Personal Data Protection
Part 1 – Declaration about personal data protection
The protection of your personal data is important to us. At Leo Express Global a.s., with its registered office at Řehořova 4, 130 00 Praha 3, Identification Number 290 16 002, registered in the Commercial Register maintained by the Municipal Court in Prague, Section B, Insert 15847 (hereinafter referred to as Leo Express), we commit to protect the provided personal data.
Below you will find information about why, how and which data we process in Leo Express, including information on how to contact us if you have any questions regarding the processing of your personal data. We commit to handle your data in a way to prevent their abuse.
Part 2 – Basic terms and information
Personal data – personal data is every information about identified or an unidentified natural person (data subject).
Data subject – data subject is a natural person, which personal data refer to and which it is possible to identify by personal data or which is identifiable.
Personal data administrator - an administrator is a natural or legal person, which defines aims and means of personal data processing and which is primarily accountable for processing. Unless stated otherwise in these policies or terms of service, the personal data administrator is Leo Express.
Personal data processor - The processor is a natural or legal person which processes personal data on behalf of the controller on the ground of the controller’s instructions.
Processing of personal data - processing means any operation or set of operations which is performed on personal data or sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
Which legal regulation covers personal data processing?
The processing of personal data is governed primarily by Regulation of the European Parliament and of the Council (EU) 2016/679 from 27. April 2016 about protection of natural persons with regard to the processing of personal data and to the free movement of such data and repealing Directive 95/46 / EC (General Regulation on the protection of personal data).
Part 3 – Processing of personal data in Leo Express
To what extent will be my personal data processed?
We will process your personal data to the extent in that they have been provided to us, namely: the name, surname, e-mail, birthdate, telephone number and home address.
For what purpose will my personal data be processed?
We will process your personal data for the purpose of providing travel services, that means for the purpose of booking tickets and additional services.
What is the legal basis for processing?
The legal basis for the processing of your personal data listed in point I is your agreement.
How long will you process my personal data?
We will process your personal data for the duration of your consent, unless your consent to the processing of your personal data is revoked, that means during your membership in the Smile Club Loyalty Program.
How and when can I revoke the consent to processing of personal data?
Your voluntary consent to the processing of your personal data may be revoked at any time free of charge by sending an email to: [email protected] or by requesting to deactivate the account and delete personal information in your Smile Club account (at www.leoexpress.com and the Leo Express mobile application). By revocation of consent is not influenced the lawfulness of processing based on consent prior during the time before revocation of consent. Revocation of consent also has no effect on the processing of personal data processed on the basis of a legal basis other than consent (that means in particular, if the processing is necessary to fulfill the contract, legal obligation or for other reasons stated in the applicable legislation).
Who will have access to my personal data?
We will have access to your personal data as an Administrator and, if applicable, third parties - processors who provide appropriate warranties and whose processing meets the requirements of applicable law and which ensures the proper protection of your rights. However, processors will only be able to access these data for as long as is strictly necessary and to the necessary extent.
Processors include companies of the Leo Express Group (namely Leo Express, s.r.o. and Leo Express Tenders, s.r.o.), our business partners who provide us with transport services (ALVA TOUR s.r.o., ERABUS Ltd), IT services (SYMBIO Digital, s.r.o., trueScan s.r.o.), marketing (Avedeo, s.r.o.) and other support services and our provision sellers, whose current list you can find HERE. During such handover all such requests for the protection of your personal data are always followed, and in particular a written agreement on the processing of personal data is always in place with the relevant processor.
Will my personal data be transferred outside the EU?
Your personal data in the extent of the name and surname may be transferred to the carrier ERABUS Ltd, ID Number 39430443, only in case of purchase of a ticket for connections departing from Košice (SK) to Ukraine (outside the EU territory), eventually from Ukraine to Košice (SK).
How can I contact you as an Administrator?
To manage your personal information, please contact us on: [email protected] or in writing at the address of the administrator Řehořova 908/4, Praha 3 – Žižkov. In this case, we are entitled to request proof of your identity in order to prevent unauthorized persons from accessing your personal data. In order to increase the quality of the services and to keep records of the fulfillment of the legal duties of the administrator, all communication between you and the administrator is monitored.
What rights do I have in relation to the protection of personal data?
In relation to your personal data, you have the following rights in particular:
a) the right to revoke your consent any time
b) the right to correct or supply the personal data;
c) the right to require processing restrictions;
d) the right to object or complain against processing in certain cases;
e) the right to request the transfer of data;
f) the right of access to personal data;
g) the right to be informed about a personal data security breach in certain cases;
h) he right to delete personal data (the right to be "forgotten") in certain cases; and
i) other rights stated in General Personal Data Protection Regulation No 2016/679.
Am I required to provide my personal data? What if I do not provide my personal data?
You provide your personal data entirely voluntarily. You have no obligation to provide them. If you do not provide your personal information, there are no sanctions. The provision of personal data is a condition of membership in the Smile Club loyalty program, therefore you do lose your membership and all its benefits, including leo credits, ticket discounts.