GDPR Compliance

Our Commitment to GDPR

Travel Buddiz is committed to full compliance with the General Data Protection Regulation (GDPR) (EU) 2016/679. This regulation strengthens and unifies data protection for individuals within the European Union and addresses the export of personal data outside the EU.

We respect your privacy rights and are dedicated to protecting your personal data in accordance with GDPR requirements. This page outlines our GDPR compliance measures and your rights as a data subject.

Legal Basis for Processing

We process your personal data based on the following legal grounds:

• Consent: When you provide explicit consent for specific processing activities
• Contract Performance: To fulfill our contractual obligations to you
• Legal Obligation: To comply with applicable laws and regulations
• Legitimate Interests: For our legitimate business interests, balanced against your rights
• Vital Interests: To protect your or another person's vital interests

Your Rights Under GDPR

As a data subject, you have the following rights:

How to Exercise Your Rights

To exercise any of your GDPR rights, please contact us at admin@travelbuddiz.com. We will respond to your request within one month of receipt.

When making a request, please include:

• Your full name and email address associated with your account
• A clear description of the right you wish to exercise
• Any relevant information to help us locate your data
• Proof of identity (to ensure we're responding to the correct person)

Data Processing Principles

We adhere to the following GDPR principles:

• Lawfulness, Fairness, and Transparency: We process data lawfully, fairly, and transparently
• Purpose Limitation: We collect data for specified, explicit, and legitimate purposes
• Data Minimization: We only collect data that is necessary for our purposes
• Accuracy: We keep personal data accurate and up to date
• Storage Limitation: We retain data only for as long as necessary
• Integrity and Confidentiality: We process data securely and protect against unauthorized access
• Accountability: We are responsible for demonstrating compliance with GDPR

Data Security Measures

We implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk, including:

• Encryption of personal data in transit and at rest
• Regular security assessments and vulnerability testing
• Access controls and authentication mechanisms
• Staff training on data protection
• Incident response procedures
• Regular backups and disaster recovery plans

Data Breach Notification

In the event of a personal data breach that is likely to result in a high risk to your rights and freedoms, we will notify you without undue delay, and in any event within 72 hours of becoming aware of the breach, where feasible.

We will also notify the relevant supervisory authority within 72 hours of becoming aware of a breach, unless the breach is unlikely to result in a risk to your rights and freedoms.

International Data Transfers

When we transfer personal data outside the European Economic Area (EEA), we ensure appropriate safeguards are in place, such as:

• Standard Contractual Clauses approved by the European Commission
• Adequacy decisions by the European Commission
• Binding Corporate Rules
• Other approved transfer mechanisms

Data Protection Officer

If you have questions or concerns about our data processing practices or wish to exercise your rights, you can contact our Data Protection Officer at admin@travelbuddiz.com.

Right to Lodge a Complaint

If you believe that we have not adequately addressed your concerns or that we have violated your data protection rights, you have the right to lodge a complaint with your local supervisory authority.

You can find your local supervisory authority at: European Data Protection Board

Contact Us

For any GDPR-related inquiries or to exercise your rights, please contact us: