Privacy Policy

1. Introduction

At DisvoDisvi ("we," "our," or "us"), we value your privacy and are committed to protecting your personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website at disvodisvi.com, use our services, or communicate with us.

Please read this Privacy Policy carefully. If you do not agree with the terms of this Privacy Policy, please do not access our website or use our services.

2. Information We Collect

We may collect several types of information from and about users of our website and services, including:

2.1 Personal Data

Personal Data refers to information that can be used to identify you individually. This may include:

Contact information (name, email address, postal address, phone number)
Booking information (tour preferences, dates, group size)
Payment information (processed through secure third-party payment processors)
Communication data (inquiries, feedback, reviews)
Marketing preferences

2.2 Non-Personal Data

We also collect non-personal data that does not directly identify you, such as:

Usage data (pages visited, time spent on site, navigation patterns)
Technical data (browser type, operating system, device information)
Location data (general geographic location based on IP address)
Anonymous analytics data

3. How We Collect Information

We collect information in the following ways:

3.1 Direct Collection

Information you provide when you:

Fill out forms on our website
Subscribe to our newsletter
Book an excursion
Contact us via email, phone, or social media
Leave a review or comment

3.2 Automated Collection

Information collected automatically when you visit our website through:

Cookies and similar tracking technologies
Web analytics services
Server logs

For more information about cookies, please see our Cookie Policy.

4. How We Use Your Information

We may use the information we collect for various purposes, including:

4.1 Providing Services

Processing and confirming bookings
Organizing and conducting excursions
Responding to inquiries and requests
Providing customer support

4.2 Business Operations

Improving our website and services
Analyzing usage patterns and trends
Detecting and preventing fraud or misuse
Managing our business needs

4.3 Communications

Sending service-related notifications
Providing updates about our services
Sending marketing communications (with consent)
Responding to your feedback

4.4 Legal Obligations

Complying with legal requirements
Enforcing our terms and policies
Protecting our rights, privacy, safety, or property

5. Legal Basis for Processing

Under the General Data Protection Regulation (GDPR), we process your personal data based on the following legal grounds:

Contractual Necessity: Processing necessary to fulfill our contractual obligations to you (e.g., providing excursion services you've booked).
Legitimate Interests: Processing necessary for our legitimate interests, provided these interests don't override your fundamental rights and freedoms (e.g., improving our services).
Consent: Processing based on specific, informed, and unambiguous consent you have provided (e.g., marketing communications).
Legal Obligation: Processing necessary to comply with legal obligations (e.g., tax reporting requirements).

6. Disclosure of Your Information

We may share your personal data with the following categories of recipients:

6.1 Service Providers

Third-party vendors who perform services on our behalf, such as:

Payment processors
Email service providers
Website hosting providers
Analytics providers

These service providers are only authorized to use your information as necessary to provide services to us.

6.2 Business Partners

With your consent, we may share information with trusted business partners, such as:

Local tour guides and operators
Transportation providers
Accommodation providers, when applicable

6.3 Legal Requirements

We may disclose information when legally required to do so:

To comply with applicable laws and regulations
In response to a court order or legal request
To protect our rights, property, or safety
In the event of a merger, acquisition, or business transfer

7. Data Security

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction. These measures include:

Encryption of sensitive data
Secure networks and systems
Access controls and authentication procedures
Regular security assessments

However, no method of transmission over the Internet or electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your personal data, we cannot guarantee its absolute security.

8. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, including any legal, accounting, or reporting requirements. The criteria used to determine our retention periods include:

The period needed to provide services to you
Legal obligations that require us to keep data for a certain period
Statute of limitations for potential legal claims
Business operational needs

When personal data is no longer needed, we securely delete or anonymize it.

9. Your Data Protection Rights

Depending on your location, you may have certain rights regarding your personal data, including:

Right to Access: Request information about the personal data we hold about you.
Right to Rectification: Request correction of inaccurate or incomplete data.
Right to Erasure: Request deletion of your personal data under certain circumstances.
Right to Restrict Processing: Request limitation of processing your personal data.
Right to Data Portability: Receive your personal data in a structured, commonly used format.
Right to Object: Object to processing of your personal data for certain purposes.
Right to Withdraw Consent: Withdraw consent previously given for data processing.

To exercise these rights, please contact us at [email protected]. We will respond to your request within 30 days.

10. International Data Transfers

We are based in Denmark, and your data is primarily stored and processed in the European Economic Area (EEA). However, some of our service providers may be located outside the EEA, which may involve transferring your data to countries with different data protection laws.

When we transfer personal data outside the EEA, we ensure appropriate safeguards are in place, such as:

Standard Contractual Clauses approved by the European Commission
Adequacy decisions for countries deemed to provide adequate protection
Other legally approved transfer mechanisms

11. Children's Privacy

Our website and services are not directed to children under 16 years of age. We do not knowingly collect personal data from children under 16. If you are a parent or guardian and believe your child has provided us with personal data, please contact us, and we will take steps to delete such information.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or for other operational, legal, or regulatory reasons. We will post the updated Privacy Policy on our website with a revised "last updated" date. We encourage you to review this Privacy Policy periodically.

Significant changes may be notified to you through email or a prominent notice on our website.

13. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

DisvoDisvi

Nyhavn 43

1051 Copenhagen

Denmark

Email: [email protected]

Phone: +45 12 34 56 78

14. Data Protection Authority

If you are located in the European Union and believe we are processing your personal data unlawfully, you have the right to lodge a complaint with your local data protection authority. In Denmark, this is:

Datatilsynet

Carl Jacobsens Vej 35

2500 Valby