Privacy policy

Personal data controller and contact information:

SIA “ATLANTIC TRAVEL”, reg. no. 40003692248, legal address: Merķeļa iela 5-1A (hereinafter referred to as the Company), e-mail: atlantic@atlantic.lv

Purposes of personal data processing:

Provision of tourism services (legal basis for personal data processing: fulfillment of contractual and statutory obligations), including, but not limited to:

  • for client identification;
  • for preparation and conclusion of a contract;
  • for ensuring the provision of tourism services;
  • for issuing insurance policies;
  • for issuing green cards;
  • for issuing visas;
  • for issuing invitations;
  • for accepting and issuing DHL Express shipments;
  • for reviewing applications and claims;
  • for billing administration;
  • preparation of accounting documents;
  • debt recovery and collection.

For sending commercial communications (legal basis for processing personal data: client consent or/and for receiving client subscription news on www.innermeridian.lv website).

For maintaining client files (legal basis for processing personal data: client consent)
For providing information to state and local government institutions in cases specified in legal regulations (legal basis for processing personal data: fulfillment of legal requirements).

Categories of recipients of personal data:

  • client, travel service providers, such as Company employees, travel wholesalers, tour operators, airlines, hotels, car rental companies, transfer service providers, tour operators (guides) and other related tourism service providers;
  • embassy and consular departments, related visa centers;
  • insurance companies;
  • a person who makes travel reservations on behalf of a tourist, if the tourist travels with a reservation made on his behalf by another person (for example, a family member, friend or colleague);
  • an employer, if the tourist is an employee of a company and the tourist goes on a business trip or work trip;
  • third parties with whom the Company has concluded service agreements, for example, credit institutions, information technology service providers, accounting service providers, legal service providers, postal institutions, courier service providers and other related service providers that ensure the Company’s business;
  • persons specified in legal regulations upon a justified request of these persons, in accordance with the procedure and to the extent specified in legal regulations;
  • in cases specified in legal regulations for the protection of the Company’s legitimate interests, for example, when applying to court or other state or local government institutions against a person who has infringed the Company’s legitimate interests.

Personal data categories:

Identification information (name, surname, personal identification number, passport data and/or identity card data), residential address, gender, contact information, bank details, bank payment card details (if payments can be made on site or online), information about health status (including dietary restrictions, information about disability), names and surnames of parents and/or children and other information.

Personal data protection principles:

The Company as a controller:

  • processes personal data lawfully, fairly and in a manner transparent to the data subject;
  • processes personal data adequately, appropriately and only those that are necessary for the purposes of processing
  • processes personal data in a manner that ensures appropriate security of personal data, including protection against unauthorized or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organizational measures;
  • stores personal data for no longer than is necessary for the purposes for which the personal data in question were processed;
  • informs the client why it needs personal data and what the Company will do with these personal data;
  • processes only accurate personal data and, if necessary, updates them;
  • collects personal data only for specified, explicit and legitimate purposes and does not further process them in a manner incompatible with those purposes. Except if this is necessary to perform the functions and obligations specified in legal acts.

Transfer of personal data to third countries:

Transfer of personal data to third countries: The Company will transfer the client’s personal data to third countries if this is necessary for the performance of contractual obligations (provision of tourism services).
The Company will transfer the client’s personal data to third countries only to the extent necessary to ensure the performance of contractual obligations (provision of tourism services).
The Company informs that by transferring the client’s personal data to the countries of the European Union, the member states of the European Economic Area, the territory of the State of Israel, Andorra, Argentina, Jersey, the Faroe Islands, Guernsey, Canada, the Isle of Man, Switzerland and organizations of the United States of America that have confirmed their principledness to the United States Department of Commerce and have committed to complying with the principles set by the European Commission, a level of data protection is ensured that corresponds to the relevant level of data protection in force in Latvia.

Client’s rights and obligations (access to personal data):

The client has the right to:

  • be informed about why the Company processes and uses the client’s personal data;
  • request information about what personal data the Company stores about the client. This information is provided by the Company free of charge. The information will be provided within 1 (one) month;
  • correct the data, i.e. the client has the right to correct their personal data if they are inaccurate or incomplete. The Company is obliged to provide a response within 1 (one) month. If the Company decides not to correct the data, the client will be provided with an explanation as to why they will not be corrected;
  • to erasure (the right to be forgotten). The client has the right to request the deletion of the client’s personal data or to stop processing them. The Company will not always be able to comply with the client’s request, for example, if the Company is obliged to retain the information. If the Company decides not to delete the client’s personal data, he will be provided with an explanation as to why the Company will not delete the data and will provide the client with information on his right to file a complaint with the State Data Inspectorate;
  • restrict processing, i.e. the client has the right to restrict the processing of his personal data in certain cases, for example, if the information is inaccurate. If the processing of personal data is restricted, the Company may retain relevant information in order to ensure compliance with these rights in the future. If the Company decides to lift such a restriction, the Company will notify the customer thereof;
  • data portability. If the Company processes the customer’s personal data in accordance with the customer’s consent or on the basis of a contract and they are stored in a structured, commonly used and machine-readable format, the customer has the right to request the transmission of personal data directly from one controller to another, if technically feasible. This right does not apply to personal data processed for compliance with a legal obligation to which the Company is subject;
  • object to the processing of their personal data by submitting a written request to the Company stating specific reasons relating to the customer’s particular situation.

The Client has the right to submit a request to the Company for the exercise of his/her rights until the Company or the client can realize his/her legal interests specified in the law in accordance with the procedure specified in the legal acts:

  • by appearing in person at the Company’s registered office, presenting a valid personal identification document;
  • by sending a request electronically to the e-mail address specified by the Company, signing the application with a secure electronic signature.

The Client is obliged to provide information on the change of his/her personal data in a timely manner and request its correction (for example, without informing the Company about the change of surname, the Company cannot ensure the client’s fulfillment of the obligations assumed). In the event that the client has not informed the Company about the change of personal data in a timely manner, the Company shall not be liable for any losses caused to the client.

After receiving the client’s request, the Company shall verify the identity of the requester, evaluate the request and execute it in accordance with the procedure specified in the legal acts.
The Company provides a written response to the client at the requester’s choice in one of the following ways of receiving the response:

  • when the requester appears in person, presenting an identity document;
  • by registered mail to the requester’s correspondence address specified in the request;
  • by sending a response electronically to the e-mail address specified by the requester, signing the response letter with a secure electronic signature.

The Company ensures the fulfillment of data processing and protection requirements in accordance with legal regulations. In the event of customer claims, the Company takes all necessary actions to eliminate the justified claims that have arisen. If the parties fail to find a mutual solution, the client has the right to contact the supervisory authority – the State Data Inspectorate – regarding the processing of personal data protection carried out by the Company.

Duration of personal data storage:

The Company stores and processes the client’s personal data:

  • as long as the Company or the client can exercise their legal interests specified in the law (for example, file objections, contact the Consumer Rights Protection Center or file a lawsuit in court), in accordance with the procedure specified in the legal acts;
  • in accordance with Article 10 of the Law “On Accounting” for 5 (five) years;
  • as long as the client’s consent to the relevant personal data processing is valid, if there is no other legal basis for data processing.
    Upon the termination of the above-mentioned circumstances, the client’s personal data is deleted.

PLEASE NOTE:

Providing personal data is a prerequisite for concluding concluded a Tourism Service Agreement in accordance with the Cabinet of Ministers Regulation No. 585 of 21 October 2003 “Regulations on Accounting and Organization”, Directive (EU) 2016/681 of the European Parliament and of the Council and the Law on the Processing of Aircraft Passenger Data, and with regard to complex tourism services, the Cabinet of Ministers Regulation No. 353 of 13 April 2010 “Regulations on the Rights and Obligations of a Tour Operator, Travel Agent and Client, the Procedure for the Preparation and Implementation of a Complex Tourism Service, the Information to be Provided to the Client and the Procedure for the Payment of a Security Deposit” and other legal regulations.
In the event of failure to provide personal data, the Company cannot ensure the provision of tourism services to the Client.

When processing the client’s personal data, the Company will comply with the laws and regulations in force in the Republic of Latvia and the requirements of Regulation 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, the Law on the Processing of Personal Data, as well as other applicable laws and regulations for the processing and protection of personal data.
The Company reserves the right to update this policy as necessary. Information about the updated policy will be available on the Company’s website www.innermeridian.lv).

  1. The policy has been developed on the basis of Article 24(2) of the General Data Protection Regulation
  2. Information provided in accordance with Article 13 of Regulation 2016/679 of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data

USE OF COOKIES

The company’s website uses cookies.
A cookie is a small text file that a website saves on your computer or mobile device when you open the website.
Cookies act as a memory for a specific website, allowing this page to remember your computer or mobile device on subsequent visits, including cookies can remember your settings (text size, language, etc.) and thus improve the user’s convenience when using the specific website.
If you delete cookies, you will have to manually adjust your settings every time you visit the website, and there is a possibility that some services and functions will not work after deleting cookies.
By continuing to use this website, you agree that we will collect and use cookies on your device. You can withdraw your consent at any time by deleting the saved cookies.