About Ctn.ttnbtm.com / Legal info

Legal info

  • General Terms of Service (in Ukrainian)
  • Personal data protection (Privacy policy)
    1. This Privacy Policy on Personal Data Protection developed by the Agency (hereinafter referred to as “the Policy”) is integral part of the General Terms of Service, which is accessible at the following link: https://ctn.ttnbtm.com/en/content/agreement-bookings-creation-and-cancellation.html

    2. When placing an Order/Booking and/or paying for services for Customers, the information on such Customers provided by you, is collected and processed by the Agency as a data controller pursuant to this Privacy Policy and EU General Data Protection Regulation 2016/679 as of 27 April 2016 («GDPR»). You as an Agent is also deemed data controller of the Customer’s personal data. You shall ensure that you have valid legal grounds to collect, process and transfer Customer’s personal data to the Agency.   By submitting such information on Customers, you confirm that the Customer is aware of these terms and conditions and understands its consequences, and gives his/her unconditional and full consent to the collection and processing of his/her personal data in accordance with these terms, and agrees that access to such information is available through “My Account” section of the Agent. In case, when you shall obtain Customer’s consent to the collection and processing of his/her personal data according to this Policy, the consent must be in a format that can be reproduced in writing.

    3. Regarding additional information related to the processing, place of storage and use of the personal data, please contact the Customer Care Service or send your requests to the Agency’s address.

    4. Upon Customer’s consent to the collection and processing of his/her personal data required for rendering of the Services selected and booked in his/her name, you shall notify the Customer of the following (the information below is related to the Agent’s personal data if the Agent meets the requirements of a personal data subject):

    4.1. What is personal data? Personal data — information related to an individual who is identified or can be identified, regardless of the form and format of such data (e.g., first name and last name, email address, number and series of a passport, etc.).

    4.2. What type of personal data about the Customer we collect and process: We receive and store any information on Customers you leave on the Website, provide for the Customer Care Service or the Agency in any other way, and to the extent necessary to provide the services or to execute contractual relationships with you. Further, personal data may be collected and processed automatically when you are using this Website (e.g., through cookies).

    4.3. Through your use of the Website, we collect, receive, store and process the following personal data (if such data is required for rendering of the selected service and entered by the Agent during Order placement):
    • first name, patronymic, last name, date of birth, gender, citizenship, mobile phone number, postal address and email address;
    • data of the documents necessary for identification purposes (e.g., number and series of passport, its expiration date);
    • bank payment card data (payment card number, expiration date, CVC/CVV-code, and cardholder name), including data on the payment card of the individual, if applicable;
    • logfiles (IP address, browser type, referring / exit pages on the Website and URLs, the number of clicks and methods of interaction with the Website, domain names, landing pages/content, pages/content viewed, device ID and device location);
    • profile information (preferences, details of your historical searches, historic booking details, travel plans and other information);
    • Agent’s content (feedback and comments that you upload to the Website);
    • your behavior (your activity on the Website, time and location of login, comments and uploads);
    • any other information which you leave voluntarily on the Website.
    These personal data may be collected via cookies (please see below).

    4.4. Also, we may request for additional information that may include “sensitive” personal data in order to provide you with the highest possible level of service. Such data may be related to Customer’s preferences with respect to the choice of a seat in the vehicle or hotel, meals, necessity of additional accompaniment or use of additional equipment when using the services. Such “sensitive” data shall be provided by the Agent/Customer on their own initiative and upon their explicit consent and only if the service provision is impossible without such “sensitive” data. The transfer of such sensitive personal data to third parties, even outside the Europe may be required during the provision of the services requested from us based on mandatory legal provisions.

    4.5. Collection of data of underage persons. The Agency shall process personal data of underage persons exceptionally in cases when such information is provided by their parents or legal representatives and with the purpose to create a Booking only. If the Agency becomes aware of the provision of personal data by underage persons without the consent of their parents or legal representatives, or in cases of parents’ or legal representatives’ requests for deletion of personal data, such information will be deleted within the reasonable term, and the Agency will make every effort not to store and process the personal data of the underage person.

    4.6. Automated data collection and Cookies. As most websites and mobile applications, we use automated collection of information about Website users, cookies, provided that you have granted your consent to their use (e.g. through the banner on our Website) in order to optimize our services and the Website, unless cookies are required for strictly technical functioning of the Website.

    When using this Website, there is an automated collection of information on the device you use to visit the Website, e.g. software, operating system, IP address, the source of links and this Website, webpages clicked on by you, links you have used to access the Website, etc. (details about the processed data categories see above). Such automated data collection takes place with the purpose to adjust the use of the services of the Website and offers intended for you, as well as to prevent possible fraud.

    The automated collection of some data and the use of the technologies “cookies” and “web beacon” improve the functions of the Website and development of the most convenient use of Website services, as well as help us assess the implementation of advertising and marketing campaigns, offer information which may be of interest to you and useful for you, and building usage profiles for market research.
     
    “Cookies” are small text files that can be stored on your computer (or any other device) during you first visit of the Website and allow us to recognize your computer during your visit (for example, in order to remember our data for logging into the “My Account” section). We mainly use (i) functional cookies that do not gather personal data and (ii) cookies that help us to compile aggregate data about user traffic and interaction so that we can offer better Website experiences and personalized advertisement. We may also use third party services that track this information on our behalf. You can choose to have your device warn you each time a cookie is being set or you can choose to turn off all cookies. However, if you disable cookies, some features may be disabled and some of our services may not function properly.

    4.7. Google Analytics. We use Google Analytics, which is a web analytics tool that helps us understand how visitors engage with our Website. The following information is collected by Google Analytics: browser, type of gadget, model of gadget, location, country, city, service provider, screen resolution (on mobile), time on the Website, language, operating system, visited pages on the Website. The information generated by cookies about the use of the Website (including the user's IP address) may be transmitted to and stored by Google on servers outside the country of your company registration (e.g. in the USA). Google uses the information to examine the Website’s usage, prepare reports on the Website activities and to offer other optional services. Google may supply this information to third parties if Google is legally required to, or if third parties process the information on Google's behalf.

    The Google Analytics cookies expire in 730 days (default value) and will be kept on your device for that period of time, unless, of course, you remove them manually. You can at any time disable collection of your data by Google Analytics, as described here — https://tools.google.com/dlpage/gaoptout/.

    4.8. How do we use data of Customers. We use personal data to:
    • ensure the provision of services and execution of contractual relationships with Suppliers/Carriers concerning the services ordered by Customers;
    • to communicate with you concerning the ordered Services and send confirmation of the Booking;
    • perform, process and edit the Booking;
    • provide support and customer service in the use of the Website and the Website services;
    • provide information on existing and future services and offers;
    • improve the performance and quality of the Website; provide answers to requests and comments;
    • encourage to participate in our surveys and provide feedback;
    • find out the services which may be of interest to Customers;
    • satisfy claims; notify of possible illegal or unlawful acts;
    • solve any issues which may arise under or in respect of the fulfillment of the General Terms of Service and the Agency Agreement;
    • for any other purposes necessary in order to fulfill our contractual obligations about which we will notify prior to the new processing takes place. If required, we will seek your consent before commencing the new data processing activity.
    Payment card data shall be used to confirm payment for the Booking created by you on the Website.

    Please note that the provision of services might be impossible if some personal data of Customers have not been provided by you.

    Upon your consent, we will also process your personal data (name, email address and preferences) in order to send you periodic emails (newsletters) as well as push notifications regarding our services, special offers, promotions and ancillary services.

    The Agency strives to provide you with the highest possible level of service. Thus, we may send you information with the list of offers on our Website which may be of interest to you and which may be related to the services selected by you, upon your consent. If you do not wish to receive such emails, you may opt out of receiving them.

    4.9. Profiling. Based on your and Customers’ consent we may collate and analyze your consumption and usage behavior data to perform profiling in order to provide you with offers tailored to your needs, preferences and interests. Offers may include inter alia discounts on services. Offers means offers of the Agency or our business partners.

    Profiling is any form of automated processing of your and Customers’ personal data consisting of the use of personal data to evaluate certain personal aspects relating to you/Customers, in particular to analyze or predict aspects concerning economic situation, health, personal preferences, interests, reliability, behavior, location or movements of Customers.

    4.10. Legal basis for data processing. Our legal basis for collecting and using the personal data described above will depend on the personal data concerned and the specific context in which we collect it. However, we usually will process personal data only (i) where we need the personal data to provide the services or execute the contractual relationship with you, (ii) where we have your/ Customers’ consent to do so, or (iii) where the processing is in our legitimate interests and not overridden by your/ Customers’ rights. In some cases, we may also have a legal obligation to collect personal data from you and Traveler.

    4.11. Data Storage. We store personal data we collect from you where we have an ongoing legitimate need to do so (for example, to provide you with a service you have requested or to comply with applicable legal, tax or accounting requirements) or for the period of limitation prescribed in the relevant laws. When we have no ongoing legitimate need to process your personal data, we will either delete or anonymize it or, if this is not possible (for example, because your personal data has been stored in backup archives), then we will securely store your personal data and isolate it from any further processing until deletion is possible. In the case of consent-based data processing, personal data will be processed until the consent is withdrawn.

    4.12. Transfer of Customers’ data. To the extent it is necessary for the proper provision of the selected and booked services, we transfer Customers’ personal data to third parties as indicated below since the services could not be provided without such transfer:
    • Suppliers/operators, e.g. hotels, airline carriers, bus carriers, GDS, railway carriers, etc. which render the services you booked. All the services on this Website, which are offered by third parties, are marked as such on our Website. We do not give your email address to Suppliers, unless it is required for the performance of the services which you booked through the Agency. The Suppliers may use such data for the purposes of rendering booked (or similar) services to the Travelers and other purposes, defined by the Suppliers. We do not impose any other restrictions on Suppliers with respect to the use or disclose of other types of personal data.  However, we recommend that you get acquainted yourself and acquaint Customers with the personal data protection policy of each Supplier that performs the services you booked on this Website. The Suppliers may contact you or Customer in order to obtain additional information on Customers, help you with the booking of services, or answer your requests. Please note that we do not supervise the data protection policy of the Suppliers;
    • Independent operators (suppliers), which offer services and act on our behalf, as well as operators, which process payment card data, business analytics, customer service managers, marketing consultants, experts, who distribute questionnaires or other offers and are in charge of prevention of payment fraud. We may as well allow independent operators to use personal data on our behalf if it is required for the proper functioning of our Website or sending of online messages, which may be of interest to you. Independent operators obtain access and collect the information required for their operation. They are not allowed to share such data or use them for any other or their own purposes. They must, in the same manner as we, abide by the same data protection terms;
    • Business partners, with whom we jointly offer products and services or their products and services on our Website. You may see whether the services, which you requested, belong to a certain independent company. In this case, only the business partner name is given or is accompanied by our name. If you accept their services, there is the possibility that we share your and the Customers’ information with such business partner. Please note that the Agency does not supervise the data protection policy of such business partners;
    • We may also share Customers’ personal data to the Agency Affiliates, representatives, officers, agents, employees, or partners of the Agency in order to implement the terms and conditions set out in the General Terms of Service and the Agreement concluded with the Agent, as far as it is required to render ordered services.
    • If applicable, you agree that in order to render the services you are contracting, Customers’ personal data will be included in a data file whose data controller is the Spanish company Amadeus IT Group, S.A. The Customer may exercise his/her rights of access and rectification by notice (preferably in English) to [email protected].
    4.13. Cross-border transfer of data. The Customer confirms and agrees that in order to provide the services that you have requested, the Agency may transfer his/ her personal data to recipients located outside of the country of your company registration and Europe in order to obtain the proper level of the services ordered. Thus, Customers’ personal data may be accessed by the Agency Affiliates and data processors and service providers from countries that do not provide the same level of data protection as provided in the European Economic Area. The storage and processing of Customer’s personal data may be carried out on the servers and media owned/leased by the Agency, operators or independent contractors that may be located in any country of the world (including, but not limited to, the countries of the European Union or European Economic Area, the USA, Canada).

    Therefore, the Agency, where applicable, will take all reasonable measures which in relation to the recipients of Customers’ personal data, is necessary to ensure an adequate level of protection as defined by the applicable data protection law, in particular through the application of the Standard Contractual Clauses issued by the European Commission or by a decision of the European Commission which states that the country in which the recipient of the transferred data is provides an adequate level of data protection. The Agent confirms that the Customer is aware, confirms and agrees that based on his/her chosen travel destination his/her personal data may be transferred to the countries (Suppliers’ country of registration/operation, airports, etc.), where an adequate level of protection of personal data cannot be ensured.
    Any cross-border data transfer is be limited to those categories of data and recipients that are required to comply with the terms and conditions of the Agreement, these provisions, and to render the ordered services.

    5. How do we protect personal data. The Agency takes all reasonable measures to ensure the privacy and protection of Customers’ personal data, as well as implements general organizational and technical security standards to prevent possible loss, misuse, unauthorized access and disclosure, modification or destruction. Taking into consideration peculiarities and threats in the information space, the Agency cannot ensure absolute protection of your data and Customers’ data, but will do its utmost to protect the personal data at the highest possible level. We abide by the requirements of the applicable data protection laws, requirements in respect of payment processing on the Website (according to market safety standards) and internal privacy policies on data protection of the Agency.

    6. Customer’s rights. Pursuant to the applicable laws as well as Art 13 et seq GDPR, the Customer has the right to request access to personal data; request rectification of personal data; request erasure of personal data; request restriction of processing of personal data; request data portability; object to the processing of personal data (including objection to profiling;); withdraw consent to processing of his/her personal data, where applicable.
    In that case, please contact the Customer Care Service or send your request to the address of the Agency.

    If the Customer thinks his/her privacy rights have been breached, he/she may lodge a complaint with an authority of the European Union country of his/her habitual residence, place of work or of an alleged infringement. Contact information for these authorities can be accessed at http://ec.europa.eu/newsroom/article29/item-detail.cfm?item_id=612080.

    Edition of this Privacy Policy is effective as of 25 May 2018
    Was this article helpful?
    Yes No

    If you haven't found an answer to your question, please contact our Customer Care Service

  • Law of Ukraine "On Protection of Personal Data"
  • IATA Agreement
  • Antifraud policy
  • Anti-fraud payment verification
Sending a CV for vacancy

Congratulations! Your CV has been successfully sent.

ОК
Sending a CV for vacancy

Unfortunately, there was a failure while sending. Try again

ОК
Unique user session identifier for communication with Customer Care Service: 1403991524
+38 044 500 55 17 [email protected]
Ukraine, 79019, Lviv, 4-E Khimichna Street, room 501

Email: [email protected]
Ctn.ttnbtm.com
2015-2025 ctn.ttnbtm.com