Hopa Holding International LLC, a legal entity with its registered office at: 25 Moskovyan Str., Yerevan, 0009, Armenia ("Agency") acts as a data controller and respects your privacy and adheres to the applicable Personal data protecting act (PDPA), the EU General Data Protection Regulation ("GDPR") and the Electronic communication act ("ESS"). In the following, you are informed which personal data we may gather, for which purpose it may be processed and what cookies may be employed during your visit and use of https://hopa.am/ ("Website").
What is personal data? Personal data are any data concerning an identified or identifiable natural person, regardless of the form or format in which such data exist (e.g. your name, e-mail address, IP address or the feedback you provide on the Website).
What type of personal data about you we collect and process: We receive and store any information you enter on the Website, provide for the Customer Care Service and provide for the Agency in any other way to the extent necessary to provide the services or to execute the contractual relationship with you, only. Further, personal data might be automatically collected and processed when you are using this Website (e.g. though cookies). Though your use of the Website, we gather, collect, store and processing the following personal data: first name, paternal name, last name, date of birth, gender, citizenship, mobile phone number, postal address and email address; data of the documents that are necessary for identification purposes (e.g., number and series of passport, its expiration date, Log files (IP address, browser type, referring/exit pages and URLs, number of clicks and how you interact with the Website, domain names, landing pages/content, pages/content viewed, device ID and device location); Profile information (preferences, details of your historical searches, historic booking details, travel plans and other information about you); User content (feedback and comments that you upload to the Website); User behavior (your activity on the platform, time and location of login, comments and uploads); any other information which you leave voluntarily on the Website. These personal data might be collected via cookies (please see below). After having created your account, you will have the opportunity to supplement it with any information you want to share with us and is necessary for booking.
Data on third parties (Buyers/Passengers/Customers) that we collect and process. If you create a booking of services and/or pay on behalf of or for the benefit of third parties, the information you provide about those third parties shall be collected and processed by the Agency according to the same terms and conditions that apply to your personal data. By providing such information on third parties, you confirm that such third party is aware of these terms and understands its consequences, as well as gives their unconditional and full consent to the collection and processing of their personal data in accordance with these terms, and agrees that access to such information is possible from your My Account section.
Collection of data of underage persons. If you are an underage person, you shall not use this Website and are obliged to leave it immediately. This Website shall not be used and shall not be intended to collect information on underage users and advertise information on services for children without the consent of their parents. The Agency shall process personal data of underage persons exceptionally in cases when such information is provided by their parents or legal representatives and with the purpose to create a booking only. If the Agency becomes aware of the use of the Website by an underage person and provision of their data personal data by them, or in cases of parents’ or legal representatives’ requests for deletion of personal data, such information will be deleted within the reasonable term, and the Agency will make every effort not to store and process the personal data of the underage person.Based on your consent we may collate and analyze your consumption and usage behavior data to perform profiling in order to provide you with offers tailored to your needs, preferences and interests. Offers may include inter alia discounts on services. Offers means offers of the Agency or our business partners.
Profiling is any form of automated processing of your personal data consisting of the use of personal data to evaluate certain personal aspects relating to you, in particular to analyze or predict aspects concerning economic situation, health, personal preferences, interests, reliability, behavior, location or movements of you.
Legal basis for data processing. Our legal basis for collecting and using the personal data described above will depend on the personal data concerned and the specific context in which we collect it. However, we usually will process personal data only (i) where we need the personal data to provide the services or execute the contractual relationship with you, (ii) where we have you consent to do so, or (iii) where the processing is in our legitimate interests and not overridden by your rights. In some cases, we may also have a legal obligation to collect personal data from you.
Data Storage. We store personal data we collect from you where we have an ongoing legitimate need to do so (for example, to provide you with a service you have requested or to comply with applicable legal, tax or accounting requirements) or for the period of limitation prescribed in the relevant laws. When we have no ongoing legitimate need to process your personal data, we will either delete or anonymize it or, if this is not possible (for example, because your personal data has been stored in backup archives), then we will securely store your personal data and isolate it from any further processing until deletion is possible. In the case of consent-based data processing, personal data will be processed until the consent is withdrawn.
Transfer of your data. To the extent it is necessary for the proper provision of the services chosen and booked by you, we transfer your personal data to third parties as indicated below because the services could not be provided without such transfer. The Agency may share your personal data with the following entities, as far as it is necessary for the provision of the selected and booked services: Operators, e.g. hotel, airline carrier, GDS, etc. which render the services you booked. All services on this Website, which are offered by third parties, are marked as such on our Website. We do not give your email address to operators, unless it is required for the performance of the services, which you booked through the Agency. They may only use such data for the purposes of rendering booked (or similar) services to you and other purposes, defined by the Operators. However, we recommend that you get acquainted yourself with the data protection policy of each operator, that performs services you booked on this Website. Such Operators may contact you in order to obtain additional information on you, help you with the booking of services, or answer your requests, as long as it is necessary for the provision of their services. Please note that we do not supervise the data protection policy of the Operators; Independent operators (service providers), which offer services and act on our behalf, as well as operators, which process payment card data, business analytics, customer service managers, marketing consultants, experts, who distribute questionnaires or other offers and are in charge of prevention of payment fraud. We may as well allow independent operators to use personal data on our behalf if it is required for the proper functioning of our Website or sending of online messages, which may be of interest to you. Independent operators obtain access and collect information, which is required for their work. They are not allowed to share such data or use them for any other or their own purposes. They must, in the same manner as we, to abide by the same data protection terms; Business partners, with whom we jointly offer products and services or their products and services we offer on our Website, as far as you have given your consent to this use. You may see whether services, which you requested, belong to a certain independent company. In that case, only the business partner name is given or is accompanied by our name. If you accept their services, there is a possibility that we share your information with such business partner. Please note that we do not supervise the data protection policy of such business partners; We also may share your personal data to affiliates of the Agency or group affiliates, representatives, officers, agents, employees, or partners as far as it is necessary for the provision of ordered services. If applicable, you agree that in order to render the services you are contracting, your personal data will be included in a data file whose data controller is the Spanish company Amadeus IT Group, S.A. You may exercise your rights of access and rectification by notice (preferably in English) to dataprotection@amadeus.com.
How do we protect personal data? We do our upmost to make your visit and use of our Website as safe as possible. Thus, we comply with Sec 25 PDPA as well as Art 32 et seq GDPR in order to ensure data secrecy and data security and have implemented appropriate technical and organizational security measures to prevent possible loss, misuse, unauthorized access and disclosure, modification or destruction of personal data. Taking into consideration special aspects and threats in the media and on the internet, the Agency cannot guarantee absolute protection of your personal data but will make every effort to protect your personal data at the highest possible level. We abide by the requirements of applicable personal data protection law, requirements for payments processing on the Website (according to market safety standards), and Agency’s internal privacy policies on data protection.
Your rights. According to Sec 19 PDPA as well as Art 13 et seq GDPR, you have the right to request access to personal data; request rectification of personal data; request erasure of personal data; request restriction of processing of personal data; request data portability; object to the processing of personal data (including objection to profiling;); withdraw consent to processing of your personal data, where applicable. Please directly contact us in these cases. If you think you privacy rights have been breached, you may lodge a complaint with an authority of the European Union country of you habitual residence, place of work or of an alleged infringement. Contact information for these authorities can be accessed at http://ec.europa.eu/newsroom/article29/item-detail.cfm?item_id=612080.
Amendments. The Agency, at its sole discretion, may from time to time make amendments to this privacy policy. The Agency will publish amendments on the Website. The Agency is not obliged to notify you of any amendments made to these Terms, but to publish them on this Website. The amendments shall be deemed effective as of the date of their publication. You shall check for updates to this Website on your own and on a regular basis. You confirm and agree that your explicit acceptance of these provisions and/or the use of the Website after the date of publication of amendments shall be deemed to be your full and unconditional consent to the amended policy. If you do not accept the modified privacy policy, you shall cease to use the Website.