Privacy Policy
Companhia Turística do Douro Lda, headquartered at Rua da Praia, 12 – 5085-042 Pinhão – Portugal, NIF 503112429, owner of the website https://ctdouro.com, understands and respects the importance of your privacy and considers the security of your customers’ personal information vital. This Privacy Policy sets out the basis on which any personal data that we acquire from customers, through this website or from them, will be processed and stored by us.
We are committed to protecting your personal information and being transparent about the information we collect and what we do with it. Therefore, please read the following information carefully.
For the purposes of the new General Data Protection Regulation Act approved by the European Commission (GDPR, Regulation EU 2016/679), we, Companhia Turística do Douro, are the Data Controller for the domains mentioned above. As our customer, you are aware of the rules contained in our Privacy Policy, as well as ensuring that other members of your party are aware of the same content and that they agree to provide their personal data in order to proceed with a reservation or other purchase on your behalf.
By making a booking/purchase or submitting your personal data via this website, you agree to the transfer, storage or processing as set out.
We will take all legally necessary steps to ensure that your data is treated securely and in accordance with this privacy policy.
Use of personal emails
Companhia Turística do Douro Lda, with the email: info@ctdouro.com, collects emails for data processing of reservations made and payments, which are kept for a period of 5 years for legal reasons associated with its services.
Companhia Turística do Douro Lda, with the email: info@ctdouro.com, occasionally sends emails related to the marketing of its services, carried out only by humans, for promotional purposes, without ever sharing them with third parties.
Only emails directed by info@ctdouro.com, are considered valid as discounts, offers and promotions of your services.
Personal Data Collected and Reasons
Companhia Turística do Douro maintains a database with the registration of its customers that it stores for 1 year, after the first contact. The data present in this database are only the data provided by the customers themselves at the time of their registration or subsequently requested for booking purposes, being collected under the terms approved by the National Data Protection Commission.
When the customer makes a reservation or submits a message, Companhia Turística do Douro automatically records certain personal data that the customer has agreed to provide. The type of data stored will be information such as “name”, “contact”, “email address” and “NIF”. In some cases, we may need other more sensitive personal data such as “citizen card and/or passport number”. All the information on personal data requested serves solely and exclusively to organise the trip or tourist service requested. All personal data provided will be treated as being of a “sensitive” nature and therefore deserve the utmost respect and care by CTDOURO.
Under no circumstances will we ask for information about philosophical or political beliefs, party or trade union membership, religious faith, private life and racial or ethnic origin, as well as data concerning the health or sex life (including genetic data) of customers. When we are preparing your trip, you may provide us with other types of information, such as dietary requirements and food intolerances, medical/health conditions, disabilities or other special information similar to the above, in order to ensure that your specific needs are met.
Thus, Companhia Turística do Douro guarantees that it has implemented and will continue to implement the security measures of a technical and organisational nature necessary to guarantee the security of the data that is provided, in order to prevent its alteration, loss, treatment and / or unauthorised access, taking into account the nature of the data stored and the risks to which they are exposed.
If the customer wishes to exercise the rights of access, rectification, cancellation or opposition that RGDP grants them, they can do so through the website or send an email to geral@ctdouro.com.
For the purposes of the law of the new General Data Protection Regulation approved by the European Commission (RGPD, Regulation EU 2016/679), we, Companhia Turística do Douro, are the Data Controller for the aforementioned domains. As our customer, you are aware of the rules contained in our Privacy Policy, as well as ensuring that other members of your party are aware of the same content and that they agree to provide their personal data in order to proceed with a reservation or other purchase on your behalf.
By making a booking/purchase or submitting your personal data via this website, you agree to the transfer, storage or processing as set out.
We will take all legally necessary steps to ensure that your data is treated securely and in accordance with this privacy policy.
Purpose of the Data
Personal data is obtained for the following purposes:
- activity linked to a travel agency or tour operator;
- provision to the parties involved in the services requested by the user to finalise the booking;
- sending electronic messages with intentions exclusively related to the reservation;
- management, administration, provision, extension and improvement of the services to which the user decides to subscribe and register;
- study of the utilisation of services by users;
- checking, updating and developing statistical systems and analyses;
- advertising, promotion and commercial prospecting activities if duly accepted by the user.
The user/customer of the website thus consents to Companhia Turística do Douro processing their personal data. In addition, the user expressly consents that the personal data may be transferred to:
- national and international authorities competent in the field of tourism, terrorism or offences against human rights, for the purposes of their own security;
- any legal entity affiliated or participated by CTDOURO or the tourist companies that have provided the contracted service, so that they use them for the purpose of correctly providing each service requested by the user;
- any certified third-party company that complies with GDPR standards, in order to guarantee data security, the management and organisation of the booking and customer process and platforms associated with marketing activities.
Your Personal Data Protection Rights and How to Exercise Them
Right of access to information: You can obtain confirmation of your personal data processed by Companhia Turística do Douro Lda, as well as information about the purposes of the processing or the deadlines for storing such data.
Right of rectification: You can request the amendment of your personal data that is incorrect or incomplete.
Right to erasure: You can request the erasure of your personal data, provided that there are no legal requirements for its retention.
Right to portability: You can receive the personal data you have provided to us in a structured form in a machine-readable digital format.
Right to object: You can object to or withdraw the consent you have previously given to a processing of your personal data.
Right to restriction of processing: You can request the restriction of the processing of your personal data in the form of: 1.Suspension of processing; 2.Limitation of the scope of processing to certain categories of data or processing purposes.
Right not to be subject to automated individual decisions: You can ask not to be subject to any decision taken solely on the basis of automated processing. These decisions are related to the definition of consumer profiles by Companhia Turística do Douro Lda, based on your tastes, interests and preferences, search and purchase history, etc. in particular to provide a quality service and tailor marketing communications.
Changes to the Privacy Policy
Companhia Turística do Douro reserves the right to update or change this Privacy Policy. You may, however, request a copy of a previous version of our Privacy Policy.