This privacy statement was last updated on Sep 23, 2022 and applies to citizens and legal permanent residents of the European Economic Area and Switzerland.
In this privacy statement, we explain what we do with the data we obtain about you via https://traveo.is. We recommend you carefully read this statement. In our processing we comply with the requirements of privacy legislation. That means, among other things, that:
- we clearly state the purposes for which we process personal data. We do this by means of this privacy statement;
- we aim to limit our collection of personal data to only the personal data required for legitimate purposes;
- we first request your explicit consent to process your personal data in cases requiring your consent;
- we take appropriate security measures to protect your personal data and also require this from parties that process personal data on our behalf;
- we respect your right to access your personal data or have it corrected or deleted, at your request.
If you have any questions, or want to know exactly what data we keep of you, please contact us.
1. Purpose, data and retention period
We may collect or receive personal information for a number of purposes connected with our business operations which may include the following: (click to expand)1.1 Contact – Through phone, mail, email and/or webforms
1.1 Contact – Through phone, mail, email and/or webforms
For this purpose we use the following data:
- A first and last name
- A home or other physical address, including street name and name of a city or town
- An email address
- A telephone number
The basis on which we may process these data is:
Upon the provision of consent.
Retention period
We determine the retention period according to fixed objective criteria: As long as the customer is not asking to erase them.
1.2 Payments
1.2 Payments
For this purpose we use the following data:
- A first and last name
- A home or other physical address, including street name and name of a city or town
- An email address
- A telephone number
The basis on which we may process these data is:
Upon the provision of consent.
Retention period
Upon termination of the service we retain this data for the following period: Data is collected by Borgun Ehf. and their policies apply..
1.3 Registering an account
1.3 Registering an account
For this purpose we use the following data:
- A first and last name
- A home or other physical address, including street name and name of a city or town
- An email address
- A telephone number
The basis on which we may process these data is:
Upon the provision of consent.
Retention period
Upon termination of the service we retain this data for the following period: As long as the customer does not ask to erase them..
1.4 Newsletters
1.4 Newsletters
For this purpose we use the following data:
- A first and last name
- A home or other physical address, including street name and name of a city or town
- An email address
- A telephone number
The basis on which we may process these data is:
Upon the provision of consent.
Retention period
Upon termination of the service we retain this data for the following period: As long as the customer does not unsubscribe from the newsletter.
1.5 To support services or products that a customer wants to buy or has purchased
1.5 To support services or products that a customer wants to buy or has purchased
For this purpose we use the following data:
- A first and last name
- A home or other physical address, including street name and name of a city or town
- An email address
- A telephone number
The basis on which we may process these data is:
Upon the provision of consent.
Retention period
Upon termination of the service we retain this data for the following period: As long as the customer does not ask to erase them..
1.6 To be able to comply with legal obligations
1.6 To be able to comply with legal obligations
For this purpose we use the following data:
- A first and last name
- A home or other physical address, including street name and name of a city or town
- An email address
- A telephone number
The basis on which we may process these data is:
Upon the provision of consent.
Retention period
Upon termination of the service we retain this data for the following period: As long as the customer does not ask to erase them..
1.7 Compiling and analyzing statistics for website improvement.
1.7 Compiling and analyzing statistics for website improvement.
For this purpose we use the following data:
- A first and last name
- A home or other physical address, including street name and name of a city or town
- An email address
- A telephone number
- Internet activity information, including, but not limited to, browsing history, search history, and information regarding a consumer's interaction with an Internet Web site, application, or advertisement
The basis on which we may process these data is:
Upon the provision of consent.
Retention period
Upon termination of the service we retain this data for the following period: As long as the customer does not ask to erase them..
1.8 To be able to offer personalised products and services
1.8 To be able to offer personalised products and services
For this purpose we use the following data:
- A first and last name
- A home or other physical address, including street name and name of a city or town
- An email address
- A telephone number
- Internet activity information, including, but not limited to, browsing history, search history, and information regarding a consumer's interaction with an Internet Web site, application, or advertisement
The basis on which we may process these data is:
Upon the provision of consent.
Retention period
Upon termination of the service we retain this data for the following period: As long as the customer does not ask to erase them..
2. Sharing with other parties
We only share or disclose this data to processors for the following purposes:
3. Cookies
Our website uses cookies. For more information about cookies, please refer to our Cookie Policy.
4. Disclosure practices
We disclose personal information if we are required by law or by a court order, in response to a law enforcement agency, to the extent permitted under other provisions of law, to provide information, or for an investigation on a matter related to public safety.
If our website or organisation is taken over, sold, or involved in a merger or acquisition, your details may be disclosed to our advisers and any prospective purchasers and will be passed on to the new owners.
We have concluded a data Processing Agreement with Google.
5. Security
We are committed to the security of personal data. We take appropriate security measures to limit abuse of and unauthorised access to personal data. This ensures that only the necessary persons have access to your data, that access to the data is protected, and that our security measures are regularly reviewed.
6. Third-party websites
This privacy statement does not apply to third-party websites connected by links on our website. We cannot guarantee that these third parties handle your personal data in a reliable or secure manner. We recommend you read the privacy statements of these websites prior to making use of these websites.
7. Amendments to this privacy statement
We reserve the right to make amendments to this privacy statement. It is recommended that you consult this privacy statement regularly in order to be aware of any changes. In addition, we will actively inform you wherever possible.
8. Accessing and modifying your data
If you have any questions or want to know which personal data we have about you, please contact us. You can contact us by using the information below. You have the following rights:
- You have the right to know why your personal data is needed, what will happen to it, and how long it will be retained for.
- Right of access: You have the right to access your personal data that is known to us.
- Right to rectification: you have the right to supplement, correct, have deleted or blocked your personal data whenever you wish.
- If you give us your consent to process your data, you have the right to revoke that consent and to have your personal data deleted.
- Right to transfer your data: you have the right to request all your personal data from the controller and transfer it in its entirety to another controller.
- Right to object: you may object to the processing of your data. We comply with this, unless there are justified grounds for processing.
Please make sure to always clearly state who you are, so that we can be certain that we do not modify or delete any data of the wrong person.
9. Submitting a complaint
If you are not satisfied with the way in which we handle (a complaint about) the processing of your personal data, you have the right to submit a complaint to the Data Protection Authority.
10. Contact details
Traveo Ehf.
Álfaskieð 40, 220 Hafnarfjörður, Iceland
Iceland
Website: https://traveo.is
Email: si.oevart@ofni
Phone number: +3544970800
Annex
Nextend Social Login
What personal data we collect and why we collect it
Nextend Social Login collects data when a visitor register, login or link the account with with any of the enabled social provider. It collects the following data: email address, name, social provider identifier and access token. Also it can collect profile picture and more fields with the Pro Addon’s sync data feature.
Who we share your data with
Nextend Social Login stores the personal data on your site and does not share it with anyone except the access token which used for the authenticated communication with the social providers.
Does the plugin share personal data with third parties
Nextend Social Login use the access token what the social provider gave to communicate with the providers to verify account and securely access personal data.
How long we retain your data
Nextend Social Login removes the collected personal data when the user deleted from WordPress.
Does the plugin use personal data collected by others?
Nextend Social Login use the personal data collected by the social providers to create account on your site when the visitor authorize it.
Does the plugin store things in the browser?
Yes, Nextend Social Login must create a cookie for visitors who use the social login authorization flow. This cookie required for every provider to secure the communication and to redirect the user back to the last location.
Does the plugin collect telemetry data, directly or indirectly?
No
Does the plugin enqueue JavaScript, tracking pixels or embed iframes from a third party?
No
WooCommerce
This sample language includes the basics around what personal data your store may be collecting, storing and sharing, as well as who may have access to that data. Depending on what settings are enabled and which additional plugins are used, the specific information shared by your store will vary. We recommend consulting with a lawyer when deciding what information to disclose on your privacy policy.
What we collect and store
While you visit our site, we’ll track:- Products you’ve viewed: we’ll use this to, for example, show you products you’ve recently viewed
- Location, IP address and browser type: we’ll use this for purposes like estimating taxes and shipping
- Shipping address: we’ll ask you to enter this so we can, for instance, estimate shipping before you place an order, and send you the order!
Note: you may want to further detail your cookie policy, and link to that section from here.
- Send you information about your account and order
- Respond to your requests, including refunds and complaints
- Process payments and prevent fraud
- Set up your account for our store
- Comply with any legal obligations we have, such as calculating taxes
- Improve our store offerings
- Send you marketing messages, if you choose to receive them
Who on our team has access
Members of our team have access to the information you provide us. For example, both Administrators and Shop Managers can access:- Order information like what was purchased, when it was purchased and where it should be sent, and
- Customer information like your name, email address, and billing and shipping information.
What we share with others
In this section you should list who you’re sharing data with, and for what purpose. This could include, but may not be limited to, analytics, marketing, payment gateways, shipping providers, and third party embeds.
Payments
In this subsection you should list which third party payment processors you’re using to take payments on your store since these may handle customer data. We’ve included PayPal as an example, but you should remove this if you’re not using PayPal.
Product Add-ons
By using this extension, you may be storing personal data or sharing data with an external service. Learn more about how this works, including what you may want to include in your privacy policy.Bookings
By using this extension, you may be storing personal data or sharing data with an external service. Learn more about how this works, including what you may want to include in your privacy policy.MailChimp for WooCommerce
When shopping, we keep a record of your email and the cart contents for up to 30 days on our server. This record is kept to repopulate the contents of your cart if you switch devices or needed to come back another day. Read our privacy policy here.YITH Plugins
This sample language includes the basics around what personal data your store may be collecting, storing and sharing, as well as who may have access to that data. Depending on what settings are enabled and which additional plugins are used, the specific information shared by your store will vary. We recommend consulting with a lawyer when deciding what information to disclose on your privacy policy.
What we collect and store
YITH WooCommerce Wishlist
While you visit our site, we’ll track:- Products you’ve added to the wishlist: we’ll use this to show you and other users your favourite products, and to create targeted email campaigns.
- Wishlists you’ve created: we’ll keep track of the wishlists you create, and make them visible to the store’s staff
Who on our team has access
YITH WooCommerce Wishlist
Members of our team have access to the information you provide us. For example, both Administrators and Shop Managers can access:- Wishlist details, such as products added, date of addition, name and privacy settings of your wishlists