Privacy Policy

Introduction

This Privacy Policy outlines Travel Vault's (“we,” “us,” or “our”) practices regarding the collection, use, and protection of your personal data. Travel Vault operates as a brand under Hey You BV, a company incorporated in Belgium (Company Number: BE-0797.911.805). We are dedicated to safeguarding your privacy in alignment with the General Data Protection Regulation (GDPR) and applicable Belgian and EU data protection laws.

Personal Data Collection

We do not collect sensitive personal data, as defined under applicable law. However, we may collect and process your personal data, including the information you provide and the data we collect automatically.
  • Contact Information: Email address when you make a purchase or contact us.
  • Payment Information: Details necessary for processing transactions, handled via secure third-party processors.
  • Communications: Any optional feedback or support messages you provide.
  • Technical Data: Your IP address, device information, browser type, and operating system.
  • Usage Data: Pages visited, session duration, referral URLs, and interaction with our site.
  • Analytics Data: Data derived from cookies and analytics tools.

Purpose of Data Collection

We collect and process your data for the following legitimate purposes:
  • To grant you access to our digital travel maps.
  • To securely process your payments.
  • To respond to inquiries and provide customer support.
  • To enhance the functionality and user experience of our website.
  • To comply with legal obligations, including tax documentation.
We process your personal information based on the following lawful bases as stipulated under the GDPR:
  • Contractual Necessity: Required for the fulfilment of the contract for services you purchase.
  • Legitimate Interest: Necessary for preventing fraud and improving our services.
  • Legal Obligation: Required for compliance with accounting and tax laws.

Third-Party Services

Payments are processed via Mollie, a third-party payment processor. Mollie handles your payment information exclusively and never stores it on our servers. We may use analytics tools to analyse site usage and improve our platform. These tools may employ cookies and similar technologies to collect data.

Data Retention

We retain your personal information in accordance with legal and regulatory requirements:
  • Purchase-related Data: Retained for a period not exceeding seven years to comply with tax and legal obligations.
  • Technical Data (cookies, analytics): Typically anonymised and kept for a maximum of fourteen months.
  • Support and Feedback Information: Stored for a maximum of two years.

Data Sharing

We do not sell your personal information. However, we may share your data with the following entities, each of which is bound to adhere to GDPR or equivalent data protection standards:
  • Payment processors: To facilitate secure transactions.
  • Hosting and security providers: To ensure the security and availability of our services.
  • Analytics service providers: To understand our audience and enhance user experience.
All partners are required to comply with GDPR or equivalent protections.

Your Rights Under GDPR

As a user located in the EU, you have several rights concerning your personal information:
  • Right to Access: Request access to your personal information.
  • Right to Rectification: Request the correction of inaccurate personal information.
  • Right to Erasure: Request the deletion of your personal information.
  • Right to Restrict Processing: Request the limitation of processing your personal information.
  • Right to Object: Object to processing your personal information in certain circumstances.
  • Right to Withdraw Consent: Withdraw consent where applicable.
  • Right to Data Portability: Request transferring your personal information to another service provider.
  • Right to Lodge a Complaint: File a complaint with the Belgian Data Protection Authority.

Data Security

We implement appropriate technical and organisational measures to protect your personal information from unauthorised access, disclosure, alteration, or destruction. Security measures include encryption, access controls, and regular security audits.

International Transfers

All personal information is stored within the European Union. Where data may be processed outside the EU, strict safeguards, including Standard Contractual Clauses (SCCs), will be employed to ensure adequate data protection.

Cookies

We utilise cookies to provide basic functionality, facilitate analytics, and enhance the user experience. By using our website, you consent to our use of cookies. You may manage cookie settings through your web browser's options.

Updates & Changes

We may update this Privacy Policy from time to time. We will notify you of any significant changes through our website or by direct communication. Your continued use of our services after any modifications indicates your acceptance of the revised policy.

Contact Us

For inquiries regarding this Privacy Policy or for suggestions on how to improve this page, please contact us at support@cartavolta.com or mail us at: Hey You BV, Hubert Frère-Orbanlaan 553, 9000 Ghent, Belgium.