https://bali-travelcard.com/

I.Operator

1. This document sets out the privacy policy for the Bali-Travelcard website -. https://bali-travelcard.com/ regarding the collection, processing and use of personal data obtained by the Data Controller.
2. The personal data collected by the Data Controller is processed in accordance with the provisions of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (RODO).
3. Pursuant to Article 4(7) RODO, the Data Administrator is Veltis Hubert Szabat, Giedlarowa 1143, 37-300 Leżajsk, Poland (EU), NIP: 8161711130, REGON: 387371370, email: [email protected]
4. The Data Controller is committed to protecting the privacy and information provided to it by website users.

1. Personal data will be processed in accordance with the principles set out in Article 5 of the RODO.
   Personal data will:
   (a) processed lawfully, fairly and in a manner transparent to the data subject ("lawfulness, fairness and transparency").
   (b) collected for specific, explicit and legitimate purposes and not further processed in a way incompatible with those purposes ("purpose limitation").
   (c) adequate, relevant and limited to what is necessary for the purposes for which they are processed ("data minimisation").
   (d) correct and updated as necessary ('correctness').
   (e) kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed ("retention restriction").
   (f) processed in a manner that ensures appropriate security of personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures ("integrity and confidentiality").

1. We ensure that the collection and use of your personal data is carried out in accordance with the law. Therefore, we only use your personal data for the purposes listed below if one of the following conditions is met:
   (a) You have given your consent.
   b) We need your personal data to perform a contract you enter into with us, e.g. when you purchase a product via the website.
   c) We are obliged to comply with the applicable legislation.
   d) We need to protect your vital interests.
   e) your data are necessary for reasons of public interest, or
   f) We have a legitimate interest in processing your personal data.

    

2. Categories of personal data:
   a) Identity data: name, surname, date of birth, gender - required to identify the traveller.
   b) Contact details: e-mail address, telephone number - used for the dispatch of documents and for contact when information needs to be completed.
   c) Passport data: passport number, country of issue, expiry date - necessary for correct completion of the application.
   d) Travel information: date of arrival, intended stay, purpose of visit - required by Bali authorities.
   e) Device information: data about your computer, phone or other device you use to browse the site, such as device type, operating system, hardware version, browser type, unique device identifier, IP address and advertising ID. Log information.
   f) Payment information (we do not store this data).

1. The legal bases for the processing of personal data derive from the provisions of the RODO. When we inform you about the processing of personal data on the basis of:
   a) Article 6(1)(a) RODO - This means that we process personal data on the basis of the consent received,
   b) Article 6(1)(b) RODO - This means that we process personal data because it is necessary for the performance of the contract or for taking action prior to entering into the contract at your request,
   c) Article 6(1)(c) of the RODO - This means that we process personal data in order to comply with a legal obligation,
   d) Article 6(1)(f) RODO - This means that we process personal data in order to pursue legitimate interests.
2. The basis for processing the Customer's Personal Data is primarily the need to perform a contract to which the Customer is a party, or the need to take action at the Customer's request prior to entering into a contract (Article 6(1)(b) RODO).
3. For other purposes, Customer Personal Data may be processed on the basis of:
   a) Applicable lawwhen the processing is necessary for compliance with a legal obligation incumbent on the Administrator, e.g. when, on the basis of tax or accounting regulations, the Administrator settles concluded sales contracts (Article 6(1)(c) RODO).
   b) Necessity for purposes other than those listed aboveresulting from the legitimate interests pursued by the Administrator or by a third party, in particular for the purpose of establishing, asserting or defending claims, as well as for marketing and statistical analyses (Article 6(1)(f) RODO).

1. In accordance with the applicable legislation, we process your personal data for the period of time necessary to fulfil the specified purpose. After this period, your personal data will be irreversibly deleted or destroyed.
2. Personal data processed on the basis of consent will be processed until the consent is withdrawn.
3. We process personal data for the duration of the contract and also for the period of the statute of limitations for claims under the Civil Code.

1. The catalogue of recipients of personal data processed by the Data Controller is based on the law, the user's consent and the scope of the services used by the user.
2. Recipients of the data may be entities fulfilling an order on behalf of the Data Controller and dealing with the Data Controller, including: employees, associates, accounting offices, IT solutions providers, payment processing companies, banks, companies providing marketing services, telecommunications providers, law firms and authorised state authorities.
3. Bali administrative authorities - data are forwarded to the relevant government institutions for processing the request for Bali Tourist Levy.
4. In the case of transfers of personal data to entities established outside the European Economic Area (EEA), the Controller shall ensure that the requirements set out in Chapter 5 of the RODO are applied, including the application of appropriate safeguards in the form of standard contractual clauses adopted on the basis of a decision of the European Commission.

1. Due to the voluntary nature of providing personal data, you have the right to:
   (a) access to their personal data (Article 15 RODO),
   (b) the rectification of his personal data (Article 16 RODO),
   (c) the erasure of your personal data ("right to be forgotten" - Article 17 RODO),
   (d) to restrict the processing of his or her personal data (Article 18 RODO),
   e) portability of his/her personal data (Article 20 RODO),
   (f) to object to the processing of data (Article 21 RODO).
2. If you consider that the processing of your personal data violates the provisions of the RODO, you have the right to lodge a complaint with the The President of the Office for Personal Data Protection.
3. Consent to the processing of personal data may be withdrawn at any time. The withdrawal of consent to data processing does not affect the lawfulness of data processing that took place before the withdrawal.

1. Cookies are used on the Website.
2. Cookies are small pieces of text information sent by a server and stored on the User's terminal equipment in connection with the use of a website.
3. The purpose of using cookies is for the proper functioning of the website. They are used to improve the user's experience within the Online Service.
4. The cookies used by the Data Controller are safe for User devices. In particular, it is not possible for viruses or other unwanted or malicious software to enter the Users' devices. These files allow for the identification of the software used by the User and the individual adaptation of the Website to each User. Cookies usually contain the name of the domain from which they originate, the duration of storage on the device and the assigned value.
5. Cookies are intended to facilitate the use of the Website by remembering previously provided information so that the user does not have to enter it each time. In addition, cookies are used to adapt content, including displayed advertisements, to the User's preferences.
6. Cookies collect various types of information that do not normally constitute personal data. However, some information, depending on its content and use, may be linked to a specific person and thus considered personal data. With regard to the information collected by cookies that can be linked to a specific person, the following provisions apply Privacy Policy, in particular concerning the rights of the data subject. Information on the cookies collected is also made available, inter alia, in the content of an information clause placed in a visible and easily accessible place during the first visit to the site https://bali-travelcard.com/.
7. The user may object to the actions taken by the Administrator and, if consent is given, may withdraw it at any time.

What types of cookies can be used?

1. With regard to the length of time cookies are stored on a website visitor's device, we distinguish:
   a) Session cookies - are stored on the Service User's device and remain there until the end of the respective browser session. The stored information is then permanently deleted from the memory of the User's device. The mechanism of session cookies does not allow for collecting any personal data or any confidential information from the User's device. They are required for the proper operation of certain website functions.
   b) Persistent cookies - are stored on the Service User's device and remain there until they are deleted. Ending the browser session or switching off the device does not delete them. The storage time depends on the browser settings. This type of file makes it possible to send information to the server each time you visit the site. The mechanism of permanent cookies does not allow the collection of personal data or any confidential information from the User's device.
2. With regard to the purpose of their collection, we distinguish the following cookies:
   c) Essential - required for the proper functioning of the website - processed on the basis of the legitimate interest of the controller (Article 6(1)(f) RODO).
   d) Statistical - allow the analysis of site traffic, learn about user preferences, analyse user behaviour and allow interaction with external platforms - processed on the basis of the user's voluntary consent (Article 6(1)(a) RODO).
   e) Marketing - allow you to customise the advertising and content you see and to run personalised marketing campaigns - processed on the basis of your voluntary consent (Article 6(1)(a) RODO).
3. Cookies may be used by advertising networks, in particular the Google network, to display advertisements tailored to the Customer's use of the Website. For this purpose, information about the Customer's navigation path or time spent on the Website may be stored.
4. With regard to the information on the Customer's preferences collected by the Google advertising network, the Customer can view and edit the information resulting from the cookies using the tool: https://www.google.com/ads/preferences/.
5. The user can independently and at any time change his/her cookie settings, specifying the conditions for storing and accessing cookies on the user's device. He can do this through his browser settings or the configuration of the service. These settings can be changed in such a way as to block the automatic handling of cookies or to inform about their storage on the User's device each time. Detailed information on how to manage cookies is available in your browser settings.
6. To find out how to manage cookies, including how to disable them in your browser, you can consult your browser's help file. You can open it by pressing F1 in your browser or by visiting the relevant help pages:
   • Firefox
   • Chrome
   • Safari
   • Internet Explorer / Microsoft Edge
7. Restricting the use of cookies may affect some of the functionality available on the website.
8. The website also collects external cookies (so-called third-party cookies) that come from external servers.

We use the following services: Google Analytics, Google Ads, Stripe, Zoho One.

1. We reserve the right to change or modify if necessary Privacy Policy and Cookies Policy. We will inform you of any changes or additions by posting the relevant information on the homepage.
2. This version Privacy Policy i Cookies Policy effective from 02.03.2025.