Privacy policy

CONCEPTS :

1. Website – The online travel portal, www.georgiaexplore.com.

2. Company – www.georgiaexplore.com is operated by Renata Moroz, an individual company established in Georgia. The taxpayer code is 305544462, and the registered office address is University Street 24, Greenhill Residence, Terminal University, Tbilisi, Georgia.

3. Registered User – Any person registered on the Website (including both natural and legal persons).

4. User – Any person who uses the Website, whether registered or not (including both natural and legal persons).

5. Services – The services offered on www.georgiaexplore.com, including the sale of tourist service packages, booking and selling bus and air tickets, hotel reservations, mediation in the sale of insurance and car rental services, and other travel-related services. These services may be updated, added, or changed on the Website at any time. The term “Services” always includes all such services specified on the Website.

6. Account – A user account linked to www.georgiaexplore.com.

7. Partners – Legal entities with whom www.georgiaexplore.com cooperates to provide Services on the Website.

8. Cookie – A small file that is sent to a device when a person visits www.georgiaexplore.com.

9. Browser – A program designed to display web pages on the internet or on a personal computer.

10. Personal Data – Any information related to a natural person (the data subject) whose identity is known or can be directly or indirectly determined using data such as a personal code or one or more physical, physiological, psychological, economic, cultural, or social characteristics.

11. Recipient of Personal Data – A legal or natural person to whom personal data is provided, including Partners.

12. Privacy Policy – This document, which provides the basic rules for the collection, storage, processing, and retention of personal data and other important information when using the Website.

13. Law – The Law on Legal Protection of Personal Data.

14. General Requirements – The Director of the State Data Protection Inspectorate’s November 12, 2008, order no. 1T-17(1.12) “On Approval of General Requirements for Organizational and Technical Personal Data Security Measures.”

15. Website Administrator – The person responsible for the administration of the Website.

16. IP Address – A unique number assigned to each computer connected to the Internet. Because these numbers are usually assigned by country, an IP address can often be used to identify the country from which a computer connects to the Internet.

1. GENERAL PROVISIONS

1.1. This Privacy Policy (hereinafter referred to as the “Policy”) regulates the main principles of personal data collection, processing, and storage by the individual company established by E/P Renata Moroz in Georgia, taxpayer code 305544462, with a registered office address at University Street 24, Greenhill Residence, Tbilisi City, Georgia.

1.2. The Data Controller is engaged in economic and commercial activities, including the sale of travel packages, flight tickets, and other travel-related services. For the provision of these services, the Data Controller may process personal data, and if there is a legal basis, personal data may also be processed for direct marketing purposes.

1.3. Before using the services provided by the Data Controller, you must carefully read and familiarize yourself with this Policy.

2. GENERAL PROVISIONS REGARDING THE PROCESSING OF

2.1. This Policy applies to all personal data provided by Users or collected and processed by the Data Controller through the use of the Data Controller’s services and/or the Website. For the purposes of this Policy, “Personal Data” refers to any information relating to a User by which the User is identified or can be identified (directly or indirectly), and any references to Users based on such information.

2.2. The Data Controller adheres to the following data management principles:

2.2.1. Personal data is collected for specified and legitimate purposes.

2.2.2. Personal data is handled accurately and fairly.

2.2.3. Personal data is regularly updated.

2.2.4. Personal data is stored no longer than necessary for the purposes of data processing.

2.2.5. Personal data is processed only by employees who are authorized to do so.

2.2.6. All information about processed personal data is kept confidential.

2.3. When processing and storing Users’ personal data, the Data Controller implements organizational and technical measures to ensure the protection of personal data against accidental or unlawful destruction, alteration, disclosure, or any other form of unlawful processing.

2.4. The User is responsible for the accuracy, correctness, and completeness of the data provided by them. Providing incorrect data is considered a violation of this Policy. If the data provided by the User changes, they must promptly inform the Data Controller. The Data Controller will not be liable for any damage caused to the User and/or third parties due to the User providing incorrect and/or incomplete personal data or failing to request the addition and/or modification of data when necessary.

2.5. By submitting personal data, the User simultaneously grants the Data Controller the right to collect, store, systematize, use, and process all and any personal data provided by the User, directly or indirectly, when visiting the Website and using the services provided by the Data Controller, for the purposes outlined in this Policy.

3. COLLECTION AND PROCESSING OF PERSONAL DATA FOR THE PURPOSE

3.1. When the User utilizes the services of the Data Controller or services provided by third parties through the mediation of the Data Controller, the Data Controller processes personal data that Users submit directly to the Data Controller or collects data during the use of services provided by the Data Controller or when services provided by third parties are ordered through the Data Controller.

3.2. By providing their personal data, the User consents to the Data Controller managing and processing this data for the purposes, means, and procedures outlined in this Policy and applicable legal acts.

3.3. The Data Controller has the right to transfer User data to third parties when it is necessary to organize travel, including but not limited to:

3.3.1. Travel organizers;

3.3.2. Airlines;

3.3.3. Carriers;

3.3.4. Other data recipients or processors to whom data transfer is necessary to fulfill the aforementioned purposes.

3.4. The Data Controller commits to transferring data to third parties only to the extent necessary and only in cases where it is required to provide the relevant services. If certain data is not necessary for the provision of a specific service, it will not be transmitted.

4. COLLECTION AND PROCESSING OF PERSONAL DATA FOR DIRECT MARKETING

4.1. The User may receive promotional messages from the Data Controller if they have given their consent (for example, by checking “I understand and agree to the terms of purchase of the service” or by registering on the website Georgiaexplore.com) for the Data Controller to use their Personal Data for direct marketing purposes.

4.2. For direct marketing purposes, the Data Controller may send promotional messages to Users via mail, telephone (including SMS messages), or email.

4.3. Personal data processed for direct marketing purposes is not transferred to third parties.

5. USER RIGHTS

5.1. The User or their legal representative may request information from the Data Controller about the User’s personal data being processed. Once the User’s identity is verified, the Data Controller will provide the User or their legal representative with information regarding the personal data processed and the details of its processing within a reasonable period.

5.2. Upon receiving a notification from the User that their personal data in the database is incorrect, inaccurate, or has changed, the Data Controller will take the necessary steps to correct the data immediately. If it is determined that the User’s personal data, which is not required for providing services or direct marketing, has been collected, such data will be deleted from the database and will no longer be processed.

5.3. If the User objects to the processing of their personal data, the processing must be stopped immediately and without charge, except to the extent (and for the period) that such data is necessary for fulfilling the contract the User has with the Data Controller.

5.4. The User can opt out of receiving promotional SMS messages by contacting the Data Controller by phone, email, or by visiting the Data Controller’s office. To opt out of promotional emails, the User can click the unsubscribe link provided in the email. Consent to receive communications is voluntary and can be withdrawn at any time without charge.

6. FINAL PROVISIONS

6.1. This Policy is prepared in accordance with the legal acts of the Republic of Georgia.

6.2. Relations arising from this Policy shall be governed by the laws of the Republic of Georgia.

6.3. The Data Controller reserves the right to partially or fully amend this Policy.

6.4. Any additions or changes to the Policy shall take effect from the date they are published on the website.

6.5. If the User continues to use the website and the services provided by the Data Controller after the Policy has been amended, the User is deemed to have accepted these additions and/or changes.