1. DATA CONTROLLERS
The entities responsible for your data are:
- Forward Data S.L., domiciled at Paseo Alameda 48, B – 2, 46015, Valencia, Spain, with tax number ESB65284127, contact: GDPR@forwardkeys.com
- Modul University Vienna GmbH, domiciled at Am Kahlenberg 1, 1190 Vienna, Austria, VAT AUT 62643214, contact: email@example.com
- City Destinations Alliance, domiciled at 29D rue de Talant, 21000 Dijon, France with registration number 4249 55 144 000 37, contact: firstname.lastname@example.org
- European Travel Commission, domiciled at Rue du Marche aux Herbes 61, 1000 Brussels, Belgium, VAT # BE0408.138.386, contacts: email@example.com
The Consortium Members listed above are joint controllers of your personal data, and appointed Modul University as single point of contact. For enquiries about the processing of personal data, please contact firstname.lastname@example.org.
2. PERSONAL INFORMATION WE COLLECT ABOUT YOU AND HOW WE USE IT
2.1. Data collected.
We collect the following data about you:
- Contact form data: if you fill in the contact form, we will collect your email address, full name, the matter you are interested in and the text of the message. These data are mandatory, if you don’t provide us with all of them we cannot contact you.
- Surveys and Questionnaire data: when you participate to a survey or answer a questionnaire, we will collect you identification and contact data (full name and email address).
- Website navigation: due to the standards of communications on the Internet, when you visit our website we automatically receive the URL of the site from which you come and the site you visit when you leave our website. We also receive the internet protocol (“IP”) address of your computer and the type of browser you are using.
It is important that the personal data we hold about you is accurate and current. You are responsible for the accuracy of the information you provide to us and you are expected to update any information you provide us with.
2.2 Legal basis and purpose
The table below explains the purpose for processing your data and the legal basis we base our processing on.
|Data collected||Purpose for processing||Legal basis|
|Contact form data||Contact you and take the actions you request us||Your consent|
|Survey and Questionnaire data||Analyse the results of the survey for understanding the stakeholders’ needs regarding a data space for tourism||Your consent|
|Website navigation||Analyze global trends about the website’s usage and improve the website||Our legitimate interest to provide you with our website.|
Furthermore, all data we collect and process may be processed to comply with any judicial procedures, and to comply with any regulatory and legal obligations to which we are subject.
3. DATA DISCLOSURE
We process your personal data with strict confidentiality in accordance with applicable law. Unless otherwise stated, your personal data will not be provided to third parties. We do not sell or provide to third parties any lists with personal data, or data of any other type, nor do we generate any type of income from third parties for the data collected from our website.
Nonetheless, we may disclose data as follows:
- We may share the data with competent judicial and administrative authorities, in order to comply with a legal obligation we are subject to.
We may give access to personal data to our service providers under contracts with us for the provision of services in favor of the Consortium Members. We require all third parties to respect the security of your personal data and to process it in accordance with the law. We do not allow our external service providers to use your personal data for their own purposes and only allow them to process your personal data for specific purposes and in accordance with our instructions.
4. INTERNATIONAL TRANSFERS
We use some third-party services to run and manage our website, some of which are located outside the European Economic Area, in countries that do not generally provide adequate guarantees for the protection of personal data. However, we have entered into agreements with such providers with the necessary contractual guarantees provided by the law.
5. DATA RETENTION
We only keep your personal data for as long as it is necessary to fulfill the purposes for which we have collected it, or to comply with legal, accounting or information obligations.
In order to determine the appropriate retention period for personal data, we consider the amount, nature and sensitivity of the personal data, the potential risk deriving from an unauthorized use or disclosure of your personal data, the purposes for which we process your personal data, whether we can achieve those purposes through other means, and the applicable law.
6. SECURITY MEASURES
We implement security measures and personal data protection schemes as required by law to maintain the confidentiality and integrity of your data and protection against unauthorised access, modification or destruction.
7. YOUR RIGHTS
Under the General Data Protection Regulation, you have the right to request to access the personal data we have about your; request the correction of the personal data that we hold about you; request the erasure of your personal data; object to the processing of your personal data where we are relying on a legitimate interest; request the restriction of processing of your personal data; request the transfer of your personal data to you or to a third party, and withdraw consent at any time where we are relying on consent to process your personal data. The aforementioned rights may be effective by contacting us at email@example.com, providing proof of identity.
You also have the right to make any complaint to a competent data protection authority.
Version 1: 16/12/2022
Do you have any questions, suggestions, or would you like to contribute something to designing the data space for tourism?