Comprehensive Privacy and Personal Data Protection Policy
Miro.travel – Destination Management Company (DMC) ~ Powered by DSI Engine.
Personal Data: Information by which a natural person can be identified,
directly or indirectly.
Processing: Any operation on Personal Data,
whether automated or not, such as collection, registration,
organization, storage, modification, consultation, use, communication,
transfer, or deletion.
Data Controller: Miro.travel, which
determines the purposes and means of processing personal data.
Data
Processor: Any natural or legal person that processes data on behalf of
the Controller.
This Policy applies to:
- The website www.miro.travel and its
subdomains;
- Contact, subscription, reservation forms, or
registration for activities;
- Applications, platforms, or
third-party integrations (Google Maps, CRMs, WhatsApp Business, Meta,
etc.);
- On-site activities (receptions, experiences, events);
-
Loyalty programs, surveys, or interaction at fairs and trade events;
-
Communications via email, SMS, calls, social networks, or messaging
apps.
a) Identification Data:
- Full name, nationality, ID or
passport;
- Date of birth, gender, and marital status (where
necessary).
b) Contact Data:
- Email address, phone
number, postal address.
c) Travel Preferences:
- Origin,
destination, travel dates, accommodation type, special requirements,
allergies.
d) Financial and Billing Data:
- Card info,
account data, payment or reservation history.
e) Digital
Data:
- IP address, device type, browser, site behavior, cookies,
advertising ID, approximate geolocation (GeoIP).
f) Sensitive
Data (only with explicit consent):
- Health, accessibility, medical
needs, religious beliefs when impacting service logistics.
g)
Data collected on-site:
- Information registered upon arrival,
check-in, tours, transport, events, questionnaires.
- Web forms, CRM, messaging tools, apps;
- Service providers, tour
operators, booking platforms;
- Direct communication with agents or
staff on-site;
- Surveillance cameras in owned or shared
facilities;
- Advertising platforms with tracking (Google Ads,
Meta).
- Reservation confirmation, administration, and follow-up;
-
Logistical execution of services on-site;
- Issuance of invoices,
receipts, contracts;
- Contact before, during, and after the
trip;
- Legal and regulatory compliance;
- Statistical
analysis, operational traceability, and service improvement;
-
Promotional content, personalized offers, surveys (with prior
consent);
- Fraud prevention, incident or risk management;
-
Physical protection of facilities and guests (CCTV).
- Explicit consent;
- Contractual execution;
- Legal
compliance;
- Legitimate interest to improve tourism
services.
Personal data will be retained:
- Throughout the contractual
relationship;
- As long as legal or contractual obligations
exist;
- Until the holder requests deletion, unless restricted by
law;
- For extended periods in anonymized form for statistical
purposes.
Miro.travel implements technical and organizational security measures
to:
- Protect data from loss, destruction, unauthorized access, or
disclosure;
- Encrypt sensitive data in transit and storage;
-
Manage access credentials and internal controls;
- Conduct audits
and train staff regularly.
Data may only be shared with:
- Service providers required for
execution (hotels, transport, guides);
- Technological platforms
under confidentiality agreements;
- Regulatory or judicial
authorities as required by law;
- Affiliated or subsidiary
companies for administrative/logistical purposes.
In case of
international transfers, we ensure adequate mechanisms such as standard
contractual clauses or interinstitutional agreements.
You may exercise the following rights:
- Access your personal
data;
- Rectify inaccurate or outdated data;
- Delete data
when applicable;
- Object to non-essential processing;
-
Restrict processing under certain conditions;
- Request data
portability where technically feasible.
To exercise your
rights, contact us at: [email protected]
We will respond within a
maximum of 30 days, unless the request is complex.
Miro.travel may update this Privacy Policy at any time. Changes will be published with an effective update date. Continued use of our services implies acceptance of these changes.
**Data Protection Officer**
📧 [email protected]
🌐
https://miro.travel/contact