PRIVACY POLICY

1. Identity and contact details of the data controller

Continental Travel considers the protection of its Passengers’ data as a priority. Present Privacy Policy describes the data management practices of www.continentaltravel.hu (hereinafter the website) and other services provided by Continental Travel.

In present Privacy Policy, the Website and other services are hereinafter collectively referred to as the „Service”. The data controller is Continental Travel (company registration number: 01-09-882678, seat: 1054 Budapest, Kálmán Imre u. 21.), hereinafter referred to as the „Service Provider” or „Data Controller”.

Contact person for data protection matters: Judit Kanel; contact phone number and email address: +36-1-373-0616, continental.travel@continentaltravel.hu

2. Regulations underlying the data management

– Act CXII of 2011 on the right of informational self-determination and on freedom of information. 

– Regulation 2016/679/EU on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation).

3. Principles of data management

The Service Provider takes appropriate measures to ensure that personal data relating to its Passengers are at all times

  1. treated lawfully, transparently, fairly and on an appropriate legal basis;
  2. collected only for specific, clear and legitimate purposes and that those are not handled in a way incompatible with those purposes;
  3. appropriate and relevant to the purposes of data management and limited to what is necessary;
  4. as accurate and up-to-date as possible; inaccurate personal data will be deleted or corrected immediately;
  5. stored in a form, which permits identification of customers only for as long as is necessary to achieve the purposes for which the personal data are processed; the storage of personal data for a longer period should be for statistical purposes only, subject to appropriate technical and organizational measures;
  6. managed in such a way by appropriate technical or organizational measures as to ensure the adequate security of personal data, including the protection against unauthorized or unlawful handling, accidental loss, destruction or damage to personal data.

4. Purpose, legal basis and duration of data processing

The Service Provider handles the data that is essential for the achievement of the various data management purposes, the identification of the Passenger and the access to the Passenger.
The Service Provider handles the following personal data regarding its Passengers:

  1. Name
  2. Telephone number and email address
  3. Billing name and address to issue the invoice
  4. Interests within the topic of travel, based on the Passenger’s own communication

Legal basis for data management: contractual data management.
The purpose of data management: establishing a business relationship – sales

5. Passenger Access Rights

The Passenger may request that the Service Provider provide him/her with feedback on whether the Services Provider handles his/her personal data. The Passenger’s right to receive feedback on this extends to personal data concerning him/her, but does not cover anonymous data and the personal data not relating to him/her; however, it includes pseudonymous data that can be clearly linked to the Passenger.

6. The Passenger’s right to rectification

The Passenger is entitled to have his/her personal data corrected. This right does not extend to anonymous data or to personal data not relating to him/her, but to personal data of the Passenger and pseudonymous data that can be clearly linked to the Passenger.
Upon the request of the Passenger, the Service Provider corrects or supplements his/her personal data accordingly. The Service Provider informs the recipients of such personal data (if any) about the correction of the Passenger’s personal data. However, the Service Provider will not inform the recipients about the correction of personal data if informing the recipients proves impossible or would require a disproportionate effort.

7. The Passenger’s right of cancellation

Under certain conditions, the Passenger has the right to have his/her personal data deleted.
The Service Provider is obliged to delete the Customer’s personal data without undue delay, if the Customer/Passenger requests the deletion of his/her personal data or withdraws his/her consent to the storage of his/her personal data.

The Service Provider informs the recipients of such personal data (if any) about the deletion of the Passenger’s personal data. However, the Service Provider will not inform the recipients about the deletion of personal data if informing the recipients would be impossible or would require a disproportionate effort.

8. The Passenger’s right to restrict data processing

The Passenger may request a restriction on the processing of his/her personal data.
The Passenger’s right to request a restriction on the processing of his/her personal data does not extend to anonymous data and personal data not relating to him/her, but to personal data and pseudonymous data that can be clearly linked to the Passenger.

The Service Provider restricts the processing of the Passenger’s personal data to the period during which it checks the accuracy of such data, if the Passenger requests a restriction on the processing of his/her personal data and disputes the accuracy of such data.
The Service Provider restricts the handling of the Passenger’s personal data, if

  1. the Passenger requests a restriction on the processing of data the processing of which is unlawful and the Passenger objects to the deletion of such data.
  2. the Passenger requests a restriction on the processing of his/her personal data and the Service Provider no longer needs this data for the purpose of data management and the Passenger requests his/her data in order to submit, enforce or protect a legal claim.
  3. the Passenger objects to the processing of his/her personal data, which is necessary for the legitimate interests of the Service Provider and the Passenger waits for confirmation that there is a legitimate reason for the Service Providers processing of the Passengers personal data that does not take precedence over the Passenger’s protest.

The Service Provider informs the recipients of such personal data (if any) about the restriction of the processing of the Passenger’s personal data. However, the Service Provider will not inform the recipients of such a restriction, if informing the recipients would be impossible or would require a disproportionate effort.

If the Service Provider restricts the handling of the Customer’s personal data, then

  1. it may store such personal data,
  2. it may process such personal data with the consent of the Passenger,
  3. it may process the personal data in order to submit, enforce or protect its legal claim, or to
    protect the rights of a person.

The Service Provider may not use the Passenger’s data for the purpose of direct business acquisition, including profiling or automated decision-making in individual cases.

9. Passenger’s right to data portability

The Passenger is entitled to receive the personal data concerning him/her previously provided and made available to the Data Controller in a readable format to one of the contact details provided by him/her. This provision only applies to data that do not cover anonymous data or data not relate to him/her.

10. Data management related to the Service Provider’s website

Information on the data of visitors from the Service Provider’s website

During visits to the Service Provider’s website, one or more cookies – a small packet of information sent by the server to the browser and then returned by the browser to the server at each request to the server – are sent to the computer of the person visiting the website, by which his/her browser will be uniquely identifiable, provided that the person visiting the website has given his/her express consent by further browsing of the website after having read a clear and unambiguous information on the matter.

Cookies only work to improve the user experience and to automate the login process. The cookies used on the website do not store personally identifiable information, the Service Provider does not process personal data in this regard.

The people concerned are all natural persons, who wish to subscribe to the Service Provider’s newsletter and consent to the processing of their personal data.

The data managed includes name, phone number, email address, billing name and address.

The purpose of data management is to inform the data subject about the services and products of the Service Provider, the changes in those services and products, information about news and events.

The received data can be seen by: the head of the Service Provider, the employee in charge of customer relations, the employees of the data processor in charge of the operation of the Service Provider’s website.

The duration of data management in case of newsletter subscription lasts until the person concerned unsubscribes.

The person concerned can unsubscribe from the newsletter at any time. The newsletter is unsubscribed by clicking on the unsubscribe link in the footer of the e-mails sent to the person concerned.

Webshop related data management

The above provisions apply to the data management activities related to the subscription to the newsletter and to the information of the visitors.

Online, electronic contracts (purchases) on the Service Provider’s website are listed in the CVIII. law from 2001, therefore the purpose of data management in addition to the above, is to prove the fulfillment of the Service Provider’s obligation to provide consumer information required by law, to prove the conclusion of the contract, to create the contract, to determine its content, to modify it, to monitor its fulfillment, the invoicing of the resulting fee(s) and the enforcement of related claims.

In the case of shopping in the web store, the legal basis of data management is the fulfillment of the contract and the fulfillment of a legal obligation.

Categories of data affected by data management: customers’ names, addresses, telephone numbers, bank account numbers.

Categories of persons involved in data management: any natural person, who subscribes to the newsletter of the Service Provider’s website or buys a product or service from the website.

The received data can be seen by: the Head of the Service Provider, the customer relations and sales employees of the Service Provider, the data processing staff performing the operation of the Service Provider’s website, the employees performing the accounting tasks of the Service Provider, the data processing staff performing these tasks and the BIG FISH Payment Gateway service provider assigned by the Service Provider, through whom the payment process takes place.

By accepting this Privacy Policy, the Passenger also accepts the following statement related to the payment process:

 „I agree that the following personal data stored by Continental Travel (registered office: 1054 Budapest, Kálmán Imre u. 21.) in the user database of www.continentaltravel.hu will be transferred to BIG FISH Payment Services Kft. (registered office: 1066 Budapest, Nyugati tér 1-2.) as a data processor. The range of data transmitted: name prefix, surname, first name, IP address, billing address, delivery address, telephone number, e-mail address, last four digits of the bank card number. The purpose of the data transfer is to carry out the data communication required for payment transactions between the Service Provider’s and the Payment Service Provider’s system, and to ensure the traceability of the transactions for the Service Provider’s partners.”

The place of data management is the registered office of the Service Provider.

Duration of data management: 5 years from the termination of the contract.

11. Deadline for the administration of the Passenger’s application as a person concerned

The Service Provider will respond to requests for the Passenger’s rights as described above within the following deadlines.

  • Right to information: When the data are collected, if the data subject transfers them or within one month, if it’s not the data subject, who transfers them
  • Right of access: One month
  • Right to rectification: One month
  • Right of deletion: Without undue delay
  • Right to data portability: One month
  • Right to protest: Upon receipt of the protest
  • Right to restrict data processing: Without undue delay

12. Right to submit a complaint

If the Passenger believes that his/her rights have been violated, the Service Provider proposes the Passenger to initiate consultations with the Service Provider, so that he/she can contact the contact person indicated in point 1 directly. If such conciliation is unsuccessful, or if the Passenger does not wish to take part in such activities, he/she may apply to the Court or the NAIH (Hungarian National Authority for Data Protection and Freedom of Information). In the event of legal proceedings being instituted, the Passenger may decide to bring the proceedings before the court having jurisdiction over his address or place of residence.

The contact details of NAIH (Hungarian National Authority for Data Protection and Freedom of Information) are as follows:  

1125 Budapest, Szilágyi Erzsébet fasor 22/C.
telephone: +36 1 391 1400
fax: +36 1 391 1410
e-mail: ugyfelszolgalat@naih.hu
website: https://www.naih.hu/general-information.html

13. Amendments to Privacy Policy

The Service Provider reserves the right to amend this Privacy Policy at any time, in which case Service Provider will inform the Passengers by letter or e-mail and in all cases in accordance with the relevant legislation.

By continuing to use the site, you agree to the use of cookies. more information

Cookie Policy

Continental Travel respects the protection of your personal information.

Cookie meaning

A cookie is a small file sent by a web server that is created, when a user visits a website and that is stored on the user's computer for a predetermined period of time. The purpose of cookies is to improve the user experience of websites. A cookie allows our web server to recognize the user’s device used for browsing and the user’s history on the website. With the help of cookies, we can get a picture of the given user's website visiting and internet using habits and browser history. Cookies do not contain data that can be used to identify the visitors of a website, they are only used to identify the user's computer.

Acceptance of the Cookie Policy by visiting the website

When you visit our website, the site collects data using the cookies described above. By visiting our website, in accordance with this Cookie Policy and our Privacy Policy, the user can accept with one click that the website uses cookies, which are not suitable for identifying persons. If the user disables the installation of cookies to his own computer or removes cookies from his own browser, this may limit the usability of the website, and the settings previously specified on that website may be lost.

Cookies and analytical tools used on our website

Setting cookies

Most web browsers support the use of cookies. When setting up your browser, you can manually delete, stop or completely disable each cookie. You are able to enable cookies only on certain websites. If you allow the use of cookies in your browser, we assume that you accept the use of standard cookies used by our servers and websites.
More information: http://www.youronlinechoices.com/hu

Social media

Among other things, our website allows visitors to view our company on Facebook, Instagram and LinkedIn. Obviously, we have and cannot have any influence on the online data collection practices of these social media, which are independent of us.
If you wish to obtain information regarding the data usage in the listed media, you can do so by reading the terms of use and privacy of the mentioned sites.

Newsletters, e-mails

You can also subscribe to our newsletter on our website, or you can contact us at any time to unsubscribe from the newsletter database. The latter is also necessary in order to prohibit us from collecting data on whether you have opened the newsletters and e-mails we sent you.
When interpreting this Cookie Policy, the instructions of our Privacy Policy must also be taken into account.

If you need further information about cookies and how they work, you can find detailed information on the www.allaboutcookies.org or on the www.aboutcookies.org sites.

Close