Amadeus and Blinkoo partner up 🤝

This Privacy Policy is provided pursuant to Regulation (EU) 2016/679 (GDPR) by Blinkoo S.r.l., with registered office in Milan, Via G. Pozzone 5, acting as Data Controller (“Controller”), in relation to the registration for and access to the business services platform available at portal.blinkoo.com (the “Platform”).

For any questions or requests concerning their personal data, data subjects may contact the Data Protection Officer at blinkoo@privacy.com.

Categories of Data, Purposes and Legal Basis

In order to complete the registration form and create a business account on the Platform, certain personal data are required, including:

  • first and last name of the company contact person;
  • business email address;
  • company name;
  • Country
  • VAT number.
  • SDI or PEC mail

Such data are processed exclusively for the purposes of:

  • handling the registration request;
  • completing the account creation process;
  • managing the account;
  • sending communications related to the provision of the Services.

The legal basis for this processing is the performance of pre-contractual and contractual measures taken at the request of the data subject (Article 6(1)(b) GDPR).

The provision of data is voluntary; however, failure to complete the mandatory fields will prevent account creation and the provision of the Services.

The data may also be processed to improve the quality and performance of the Services through analysis in aggregated form. This processing is based on the Controller’s legitimate interest, and the data subject may object at any time.

In addition, the data may be processed for administrative, accounting and tax purposes, as well as to protect the Controller’s legitimate interests, including, in particular, the establishment, exercise or defence of legal claims.

Automatically Collected Data

The Platform may also collect data automatically. This refers to information that, by its nature, may allow users to be identified through processing and association with data held by third parties.

This category includes:

  • technical data (such as IP address, browser type, device location data, operating system information and other parameters related to the IT environment);
  • data collected through cookies or similar technologies.

For further information, please refer to the Cookie Policy.

Data Retention

Personal data are stored in electronic form for the time necessary to provide the Services and for the duration of any contractual relationship entered into between the parties.

Invoices, accounting records and transaction-related data are retained for 11 years, as required by applicable law (including tax obligations).

If, following the registration phase, no active action is taken by the account for a period of 24 months from account creation or from a request for verification or additional information by Blinkoo (as further regulated in the Terms and Conditions), the data will be deleted from the Platform.

For service development and improvement purposes, personal data may be analysed and retained in aggregated and pseudonymised form for up to 36 months. Such data are confidential and used exclusively for internal purposes.

Data Recipients

Personal data are processed only by authorised personnel acting under the Controller’s instructions.

Data may be disclosed to third parties appointed as Data Processors that provide services ancillary or instrumental to the Controller’s activities, for the purposes described above or to comply with legal obligations.

Personal data are not transferred outside the European Union.

Data may also be disclosed to third parties (such as public authorities or law enforcement bodies) exclusively in order to comply with legal, regulatory or EU law obligations.

Data Subject Rights

Data subjects have the right to obtain confirmation as to whether personal data concerning them are being processed.

They also have the right to:

  • access their personal data;
  • request rectification of inaccurate data;
  • request erasure of data where, among other reasons, the data are no longer necessary for the purposes for which they were collected.

Under certain circumstances, data subjects may request restriction of processing. In such cases, data will be stored solely for the purpose of handling or defending legal claims.

Data subjects also have the right to data portability and the right to object to processing.

Finally, data subjects may lodge a complaint with the supervisory authority of their habitual residence or with the Italian Data Protection Authority (Garante per la protezione dei dati personali).