Privacy Policy – Louvre Museum Ticket

1. Corporate Information and Acceptance

1.1. Identification of the Data Controller: The owner of this website and the entity responsible for the processing of your data is Szilkatours s. r. o. (hereinafter referred to as “Szilkatours” or the “Controller“).

Registered Office: Senný trh 3116/7, 945 01 Komárno, Slovakia.
Tax ID (DIČ): 2122551508
VAT ID (IČ DPH): SK2122551508
Phone: +1 548 639 0203 (WhatsApp Support available).
Email: sales@louvremuseumticket.com
Website: https://www.louvremuseumticket.com

1.2. Social Media Presence: Szilkatours maintains an active presence on social media platforms, including WhatsApp, for customer support and communication purposes.

1.3. User Acceptance: Access to and use of this website implies the condition of “User.” The User declares they are of legal age and have the legal capacity to provide consent regarding information society services. By navigating this website, the User expressly accepts this Privacy Policy, the Legal Notice, and the Cookie Policy. If you do not agree with these terms, please discontinue use of the site immediately.

2. Processing of Personal Data

2.1. Purpose of Processing: Szilkatours processes the personal data you provide (or authorize us to access) for the following specific purposes:

Service Management: To process, manage, and deliver the tickets and tours purchased through this Website (including access rights to monuments and complementary services).
Communication: To send you booking confirmations, tickets, and relevant updates via email, WhatsApp, SMS, or phone calls regarding the services contracted.
Customer Support: To handle inquiries, doubts, or claims initiated by the User.
Legal Compliance: To fulfill tax and accounting obligations required by Slovak and EU law.

2.2. Data Retention: Your personal data will be retained for the time strictly necessary to fulfill the purpose for which it was collected (e.g., managing the tour) and, subsequently, for the period required by applicable law to meet any legal or tax liabilities.

2.3. Legal Basis for Processing: The processing of your data is legitimized by:

Contractual Execution: Processing is necessary to perform the service contract (buying tickets).
Consent: For communications not related to a specific booking or for the use of non-essential cookies.
Legal Obligation: For invoicing and tax reporting.

2.4. Data Disclosure to Third Parties: Szilkatours does not sell your data. However, to provide the service, we must transfer strictly necessary data to:

Service Providers: Monuments, museums, or venues (e.g., The Louvre) to issue nominative tickets.
Payment Gateways: To process transactions securely.
Public Authorities: When required by law.

3. Social Media Policy

3.1. When interacting with Szilkatours via social media (e.g., WhatsApp), the User acknowledges that their data is also processed by the platform provider according to their own privacy policies. We recommend reviewing WhatsApp’s privacy policy regarding data handling.

4. User Warranties and Responsibilities

4.1. Accuracy of Data: The User guarantees that the personal data provided to Szilkatours is true, accurate, complete, and up-to-date. The User is solely responsible for any direct or indirect damage resulting from false or incomplete information.

4.2. Third-Party Data: If the User provides data regarding third parties (e.g., family members or companions for the tickets), the User guarantees they have informed said third parties of this Privacy Policy and obtained their explicit authorization to provide their data to Szilkatours.

5. Your Rights (GDPR)

5.1. In accordance with European Data Protection regulations, you possess the following rights:

Access: To request confirmation of whether we are processing your data and to access copies of it.
Rectification: To request the correction of inaccurate or incomplete data.
Erasure: To request the deletion of your data when it is no longer necessary for the purposes for which it was collected.
Restriction: To limit the processing of your data under certain circumstances.
Portability: To receive your data in a structured, commonly used format.
Objection: To oppose the processing of your data.

5.2. Exercising Rights: To exercise any of these rights, please send a written request to our Data Protection Officer at: sales@louvremuseumticket.com.

6. Cookie Policy and Consent Management

To ensure the proper functionality of our website and to analyze traffic, we utilize cookies.

6.1. Consent Management Platform (CookieFirst): We use the CookieFirst technology, provided by Digital Data Solutions BV (Plantage Middenlaan 42a, 1018 DH, Amsterdam, The Netherlands), to obtain and document your valid consent for the storage of cookies in your browser.

When you visit our website, a connection is established with CookieFirst’s server.
A cookie is stored in your browser to remember your preferences (which cookies you accepted or rejected).
This data is stored until the retention period expires or you request its deletion.
Legal Basis: Article 6(1)(c) of the GDPR (Compliance with a legal obligation to obtain consent).

6.2. Google Analytics & Cookies: We use Google cookies to analyze user behavior and traffic. This helps us optimize the website experience. Data collected may include browser type, device information, and on-site activity. For full details, please refer to Google’s Privacy Policy.

6.3. Server Log Files: To maintain security and functionality, our website and the CookieFirst system automatically collect “Server Log Files” transmitted by your browser. This data includes:

Your consent status (or withdrawal).
Anonymized IP address.
Browser type and version.
Device information.
Date and time of the visit.
The specific URL where consent was saved/updated.
Approximate location based on IP.
A UUID (Universally Unique Identifier) assigned to the visitor clicking the cookie banner.

6.4. Data Processing Agreement: We have executed a Data Processing Agreement (DPA) with CookieFirst to ensure that all visitor data is processed strictly according to our instructions and in full compliance with the GDPR.