IZIDOK also takes care of your privacy
We are IZIDOK
By “we” we simply mean IZIDOK on this page. As it should be in a privacy page, we give you our data 100% clearly:
- our company name is BARIZZA BVBA.
- registered office: Noordstraat 95, 8800 Roeselare
- enterprise number BE 0700.217.462
We work via this web platform. Our office is therefore not equipped to receive you. Of course you can call or email if you have a question about the processing of your personal data. You can find your point of contact for those questions, requests or complaints via email@example.com or +32 (0)488 940 980.
Which personal data do we process?
As part of our activities, we process the personal data of natural persons. This may include (potential) customers, contacts at tour operators, hotel chains, airlines, insurance companies, staff members, etc.
This concerns your data that is necessary for the proper execution of travel or other agreements that you conclude with us. Also for the data necessary for the correct execution of our activities to find future customers and to be able to make new interesting proposals to existing customers.
This may include your name, first name, address and contact details such as telephone number and email address, but also your language choice, your company or VAT number, your bank account number, credit card number, passport details, etc.
We process little sensitive personal data in the sense of the GDPR. Yet this can happen. Because customers are generally required to communicate certain (contact) data to us in the context of travel. Think of medical data or special wishes (related to diet, religion or restrictions) that are relevant to the trip. The client will then give his explicit permission for this strictly necessary processing. This can be done simply by accepting the general and special conditions that apply are on the travel agreement.
Other personal data may not be mandatory, but if you do not provide it, this may seriously delay or damage the performance of your travel agreement.
When subscribing to the newsletter, the person concerned will receive a newsletter at the specified e-mail address on a regular basis. We only use this email address for the services you registered for. You can of course unsubscribe at any time. You will find a link for this at the bottom of every newsletter. Or send us an email to firstname.lastname@example.org.
How do we process your personal data?
Do not worry. We do very normal things with the personal data you give us. In short: we only use your data to send you the information you asked for and your advice about your travels.
Via our online forms, by telephone or simply in a conversation you can:
- subscribe to our IZIDOK updates via email
- order services or products
- you register for an activity.
- or request information
These are the purposes for which we use your data. We may also contact you for a customer satisfaction survey or to provide information about additional or related products and services. If you are registered for our newsletter, we can, for example, inform you about trips or promotions that are of interest to you. We do this, as in the past, of course always within reasonable limits and never in an aggressive or unwanted manner.
There are also things that we explicitly do not do. This way we never pass on your data to other companies for commercial purposes. Depending on the organization of your trip, it may of course be that we (must) pass on your details (eg to a hotel that is booked for you). In order to contact you efficiently via e-mail or post, we sometimes work together with a third party who processes your data for us (eg print on the dispatch note). More on that.
On what basis do we do this?
We process your data primarily on the basis of the “consent” and “contract execution” principles. These are the most logical of the 6 provided principles in the law for processing personal data.
“Permission” means that we may only keep track of your information and inform you if you explicitly give your consent (for example, by ticking that you give your permission to email you). You can, of course, withdraw your permission at no cost (eg via the unsubscribe link in the email you receive).
If there is also an intended or current agreement, we may use your data to deliver and execute what you ordered or would order from us. Logical, but we have to put it in our privacy statement.
If we want to send you something on paper, it may also be that the “legitimate interest” basis applies. That means that we may also send you something by post if we think that you can become a better customer as a result. Of course we only do that if we think that it will also benefit you. Unlike e-mail, your explicit permission is not required here. Would you rather not do this? Let us know.
How do we get this information?
We obtain the personal data that we process, in the first place from the natural persons involved (directly or through fellow travelers). Your insurance company, their agents and medical staff can also provide information or data about you in the context of an emergency or in the interest of other customers. We, of course, never abuse this information and only use it to better help you.
As stated above, we also receive data via our online forms, by telephone or simply in a conversation if you:
- subscribe to our IZIDOK updates via email
- order services or products
- you register for an activity.
- or request information
We don’t keep them for longer than necessary
We do not keep the personal data that we process for longer than necessary for the purposes of the processing.
In principle, IZIDOK does not store the personal data for longer than 10 years from the end of the (travel) agreement you entered into with IZIDOK, or from the moment the data was obtained (taking into account the limitation period of contractual claims). If necessary, e.g. in the event of legal proceedings, we may of course keep the personal data longer.
We do not keep the personal data of our employees longer than five years after the termination of the employment contract. In the event of a legal action, the data can be processed for up to three years after the final settlement thereof.
Any sensitive data is only kept for the duration necessary for the implementation of the (travel) agreement unless we have to keep it in one way or another necessary to prove that IZIDOK has correctly executed the (travel) agreement.
We keep the personal data that we process up to date as much as possible and delete or correct them where necessary.
We protect your data as it should be
We guarantee the integrity, safety and confidentiality of personal data. That means that we take measures against data breaches. We take these measures both at technical and organizational level. We store important / sensitive personal data on our own secure servers or on third-party secure servers.
No commercial transfer to external partners
We never pass on your data for commercial reasons (another company that wants to send you advertising).
In order to a) correctly execute your (travel) agreement and b) to contact you in a professional manner, we sometimes have to share your details with a third party. We clearly explain both of these situations here.
- a) correctly execute your (travel) agreement
We will only pass on information to third parties if this is necessary to be able to book your trip or to make the trip run smoothly (for example, we must communicate certain details to suppliers of the travel arrangements, such as airlines, hotels, local service providers and insurance companies). We only provide the strictly necessary information.
The transfer of personal data to foreign parties also outside the EU (such as hotel chains, airlines, handling agents and other service providers) is, in the context of the implementation of travel agreements, absolutely necessary for the implementation of the agreement with the customer. The customer therefore gives permission for this processing in the general or special conditions of the travel agreement. It is also in the interest of the customers.
If we pass on personal data to someone outside the EU in a country that is not on a list of “safe countries” (under the GDPR), then we will enforce the appropriate security safeguards as far as possible.
- b) To be able to contact you professionally
To inform you via e-mail or post, it may happen that we are assisted by external specialized companies. Consider, for example, sending e-mails (eg an automatic e-mail to remind you of your travel date, etc.). Or we could work for a mailing with a company that prints the addresses on the envelopes and makes the items ready for shipment. For such processing, we then make the necessary personal data available to the partner who helps us with this.
For example, when you register for our e-mail updates, we use a program – like any other company – to keep track of those e-mail addresses and send your e-mail professionally. Your e-mail address is therefore processed by that e-mail program. That also happens in accordance with the strict European privacy rules. At the time of drafting this explanation, we use the well-known e-mail program Mailchimp. Mailchimp therefore has access to your e-mail address from us, but only to send our e-mails. Mailchimp protects your data and is part of a certified EU-U.S. Privacy Shield Framework
We ensure that the external partners who can assist us in processing the data or who are (also) responsible for it, comply with the provisions of the GDPR as much as possible. To this end, the aim is to conclude as many “processing agreements” as possible with the most important partners.
For you, having the rights below is simply the logic itself. The privacy legislation obliges us to inform you about these rights. Being dutiful as we are, we do that too.
- Inspection: would you like to know what we store about you? Give us a call and we will of course give you insight.
- Correction: Have we saved something wrong about you? An error in your name? In your zip code? Something else? You have the right to have your data corrected.
- Resistance: you want to stay in our database, but you don’t want us to contact you? Tell us about it. We indicate your contact preference.
- Right to limit processing to mere “storage”: this looks good on the previous point. What is the difference? At point 3 we will no longer contact you, but we may still process your data (for example for an analysis). If you invoke this 4th right, then we may only store your data (and not use it). The law determines this option as a kind of “temporary freeze”. This is necessary in case we do not agree with your request to improve your data. Very honest: even without this obligation, we would be crazy to contact you if you don’t want to.
- Right to be forgotten: do you want to leave our database? And not just limit the processing and contact options (rights 3 and 4). Then you must use this right. We then delete you from our database. Please note: that is not always the best option: if you are a customer of us, you will find it quite useful that we know your data. This forget-put option sometimes also leads to strange situations: you can come back into the database later, but because we had to delete you completely, we can no longer know that you asked us to be deleted early. It is therefore probably better to use duty 3.
- Right to oppose profiling. Based on analysis in our database, we could send one group of customers different information than the other group of customers. In the GDPR this is called “profiling”. If we did, you have the right to ask us not to do that to you or to give you the opportunity to discuss the effect of that profiling with a real employee.
- Data transfer: you may ask us to transfer the data that you have given us (so that you can share it with another tour operator). It is therefore about the data that you gave us yourself when you filled in the form you gave us (for example, by filling in a contact form).
Just like any professional site, our site needs cookies to work. A cookie is a small file that is sent by an internet server and that installs itself on the hard drive of your computer. This file keeps track of the website visited and contains some information about this visit
Most browsers are set by default to accept cookies, but you can reset your browser to refuse all cookies or to indicate when a cookie is being sent.
You can read your contact at IZIDOK at the start of this text. If you have a complaint, you can also submit it to the supervisory authority. In Belgium that is the Data Protection Authority or GBA. That is the new name for the privacy commission. You can find them here: www.gegevensbeschermingsautoriteit.be. Or here: Drukpersstraat 35, 1000 Brussels. You can also always appeal to the national courts.
This page was last updated on August 26, 2018.