• Last updated: 3 July 2023

Definitions

• GDPR – General Data Protection Regulation Act.
• Data Controller – Data Controller means the natural or legal person who (either alone or jointly or in common with other persons) determines the purposes for which and the manner in which any personal information are, or are to be, processed.
• Data Processor – Data Processor means any natural or legal person who processes the data on behalf of the Data Controller.
• Data Subject – Data Subject is any living individual who is using our Service and is the subject of Personal Data.

1. Principles for processing personal data

Our principles for processing personal data are:

• Fairness and lawfulness. When we process personal data, the individual rights of the Data Subjects must be protected. All personal data must be collected and processed in a legal and fair manner.
• Restricted to a specific purpose. The personal data of Data Subject must be processed only for specific purposes.
• Transparency. The Data Subject must be informed of how his/her data is being collected, processed and used.

2. What personal data we collect and process

Crib Surfer Ltd collects several different types of personal data for various purposes. Personal Data may include, but is not limited to:

• Email address
• First name and last name
• Phone number
• Address, State, Province, ZIP/Postal code, City

3. How we use the personal data

Crib Surfer Ltd uses the collected personal data for various purposes:

• To provide you with the booking services
• To notify you about changes to our services and/or products
• To provide customer support
• To gather analysis or valuable information so that we can improve our services
• To detect, prevent and address technical issues

4. Legal basis for collecting and processing personal data

Crib Surfer Ltd legal basis for collecting and using the personal data described in this Data Protection Policy depends on the personal data we collect and the specific context in which we collect the information:

• You have given Crib Surfer Ltd permission to do so, by opting in and when using our service
• Processing your personal data is in Crib Surfer Ltd legitimate interests
• Crib Surfer Ltd needs to comply with the law

5. Retention of personal data

Crib Surfer Ltd will retain your personal information only for as long as is necessary for the purposes set out in this Data Protection Policy.

Crib Surfer Ltd will retain and use your information to the extent necessary to comply with our legal obligations, resolve disputes, and enforce our policies.

6. Data protection rights

If you are a resident of the European Economic Area (EEA), you have certain data protection rights. If you wish to be informed what personal data we hold about you and if you want it to be removed from our systems, please contact us.

In certain circumstances, you have the following data protection rights:

• The right to access, update or to delete the information we have on you
• The right of rectification
• The right to object
• The right of restriction
• The right to data portability
• The right to withdraw consent

7. Cookies

This website collects cookies to deliver better user experience
We will not provide your data to third parties, unless this is necessary for business operations or is required by law. We try to use as few external services as possible. Your data can be passed on to processors and parties involved in the execution of the agreement. We conclude processing agreements with these third parties to optimally protect your privacy. Your data will always remain yours. We will never sell your data to third parties.