Privacy Policy
PRIVACY POLICY
2DOLIST
2DOLIST USA LLC
Website type: activity booking and affiliate platform
Purpose of this Privacy Policy
The purpose of this Privacy Policy is to inform users of our website about the personal data that we collect, as well as the following information where applicable:
- a. The personal data that we collect
- b. How the collected data are used
- c. Who has access to the collected data
- d. The rights of the users of the website
- e. The website's cookie policy
This Privacy Policy operates in parallel with the Terms & Conditions of our website.
Applicable laws
This Privacy Policy is intended to comply with applicable data protection regulations. Where relevant, it is also designed to be consistent with the principles of the European Union's General Data Protection Regulation (GDPR).
Personal data must be:
- a. processed lawfully, fairly and in a transparent manner in relation to the data subject (lawfulness, fairness and transparency);
- b. collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes; further processing for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes shall, in accordance with Article 89(1), not be considered to be incompatible with the initial purposes (purpose limitation);
- c. adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed (data minimisation);
- d. accurate and, where necessary, kept up to date; every reasonable step must be taken to ensure that personal data that are inaccurate, having regard to the purposes for which they are processed, are erased or rectified without delay (accuracy);
- e. kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed; personal data may be stored for longer periods insofar as the data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes in accordance with Article 89(1), subject to implementation of the appropriate technical and organisational measures required by the regulation in order to safeguard the rights and freedoms of the data subject (storage limitation);
- f. processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures (integrity and confidentiality).
Processing of personal data is lawful only if, and to the extent that, at least one of the following conditions is met (for example: the data subject has given consent, the processing is necessary for the performance of a contract, compliance with a legal obligation, protection of vital interests, performance of a task carried out in the public interest or legitimate interests pursued by the controller or by a third party).
Consent to the use of cookies
For the proper functioning of our website, we use cookies. In order to obtain your valid consent for the use and storage of cookies in the browser that you use to access our website, and to document this correctly, we use a consent management platform: CookieFirst. This technology is provided by Digital Data Solutions BV, Plantage Middenlaan 42a, 1018 DH, Amsterdam, The Netherlands. Website: https://cookiefirst.com, referred to as CookieFirst.
When you access our website, a connection is established with the CookieFirst server so that we can obtain valid consent from you for the use of certain cookies. CookieFirst then stores a cookie in your browser in order to enable only the cookies to which you have consented and to document this correctly. The processed data are stored until the predefined storage period expires or until you request the deletion of the data. Certain mandatory legal retention periods may apply notwithstanding the above.
CookieFirst is used to obtain the legally required consent for the use of cookies. The legal basis for this, where the GDPR applies, is Article 6(1)(c) of the General Data Protection Regulation (GDPR).
Data processing agreement
We have concluded a data processing agreement with CookieFirst. This is a contract required by data protection law that ensures that the data of visitors to our website are processed only in accordance with our instructions and in compliance with the GDPR where applicable.
Server log files
Our website and CookieFirst automatically collect and store information in so-called server log files, which your browser automatically transmits to us. The following data are collected:
- Your consent status or the withdrawal of consent.
- Your anonymised IP address.
- Information about your browser.
- Information about your device.
- The date and time of your visit to our website.
- The URL of the web page where you saved or updated your consent preferences.
- The approximate location of the user who saved their consent preferences.
- A universal unique identifier (UUID) of the website visitor who clicked on the cookie banner.
Use of the online chat service
Our website offers an online chat service in order to facilitate communication with our team. When you use the chat for the first time, you are asked to provide your email address. This information is used only in the context of the ongoing conversation and to allow our agents to contact you again if necessary. The email address is not used for marketing purposes and is not shared with third parties for their own marketing.
From a technical point of view, the chat stores in your browser a conversation identifier and the email address you provided. These data are stored in your browser's local storage and not as third-party cookies. They are used only to maintain the continuity of the chat session and are automatically deleted if you clear your browser's local storage. No tracking or advertising cookies are placed by this chat service.