BoBook Privacy

Privacy Policy

Last updated: [Date]

This Privacy Policy explains how BoBook collects, uses, stores, and protects personal data when you use our website, contact us, or request our travel booking services. By using our services, you acknowledge that you have read this Policy.

1. Data Controller

The data controller is Northbase Digital OÜ, Järvevana tee 9, Tallinn, 11314, Estonia, registered under number 17514950. For privacy-related matters, please contact us at info@bobook.eu.

2. Personal Data We Collect

We may collect the following categories of personal data:

  • Name, surname, and contact details.
  • Travel preferences and booking details.
  • Passport or identification details, where required for a booking.
  • Payment and billing information, where applicable.
  • Communication history with BoBook.
  • Technical data such as IP address, browser type, and device information.

3. How We Collect Your Data

We collect personal data directly from you when you submit an enquiry, make a booking request, communicate with us by email or other channels, complete payment-related steps, or otherwise use our services. We may also receive data from third parties where necessary to complete a booking or process a payment.

4. How We Use Your Data

We use your personal data to:

  • Respond to enquiries and provide quotations.
  • Arrange and manage travel bookings.
  • Communicate booking updates and service information.
  • Process payments and issue invoices, where applicable.
  • Comply with legal, tax, and accounting obligations.
  • Protect our website, services, and users from fraud or misuse.

5. Legal Basis for Processing

Depending on the context, we process personal data on the basis of contract performance, legal obligation, legitimate interest, or your consent where required.

6. Sharing Your Data

We may share personal data with trusted third parties where necessary to provide our services, including:

  • Airlines, hotels, transport providers, and other travel suppliers.
  • Third-party payment providers.
  • Hosting, email, and IT service providers.
  • Professional advisers, accountants, or legal advisers where necessary.

7. International Transfers

Where personal data is transferred outside the European Economic Area, we take appropriate safeguards to protect your data in line with applicable law.

8. Data Retention

We keep personal data only for as long as necessary to fulfil the purposes described in this Policy, comply with legal obligations, resolve disputes, and enforce our agreements. Booking and invoicing records are retained for the period required by applicable tax and accounting laws, typically 7 years. Enquiry correspondence is retained for up to 24 months after the last contact unless a longer period is required for a specific booking, legal obligation, or dispute.

9. Security

We use appropriate technical and organisational measures to protect personal data against unauthorised access, disclosure, alteration, or loss. No online system is completely secure, however, and users should take reasonable precautions when sharing information online.

10. Your Rights

Subject to applicable law, you may have the right to access, correct, erase, restrict, or object to the processing of your personal data, as well as the right to data portability and the right to withdraw consent where consent is used.

If you believe your rights have been violated, you also have the right to lodge a complaint with your local data protection authority.

11. Cookies and Analytics

If we use cookies, tracking tools, or analytics services, we will inform you through our Cookie Policy and, where required, request your consent.

12. Updates to This Policy

We may update this Privacy Policy from time to time. The latest version will always be published on this page with the updated revision date.

13. Contact

If you have any questions about this Privacy Policy or how we handle your data, please contact us at info@bobook.eu.