General
BIG Travel Sweden AB, corp. reg.no. 556260-2838, takes care to safeguard your privacy. You should always feel secure when you submit your personal data to us. With this personal data policy we describe how we ensure that your personal data is processed in accordance with applicable legislation.

Data controller
BIG Travel is controller where processing your personal data is concerned and is responsible for the processing taking place in accordance with applicable legislation. We can be reached at gdpr@bigtravel.se.

How do we collect personal data?
When you book a journey, supplementary service, when you get in touch with us personally or register for newsletters etc., we collect personal data such as name, address, telephone number, email, sex and date of birth.

On which grounds do we collect the data?
We collect the data necessary to be able to meet our travel agreement with you. If we do not have an agreement relationship or any other legal grounds for managing your personal data, you have provided us with your consent regarding processing your data in order to be able to send you newsletters, for example.

For which purposes are the data collected?
The data is required in order for us to administrate, deliver and provide customer service regarding the travel service or any of the other services we provide. Among other things, your personal data is used for mailings and providing information via email, text and/or telephone regarding the actual trip.
Your contact details and booking information may also be used in customer surveys.

How long is the information saved?
After your trip is over, your customer details and travel history are saved for two years unless you actively consent to us keeping your data for longer. We also save your personal data for reasons other than travel agreements, e.g. to comply with the Book-keeping Act. Statutory requirements under other legislation govern how long we must save your data.
If you have registered to receive newsletters, you can unsubscribe at any time.

Which other parties gain access to my personal data?
In order to meet our agreement, the data is passed on to the suppliers responsible for their part of the trip, i.e. airlines, hotels, hire car companies, etc. We have taken all reasonable legal, technical and organisational measures to ensure that your personal data is managed securely and with an adequate level of protection.

Personal data in third countries.
We organise trips all over the world, which is why personal data is also transferred to partners or suppliers outside the EU/EEA. In such cases, we take all reasonable legal, technical and organisational measures to ensure that your personal data is managed securely and with an adequate level of protection, even in countries outside the EU.

Security
We take appropriate security measures to protect your personal data against loss or unauthorised access, use, modification or erasure.

Your rights
You are entitled to request access to and correction of or, in certain cases, erasure of your personal data, request limitation of the continued processing of your personal data, and object to the processing. In such case, we will inform each recipient of the personal data submitted of any corrections or erasure of data and limitation of data processing as per your wishes.

You are entitled, through a signed application along with a copy of an attested identity document, to receive a database extract free of charge regarding the personal data registered about you, the purposes of the processing and the recipients to which the data has been submitted or will be submitted.

Following your request or on our own initiative, we will correct, anonymise, erase or supplement data discovered to be incorrect, incomplete or misleading.

If you do not want us to process your personal data, e.g. for direct marketing purposes, you are entitled at any time to revoke your consent and/or unsubscribe in our marketing messages. When we have received your revocation, we will stop processing your personal data for the purposes for which you have given your consent.

You are entitled to data portability, i.e. to request that your personal data be transferred to a third party.

You are entitled to lodge a complaint with the Swedish Data Protection Authority if you think that we are not processing your personal data in a correct manner.

Read more at Datainspektionen (mainly in Swedish).