top of page
445_AWOL_AV-01.png

Privacy Policy

 

Effective date: September 17, 2024 

 

Introduction

A.W.O.L. Travel Ltd, a Company registered in the Republic of Cyprus with company registration no. HE 456930, having its registered address at Ioanni Kapodistria 10, 3032, Limassol, Cyprus (hereafter the “AWOL”, “Company”, “we”, “us”), is committed to protecting and respecting your privacy. This Privacy Policy outlines how we collect, use, disclose, and safeguard your information when visiting our website, using our mobile application “AWOL” (the “app”), and using our services by registering as a business user on our platform (collectively the “Services”).

For the purposes of this Privacy Policy, AWOL acts as the Data Controller of your personal data. 

Any translation of the English version of this Privacy Policy is provided solely for your convenience. In case of any differences between the English version and any other translation, the English version shall prevail and shall be the only legally binding version.

If you do not want us to process your personal data as described in this Privacy Policy, please do not use our Services.

Information We Collect[2] 

We collect both personal and business-related information to facilitate a smooth experience for our users. The types of information we collect include:

 

Business Identification Information:

  • Business name

  • Business address

  • Business registration details (e.g., registration number, VAT number)

  • Contact person’s name

  • Email address

  • Phone number

  • Industry type

Personal Identification Information:

  • Name

  • Email address

  • Phone number

Technical Data:

  • IP address

  • Browser type and version

  • Time zone settings

  • Browser plug-in types and versions

  • Operating system and platform

Usage Data:

  • Information about how you use our Services 

  • Log-in details and activity records on the Services 

Marketing and Communications Data:

●      Your preferences in receiving marketing and business communication from us

Payment Data 

●      When you make payments through the Services, you need to provide payment data, such as your credit card number or bank account details, to our third-party service providers that act as our data and payment processors. We do not collect or store, or have access to full credit card number data, though we may receive some limited information, including without limitation redacted credit card-related data (including a secure token reflecting your payment method), data about Services purchased, date, time and amount of the purchase, and the type of payment method used.

How We Use Your Information

We use the information we collect for the following purposes:

●      To provide and manage our Services: Ensuring the proper function of our website, app, and platform for business onboarding and service delivery.

To improve our Services: Analyzing usage to improve functionality, optimize business engagement, and enhance user experience.

To communicate with you: Responding to inquiries, providing customer support, and sending important notices such as updates to terms and policies.

●      For business and marketing purposes: Sending relevant information, promotional materials, and business development resources based on your preferences and business interests.

Sharing Your Information

We do not sell, trade, or otherwise transfer your personal or business information to third parties, except as described below:

●      Service Providers: We may share your information with trusted third-party service providers to assist in running our platform and providing the Services to you. We impose data protection and confidentiality obligations on our service providers. 

Business Transactions: In the event of a merger, acquisition, or sale of our assets, your information may be transferred as part of the business transaction, but will remain protected under this Privacy Policy.

 

●      Legal Requirements: We may disclose your information where required to do so by law or in response to valid requests by public authorities.

Apart from the reasons outlined above, all personal information is stored onsite at AWOL secure servers situated at [name of company and country where our servers are located]. [3] 

Data Security[4] 

The security of your personal and business information is of paramount importance. We implement a comprehensive set of security measures to ensure that your data is protected from unauthorized access, disclosure, alteration, or destruction. Our security measures include, but are not limited to:

1. Encryption

●      Data in Transit: We use industry-standard encryption protocols (such as SSL/TLS) to protect your data while it is transmitted over the internet. This ensures that any sensitive information, including login credentials and business details, is encrypted and cannot be intercepted by third parties during transmission.

●      Data at Rest: Sensitive personal and business data stored on our servers is encrypted using strong encryption algorithms. This ensures that, even in the unlikely event of a data breach, the data remains unreadable without the encryption keys.

2. Access Control

●      Role-Based Access: Only authorized personnel who need access to specific data to perform their job duties are granted access. Each user is assigned a role that determines what level of access they have to sensitive data.

  • Multi-Factor Authentication (MFA): We implement multi-factor authentication for employees and administrators to ensure that only verified users can access critical systems. This adds an extra layer of security beyond just passwords.

●      Access Logging: Every time someone accesses or modifies data within our system, an access log is generated. This allows us to monitor and audit access activities to identify and address any suspicious behavior.

3. Regular Security Audits and Vulnerability Assessments

●      Internal Audits: We regularly conduct internal security audits to ensure compliance with our security protocols and industry best practices. This helps us identify any potential vulnerabilities in our systems and fix them proactively.

●      Compliance Reviews: Our Services are reviewed regularly to ensure compliance with data protection regulations and other applicable laws governing the use of personal and business information.

4. Data Backup and Disaster Recovery

●      Automated Backups: We regularly backup all data to secure, off-site locations to protect against accidental data loss, hardware failure, or other unforeseen incidents.

5. Network Security

●      Firewalls: We use firewalls to protect our servers and data from unauthorized access attempts, malicious traffic, and potential threats. Our network is actively monitored for suspicious activity.

●      Secure Hosting: Our platform is hosted in secure, state-of-the-art data centers with robust physical security measures. These data centers are equipped with 24/7 surveillance and security personnel to prevent unauthorized physical access.

6. Data Minimization and Anonymization

●      Data Minimization: We only collect and store the information that is necessary for the functioning and provision of our Services. This reduces the risk of over-collecting data and limits the potential exposure in the event of a breach.

●      Anonymization and Pseudonymization: Where possible, we apply anonymization or pseudonymization techniques to data to further protect your personal and business information. This ensures that sensitive data cannot be traced back to individuals or businesses without additional information.

Your Rights

As a business or individual, you have the following rights regarding the information we hold about you:

1. Access and Portability of Your Personal Data

You have the right to request information regarding whether we hold any of your personal data. You can also request a copy of the personal data we process about you, in a structured, commonly used, and machine-readable format, allowing for portability where technically feasible.

2. Correction and Deletion of Your Personal Data

You can update your personal information by logging into your account. If you wish to delete your account, you can do so through your account settings. Please note that even after account closure, we may retain certain data as required for legal obligations or in the defense against potential claims.

3. Restriction of Processing

You have the right to request the restriction of processing of your personal data in certain circumstances, such as if you contest the accuracy of your data while we verify its correctness, or if the processing is unlawful, but you oppose the deletion of your data.

4. Right to Object to Processing

Where we process your personal data based on legitimate interests, you have the right to object to this processing. If you object to receiving marketing communications from us, we will respect your preferences, though we may still send necessary service-related updates regarding your account.

5. Right to Withdraw Consent

If we are processing your personal data based on your consent, you may withdraw this consent at any time for future processing. This withdrawal will not affect the lawfulness of any processing carried out before your consent was withdrawn.

6. Right to Lodge a Complaint

If you believe that any of your rights have been violated, you have the right to lodge a complaint with your local data protection authority. This may be the supervisory authority in the country of your residence, your place of work, or where the alleged infringement occurred. We encourage you to contact us first so that we attempt to resolve the issue to your satisfaction.

Exercising your rights 

If your request to exercise any of the above rights is unclear or vague, we may request additional details to process your request. Additionally, we may ask for proof of identity to verify that the request is coming from the rightful data subject or their authorized representative. This measure ensures that your rights and the rights of others are protected.

We aim to respond to your request within one month. However, if your request is particularly complex or involves numerous requests, we may extend this period by up to two additional months. If an extension is necessary, we will notify you in advance as soon as possible.

We ensure that you will not be discriminated against for exercising any of your rights under the applicable data protection laws.

 

Data Retention

We retain your personal data for as long as your account is active or as needed for the purposes of processing. 

At any time, you can delete your account, as well as the personal data associated with it. We will address your deletion request within one month after the request receipt. It may take us up to 90 days in some cases to complete full erasure of your personal data stored in our backup systems. If you choose to delete your account, the Company will generally delete your personal data, and it will not be recoverable should you later create another account. 

Please note that we still may retain certain data about you if needed due to applicable legislative requirements, any potential or ongoing dispute resolution, and/or in order to enforce our rights.

Changes to This Policy

We may update our Privacy Policy periodically to reflect changes to our practices or legal obligations. You will be notified of any significant changes through updates on our website or by direct communication.

Contact Us

If you have any questions or concerns about this Privacy Policy, please contact us at:

A.W.O.L. Travel Ltd
Address: Ioanni Kapodistria 10, 3032, Limassol, Cyprus
Email: info@awoltravel.com [5] 

 [KT1]Effective date to be the date we upload the updated version in website 

please check if the types of personal data mentioned in this section are indeed accurate. For the time being, the most important is to disclose to our business users what data we collect

please complete

Please check this section and delete anything that is not applicable atm

it will be good to create a dpo@awoltravel.com email. You can assign it to me.

bottom of page