Privacy Policy

Our Commitment to Personal Data Protection

At Remasia Travel hereinafter referred to as the “Company”, safeguarding your personal data is a top priority. This Privacy Policy aims to explain how we collect, use, store and share your personal data in the course of providing travel-related services. The Company primarily acts as a data controller, determining the means and purposes of processing the data you choose to share with us. We may also operate as a data processor in cases where personal data is provided to us by third parties. All processing of personal data is conducted in accordance with the provisions of the General Data Protection Regulation (EU) 2016/679 (“GDPR”).

We advise you to read this Privacy Policy thoroughly. If you do not wish for your personal data to be handled as described herein, we respectfully request that you refrain from providing it. However, please be aware that doing so may limit or prevent our ability to deliver certain services to you or engage in further cooperation.

For any questions, concerns or comments regarding this Privacy Policy, you may contact us at info@remasiatravel.com.

Purposes and Legal Bases for Processing Your Personal Data

We will only process your personal data where a lawful basis exists under Articles 6 and 7 of the GDPR. In the case of special categories of personal data, such as data relating to health, religious beliefs or trade union membership, we follow the specific requirements outlined in Articles 9 and 10 of the GDPR.

Your personal data may be collected, processed and disclosed to our trusted service providers (acting as data processors) for the following legitimate purposes:

• Contractual Necessity and Legal Compliance (Articles 6(1)(b) and 6(1)(c) GDPR):
  In fulfilling travel arrangements, we are often required by government authorities at points of departure or destination to disclose personal data for immigration, security and other border control functions. Furthermore, we may need to share your personal data, such as your full name, passport information and contact details, with airlines, hotels or other service providers in accordance with their terms. Failure to provide such data may result in our inability to offer certain services.

• Legitimate Interests (Article 6(1)(f) GDPR):
  We may process personal data to support operational objectives, including internal administration, business continuity, customer service, security management and service improvement, when these interests are not overridden by your rights or freedoms.

• Consent (Article 6(1)(a) GDPR):
  When required for marketing or similar purposes, we will process your data only with your prior consent. You will be informed beforehand if your data is to be used for such activities or disclosed to a third party for the same purpose. You have the right to object by adjusting your preferences through designated options at the point of data collection.

• Explicit Consent for Special Categories of Data (Article 9(2)(a) GDPR):
  In certain situations, we may collect sensitive data such as health-related information, dietary requirements or physical limitations in order to tailor your travel experience. Such data will only be processed with your explicit and informed consent.

We will ensure that your data is processed only for the stated, lawful purposes, and we will not further process it in a manner that is incompatible with these purposes. If new processing purposes arise, we will inform you accordingly. We retain your data only for as long as necessary to comply with legal obligations, fulfill contractual requirements and support our business operations in accordance with Articles 5 and 25(2) of the GDPR.

Types of Personal Data We Collect

We may process the following categories of personal data for the purposes stated above:

• Full name, title, email address, telephone number or mobile number
• Company name, website domain, business address and country
• Information required to fulfill regulatory obligations or requested by public authorities

This information may be collected directly from you, such as through website visits, subscription forms, emails, in-person meetings, or communication platforms (such as WhatsApp), or indirectly via third parties, for example, travel agencies. We ensure that all data collected is relevant, limited and necessary in relation to the specific purposes for which it is processed.

Disclosure and Sharing of Personal Data

We may disclose your personal data in accordance with the GDPR to the following categories of recipients:

Strategic Partners

We may share personal data with business partners who assist us in delivering services or conducting marketing activities. Data will only be shared to the extent necessary, and where applicable, your prior consent will be obtained.

Service Providers

Third-party vendors may receive your data to perform services on our behalf. These services include, but are not limited to, website hosting, IT support, payment processing, customer service, auditing, data analysis, and satisfaction surveys.

Corporate Affiliates and Transactions

Your data may be shared with affiliated entities within the Remasia Travel group. In the event of corporate restructuring, merger, acquisition or asset transfer, your personal data may be transferred to the involved entity.

Legal Obligations and Security

We may disclose your personal data if required to do so under applicable laws, legal proceedings or governmental requests. Additionally, we may disclose such data to protect our legal rights, investigate fraud, enforce our terms or safeguard our users and operations.

International Data Transfers

Such disclosures may involve transferring your personal data out of the European Union, such as Indonesia. Such transfer may take place for the purposes of providing you customer services, executing your reservation with suppliers (e.g., airlines, hotels), and providing you with services at your place of destination. For each of these transfers, we make sure that we provide an adequate level of protection to the data transferred, in particular by entering into standard contract clauses as defined by the European Commission decisions 2001/497/EC, 2002/16/EC, 2004/915/EC and 2010/87/EU. 

We will not use your personal data for online marketing purposes unless you are our customer, or you have expressly consented to such use of your personal data. You can change your marketing preferences at any time by contacting us as detailed below.

Data Processing Records

In compliance with Article 30 of the GDPR, we maintain detailed records of all data processing activities, both as a data controller and processor. These records are available to supervisory authorities in accordance with Article 31. 

Security of Personal Data

We implement appropriate technical and organisational measures to ensure a high level of security, preventing unauthorised access, alteration, loss or destruction of your data. This is carried out in accordance with Articles 25(1) and 32 of the GDPR. Personal data is retained only for as long as necessary to fulfil the purposes for which it was collected, unless otherwise required by law.

Data Breach Notifications

In the event of a personal data breach that results in a risk to your rights and freedoms, we have procedures in place to assess and address such incidents promptly. Where necessary, we will notify the relevant data protection authorities and affected individuals, as required under Articles 33 and 34 of the GDPR.

High-Risk Processing Activities

We continuously evaluate our processing activities to determine whether they are likely to result in a high risk to the rights and freedoms of data subjects, as described in Article 35 of the GDPR. When such risks are identified, we undertake a Data Protection Impact Assessment and consult with supervisory authorities in accordance with Article 36.

Your Rights Under the GDPR

As a data subject, you have the following rights:

• Right to Information (Articles 13 and 14 GDPR): You are entitled to clear information regarding how your data is processed.
• Right of Access (Article 15 GDPR): You can request confirmation of whether your data is being processed, and obtain access to your personal data.
• Right to Rectification and Erasure (Articles 16 and 17 GDPR): You may request correction of inaccurate data, and under certain conditions, the deletion of your personal data.
• Right to Restrict Processing (Article 18 GDPR): You may request limited processing of your data where legally applicable.
• Right to Object (Article 21 GDPR): You can object to processing based on your specific circumstances.
• Right to Data Portability (Article 20 GDPR): You can request to receive your data in a structured format and transfer it to another data controller.
• Right Not to Be Subject to Automated Decision-Making (Article 22 GDPR): You have the right to not be subject to decisions based solely on automated processing, including profiling, if it produces legal effects concerning you.

To exercise any of the above rights, please contact us using the details provided at the end of this document. If you are dissatisfied with our response, you have the right to lodge a complaint with your local Data Protection Authority.

Children’s Privacy

Our services are directed primarily at adults. However, we may process data relating to individuals under the age of 16. In such cases, we will obtain verifiable consent from a parent or legal guardian before processing the child’s personal data.

Third-Party Websites

Our website may include links to external websites or platforms. These third-party sites operate independently from us, and we do not control their privacy practices. We recommend reviewing their respective privacy policies to understand how they handle your personal data.

Policy Updates

This Privacy Policy may be updated periodically. Any changes will take effect upon publication. In cases of material changes, we will notify you through our website and, where required, seek your consent.

Contact Information

Remasia Travel ApS
CVR: 45483312
Borgergade 138 st. th
1300 København K, Danmark
E-mail: info@remasiatravel.com
Telephone: +45 5275 0046