We are committed to ensuring the protection of your personal data and your privacy. To better protect your privacy, we proactively provide information about the collection of personally identifiable information while using our websites. Personally identifiable information is all data that relates to you personally, such as name, address, e-mail addresses, or user behavior (hereinafter referred to as: ‘personal data’).
This privacy statement is valid for all websites hosted by Tourism Group Holding B.V.
(including tours-tickets.com, lindbergh.nl, lovers.nl, xtracold.com, bodyworlds.nl, hollandpass.com, redlightsecrets.com, citysightseeingamsterdam.nl, amsterdamcitytours.com, berlincitytours.com, salzburgcitytours.com, lisboncitytours.com, athenscitytours.com, barcelonacitytours.com, madridcitytours.com, munichcitytours.com, praguecitytours.com, saintpetersburgcitytours.com, viennacitytours.com, elephantparade.com, escapefromamsterdam.com, heffer.nl, cafekarpershoek.com). Continuous technological development, changes in our services or the legal situation, and other reasons may require adjustments to our privacy statement. We therefore reserve the right to change this privacy statement at any time and ask that you regularly keep yourself informed of the current state.
As the responsible party, according to Article 4 (7) of the EU General Data Protection Regulation (GDPR), we hereby inform you that our contact information is Tourism Group Holding B.V, New Yorkstraat 3, 1175 RD Lijnden, Netherlands. For questions or if you would like more information on our privacy statement, please contact firstname.lastname@example.org.
Information on use of personal data and storage
Proactive information about how we use and protect your personal data is very important to us. Depending on the user experience you have chosen before using our website(s) (Minimal, Standard or Optimal) all personal data that is provided to us, will be used in the context of providing (intermediary) services in connection with the execution of the agreement.
For you as an end user of our website(s) it is important for us to ensure that the personal data that is provided to us by you is complete, accurate and up to date and that you are legally entitled to make use of our website(s), meaning that you are at least sixteen (16) years old or older at the moment of closing an agreement with us.
Collected data for execution of the agreement
If you are only using the website for informational purposes and you do not enroll or otherwise provide us with information, we will only collect the personal data that your browser transmits to our server. If you wish to view our website, we collect data that is technically necessary for us to display our website and ensure its stability and security. Functional cookies will be stored on your device during the use of our website(s). Functional cookies are small text files that are stored on your hard drive assigned to the browser you use, and through which the place where the cookie is set accrues certain information. Functional cookies are essential for the proper function of our website(s).
Only in the case of suspected misuse in connection with bookings would we use this link information to facilitate the identification of the person responsible. The legal basis for this is The legal basis for this is Article 6 (paragraph 1 f) of the EU General Data Protection Regulation (GDPR).
We collect and save the following data for the execution of the agreement if you choose to purchase services on our website(s):
- Full name
The specification of the aforementioned data is compulsory; all other information you can provide voluntarily. We will not use your personal data for other purposes than those stated in this privacy statement or for the purpose specifically indicated when we collect it.
All collected personal data is available to you for review purposes pursuant to a simple request from you (‘Subject Access Request’). You have the right to receive a copy of the collected personal data free of charge. If you tell us that the personal data is incorrect or is used inappropriately, we will correct, update or delete the personal data as appropriate in accordance with Chapter 3 of the EU General Data Protection Regulation (GDPR). You also have right to request from us erasure of personal data (‘right to be forgotten’) or restriction of processing and to object to processing, as well as the right to data portability.
Why do we collect, use and share your personal data?
The legal bases for possible processing of personal data and its storage period vary and are described in the following sections.
Customer service (applied to all user experiences): Sharing your personal data with our customer service allows for a quick response when you need us – including helping you find appropriate entertainment and any questions you might have about your reservation. When you contact us by e-mail we will store the personal data you provide (your e-mail address, possibly your name and telephone number) so we can answer your questions and/or remarks. This information serves to substantiate your inquiry and to improve the handling of your request. All personal data is expressly provided on a voluntary basis and with your consent, meaning consent of Article 6 (paragraph 1 a) of the EU General Data Protection Regulation (GDPR). As far as this concerns information about communication channels (such as your e-mail address or telephone number), you also agree that we may also, where appropriate, contact you via this communication channel to answer your request/question. You may of course revoke this consent for the future at any time and your personal data will be deleted.
Fraud detection and prevention (applied to all user experiences): We may use personal information for the detection and prevention of fraud and other illegal or unwanted activities. The legal basis for this is The legal basis for this is Article 6 (paragraph 1 f) of the EU General Data Protection Regulation (GDPR).
Marketing Activities: We also use your personal data for marketing activities, as permitted by your consent:
If we process your personal data for the purpose of direct advertising, you have the right according to Article 21 (2) of the EU General Data Protection Regulation (GDPR)to object at any time to the processing of personal data relating to you for the purpose of such advertising; this also applies to profiling, where appropriate, insofar as it is associated with such direct advertising. In the event of your objection to processing for the purpose of direct advertising, we will no longer process your personal data for these purposes or request from us erasure of your personal data (‘right to be forgotten’).
- Personalized offers and special discounts (applied only to the Optimal user experience): Based on the information you share with us, personalized offers and special discounts may be shown to you on our website(s) or on third-party websites, including social media sites. These might be personalized offers and special discounts that you can book/use directly on our website(s), or third-party offers or products we think you might find interesting. When you make a reservation with us, we may use your contact information to send you news about similar travel-related products and services. The legal basis for this is Article 6 (paragraph 1 f) of the EU General Data Protection Regulation (GDPR). You can opt out, or unsubscribe, from personalized offers and special discounts at any time using the "Unsubscribe" link in each personalized offer or special discount, or you can administer your subscriptions through your account (if you've created one). You may, of course, revoke this consent for the future at any time and also have the right of erasure of personal data (‘right to be forgotten’).
How do we share your data with third parties?
Your data will not be transmitted to third parties as a general rule, unless we are legally obligated to do so or the transfer of data is necessary for implementing the contractual relationship or you have given prior express consent to have your data transferred. The legal basis for this is Article 6 (paragraph 1 a to c) of the EU General Data Protection Regulation (GDPR).
External service providers and affiliated companies (applied to all user experiences) : such as online payment vendors or shipping companies tasked with delivery, will only receive your data to the extent necessary to process your order and execute the agreement. In these cases, however, the extent of data transmitted is kept to the necessary minimum. Please note the vendor’s respective data privacy statement as well. The respective vendor is responsible for the content of third-party services, although we review services for compliance with legal requirements to a reasonable extent.
Relevant authorities (applied to all user experiences): We may share your personal information with governmental or regulatory authorities if we are required by law (or any regulation having the force of law) to do so. Such requirements may include court orders, subpoenas and orders arising from legal processes and criminal investigations. We may also disclose your personal data if it is strictly necessary for the prevention, detection or prosecution of criminal acts.
Google AdWords (applied to all user experiences): To draw attention to our services, we place Google AdWords display ads and with the use of this technology, Google, and we as their customer, receive the information that a user has clicked on an ad and was redirected to our websites. The information acquired this way is solely used for statistical analysis related to ad optimization. We do not receive any information that would allow us to personally identify a visitor. The statistics provided to us by Google include the total number of users who have clicked on one of our ads and, where applicable, whether they were redirected to a page on our website that has a conversation tag. These statistics allow us to track which search terms most often lead to our ads receiving clicks. The legal basis for this is Article 6 (paragraph 1 f) of the EU General Data Protection Regulation (GDPR).
Use of social plug-ins
Our websites use the following social plug-ins:
- Facebook (operator: Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA);
- Twitter (operator: Twitter Inc., 795 Folsom St., Suite 600, San Francisco, CA 94107, USA);
- Trustpilot (operator: Trustpilot A/S, Pilestraede 58, 5th floor, 1112 Copenhagen, Denmark).
These plug-ins typically collect data from you as standard, and transmit it to the respective vendor’s server. We have taken technical measures to ensure the protection of your privacy, which guarantee that your data cannot be collected by the vendors of the respective plug-ins without your consent. The plug-ins will not be activated until you click on the respective symbol or link, and by doing so, you give your consent to have your data transmitted to the respective vendor. The legal basis for plug-in use is Article 6 (paragraph 1 a and f) of the EU General Data Protection Regulation (GDPR). We do not have any influence over the exact extent to which your data is collected by the respective vendor. We recommend you also read their privacy policies and terms and conditions.
Protection of personal data
We maintain reasonable physical, electronic, standard security practices, including encryption, passwords and physical security measures, and managerial procedures to protect the security and confidentiality of your personal data. Only a limited number of persons within our organization are authorized to access, delete or modify your data. We will make reasonable efforts to ensure that your privacy interests are protected.
Complaint, applicable law and Jurisdiction
Any dispute arising from or related to the use of this website or to the acceptance, interpretation or observance of our Privacy Statement shall be submitted to the exclusive jurisdiction of the competent court in the Netherlands, which shall apply Dutch law.
You also have the right to lodge a complaint with an independent supervisory authority ex. Chapter 6 of the EU General Data Protection Regulation (GDPR).