Data Management Information

 The Weco-Travel („Data Manager” or „Service Provider”) is committed to fully respect its clients’ right referring to the data management, it manages the personal data in compliance with the provisions of the relevant law.

Data Manager’s Data, Contact Information

Name of Data Manager: Weco Travel Idegenforgalmi Kft. 

Data Manager’s Representative: Horváth Balázs ügyvezető igazgató

Seat: 1053 Budapest, Kossuth L. u. 7-9. Fsz.

Registration number: 01-09-065625

Authority/Court of Registration: Fővárosi Bíróság Cégbírósága

Tax number: 10331615-2-41

Phone number: +36 1 266 9443

E-mail address: adatvedelem@wecotravel.hu

TRAVEL SERVICES (BUSINESS, GOVERNMENTAL, UNIQUE AND INDIVIDUAL)

Objective, Term of Data Management

Objective of Data Management: performance of identification, enquiries, booking, orders required by its partners for taking mediation and/or organizational services relating to travel organization, the provision of services, preparation of statements according to the client’s requirements.

Term of Data Management: the term of the contract or service provision, until the performance of clearing obligation specified by the Accounting Act.

Scope of Managed Data

Essential, minimum data type of the concerned person taking the travel service are the following: name shown in the travel document, date of birth, e-mail address, phone number, type, number and expiry date of credit card  in case it is specified by the client as means of payment.

From the aspect of service provision not essential, processed for the purpose of comfort or preparation of statement data: IDs of airline company, hotel, car rental point schemes, travel preferences, like location of seat, dietary pattern, special requests, employee’s ID, cost centre, project number, organizational unit, purpose of travel, number of travel document, date of its issue, date of expiry, issuing country, nationality.

Data managed during the performance of the service: contact person’s name, e-mail address, phone number

Legal Basis of Data Management

Performance of the work or other type of contract with the concerned person, and legitimate interest related to the efficient business operation of our partners and to the provision of our service.

In respect of the data processed for purpose of convenience or statement, the legal basis is the consent of the concerned person.

Possible Consequences of Failure to Supply Data

Failure of the travel objective.

Data Processor

In the interest of the performance of the travel and related to it services mainly the below data processors are employed:

- Amadeus IT Group S.A. (Salvador de Madariaga 1, Madrid 28027, Spain)
- Travelport Hungary Kft. (Váci út 33., Budapest, Magyarország)
- Tulip Tours s.r.o (Go Global Travel) (6 Nam. Martina Benku., Bratislava, Slovakia)
- WWH (Weco Travel SP Z.O.O. (al. Jana Pawła II 19, Warszawa, Poland)
- Hotelbeds SLU, (Complejo Mirall Balear, Camí de Son Fangos, 100 Plama De Malloca,
  Spain)
- MikiTravel Ltd. (Vintners’ Place, 68 Upper Thames Street London, England)
- Gullivers Travel Associates (Gullivers House, 27 Goswell Road, London, England)
- AIG Europe (Chartis Europe S.A., Váci út 76, Budapest, Magyarország)
- Európai Utazási Bizotsító Zrt. (Váci út 36-38, Budapest, Magyarország)
- Colonnade Insurance S.A. (Váci u. 99, Budapest, Magyarország)
- AWP P&C S.A. – Mondial Assistance (Szabadság út 117. Budaőrs, Magyarország)
- Blacklane GmbH, (Feurigstr. 59, 10827 Berlin. Germany)
- FlixMobility  GmBH (33 Birketweg, Münich, Germany)
- Aviareps Magyrország Szolgáltató Kft – Europcar GSA (Erkel utca 13.  Budapest,
  Magyarország)
- Mercure Rent a Car Kft – Hertz Franchisee (Hertz u. 2, Vecsés, Magyarország)
- Z+T Szolgáltató és Kereskedelmi BT. – SkyFly Travel (Kandó Kálmán u. 13, Győr,
  Magyarország)
- Travelsoft Online Kft (Acsády Ignác u. 13. Budapest, Magyarország)
- Flight Refund Kft. (Rózsahegy u. 1-2, Budapest, Magyarország)

For the performance of the travel service and related to it service depending on the purpose or the travel and the required service, the Data Processor may use further data processor.

CONFERENCE ORGANIZATION, REGISTRATION

Objective, Term of Data Management

Objective of Data Management: identification, booking, performance of orders, provision of services, preparation of statements according to the client’s requirements in connection with participation on a conference or the use of intermediation and/or organizational services relating to the realization of a conference.

Term of Data Management: duration of the contract or service, until the performance of the clearing obligation as specified by the accounting act.

Scope of Managed Data

Type of the Data Required for the Provision of Services: name, job scope, number of medical stamp, e-mail address, phone number, workplace, address of workplace, billing to address, name of the cost bearer, billing to address of the cost bearer, optionally diet preferences, room requirement, credit card type, number, expiry, in case the client uses it as payment means.

Legal Basis of Data Management

Performance of the work or other type of contract with the concerned person, and legitimate interest related to the efficient business operation of our partners and to the provision of our service.

Possible Consequences of Failure to Supply Data

Failure of the conference or of the participation at the conference.

Data Processor

For the performance of the participation, organizational and related to them service mainly the below data processors are employed:

• Molcomp System Kft. (Gellért u. 17/3., Budapest, Magyarország)
• OTP Mobil Kft – Simple Pay (Közraktár u. 30-32, Budapest, Magyarország)

Depending on the purpose of the conference and the required services the Data Manager for the performance of the participation, organizational and related services may employ further data processor.

SALE OF RECREATION TRAVELS

Objective, Term of Data Management

The objective of the data management: identification, booking required for taking the intermediated services relating to our partners’ participation at recreation travels.

Term of Data Management: the duration of the contract or service, until the performance of the clearing obligation as specified by the accounting act.

Scope of Managed Data

Name shown in the travel document, date of birth, e-mail address, phone number, number of the travel document, date of its issue, date of expiry, issuing country, nationality.

Legal Basis of Data Management

Performance of the work or other type of contract with the concerned person, and legitimate interest related to the efficient business operation of our partners and to the provision of our service.

Possible Consequences of Failure to Supply Data

Failure of the participation at the travel.

Data Processor

For the performance of the participation, organization and related services mainly the below data processors are employed:

• 1000 Út Travel Kft (1054 Budapest, Kálmán Imre u. 14.)
• Adria Tours Kft (6720 Szeged, Kárász u. 9.)
• Anubis Travel Utazási Iroda Kft (1024 Budapest, Kis Rókus u. 1)
• Alpine Tours (1052 Budapest, Petőfi Sándor tér 3.)
• Apollon Travel (1065 Budapest, Bajcsy-Zsilinszky út 45.)
• Blue Sky Travel (1065 Budapest, Podmaniczky u. 11.)
• Budavár Tours (1055 Budapest, Szent István krt. 9.)
• Car Tour (1132 Budapest, Visegrádi u. 14.)
• Chemol Travel (1015 Budapest, Hattyú u. 14. VII.em.718.)
• DERTOUR Hungária (1051 Budapest, Bajcsy-Zsilinszky út 12.)
• Fehérvár Travel (8000 Székesfehérvár, Várkörút 40.)
• Grand Tours 2000 (4024 Debrecen, Vár u. 10.)
• Ibusz Utazási Irodák (1118 Budapest, Dayka Gábor u. 3.)
• Jetwing Hungary Kft (7400 Kaposvár, Fő u. 53.)
• JTB — Tumlare Corporation Hungary Kft (1051 Budapest, Bajcsy-Zsilinszky út 12.)
• Kartago Tours (1076 Budapest, Thököly út 21-23).
• Last Call Travel (1138 Budapest, Meder u. 8/d)
• Mahart Pass Nave Személyhajózási Kft 1056  Budapest, Belgrád rkp.
• Morton's Travel (6722 Szeged, Petőfi Sándor sgt.5. 1.em).
• Personal Tours Kft (1023 Budapest, Frankel Leó út 47.)
• Proko Travel (6720 Szeged, Feketesas u. 19-21.)
• Robinson Tours (8230 Balatonfüred, Gombás köz 5.)
• Ruefa Reisen Utazási Iroda Kft (1055 Budapest, Szent István krt. 25.)
• Safari Travel Utazási Iroda (1132 Budapest, Visegrádi u. 18/b)
• Sun & Fun Holidays Kft (1138 Budapest, Meder u. 8/d)
• TdM Travel Tours (2600 Vác, Budapesti főút 24.)
• Tensi Idedegenforgalmi és Szolgáltató Kft (1023 Budapest, Komjádi Béla u. 1.)
• Taurus Reisen Utazási Iroda Kft (1067 Budapest, Teréz krt. 33.)
• Unitravel Utazás szervező Iroda (1065 Budapest, Bajcsy-Zsilinszky út 27.)
• Varis Travel Utazási Iroda (2040 Budaörs, Sport u. 2-4.)
• ViaSale Travel S.L. (Calle Extremadura nr.9 Playa de las Americas, Adeje, Tenerife, Spain, 38660)
• Vivaldi Travel Kft (1065 Budapest, Révay u. 14.)

Depending on the objective of the conference and the required services, the Data Processor can use further data processor for the performance of the participation, organization and related to them services.

THIRD-PARTY MEDICAL SERVICES

Purpose of the data management:
Provision of registration to third-party (Universal Medical Solutions Kft., 2030 Érd, Köszörűs u. 30, bud@medhub.com) medical services for a different type of COVID-19 tests.

Legal basis of the data management:
The voluntary consent of the concerned person and Hungarian Accountanting Law.

Scope of the personal data concerned:
 Personal identification data such as name, date of birth, nationality, national ID, or passport number, TAJ (social security) identification. Contact Data such as e-mail address, telephone number, address of residence, billing address.

Duration of data management:
Weco-Travels retains and manages your data until the successful encrypted data transfer to the third-party service provider. From this point, the third-party service provider will be the data controller. In the case of billing data, we retain your data according to the Hungarian Accounting Law.

The consequence of failure to provide data:
The concerned person will not be able to register on our site for the services provided by the third-party service provider.

Data Processor:
Universal Medical Solution Kft. H-2030 Érd, Köszörűs str. 30., bud@umedhu.com.
Privacy Policy: https://bud.umedhub.com/ASZF_Covid19_Test_Center.pdf 

SENDING NEWSLETTER

Objective, Term of Data Management

The objective of the management of data of the Concerned Persons is sending newsletter. the objective of the newsletter is to inform the User on the actual news, products, sales, new functions in the form of electronic message of the Service Supplier including advertisement. The term of the data management is until the existence of the newsletter service or until the withdrawal of the concerned person’s consent (cancellation request).

Scope of Managed Data

Name, e-mail address of the concerned persons.

Legal Basis of Data Management

The voluntary consent of the concerned person.

Possible Consequences of Failure to Supply Data

The concerned person will not be informed on the offers of the data managers and their partners.

Data Processor

SALESmanago GmbH (Rosenstraße 17, 10178 Berlin, Germany)
Cookie used by Salesmanago: https://support.salesmanago.pl/contact-monitoring-principles-of-operation-and-scope-of-collected-data/ 

Data Safety

The Data Manager takes all the necessary technical and organizational measures and develops proper procedure policies in order to warrant the safety of the private data through the complete data management process at a level complying with the degree of risk.

For the management of the private data, the Data Manager selects and operates the applied IT devices so that the managed data/data’s:

• are accessible exclusively for the authorized persons (availability);
• authenticity and certification is ensured (authenticity of data management);
• unchanged character can be proved (data integrity);
• are protected against unauthorized access (confidentiality of data).

The Data Manager

• protects the data by appropriate measures against the accidental or unlawful annulment, loss, modification, damage, unauthorized disclosure or unauthorized access to them,
• limits the access to the private data by specifying authorization levels,
• protects the IT systems by firewall, and provides them with antivirus protection,
• during the electronic data management ensures that only those persons could access the data under linked to objective and controlled form, which need them in order to perform their tasks,
• in the interest of the protection of the data electronically managed in its different records, it ensures by appropriate technical solution that the stored data could not be directly linked each to other and to the concerned parties, except the case when that is made possible by law.

The Data Manager taking into account the actual technical development level ensures the protection of data management safety by such technical, organizational and organization structural measures, which provide a protection level complying with the risks occurring in connection with the data management.

The Data Manager maintains records of the probably occurring data protection incidents indicating the incident related facts, their effects and the remedial actions taken. The Data Manager shall report to the National Authority for Data Protection and Freedom of Information the probably occurring data protection incident without delay, and if possible not later than 72 hours after becoming aware of the data protection incident, except the case when the data protection incident is likely not to represent any risk referring to the rights and freedoms of the natural persons.

Rights of the Concerned Persons and Conditions of their Enforcement

The concerned person at any time may ask for the correction, limitation, cancellation of his/her data, and can ask for full scope concrete information on the data management. The concerned person may also ask to hand over according to the relevant law his/her personal data in a delimited format being readable by widely used device, or to transfer his/her data to another data manager. Such requests shall be performed by the data manager within 1 month. The detailed content and detailed conditions of the reinforcement of the concerned rights are included in the data management policy.

In case in the opinion of the concerned person during the data management the data manager violated law, he/she can submit a file a complaint at the National Authority for Data Protection and Freedom of Information (NAIH).

Its contact details:

• seat: 1125 Budapest, Szilágyi Erzsébet fasor 22/c.
• postal address: 1530 Budapest, Pf.: 5.
• e-mail: ugyfelszolgalat@naih.hu
• website: naih.hu.

In case during the data management the data manager violates the rights of the concerned person, the concerned person - at his/her own discretion - may go to the court being competent either based on his/her home address or place of residence. For further information referring to the court procedure, please, visit the birosag.hu website.