PRIVACY POLICY
1. GENERAL INFORMATION
Mb Drakaras (hereinafter referred to as “we” or “Data Controller”) is the operator of this website. This privacy policy explains how your personal data is collected and processed when you use this website. The terms set out in this privacy policy apply every time you access our content and/or services, regardless of the device you use (computer, mobile phone, tablet, television, etc.).
Data Controller details:
Drakaras, MB
Company code: 306951566
Address: Gelvonų g. 62-58, LT-07156 Vilnius, Lithuania
Email: info@balticvikings.lt
We confirm that your data will be collected in compliance with the applicable European Union and Lithuanian legislation and instructions from supervisory authorities. All reasonable technical and administrative measures will be taken to protect the data collected about the website visitors from loss, unauthorized use, and/or alteration. The Data Controller’s employees are committed in writing not to disclose or distribute information obtained at work, including information about visitors of the website/social media accounts, to third parties.
Persons under the age of 14 are not allowed to submit any personal data through our website. If you are under 14 years old, you must obtain consent from your parents or other legal guardians before providing any personal information.
The terms used in this privacy policy are understood as defined in the General Data Protection Regulation No. 2016/679 (EU).
It is very important that you read this privacy policy carefully because by visiting this website, you agree to the conditions described here. If you do not agree with these conditions, please do not visit our website, nor use our content and/or services.
2. TICKET SALES
You can purchase tickets for cruises on the ship or on the Baltic Vikings website at www.balticvikings.lt. When purchasing tickets online, we collect the following personal data: your name, surname, email address, phone number, and country. The data you provide is used solely for fulfilling the order. Without your permission, this data will not be used for any other purpose, nor will it be shared or sold to third parties unrelated to the direct provision of our services. We do not store any login data for payment systems. You enter the online banking login information on the bank websites, and we do not have access to this information. The purchaser’s personal data (specifically, name, surname, phone number, email address, and bank account number) are stored for 10 years from the date of the last purchase-sale transaction. Once the active database storage period expires, personal data is automatically destroyed.
The basis for collecting and processing the purchaser’s data is the formation and execution of the purchase-sale contract (when the purchaser seeks to buy tickets from the online store).
3. WHAT INFORMATION DO WE PROCESS ABOUT YOU?
Although we strive to collect as little information about you as possible, to conduct our activities, we collect the following information:
– Information necessary to provide you with our services/products;
– Information you provide in forms;
– Information you provide when you contact us by phone or in writing.
The information we collect directly from you will be evident from the context and circumstances. For example:
– To provide services, we process the following information: name, surname, email address, phone number, payment method data, and country.
The information we receive from third parties or publicly available sources is typically:
– Your name, surname, address, phone number, postal address.
You may choose not to provide us with certain information; however, in such cases, we may be unable to provide or fully provide the services we offer.
4. COOKIE POLICY
Our website may use cookies and other tracking technologies to improve your browsing experience and analyze traffic. You may choose whether to accept the use of cookies in your browser settings at any time.
We do not link the visitor’s IP address and email address or other personal information with data that allows identifying the visitor. This means that each visitor’s session will be recorded, but the website visitor will remain anonymous.
5. DATA SHARING
Your personal data will not be disclosed to any persons, except our partners, without whom the smooth provision of services described in this Privacy Policy would be impossible. Such persons may include database software providers, database and website administration service providers, cloud service providers, etc. Your personal data may also be disclosed to government or law enforcement authorities, such as the police or supervisory authorities, but only upon request and only when required by applicable law or to ensure the safety of our rights or the safety of our clients, employees, and resources.
6. DATA RETENTION PERIOD
All personal data we collect by the means listed above is processed and stored only as long as necessary for the purposes specified in this Privacy Policy. Once the specified purpose is achieved, your personal data is deleted unless the law requires us to retain the information for tax purposes or the data may be required for pre-trial investigations. However, in any case, the retention period will not exceed 10 years. After this period, the data will be deleted in such a way that it cannot be restored. Payment data is stored for 10 years after the payment transaction. Marketing data is stored for one year from your last contact with us (call, email). Analytics data is stored and collected automatically when you use the website and is anonymized/aggregated shortly after it is received.
7. YOUR RIGHTS
You have the following rights regarding your personal data:
1) Request the Data Controller to allow you to access and rectify or delete the data or restrict the processing of your data;
2) The right to object to the processing of the data;
3) The right to receive your personal data in a structured, commonly used, and machine-readable format (right to data portability);
4) The right to withdraw consent;
5) The right to file a complaint with the State Data Protection Inspectorate.
You can exercise these rights by contacting us via the contact details provided in this Privacy Policy.
8. CONTACT INFORMATION
To exercise your rights regarding your personal data or if you notice any inconsistencies in this privacy policy, security gaps on our website, or have other questions related to the processing of your personal data, please contact us in one of the following ways:
By mail: Drakaras, MB
Address: Gelvonų g. 62-58, LT-07156 Vilnius, Lithuania
Email: info@balticvikings.lt
9. VALIDITY AND CHANGES
This Privacy Policy is effective from July 22, 2024. If we change this Privacy Policy, we will post the updated version on our website at www.balticvikings.lt. Changes and/or additions to the Privacy Policy become effective upon their publication on the website.