Search
Contacts
sao-miguel
sao-jorge
pico
graciosa
flore
faial
corvo

Privacy Policy

1. Introduction

This Privacy Notice (“Notice”) sets out how ANGRA 2000 VIAGENS E TURISMO LDA protects the privacy of the Personal Data of our employees, clients, partners, or any other entity with which ANGRA 2000 VIAGENS E TURISMO LDA interacts in the context of its activities.

As a travel agency, ANGRA 2000 VIAGENS E TURISMO LDA needs to collect, use, and disclose Personal Data to carry out business functions and activities, including making and managing travel bookings on behalf of its clients. At ANGRA 2000 VIAGENS E TURISMO LDA, we are committed to protecting the privacy and confidentiality of Personal Data and maintaining a controlled environment (physical, electronic, human, and procedural controls) aligned with operational risks.

Under the General Data Protection Regulation 2016/679 (“GDPR”), ANGRA 2000 VIAGENS E TURISMO LDA is the “data controller” of any personal information provided to us in the context of our relationship with our clients or any other Stakeholders.

By providing Personal Data, Stakeholders agree that this Notice applies to how we handle their Personal Data and consent to its collection, use, and disclosure as detailed in this Notice. If they do not agree with any part of this Notice, Stakeholders should not provide their Personal Data. Failure to provide Personal Data, or withdrawal of previously granted consent, may affect our ability to provide services or negatively impact the quality of services we can offer. For example, most travel bookings must be made using the traveler’s full name and include appropriate contact and identification details (e.g., passport details), and we cannot make bookings without this information. Note that there may be instances where local data protection laws impose stricter Personal Data handling practices than those outlined in this Notice. When this occurs, we will adjust our Personal Data handling practices to comply with such local laws.

2. What Personal Data do we collect?

Personal Data has the meaning given under local data protection laws and, where the GDPR applies, its meaning is as defined under the GDPR. Personal Data generally refers to data related to an individual that can be identified from that data, either alone or in combination with other available data.

Typically, the type of Personal Data we collect is necessary to facilitate travel arrangements, support bookings, or organize travel-related services and/or products on behalf of our clients.

We generally process the following types of Personal Data about our clients:

  • Contact data (such as name, residential/mailing address, phone number, email address);

  • Payment data;

  • Passport details;

  • Loyalty/frequent flyer program data;

  • Dietary requirements and health-related information (if any); and

  • Other relevant data for travel plans or as required by travel service providers (e.g., airlines, accommodation, or tour providers).

When clients contact us for other purposes, Personal Data related to those purposes may also be collected. For example, we may collect Personal Data to contact clients in the context of a competition/campaign they signed up for, or to respond to questions or comments they have sent us. We also collect data necessary for use in our business activities or those of our related entities, including, for example, financial details required to process transactions, video surveillance images used for security purposes, or other Personal Data clients may wish to provide.

In some circumstances, we collect Personal Data that may be considered sensitive under local data protection laws. Sensitive data may include (without limitation) racial or ethnic origin, philosophical or religious beliefs or affiliations, sexual preferences or practices, criminal background or alleged offenses, membership in political, professional, or trade associations, biometric and genetic information, financial data, and health information. We only collect sensitive data in accordance with local laws, with the explicit consent of the data subjects, and where reasonably necessary or directly related to one or more of our functions or operational activities (e.g., planning travel), unless required or authorized by law. Where permitted or required by local data protection laws, our clients consent to our use and disclosure of sensitive data solely for the purpose for which it was collected, unless we subsequently receive their consent for another purpose.

3. How do we collect Personal Data?

We only collect Personal Data in accordance with local data protection laws. Typically, we collect Personal Data in the context of contact with our clients, unless it is unreasonable or impractical to do so. This collection usually occurs when our clients:

  • Contact us in person, by phone, letter, or email;

  • Visit us through our website; or

  • Contact us via social media.

We may also collect Personal Data when our clients:

  • Purchase or inquire about travel plans or other products/services;

  • Enter competitions or register for campaigns/promotions;

  • Subscribe to marketing communications (e.g., newsletters);

  • Request brochures or other information.

In some cases, it may be necessary to collect Personal Data from third parties, such as when an individual makes a travel booking on behalf of another person(s) (e.g., a family or group booking, or an employer booking). In such cases, we rely on the booking person’s authorization to act on behalf of any other traveler and their consent to collect, use, and disclose Personal Data as per this Notice. Clients must immediately inform us if they become aware that their Personal Data has been provided by another without consent.

We strive to maintain the accuracy and integrity of Personal Data we store and ensure it is up-to-date. Stakeholders may contact us immediately if there are any changes to their Personal Data or if they become aware of inaccurate Personal Data. We cannot be held responsible for losses resulting from inaccurate, incorrect, defective, or incomplete Personal Data provided by Stakeholders or anyone acting on their behalf.

4. How do we use Personal Data?

We process Personal Data only when:

  • We have obtained consent (which may be withdrawn at any time, as detailed in section 8);

  • Processing is necessary to provide our services;

  • Processing is necessary to comply with legal obligations; and/or

  • Processing is necessary for our legitimate interests or those of a third party receiving the Personal Data (as detailed in sections 5 and 6).

When a client contacts us for a travel inquiry or booking, we usually collect their Personal Data to provide travel advice and/or assist in booking travel-related products/services. When a client makes a booking, we often act as an agent for travel service providers (e.g., hotels), using Personal Data as needed to provide the requested services and for the travel service provider to perform the services.

We may share data with our travel service providers (hotels, airlines, car rental companies, or other travel-related providers). These providers may also use Personal Data as described in their privacy policies. We recommend that clients review the privacy policies of any travel service providers booked through ANGRA 2000 VIAGENS E TURISMO LDA.

We act as agents for many travel service providers worldwide, so it is not possible to list all providers here. For more information on Personal Data disclosures outside the GDPR context, see section 6.

Other purposes for which we collect Personal Data include:

  • Providing services or tools clients choose to use (e.g., saving travel preferences);

  • Fraud or error detection;

  • Legal or regulatory compliance;

  • Developing and improving products/services;

  • Maintaining or enhancing client relationships, including creating client profiles;

  • Market research, client satisfaction evaluation, and feedback collection;

  • Loyalty program participation;

  • Analyzing services, including travel and sales trends;

  • Supporting internal organization and accounting;

  • Compliance with legal, customs, or immigration requirements;

  • Other purposes as authorized or required by law.

Where permitted, we may use Personal Data for marketing related to our products and services (and third parties) that may be of interest to clients, unless they opt out. Marketing communications may include email, digital marketing, and other electronic notifications.

5. What Personal Data is disclosed to third parties?

We do not sell, rent, or trade Personal Data. Personal Data is disclosed to third parties only as described in this Notice and under local laws. “Disclosure” includes transferring, sharing verbally or in writing, sending, or making Personal Data available to another entity.

Personal Data may be disclosed to:

  • Contractors, vendors, and service providers;

  • ICT solution providers supporting our services;

  • Publishers, printers, and marketing distributors;

  • Event organizers;

  • Marketing or market research agencies;

  • Courier or postal services;

  • External consultants (e.g., lawyers, accountants, auditors, or recruitment consultants);

  • Travel service providers (wholesalers, tour operators, airlines, hotels, car rentals, transfer managers);

  • Any third party to whom we assign or transfer rights/obligations;

  • Individuals booking travel on behalf of others;

  • Employers in the context of business travel;

  • Emergency contacts, if clients cannot be reached;

  • As required or authorized by law;

  • Customs or immigration services;

  • Government agencies or authorities for valid requests, including court orders;

  • Regulatory authorities or law enforcement;

  • Investigative authorities in suspected unlawful activities.

Third-party social media tools on our websites/apps may collect and share Personal Data according to their policies.

6. What Personal Data is transferred abroad?

Personal Data may be disclosed internationally to:

  • Related entities abroad;

  • Travel service providers abroad;

  • Service providers abroad supporting our services.

International transfers comply with legal safeguards where required. In jurisdictions without GDPR-equivalent protections, ANGRA 2000 VIAGENS E TURISMO LDA cannot be responsible for how recipients handle Personal Data.

7. Information Security

We implement technical, organizational, and human measures to protect Personal Data against accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or access. Personal Data is destroyed or anonymized when no longer relevant or as legally required.

8. Rights regarding Personal Data

Stakeholders may request to update, correct, delete, obtain a copy of, restrict, or withdraw consent for Personal Data. Requests should be made formally to ANGRA 2000 VIAGENS E TURISMO LDA using the contacts in section 13. Responses are generally provided within one month, possibly extended for complex requests.

Marketing communications can be unsubscribed using provided links or via the contacts in section 13. Verification of identity may be required to protect security. A reasonable fee may apply to manifestly unfounded or excessive requests.

9. Social Media Integrations

Our websites and mobile apps may include social media tools operated by third parties. These tools may collect data on website/app visits and interactions. Users can manage sharing settings and opt out of targeted marketing via social media privacy settings.

10. IP Addresses

IP addresses may be logged for system administration, security, and anonymous usage analysis. IPs may be associated with other Personal Data for purposes like marketing adaptation if the user opted in.

11. Tracking Technologies / Cookies

We may use web analytics services and technologies like cookies and web beacons. See our Cookie Policy for details.

12. Associated Websites

Our websites may link to third-party sites outside our control. We are not responsible for their privacy practices. Users should review their privacy policies.

13. Feedback / Complaints / Contact

Questions, comments, or complaints regarding this Notice or Personal Data processing should be directed to:

Contact Name: Pedro Tiago Moniz
Email: geral@angra2000.com
Address: R. Carreira dos Cavalos 26ª, 9700-167 Angra do Heroísmo

Responses will be provided as promptly as possible.

14. Changes to the Notice

This Notice may be updated. Revised versions will be published on our website with the date. In some cases, additional consent may be requested for new types of processing.