privacy statement

please find below how desty handles your data privacy

Introduction
Desty Nederland B.V., with its registered office at Franse Kampweg 6 (1406 NW) in Bussum (DESTY or we) is the party responsible for all data processing.
We need your personal data for the proper performance of services: providing a booking service for the Desty Travel platform via the web app on our website https://www.desty.nl/ (Web App). We process your personal data in accordance with the data protection regulations, including the General Data Protection Regulation. In this privacy statement we explain what personal data we process and for what purpose. We encourage you to read it carefully. If you have any questions, please contact us via privacy@desty.nl

. This privacy statement was last amended on 20 July 2020.

Personal data in the Web App and App
In order to perform our service of providing a booking service for travel in the best possible way, we process personal data. We only process personal data if we have a legal basis for doing so. We process personal data on one of the following legal bases:
– it is necessary for the performance of an agreement between you and Desty Travel. Examples are the data that you fill in to create an account and the data that is required for you to make a booking;
– it is necessary for us to comply with a legal obligation. We are for example required to retain certain data for a flight booking;
– it is necessary for the purpose of a legitimate interest pursued by us or by a third party. Such legitimate interest could be the enforcement of a legal claim;
– you have given your consent for the processing of your personal data. You can always withdraw the given consent, but this withdrawal has no retroactive effect.

Registration
Certain features of our platform require you to register beforehand. The purpose is to be able to deliver you our services, such as providing you the location of an available hotel room near you. Within our portal, you can access a management environment where you can set, specify and change settings. For this purpose, we use your email address, name, address details and username.
We need this data because of our agreement with you. We store this information until our services to you have ended. If you do not provide us with this information, the consequence will be that we will not be able to provide you with our services.

Location data
Sometimes our services require us to collect your location data (through GPS). If that is the case, you will be requested to grant consent beforehand.

Cookies
We collect certain data through cookies and similar technologies. A cookie is a small text file that is stored on your computer by a web browser. You can block the use of cookies by adjusting the settings in your web browser. However, this may affect the functioning of the website. For more information see our Cookie Statement.

Server log files
When using our platform, information which your browser automatically transmits to us is collected and stored for organisational and technical reasons. These are:
– Browser type/version
– Operating system used
– Referrer URL
– Host name of the accessing computer
– Time of the server query
We analyze this technical data for statistical purposes to continuously optimize our products and services and to improve our website. This data is stored separately from personal information as soon as possible and stored on secure systems. The data retention period is 30 days.

Security
We have taken technical and organisational security measures to protect your personal data from loss, destruction, manipulation and unauthorised access. All of our employees and all persons involved in data processing are obliged to comply with the data protection laws and to handle personal data confidential. In the case of collection and processing of personal data, the information is transmitted in encrypted form to prevent misuse of the data by third parties. Our security measures are constantly being revised according to technological developments.
We draw your attention to the fact that data transmission over the internet (e.g. e-mail communication) may involve loopholes in security. It is not possible to protect such data completely from third-party access. We will, however, always process personal data in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures.

Statistics and profiling
We keep statistics on the use of our platform. These statistics help us to, for example, to structure information and show you information that is relevant to you. For this purpose, we use your anonymized IP address, mouse scrolls and clicks. We store this information for up to six years.
We may collect your personal data for profiling purposes, but only after we have been provided with your express consent. We store this information for one year.

Contact form
If you send us enquiries by means of the contact form, your information, including the contact details you enter in the form, will be stored by us for processing the enquiry and in case we have any follow-up questions. We do not disclose this data without your consent. We store this information until we are sure that you are satisfied with our response.

Newsletter data
If you would like to receive our newsletter, we require from you an email address and information which will allow us to verify that you are the owner of the email address given and that you agree to receive the newsletter. No other data is collected. We use this data solely for sending the requested information and do not pass it on to third parties. You may withdraw your consent to the storage of the data, email address and its use for sending the newsletter at any time, for example via the “Unsubscribe” link in the newsletter.

Third parties
In order to be able to properly perform our service, we use other parties to process personal data on our behalf. We conclude processing agreements with these data processors that meet the requirements of the GDPR. A processor may, for example, be a financial service provider that facilitates payment on the website or an advertising agency that provides an email campaign.
We also provide personal data to third parties if we are obliged to do so pursuant to a statutory provision or a decision of the court or supervisory body, or if this is necessary in the interest of preventing, detecting or prosecuting criminal offences (such as fraud, fraud or scams).

Processing outside the European Economic Area
For technical and operational reasons, it may be necessary to transfer your personal data to countries outside the European Economic Area. We will ensure proper data protection. Where applicable, we use European model contracts (Standard Contractual Clauses) for processing outside the European Economic Area.

Disclaimer
This privacy statement does not apply to third party websites that are linked to our Web App or App. We are not responsible for how these third parties handle personal data. We therefore recommend that you read the privacy statement of these websites before using these websites. We are not liable for any damage resulting from unauthorized access by third parties to computers or files, viruses spread through advertisements or other unauthorized programs or files.

Changes to this privacy statement
We reserve the right to modify this statement. We recommend that you consult this statement on a regular basis, so that you remain informed of any changes.

Your privacy rights
You have the right to view and change the personal data that we have collected from you. You have the right to object to the processing of your personal data. In certain cases, you can also ask us to limit the processing of your personal data, erase your data, transfer your data to another data controller or have it deleted. If you wish to do any of these, please send a request to our Privacy Officer: privacy@desty.travel and indicate that it concerns a personal data request.
Please enclose a copy of your identity document so that we can be sure that you are the person submitting the request. Make sure that you black out your passport photograph and citizen service number. This is to protect your privacy. Also provide your private address. You will receive an overview of your data or a response to your request within one month of your request. We store this information until we are sure that you are satisfied with our response.

Consent
If you have given your consent for us to process your personal data, you can withdraw this consent at any time by clicking the “unsubscribe” link at the bottom of each email or by sending a letter to our Privacy Officer at the address below under contact details. Please note that withdrawal has no retroactive effect.

Right to make a complaint
You can make a complaint about the processing of your personal data. If we do not meet your request for access, rectification, objection, restriction, erasure or transfer of your personal data, you can submit a complaint with the Data Protection Authority in your country. In The Netherlands, the relevant authority is the Autoriteit Persoonsgegevens (https://autoriteitpersoonsgegevens.nl/).
If you are not happy with how the complaint is resolved, you can lodge an appeal with the courts.

Contact details
Privacy Officer: privacy@desty.nl
Desty Nederland B.V.
Franse Kampweg 6
1406 NW Bussum

x