Processing of personal data

I. General Provisions

  1. By submitting the request form, you give consent within the meaning of the Regulation (EU) 2016/679 the European Parliament and of the Council on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (hereinafter referred to as 'the GDPR') to company Gais, s.r.o., reg. No 14086875 with its registered office at Velké náměstí 47, Kroměříž, ZIP Code: 767 01 (hereinafter referred to as: 'the Controller') to process the following personal data:
    • first name, surname
    • e-mail address
    • telephone number
  2. The processing of personal data pursuant to the previous paragraph shall take place on the basis of the legal reason specified in Article 6, paragraph 1, letter b) the GDPR i. e. for the purpose of the subsequent conclusion of the Travel Agreement or other agreements (hereinafter referred to as the “Agreement”) concluded in the performance of business activities of the Controller with the Customer (hereinafter referred to as the “Data Subject”). The Controller does not require your express consent with the above-mentioned processing.
  3. You hereby give your express consent to the Controller to the processing of the personal data referred to in paragraph 1 for the purpose of providing direct marketing – for sending commercial messages and newsletters. Providing personal data for this purpose is voluntary. You can unsubscribe from sending commercial messages and newsletters at any time.

II. Cookies

  1. The Controller's website uses cookies. On the basis of these involves the processing of personal data – third party cookies (IP addresses or domain names of computers used by users who connect to the site, URI / URL requested resources, time of the request, the method used to send the request, the size of the file obtained in response, web browsing data, browser data and other parameters related to the operating system and user). This data necessary for the use of web services is also processed for the purpose of:
    • obtaining statistical information on the use of the services (most visited sites, number of visitors per time period or day, geographical areas of origin, etc.);
    • monitoring the smooth operation of the services offered.
  2. You can set the rules for the use or blocking of cookies in your internet browser, thus expressing your consent to their processing. Here you will find instructions on how to block cookies in your web browser:
  3. The user can set to allow or deny all or only some cookies (e.g. third-party cookies). Blocking cookies can have a negative effect on the usability of the website and the service.
  4. On this website, information from the following companies is displayed to visitors who consent to cookies being placed in their browsers through the appropriate cookie settings:
    Google (cookie notice)
  5. If you object to the processing of technical cookies necessary for the operation of the website, the full functionality and compatibility of such websites cannot be guaranteed.

III. Data Retention Period

  1. The Controller shall retain personal data
    • for the period necessary to performance rights and liabilities arising from the contractual relationship between you and the Controller and to assert claims from these contractual relationships (for a period of 10 years since the termination of the contractual relationship);
    • until the consent to the processing of personal data for marketing purposes is revoked if the personal data are processed based on the consent.
  2. After the expiration of the retention period of personal data will be disposed of per under the valid legal regulation, especially Act No. 110/2019 Coll., On the processing of personal data and the GDPR.

IV. Personal Data Recipients

  1. The Controller intends to transmit your personal data to a third country (a country outside the EU) or an international organisation. Personal data recipients in third countries are providers of mailing services, data and file repositories, analysis tools, and direct marketing services.
  2. The processing of personal data may also be processed for the Controller by the following providers of processing software, services and applications used by the Controller: Google Analytics, Adwords, Facebook. Your personal data will not be provided to third parties for purposes that are not permitted by law or under this statement.
  3. Data may be provided to:
    • the data controller's employees and associates, as the responsible person, or the internal data processor and/or the system administrator.
    • other companies or entities (such as IT consultants, credit institutions, professional firms, insurance companies, etc.) with your consent and/or to perform the activities necessary for the delegated professional task and/or outsourced activities on behalf of the Data Controller as an external data processor.

V. Your Rights

  1. Under the terms of the GDPR Regulation, you have the following rights:
    • a) The right of access to personal data – you are entitled to obtain information by the Controller on whether he processes your data and, if so, what data is involved and how it is processed. You are also entitled to ask the Controller to correct, at your request, inaccurate personal data concerning you without undue delay. You have the right to add incomplete personal data at any time.
    • b) The right to delete personal data represents, in other words, the expressed liability of the Controller to destroy personal data that he processes about you, if certain conditions are met and if you request it.
    • c) You are entitled to ask for the Controller to restrict the processing of your personal data in certain cases. You have the right to object at any time to processing which is based on the legitimate interests of the Controller, a third party or is necessary for the performance of a task carried out in the public interest or during the performance of official authority.
    • d) The right to data portability allows you to obtain the personal data you have recently provided to the Controller in a common and machine-readable format. You can then pass this information on to another administrator or, if technically possible, ask the administrators to pass it on to each other.
    • e) You have right to revoke the consent with the processing of personal data at any time if the Agreement is not concluded finally by sending an e-mail to or by letter to the address of the Controller's registered office. The right to revoke the consent at any time to the processing of personal data provided under the concluded Contract (name, surname, date of birth, birth number, permanent residence address, citizenship, travel document number, e-mail address and telephone number) does not apply, as personal data are processed for the purpose of fulfilling the contract concluded with you in accordance with Article 6, paragraph 1, letter b) GDPR Regulation, not on the basis of consent to the processing.
  2. In the event the customer is in any way dissatisfied with the processing of his/her personal data by the Controller, he/she may submit a complaint directly to Controller or contact the Office for Personal Data Protection.
  3. More information about your rights is available on the website of the Office for Personal Data Protection.

VI. Personal Data Security

  1. The Controller declares that he has taken all appropriate technical and organizational measures to secure personal data. The Controller has taken technical measures to protect the data storage and storage of personal data in paper form.
  2. The Controller also declares that access to personal data is accessible only to persons authorized by him and processors referred to in Article IV based on a contractual relationship with the Controller.

VII. Final Provisions

  1. By submitting the request form, you confirm that you are familiar with the conditions of personal data protection and that you accept them in full.
  2. By checking your consent with the sending of commercial messages and newsletters, you confirm that you are familiar with the conditions of personal data protection and you accept them in full. You can revoke this consent at any time, as mentioned above.)
  3. The Controller is entitled to change these conditions. The new version of the terms and conditions of personal data protection will be published on its website and at the same time the new version of these terms and conditions will be sent to you by the e-mail address you have provided to the Controller.