLC USA), of if you access website content, which contains social network application, your device establishes a direct connection to the respective social network provider servers. Typically, using those applications social network providers obtain information about your usage of the website, this information usually includes your operational system and browser details, IP address, search content of current and previous searches, date and time of accessing the content. This information enables social network provider to design your user profile and add it to the corresponding social network. It might be possible that such user profile may be adjusted for you, even if you are not registered or logged into the social network. Please note, that the Company does not have detailed information about your personal data contents that is collected, processed or shared with third-parties by the vendors of social network applications. If you would like to gather those details, please contact the vendor itself. We also recommend reading social network applications privacy policies and confidentiality statements. If you do not wish for the data listed above to be sent to social network provider, the Company strongly recommends you log out of all social networks before using our site.
  7. Google Analytics – a web analytics tool the Company uses for helping understand user’s behavior on website. Google Analytics collects the following data: browser details, device type and model, location, country, city, carrier, screen resolution (for mobile devices), time spent on the site, language, operational system, pages visited. The information (in the form of a cookie file) about the site usage (including IP address) may be sent and stored on the Google servers, for example in the USA. Google uses the information for the purpose of studying user behavior on the website, reporting on website performance and offering other additional services. Google may share this information with third-parties, if it is requested from Google on legal grounds or if the information shall be processed on behalf of Google. Default time for storing Google cookie files is 730 days, during this period the files will remain on your device unless you manually remove them.
  8. The Company reserves the right to share your data  as required by law and if the Company considers that it is necessary to share your information in order to protect our rights, protect your safety or the safety of others, to detect, prevent or investigate fraud, security or technical issues, enforce Terms of Use, including investigation of potential violations, or respond to requests by public authorities, including to meet national security or law enforcement requirements and/or to comply with a judicial proceeding or court order.

In case of sharing your information with any other person or entity the company will inform you of such disclosure to a third-party. Your consent will be required to proceed with sharing.

If the Company is involved in a merger, acquisition, or sale of all or a portion of its assets, we will inform the buyer it must use your personal information only for the purposes defined in this Privacy Policy.

Additionally, the company may share aggregated or anonymized data, collected on behalf of a third-party, such as investors or advertisers. For example, we may share with the advertiser information about total number of visitors to our website or the most popular Booking locations. This information does not contain any personal data and is leveraged to improve our website, content, applications and services.

International data transfers:

The Сompany may store and process the personal information we collect or is collected on our behalf (in full or part of it) on servers and resources in any country, including but not limited to USA, Canada or EU. By using Company website, applications and services you acknowledge the possibility of international data transfers and give the Company your consent to transfer your data solely for the purposes listed above. If you are using Company website, applications and services while being on the territory of European Union, you give the Company your consent to transfer your data outside of EU borders. Any international data transfer is done solely for the purpose of executing on the Terms of Service with you and only to the persons and entities and under conditions listed above.

Personal data transfers are allowed to countries whose legal regime is deemed by the European Commission to provide for an “adequate” level of personal data protection. Thus, in cases the Company initiates personal data transfer outside non-EU states, in the absence of European Commission adequacy decision, standard contractual clauses will be used, requiring proper data protection from the recipient.

 

Personal information retention and protection:

 

The Company puts in place reasonable procedures to prevent unauthorized access to, and the misuse of, personal data we collect, store or otherwise process. The Company also has security procedures and technical and physical restrictions for accessing and using the personal data on our servers. Only authorized personnel are permitted to access personal data in the course of their work.

We will retain your personal data for as long as we deem it necessary to enable you to use our services, to provide our services to you (including maintaining the online user account (if created)), to comply with applicable laws, resolve disputes with any parties and otherwise as necessary to allow us to conduct our business, including to detect and prevent fraud or other illegal activities. All personal data we retain will be subject to this Privacy Statement. If you have a question about a specific retention period for certain types of personal data we process about you, please contact us via the contact details provided below.

Data subject rights

Should you believe that any personal data we hold on you is incorrect or incomplete, you have the ability to request to see this information, rectify it or have it deleted. If you need to  update or delete your data, please send a request to our customer support through Data Subject Access Request Form.

In the event that you wish to complain about how we have handled your personal data, please contact Data Protection Officer at dpo@crazyllama.com. Our Data Protection Officer will then look into your complaint and work with you to resolve the matter.

If you still feel that your personal data has not been handled appropriately according to the law, you can contact  Office of the Commissioner for Personal Data Protection at commissioner@dataprotection.gov.cy and file a complaint with them.

Contact information

If you have any questions or comments about our Privacy Policy, please contact us at dpo@crazyllama.com.

You can also send your request by mail:Stasinou 1, MITSI BUILDING 1, Flat/Office 4, Plateia Eleftherias, P.C. 1060, Nicosia, Cyprus.