- IATA Agreement (in English)
- Mokėjimų atlikimo Tickets.lt saugumas
- Kovos su sukčiavimu politika
- Kova su sukčiavimu-vykdomi mokėjimų patikrinimai
- Visuomeninių paslaugų teikimo sutartis (in English)
-
Konfidencialumo politika (in English)
Vertėjai dirba prie straipsnio atnaujinimų lietuvių kalba. Šiuo metu galite susipažinti su Privatumo politikos versija anglų kalba. Atsiprašome už galimus nepatogumus.
1. Introduction and Legal Compliance
TTN Eesti OÜ, a legal entity with its registered office at: Jõe tn 3-302, Tallinn, Estonia, 10151 ("Agency") acts as a data controller and respects your privacy and adheres to the applicable Personal data protecting act ("PDPA"), the EU General Data Protection Regulation ("GDPR") and the Electronic communication act ("ECA"). In the following, you are informed which personal data we may gather, for which purpose it may be processed and what cookies may be employed during your visit and use of https://tickets.lt ("Website").
2. Integration with Terms of Service
This Privacy Policy on the protection of personal data by the Agency is an integral part of the Terms of Service, which is accessible by clicking on the following link.
3. Contact Information
In respect of all questions related to the processing, place of storage and use of the personal data, please contact the Customer Care Service or send your requests at the following postal address of the Agency: Tickets Estonia OÜ, Jõe tn 3-302, Tallinn, Estonia, 10151. You may also contact us at [email protected].
4. Definition of Personal Data
What is personal data? Personal data are any data concerning an identified or identifiable natural person, regardless of the form or format in which such data exist (e.g. your name, e-mail address, IP address or the feedback you provide on the Website).
5. Types of Personal Data Collected and Processed
What type of personal data about you we collect and process: We receive and store any information you enter on the Website and/or our mobile application (“App”), provide for the Customer Care Service and provide for the Agency in any other way to the extent necessary to provide the services or to execute the contractual relationship with you, only. Further, personal data might be automatically collected and processed when you are using this Website (e.g. though cookies).
5.1. Data Categories and Processing Activities
Refer to the sections below, where data categories and processing activities are described. Through your use of the Website and/or App, we gather, collect, store and process the following personal data:1) Contact Information includes name, address, email address, and telephone number;2) Identification Information contains details like name, surname, gender, nationality, date of birth, and passport or other ID document information, expiry date of the ID document;3) Account Information, such as internal ID account number, date of the account registration, account status, preferred account settings, language preferences, logins information and search history;4) Payment Information, including:- Payment card information, such as card number, expiry date, CVV/CVC code, Cardholder name and card name.
- Transaction details, such as the transaction amount, currency, date and time of the transaction, and transaction ID.
- Billing Information, such as customer billing address and contact information, such as email address and phone number, address used for payment confirmation and receipts.
- Authentication Data: Information used to authenticate the cardholder and prevent fraud, which may include 3D Secure data, one-time passwords (OTPs), and other security measures.
- Information regarding the search request and potential booking, such as travel destination, dates, number of travelers, information regarding the travel tickets class (business, economy).
- Booking references or order numbers, ticket details, booking and purchase history, passenger name record, ID or passport information, expiry date, travel itinerary, and other related details and any additional services purchased.
- Customer identification and verification information: name / surname, date of birth, gender, citizenship, identity document number, expiry date of identity document.
- Avatar photo (profile picture).
- Contact details, such as email, phone number.
- Frequent flyer card information, such as airlines details and card number.
- Payment card information, such as card number, expiry date, CVV/CVC code, cardholder name and card name.
- Information about the customer's co-passengers, such as name / surname, gender, date of birth, citizenship information, identity document number, expiry date of identity document.
- Any other information that the customer gives us, when communicating with us, such as the details of your booking, any images shared, etc.
- Account information, such as internal ID account number, date of the account registration, account status, preferred account settings, language preferences, logins information and search history.
- Technical information, including the internet protocol (IP) address used to connect to the internet, log-in information, the browser type and version, the time-zone setting, the operating system and platform, the type of device, a unique device identifier (for example, the device's IMEI number, the MAC address of the device's wireless network interface), mobile network information, etc.
- Information about the user visit, including the links that have been clicked on, through and from the site (including date and time), services viewed or searched for, page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling and clicks), and methods used to browse away from the page, codes/tags that are used to identify human languages.
8) Preferences Information, including specific consents given or declined, email and push notification preferences, and cookie preferences; preferred language, location, currency, and departure airport.9) Communications Information, including content of communications sent to and received from the customer/user, including feedback, help requests, and queries. Information about communications, such as time and date sent, and interaction details.10) Customer Generated or Provided Content, including any information or content the customer upload or provide to the Agency in the course of the communication (comments, photos, videos, reviews) and associated information (time and date).11) Third-Party Log-In Information, if the customer creates an account via a third-party platform (e.g., Apple, Google,), the Agency may receive personal data like email address and name. The data received will depend on the customer preferences and settings on the third-party platform.12) Profiling Information, i.e. the Agency may combine collected, generated, or received data to understand the customer preferences and interests better, personalizing the platform, services, and advertising accordingly by drawing inferences from the combined data.13) any other information which you leave voluntarily on the Website and/or App.These personal data might be collected via cookies (please see below).5.2. Sensitive Personal Data
Also, we may request for additional information which may include “sensitive” personal data (for example, information by means of which it is possible to specify your health condition or religious belief) in order to provide you with the highest possible level of service. Such information may be related to your preferences in respect of the choice of seat in the vehicle or hotel, meals, necessity of additional accompaniment or use of additional equipment when using the services. Such “sensitive” information provided by your own initiative and upon your explicit consent, and only if the provision of services would be impossible without such “sensitive” information. The transfer of such sensitive personal data to third parties, even outside the Europe may be required during the provision of the services requested from us based on mandatory legal provisions.5.3. Social Network Profiles
We also offer the opportunity to register and create an account through your existing social network profile (such as Facebook). In this case, your sign-in credentials (name and e-mail address) will be imported from your social network account. Please note that when you use this option, we may receive certain information via the respective social network, such as your name, age, location, preferences, occupation and other information from your public profile. Not all of this information might be requested by us, but is automatically provided by the social network provider through the use of the "social sign-on" option. Nevertheless, we will only use the information that is necessary for the creation of your account and will, upon receipt of any other information, delete the not necessary data. After having created your account, you will have the opportunity to supplement it with any information you want to share with us and is necessary for booking.6. Processing Data of Third Parties
If you create a booking of services and/or pay on behalf of or for the benefit of third parties, the information you provide about those third parties shall be collected and processed by the Agency according to the same terms and conditions that apply to your personal data. By providing such information on third parties, you confirm that such third party is aware of these terms and understands its consequences, as well as gives their unconditional and full consent to the collection and processing of their personal data in accordance with these terms, and agrees that access to such information is possible from your My Account section.
7. Data of Minors
If you are an underage person, you shall not use this Website and are obliged to leave it immediately. This Website shall not be used and shall not be intended to collect information on underage users and advertise information on services for children without the consent of their parents. The Agency shall process personal data of underage persons exceptionally in cases when such information is provided by their parents or legal representatives and with the purpose to create a booking only. If the Agency becomes aware of the use of the Website by an underage person and provision of their data personal data by them, or in cases of parents’ or legal representatives’ requests for deletion of personal data, such information will be deleted within the reasonable term, and the Agency will make every effort not to store and process the personal data of the underage person.8. Cookies and Automated Data Collection
As with most websites and Apps, we use automated methods to collect information about you, including cookies and social media plug-ins, provided that you have granted your consent to their use (e.g. through the banner on our Website). This information is used to optimize our services and the Website, unless cookies are required for the strictly technical functioning of the Website.When using this Website, automated collection of information about your device, such as software, operating system, IP address, the source of links to this Website, webpages clicked on by you, and links you have used to access the Website, occurs. This automated data collection aims to adjust the use of the services on the Website, tailor offers to you, and prevent possible fraud.If you use social networks to log into the Website, we may receive your data and preferences from those social networks according to their rules and privacy policy terms.The use of technologies such as “cookies” and “web beacons” improves the functions of the Website, enhances user experience, and helps assess the effectiveness of advertising and marketing campaigns. Until you log into the “My Account” section, the use of such data for the described purposes will be pseudonymized. This means we will replace your name and other identifying features with another identifier to make it impossible to identify you as a person. Once you log into the “My Account” section, the use of such data will be personalized and connected to you.Cookies are small text files that can be stored on your computer (or any other device) during your first visit to the Website, allowing us to recognize your device during subsequent visits (for example, to remember your login details for the “My Account” section). We primarily use:- Functional cookies that do not gather personal data;
- Cookies that help us compile aggregate data about user traffic and interaction to offer better Website experiences and personalized advertisements.
We may also use trusted third-party services to track this information on our behalf. You can choose to have your device warn you each time a cookie is being set or you can choose to turn off all cookies. However, disabling cookies may affect the functionality of some features and services on our Website.More detailed information about our use of cookies and other tracking technologies, may be provided by a separate policy.
9. Google Analytics
We use Google Analytics, which is a web analytics tool that helps us to understand how visitors engage with our Website. The following information is collected by Google Analytics: browser, type of gadget, model of gadget, location, country, city, service provider, screen resolution (on mobile), time on site, language, operating system, visited pages on site. The information generated by the cookie about the use of the website (including the user's IP address) may be transmitted to and stored by Google on servers outside of Europe (e.g. in the USA). Google uses the information to examine the Website’s usage, prepare reports on the Website’s activities and to offer other optional services. Google may supply this information to third parties if Google is legally required to, or if third parties process the information on Google's behalf. The Google Analytics cookies expire in 730 days (default value) and will be kept on your device for that period of time, unless of course you remove them manually. You can at any time disable collection of your data by Google Analytics, as described here.10. Social Media Plug-Ins
In case you interact with social media plug-ins implemented into our Website (e.g. the "Like" button provided by Facebook Ireland Ltd in Ireland, the "Twitter" button provided by Twitter Inc in the USA or the "Instagram" button by Instagram, LLC in the USA) or you access content on our Website that contain a plug-in, your device establishes a direct connection with the servers of the respective social network operator. To our knowledge, the social network operators receive information via their plug-ins regarding your use of our Website, such as your operating system, browser, IP address, the content currently being retrieved, the previous content retrieved and the date/time of the content visit. This enables the social network operator to put together a profile on your user behaviour and add this information to your respective profile on the social network. It cannot be ruled out that such a profile might be matched to you even if you are not registered with or logged-in to the social network. Please note that we have no specific knowledge of the content of the data transmitted to or of its use by the third-party social media plug-in providers. Please obtain this information directly from the specific social network operator and read their privacy policies for detailed information about the collection and transfer of personal data, what rights you have and how you can achieve satisfactory privacy settings. In case you do not wish such a data transfer, we recommend that you log out of the social network before you use our platform.We use your personal data to:11. How We Use Your Data and Data of Third Parties
- Provide the services ordered by you;
- Communicate with you concerning the ordered Services and send you confirmation of your Booking;
- Carry out, process and edit your Booking;
- Provide support and customer service in the use of the Website and the Website services;
- Provide information on existing and future services and offers, in case you have given your consent to this use;
- Improve the performance and quality of the Website;
- Provide answers to your requests and comments;
- Calculate bonuses if you take part in our loyalty programs;
- Encourage you to participate in our surveys and provide feedback;
- Find out the services which may be of interest to you;
- Satisfy your claims;
- Notify you of possible illegal or unlawful acts;
- Solve any issues which may arise under or in respect of the fulfilment of the conditions of the Terms of Service;
- For any other purposes necessary in order to fulfil our contractual obligations about which we will notify you prior to the new processing takes place. If required, we will seek your consent before commencing the new data processing activity.
Upon your consent, we will also process your personal data (name, e-mail address and preferences) in order to send you periodic emails (newsletters) as well as push notifications regarding our services, special offers, promotions and ancillary services. The Agency strives to provide you with the highest possible level of service. Thus, we may notify send you information with the list of offers on our Website which may be of interest to you and which may be related to the services selected by you, upon your consent. If you do not wish to receive such emails, you may opt out of receiving them.12. Profiling
Based on your consent we may collate and analyse your consumption and usage behaviour data to perform profiling in order to provide you with offers tailored to your needs, preferences and interests. Offers may include inter alia discounts on services. Offers means offers of the Agency or our business partners. Profiling is any form of automated processing of your personal data consisting of the use of personal data to evaluate certain personal aspects relating to you, in particular to analyse or predict aspects concerning economic situation, health, personal preferences, interests, reliability, behaviour, location or movements of you.
13. Legal Basis for Data Processing
Our legal basis for collecting and using the personal data described above will depend on the personal data concerned and the specific context in which we collect it. However, we usually will process personal data only (i) where we need the personal data to provide the services or execute the contractual relationship with you, (ii) where we have your consent to do so, or (iii) where the processing is in our legitimate interests and not overridden by your rights. In some cases, we may also have a legal obligation to collect personal data from you.14. Data Retention Periods
Personal data will be retained only for as long as necessary to fulfill the purposes for which it was collected, or as required by applicable laws or regulations. The following retention periods apply:
14.1. Customer Data
The retention periods for customer data are determined based on the purpose of processing and legal requirements:- Personal Identification Information: Retained for the duration of the customer relationship and for a period of 5 years after the end of the relationship to address any post-relationship queries, legal obligations, or disputes.
- Account Information: Retained for 3 years after account deactivation to allow for account reactivation, unless the customer requests immediate deletion.
- Transaction Data: Retained for 7 years to comply with financial and tax regulations, audit requirements, and to resolve any potential disputes or chargebacks.
- Communication Records: Retained for 2 years after the interaction to improve customer service, address complaints, and support quality assurance processes.
- Usage Data: Retained for 1 year to analyze and improve website functionality, user experience, and for security monitoring purposes.
- Marketing Preferences: Retained until the customer opts out of marketing communications or for 3 years from the last interaction, whichever is shorter.
Certain customer data may be retained for longer periods if required by law, to comply with regulatory requirements, or to resolve ongoing legal issues or disputes. In such cases, the data will be archived securely and access will be limited to authorized personnel only.14.2. Transaction Data, i.e. Data on Financial Transactions:Retained for 7 years to comply with tax and financial reporting regulations.
14.3. Communication Data, including Data re Customer Support Interactions:Retained for 2 years to ensure quality assurance and address customer complaints.
15. Data Storage
We store personal data we collect from you where we have an ongoing legitimate need to do so (for example, to provide you with a service you have requested or to comply with applicable legal, tax or accounting requirements) or for the period of limitation prescribed in the relevant laws. When we have no ongoing legitimate need to process your personal data, we will either delete or anonymize it or, if this is not possible (for example, because your personal data has been stored in backup archives), then we will securely store your personal data and isolate it from any further processing until deletion is possible. In the case of consent-based data processing, personal data will be processed until the consent is withdrawn.
Customer data is stored in data centers located in Germany. The location of data storage may depend on the region from which the customer accesses our Website or App.
16. Transfer of Your Data
To the extent it is necessary for the proper provision of the services chosen and booked by you, we transfer your personal data to third parties as indicated below because the services could not be provided without such transfer. The Agency may share your personal data with the following entities, as far as it is necessary for the provision of the selected and booked services:- Operators, e.g. hotel, airline carrier, global distribution systems (GDS), etc. which render the services you booked. All services on this Website, which are offered by third parties, are marked as such on our Website. We do not give your email address to operators, unless it is required for the performance of the services, which you booked through the Agency. They may only use such data for the purposes of rendering booked (or similar) services to you and other purposes, defined by the Operators. However, we recommend that you get acquainted yourself with the data protection policy of each operator, that performs services you booked on this Website. Such Operators may contact you in order to obtain additional information on you, help you with the booking of services, or answer your requests, as long as it is necessary for the provision of their services. Please note that we do not supervise the data protection policy of the Operators. In particular, you hereby give us your consent to transfer your email address and mobile phone number to airline carriers for the purpose of the airline carriers to contact you in an operational disruption;
- Independent operators (service providers), which offer services and act on our behalf, as well as operators, which process payment card data, business analytics, customer service managers, marketing consultants, experts, who distribute questionnaires or other offers and are in charge of prevention of payment fraud. We may as well allow independent operators to use personal data on our behalf if it is required for the proper functioning of our Website or sending of online messages, which may be of interest to you. Independent operators obtain access and collect information, which is required for their work. They are not allowed to share such data or use them for any other or their own purposes. They must, in the same manner as we, to abide by the same data protection terms;
- Business partners, with whom we jointly offer products and services or their products and services we offer on our Website, as far as you have given your consent to this use. You may see whether services, which you requested, belong to a certain independent company. In that case, only the business partner name is given or is accompanied by our name. If you accept their services, there is a possibility that we share your information with such business partner. Please note that we do not supervise the data protection policy of such business partners;
- We may also share your personal data with AIRHELP GERMANY GmbH for the purposes of provision of the AirHelp+ service if you order it. AIRHELP GERMANY GmbH may ask You to provide additional personal information about you. You can find more information on how AIRHELP GERMANY GmbH collects and processes personal data when providing its services here: https://www.airhelp.com/en/privacy/
- We also may share your personal data to affiliates of the Agency or group affiliates, representatives, officers, agents, employees, or partners as far as it is necessary for the provision of ordered services. If applicable, you agree that in order to render the services you are contracting, your personal data will be processed by the Spanish company Amadeus IT Group, S.A..
17. Cross-border Transfer of Data
You confirm and agree that in order to provide you with the services, the Agency may transfer your personal data to recipients located outside of the Republic of Estonia and Europe in order to obtain the proper level of the services ordered. Thus, your personal data may be accessed by affiliates of the Agency and data processors and service providers from countries that do not provide the same level of data protection as provided in the European Economic Area. The storage and processing of your personal data may be held on the servers and sources owned/leased by the Agency, operators or independent contractors, which may be located in any country of the world (including but not limited to countries of the European Union or European Economic Area, the USA, Canada).Therefore, the Agency, where applicable, will take all reasonable measures which in relation to the recipients of your personal data, is necessary to ensure an adequate level of protection as defined by the applicable data protection law, in particular through the application of the Standard Contractual Clauses issued by the European Commission or by a decision of the European Commission which states that the country in which the recipient of the transferred data is provides an adequate level of data protection. You are aware of and agree that based on chosen travel destination, your personal data may be transferred to countries (Operators’ country of registration/operation, airports, etc.), where an adequate level of protection of personal data cannot be ensured. Any cross-border transfer of data shall be limited to those data categories and recipients necessary to comply with the Terms of Service, these provisions, and to provide you with the ordered services.
18. How We Protect Personal Data
We do our upmost to make your visit and use of our Website as safe as possible. Thus, we comply with Sec 25 PDPA as well as Art 32 et seq GDPR in order to ensure data secrecy and data security and have implemented appropriate technical and organizational security measures to prevent possible loss, misuse, unauthorised access and disclosure, modification or destruction of personal data. These measures include, but are not limited to, encryption, access controls, regular security audits, and staff training on data protection.Taking into consideration special aspects and threats in the media and on the internet, the Agency cannot guarantee absolute protection of your personal data but will make every effort to protect your personal data at the highest possible level. We abide by the requirements of applicable personal data protection law, requirements for payments processing on the Website (according to market safety standards), and Agency’s internal privacy policies on data protection.
19. Your Rights
Under the GDPR, you have the following rights regarding your personal data:- Right to Access: You have the right to request access to the personal data we hold about you. This allows you to receive a copy of the personal data we process and verify that we are lawfully processing it.
- Right to Rectification: You have the right to request the correction of any incomplete or inaccurate personal data that we hold about you.
- Right to Erasure (Right to be Forgotten): You have the right to request the deletion of your personal data when there is no compelling reason for us to continue processing it. This includes situations where the data is no longer necessary for the purposes for which it was collected, you withdraw consent, or you object to the processing and there are no overriding legitimate grounds for processing.
- Right to Restriction of Processing: You have the right to request that we restrict the processing of your personal data under certain circumstances. This means we can store your data but not further process it. This right applies in cases where you contest the accuracy of the data, the processing is unlawful but you oppose erasure, we no longer need the data but you require it to establish, exercise or defend a legal claim, or you have objected to the processing pending verification of our legitimate grounds.
- Right to Data Portability: You have the right to request the transfer of your personal data to you or a third party in a structured, commonly used, and machine-readable format. This right only applies to data processed by automated means, based on your consent or in the performance of a contract.
- Right to Object to Processing: You have the right to object to the processing of your personal data where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground. You also have the right to object where we are processing your personal data for direct marketing purposes.
- Right to Withdraw Consent: Where we are relying on consent to process your personal data, you have the right to withdraw your consent at any time. This will not affect the lawfulness of any processing carried out before you withdraw your consent.
Please directly contact us in these cases at [email protected].You have the right to (Art. 77 of GDPR) lodge a complaint with your National Data Protection Body, where you believe that your data is being processed in a way that does not comply with the applicable law and regulation. Contact information for these authorities can be accessed at https://www.edpb.europa.eu/about-edpb/about-edpb/members_en.
20. Amendments
The Agency, at its sole discretion, may from time to time make amendments to this privacy policy. The Agency will publish amendments on the Website. The Agency is not obliged to notify you of any amendments made to these Terms, but to publish them on this Website. The amendments shall be deemed effective as of the date of their publication. You shall check for updates to this Website on your own and on a regular basis. You confirm and agree that your explicit acceptance of these provisions and/or the use of the Website after the date of publication of amendments shall be deemed to be your full and unconditional consent to the amended policy. If you do not accept the modified privacy policy, you shall cease to use the Website.
We review and update our Privacy Policy at least annually.
21. CONTACT INFORMATION
Registered office at: Jõe tn 3-302, Tallinn, Estonia, 10151registered number: 14038986 information on licenses and certificates is available at the following link,Tel: +370 521 410 16 (according to operators’ tariffs)Email: [email protected]Edition of these privacy policy is effective as of 18 March, 2025.To exercise your rights related to your Personal Data Subject Request, please contact us at [email protected].Jei neradote atsakymo į savo klausimą, kreipkitės į mūsų pagalbos tarnybą
Отправка резюме на вакансию
Поздравляем! Ваше резюме успешно отправлено.
Отправка резюме на вакансию
К сожалению, при отправке произошел сбой. Повторите попытку
