GDPR

We collect the following categories of personal data:

• Contact Information: Name, email address, phone number, and mailing address.
• Payment Information: Billing address and payment details for processing transactions.
• Travel Preferences: Destination preferences, travel dates, and accommodation details.
• Communication Data: Emails, messages, and inquiries sent to us.
• Website Data: IP address, browser type, device information, and cookies for analytics and functionality.

We use your personal data for the following purposes:

• To provide travel services and process reservations.
• To communicate with you about your bookings, offers, and services.
• To personalize your experience and recommend relevant travel packages.
• To comply with legal and regulatory obligations.
• To improve our website and services through analytics.

We process your personal data based on the following legal grounds:

• Contractual Necessity: To fulfill travel bookings and provide related services.
• Consent: For marketing communications (you may withdraw your consent at any time).
• Legal Obligation: To comply with laws and regulations.
• Legitimate Interests: To improve our services and ensure website functionality.

We may share your data with trusted third parties, such as:

• Travel service providers (e.g., airlines, hotels, and transportation companies).
• Payment processors and financial institutions.
• IT service providers for website hosting and analytics.

We ensure that all third parties comply with GDPR and process your data securely.

Your data may be transferred outside the European Economic Area (EEA) when required to provide travel services. In such cases, we ensure appropriate safeguards are in place to protect your data.

In general, we retain your data for the duration of your relationship with us and, in any case, for the periods provided for in the applicable legal provisions, for example in accounting and tax matters, and for the time necessary to meet any potential liabilities arising from the processing. We will delete your data when it is no longer necessary or relevant for the purposes for which it was collected.

Access logs to restricted areas of the Web will be deleted one month after their creation. Information related to browsing will be deleted once the web connection has ended and statistics have been compiled.

Call center call recordings will be deleted within a maximum period of 2 months, without prejudice to their retention for the time necessary to manage possible incidents or the deadlines provided for by the applicable legal provisions.

Data processed for marketing purposes, including commercial profiles, will be kept valid as long as their deletion is not requested. The media on which your consent to the processing of your data for these purposes is recorded, for example, logs of electronic form submissions, will be kept for the duration of the processing and the applicable limitation periods.

Under GDPR, you have the following rights:

• Access: Request a copy of your personal data.
• Correction: Rectify incorrect or incomplete data.
• Deletion: Request the deletion of your data (where applicable).
• Restriction: Limit how your data is processed.
• Portability: Receive your data in a structured, machine-readable format.
• Objection: Object to the processing of your data for specific purposes.

To exercise these rights, please contact us at contact@maleitravelgroup.ro

We retain your personal data only for as long as necessary to fulfill the purposes outlined in this policy or as required by law.

We use cookies to improve your browsing experience on our website. For more information, please refer to our [Cookie Policy].

We take appropriate technical and organizational measures to protect your data against unauthorized access, loss, or misuse.