Data Protection and Privacy Policy
At Bella Tourism, we are committed to protecting the privacy of our customers’ personal data. We take our responsibilities regarding the collection, processing, and storage of personal data seriously, and we comply with the requirements of the General Data Protection Regulation (GDPR). This Privacy Policy page outlines our data protection and privacy policies and explains how we handle personal data.
Data Collection and Processing
We collect personal data in order to provide health tourism services to our customers. We may collect the following types of personal data:
- Name and contact information, such as email address and phone number
- Health information, such as medical history and information related to the aesthetic procedure
- Payment information, such as credit card details
We collect this data for the following purposes:
- To provide health tourism services to our customers
- To process payments
- To communicate with our customers
We process personal data in accordance with GDPR and the legal basis for processing personal data is:
- Consent from the individual
- Processing is necessary for the performance of a contract
- Processing is necessary for compliance with a legal obligation
- Processing is necessary for the legitimate interests of Bella Tourism
We store personal data for as long as necessary to provide health tourism services to our customers and as required by law.
User Rights
Under GDPR, individuals have the following rights regarding their personal data:
- Right to access personal data
- Right to rectify personal data
- Right to erase personal data
- Right to restrict processing of personal data
- Right to object to the processing of personal data
- Right to data portability
If you wish to exercise your rights under GDPR, please contact us through our Contact Form.
Data Breaches
In the event of a data breach, we have procedures in place to detect and report the breach. We will notify affected users as soon as possible.
Third-Party Services
We may use third-party services to provide health tourism services to our customers. We ensure that any third-party service providers we use are GDPR compliant. We may transfer personal data to third-party service providers outside of the European Economic Area (EEA) if necessary to provide health tourism services. In these cases, we ensure that appropriate safeguards are in place to protect personal data.
Contact Information
If you have any questions or concerns about how we handle your personal data or wish to exercise your rights under GDPR, please contact us through our Contact Form.
Updates
We may update this GDPR page from time to time to reflect changes in our policies or procedures. Any updates will be posted on this page.