INTOSOL – PRIVACY POLICY AND PUBLIC PROCEDURE DIRECTORY

Privacy Statement of INTOSOL Travel Design Pty Ltd

Dear user,

The protection of your privacy and the responsible handling of personal data is the INTOSOL Travel Design is a major concern. Therefore, we undertake to treat your data confidentially and exclusively in compliance with and compliance with the applicable statutory provisions, in particular the Federal Data Protection Act (BDSG) and the Telemedia Act (TMG) as well as these supplementary laws, regulations, and provisions.

However, our website may contain links to websites of other operators, to which this privacy policy does not extend. INTOSOL Travel Design has no influence on the fact that the operators of the linked websites comply with the applicable legal data protection regulations. INTOSOL Travel Design recommends that you carefully review the privacy statements posted on the other websites to familiarize yourself with the rules governing the handling of personal data.

In the following, we would like to explain to you, which data are collected, processed, and used by us when using our website and services, in connection with a booking, what rights you have regarding this data, how you can exercise these rights and which we take action to protect your privacy and privacy.

In this context, however, we would like to point out that data transmission on the Internet is subject to constant technological change and therefore, despite the constant development of security technologies, security gaps may still exist; consequently, a completely complete protection of the data from access by third parties is not possible.

No 6: recipients or categories of recipients to whom the data can be communicated:

To the extent necessary for the fulfillment of the purposes mentioned under no. 4, the data may essentially be sent to the following recipients or

Categories to be communicated by recipients:

• • Internal bodies involved in the execution of the respective business processes (for example, sales, purchasing, marketing, service centers, accounting, accounting, human resources).

• Public bodies, where priority legislation exists (e.g., national, and international authorities receiving or requesting data due to legal requirements, tax offices, social security agencies, etc.).

External bodies:

Contractor according to § 11 Bundesdatenschutzgesetz (order data processing)

external bodies to fulfil the purposes set out in point 4, such as Providers of touristic individual services or service providers (e.g. organizers, hotels, airlines, incoming agencies, car rental companies, etc.), other tour operators, agencies or service providers whose assistance INTOSOL GmbH & Co. KG uses to fulfil and process the respective contractual relationship (e.g. handling agents, incoming agencies, mailing and mailing service, data centers, payment service providers, distribution distributors, travel agencies, etc.)

No. 7: Standard deadlines for the deletion of data:

Upon expiry of the retention obligations and deadlines imposed by law or regulators, the relevant data will be routinely erased. Essentially, these are the 6- or 10-year retention periods under the Commercial Code and the Tax Code. If data are not affected by this, they are acc. § 35 Abs. 2 Nr. 3 BDSG deleted, i. if the purposes stated in point 4 are omitted.

No. 8: Data transfer to third countries:

To the extent necessary to fulfil the purposes set out in point 4, the above-mentioned data (customer names and travel data) are transmitted to authorities, customers and suppliers, hotel operators, incoming agencies and air carriers in various countries. Underneath also third countries whose data protection level does not meet EU standards.

Bjoen Kujus

Data Protection Officer

INTOSOL Travel Design