Privacy Policy

This Privacy Policy aims to provide our "Clients" (or "You") with clear and precise information about the collection, storage, processing, and use of their personal data arising from our provision of services.

 

Sections:

 

1 - Application of this privacy policy.

2 - Information processed and its purposes.

3 - Collection and storage of information.

4 - With whom your information is shared.

5 - Period of storage of your information.

6 - The personal data subject and their rights.

7 - Security of personal data.

8 - Changes to the privacy policy.

9 - Contact and customer service.

 

1. APPLICATION OF THIS PRIVACY POLICY.

 

This Privacy Policy applies to users and other individuals who use our website or any other service channels made available by us. Our company is the controller of the personal data whose processing is described in this Privacy Policy, processing it in conjunction with other controllers and operators, as described in this document.

This Privacy Policy applies to the data You provide when You request a quote, hire a travel package, product, or service, exchange messages, or make any other forms of contact with us, or, in other situations where You have any type of contact with our services. Our Privacy Policy also applies to personal data collected when You access our website (IP address, date, time, etc.) or are physically attended to by any members of our team.

This Privacy Policy applies equally to personal data provided by the legal guardians of data subjects by nature. This Policy will also apply to those who enter into any type of contract with us, as well as to companions who benefit from the services we provide.

This Privacy Policy does not apply to third-party websites, even if You access them through our website or other service channels. Third-party websites are not included in our hosting and control environment, and any personal information and data contained therein and collected or processed by them are not under our direct control. You are solely responsible for verifying your agreement regarding the Privacy Policies of third parties. This Privacy Policy also does not apply to data processing activities conducted by other service providers involved in the delivery of the contracted services.

 

2. INFORMATION PROCESSED AND ITS PURPOSES.

 

We collect, store, and process Clients' personal data exclusively for the purpose of fulfilling the objectives set out in this Privacy Policy. The categories of information and/or personal data that we process within the scope of our relationship and provision of services include those listed below and serve the following purposes:

Registration Data and/or Information: When contacting us through any of our physical or digital service channels, You will provide us with registration data necessary for the nature of your request, such as full name, identification document(s), contact phone numbers, email, date of birth, among other data necessary to process your request.

Additional Data and/or Information: The provision of certain services may be conditioned, by the very nature of these services, on the provision of additional data and/or information. In these situations, we may request more information aimed at carrying out credit analysis and formalizing contracts. Such data may include: scanned identification documents, profession, personal and/or commercial references, among other possible data.

Data and/or Information related to Payments: We may use the services of third-party companies for payment management, financing, credit analysis, among others, to effect the payment process for products and services You purchase. In these situations, these companies may collect, store, and process some of your personal and financial information and data. We may give You the option to keep a record of registration and payment information saved in our databases to facilitate future payments. You have the right to request the deletion or modification of this information at any time by clicking here.

Data and/or Information of Related Individuals: In situations where the trip You contract is to be carried out together with companion(s), it is necessary to collect the necessary information related to them so that we can also provide the services to the individuals related to your contract. In this situation, You must undertake to inform these people about the sharing of their personal data with us, and the personal information of these individuals is also subject to this Privacy Policy.

Data and/or Information of Children and Adolescents: We are committed to processing the data and/or information of children and adolescents in their best interest, aiming exclusively at the execution of the contract to which they are related. As the legal guardian of these children and adolescents, You consent to the processing of their data aimed at the adequate provision of the contracted services.

Data and/or Information on Tastes, Preferences, and Profile: We may also request information about your and your companions' tastes, preferences, and travel profile in order to better provide contracted services or suggest services and products in the future. Preferences for destinations, activities of interest, airline class preference, accommodation preferences, gastronomic preferences, luggage-related preferences, among others, are some of the examples usually related to this type of information.

Data and/or Information on Loyalty Programs and the Like: We may request data related to loyalty programs, miles, or any other benefits and rewards systems that you may use when making your trip.

Data and/or Information related to Supporting Documentation: In the event of force majeure situations that prevent you from using a contracted service, we may request data and/or information related to supporting documentation of such facts, which may contain sensitive information related to You or third parties. Such documentation may include, but is not limited to, health certificates, death certificates, birth certificates, among others, depending on the specific situation causing the impediment to the use of the contracted services. This information will be used exclusively in the exercise of the necessary processes for the proper cancellation of contracted services.

Data and/or Information from Authentication Tools: Some of our digital service channels may offer third-party authentication services aimed at security access. When using these services, we may receive and store information You provide to the provider of this intermediate service.

Data and/or Information from Interactive Promotional Actions: We may also collect your personal information when You participate in interactive promotional actions on our digital service channels.

Data and/or Information related to Customer Service: When using our physical and digital Customer Service channels, we will collect personal information necessary to address your demand and for possible subsequent contacts in order to follow up.

Data and/or Information related to Identifiers, IP, etc.: When You visit our digital service channels, we will collect certain information about the device used for access, such as session data, IP address, web browser software, referring website, among others. We may also collect information about your activity, such as content viewed, pages visited, time spent visiting, among others. We collect this information to understand the interests, tastes, desires, and preferences of our Clients, as well as to improve the browsing experience on our digital service channels or to present advertisements of your interest.

Data and/or Information related to Cookies: Our digital service channels generally use cookies. Cookies are uniquely associated with an anonymous subject and their access device and do not provide Personal Information about the user. We may also authorize, aiming to provide the best level of service to our clients, that third parties collect information about your online activities through cookies and other technologies. We do not have control over the cookies or other technologies that these third parties may use to collect information, which means they are not covered by this Privacy Policy. You can manage these cookies when You access our service channels or by configuring your browser to do so. We suggest You check your browser's manuals for this information. It is not necessary for You to allow the activation of cookies to use our digital service channels, but some features and tools may not work correctly without the activation of certain cookies.

The following links may be useful for managing your browser's cookies, or you can use the "Help" option generally provided by your browser.

• Cookie settings in Firefox

• Cookie settings in Internet Explorer and Edge

• Cookie settings in Google Chrome

• Cookie settings in Safari (OS X)

• Cookie settings in Safari (iOS)

• Cookie settings on Android

The personal data collected, stored, and processed by Us may differ depending on the service You hire or on specificities and preferences You may inform. Some personal data may also vary according to the service channels You use.

We may also receive Personal Data and/or information from other service providers related to services contracted by You through us. These partners are not restricted to, but refer to the following nature of activity: airline, hotel, car rental company, tour operators, consolidators, insurance companies, etc. This information generally refers to, but is not limited to: travel status, stay information, and/or consumption details for the purpose of processing possible payments or for monitoring the success of the trip in order to provide the best service on our part.

Summary of the main purposes of information processing:

• Preparation of travel quotes;

• Credit analysis;

• Anti-fraud analysis;

• Preparation of service provision contract;

• Payment processing;

• Intermediation of service provision with suppliers;

• Business management (financial, operational, etc.);

• Refund processes;

• Customer relationship communication (after-sales);

• Marketing communication (advertisements);

• Internal performance management.

In addition to the purposes described above, we may use the information for specific purposes that are not predictable, which generally occurs through a special request from the client, regarding the performance of some extraordinary travel procedure or personalized service provision. In these situations, the client declares to be aware that, through such extraordinary requests made by them, and aiming exclusively at fulfilling such requests, the use of their personal information and data may be necessary.

 

3. COLLECTION AND STORAGE OF INFORMATION.

 

We may collect your information through our own physical or digital service channels or those of commercial partners upon your consent to these partners.

In our digital service channels, You can access options for products and services offered directly by us or by our commercial partners. Simple access to these channels may lead to the collection of anonymous information. Your Personal Data will only be collected in situations where You provide them through forms or any other tools and options related to registrations or requests of any nature.

We may also receive information about You through service providers who are part of the payment processing, reservations, or similar. We are committed to keeping your data in absolute confidentiality, processing only those necessary for the provision of the requested services or in compliance with possible legal obligations or in the hypotheses permitted by law.

The personal information and data we collect may be stored on internet-connected servers (cloud) located in data centers situated in Brazil or in other countries. Such information may also be stored on servers located in our own facilities that may be connected to the internet (cloud) or not (intranet).

We may also collect, process, store, and use such Personal Information anywhere else depending on our technical demands or operational needs.

We are committed to always seeking to apply the best data protection and information security practices within our reach, aiming for absolute confidentiality, processing only those necessary for the provision of the requested services or in compliance with possible legal obligations or in the hypotheses permitted by law.

 

4. WITH WHOM YOUR INFORMATION IS SHARED.

 

The operationalization of our services is only possible through the sharing of your personal information with third-party suppliers essential to our activities. The sharing of your information generally occurs with, but is not limited to, the following agents:

Suppliers in the tourism segment: The nature of the provision of travel agency services is based on the intermediation of services between the Clients and numerous suppliers in the tourism segment: hotels, airlines, parks, tour operators, consolidators, car rental companies, receptive travel agencies, etc. By contracting our travel agency services, You must be aware that the sharing of your personal information with these suppliers is essential for the provision of the services we offer. These suppliers may be located in Brazil or abroad;

Suppliers of complementary services: The provision of travel agency services may also cover the intermediation of services with suppliers of complementary services such as: currency exchange houses, insurance companies, restaurants, etc. By contracting our travel agency services, You must be aware that the sharing of your personal information with these suppliers is essential for the provision of the services we offer. These suppliers may be located in Brazil or abroad;

Suppliers of business services: In addition to the partners directly related to the provision of travel agency services, we may also share your personal data and information with other suppliers, which are essential for carrying out our business activities, such as: credit bureaus; franchisees and commercial representatives; software suppliers (financial management systems, for example); hardware suppliers (hosting/servers); social networks (authentication and/or marketing services); payment technology suppliers (credit card, bank slip management, etc.); communication technology suppliers (email providers; email marketing; sms; call center, etc.), among others. These suppliers may be located in Brazil or abroad;

Refusal of information transfer: If You refuse to share the aforementioned personal information and data, we suggest that you check with our company representative (employee through whom you are interacting with our company) the practical implications of this decision. Faced with such refusal, we may choose not to proceed with the contracting and provision of services, either due to the practical impossibility of delivering these services caused by the non-sharing of this information or in response to our best commercial interests and legal or financial protection. In this case, we reserve the right not to enter into the contract with the Client, since the sharing of this personal data and information is necessary for the delivery of our services.

If You do not wish, in any way, for any of your personal information or data to be shared, we suggest that You opt out of using or contracting our services, as the nature of the provision of travel agency services is the intermediation in the sale of tourism products and services between the final suppliers (hotels, airlines, car rental companies, etc.) and the final client (You), which necessarily implies the sharing of your personal data and information aimed at the provision of the contracted services.

Extraordinary situations: We may also, in extraordinary situations, upon court orders or in accordance with our best interests of legal protection or aiming at the interest of applying current laws, share your personal data and information with third parties (including government agencies), in order to respond to investigations, legal measures and proceedings or to investigate, prevent and act against the practice of illegal activities, suspected fraud or potential threats to the physical safety of any person or as required by law.

Analysis and research service providers: We may also share anonymous information (that does not identify you) aiming at carrying out performance analyses, commercial analyses, marketing analyses, consumer satisfaction analyses, target audience analyses, or any other types of analyses and research that contribute to the better execution of our business activities. The providers of analysis and research services may be located in Brazil or abroad.

Asset transaction event: If we undergo a partial or total negotiation and/or transfer of any of our assets, your personal data and information may be shared with the company or person involved in this process.

 

5. PERIOD OF STORAGE OF YOUR INFORMATION.

 

We undertake our best efforts to ensure that: the personal data and information maintained under our control remain updated; unnecessary information and data are deleted or anonymized; the Client's personal data is retained for the time necessary to fulfill the purpose for which it was collected.

In general, we store and maintain the Client's personal information and data as long as there is a relationship or link with the Client, to comply with legal obligations, or for the time necessary to meet our legitimate interests.

The processing of the Client's personal data under our control ends when: the purpose of the personal data has been achieved; the personal data is no longer necessary to fulfill its purpose; the client expresses the desire to delete their personal data maintained under our control; by legal determination; in data anonymization processes.

 

6. THE PERSONAL DATA SUBJECT AND THEIR RIGHTS.

 

The Client (data subject) has several rights regarding their personal data, as established by the General Data Protection Law (LGPD). These rights include, but are not limited to:

Confirmation of the existence of processing: the data subject has the right to confirm whether we carry out the processing of their personal data. Confirmation can be made upon request (click here to request). The response to this request is subject to the validation of your identity. The LGPD establishes that the response to your request can be given immediately and in a simplified manner, or through a "clear and complete" statement (indicating the origin of the data, the criteria used, and the purpose of the processing). The deadline for the full response is up to 15 days counted from the date of the request;

Access to data: the data subject can also request access to their personal data that the company has in its files. Access to the data can be done upon request (click here to request). The response to this request is subject to the validation of your identity. Access can also be answered immediately and in a simplified manner or through a complete statement within 15 days counted from the date of the request;

Correction of data: the data subject has the right to request the company to correct incomplete, inaccurate, or outdated personal data. This data may cover address, contact details, marital status, etc. The request for data correction can be made upon request (click here to request). The response to this request is subject to the validation of your identity;

Anonymization, blocking, or elimination of data: the Client will have the right to object to the processing or request the anonymization, elimination, or blocking of their personal data. The elimination of personal data can only be complete for personal data that are not necessary for us to comply with legal, contractual obligations, for the protection of our legitimate interest, and in other legally permitted situations. The request for anonymization, blocking, or elimination of data can be made upon request (click here to request). The response to this request is subject to the validation of your identity;

Revocation of consent and elimination of data processed with consent: the Client may revoke the consent they have given for the processing of their personal data for certain purposes (if there is indeed personal data processing based on consent) and request its exclusion at any time. It is important to inform that the processing carried out prior to the revocation of consent is ratified and that the request for revocation will not imply the elimination of personal data previously processed and maintained by Us based on other legal grounds. The request for revocation of consent can be made upon request (click here to request). The response to this request is subject to the validation of your identity;

Data portability: the data subject can request the portability of data, that is, the transfer of their personal information to another service or product provider. This transfer must be made in a structured, commonly used, and machine-readable format, as technically feasible and in accordance with any regulations on the subject by the ANPD (National Data Protection Authority). The request for data portability can be made upon request (click here to request). The response to this request is subject to the validation of your identity;

Review of automated decision: the data subject has the right to request the review of decisions that affect their interests. Decisions such as those involving credit analysis taken by a computer algorithm (code) or by another automated process are a good example of what this item addresses. The data subject may also request information about the criteria and procedures used in the context of this decision, within the limits accepted by applicable law. If you have been affected by any of these decisions and wish to request the review of an automated decision, do so upon request (click here to request) or inform yourself directly with the internal agent (employee; representative; franchisee, etc.) who is assisting you in this process. The response to this request is subject to the validation of your identity;

Complaint to the Authority: the Client has the right to file a complaint with the National Data Protection Authority (ANPD) or another competent body if they consider that the processing of their personal data infringes any provision of the applicable law.

To exercise any of these rights or other rights provided for in this Privacy Policy or legally granted to you and directly related to the protection of personal data, please do so upon request (click here to request). The response to this request is subject to the validation of your identity aiming at the very protection and security of your personal data.

 

7. SECURITY OF PERSONAL DATA.

 

We implement security measures designed to protect the Personal Information you share with us, including physical, electronic, and procedural measures. Among other things, we offer secure access via HTTPS to most areas of our Services; the transmission of confidential payment information (such as credit card numbers) through our designated purchase forms is protected by an industry-standard encrypted connection.

We also regularly monitor our systems for possible vulnerabilities and attacks and regularly seek to further improve the security of our Services and the protection of our clients' privacy.

However, we cannot guarantee the absolute security of your personal information and data. This guarantee cannot be given to you by any company, given that criminal practices of data theft exist and always represent a risk to any data storage operation. We recommend that you avoid sending us or anyone else sensitive Personal Information whose disclosure you believe could cause you substantial or irreparable harm.

 

8. CHANGES TO THE PRIVACY POLICY.

 

This Privacy Policy is a dynamic tool and may be updated periodically to ensure that the information provided is in accordance with data protection laws. In this sense, we reserve the right to change this Privacy Policy at any time, by publishing the updated version on our communication channels directed to this purpose. In case of relevant changes to the Privacy Policy, the Client may receive a notice about it or be informed through official communication channels.

This Privacy Policy was updated and reviewed in November 2022.

 

9. CONTACT AND CUSTOMER SERVICE.

 

The controller of the Client's personal data is:

[Blank space in the original, presumably for company name/details]