Last updated May 24, 2024

European Odyssey (doing business as PraiaClub and Felicity Casa) ("we," "us," or "our"), is

committed to ensuring the security and protection of the personal information that we process, and

to provide a compliant and consistent approach to data protection.

We have created this GDPR Compliance Statement to explain our approach to implementing our

GDPR compliance program. It describes the implementation of our data protection roles, policies,

procedures, controls and measures to ensure ongoing compliance with GDPR.

What is GDPR?

The EU General Data Protection Regulation (GDPR) of 25th May 2018 strengthens the rights of

individuals regarding their personal date and seeks to unify local data protection laws across

Europe. GDPR requires new or additional obligations on organisations in the EU processing

personal data and organisations outside the EU processing personal data of EU residents.

Our GDPR Principles

We take the privacy and security of individuals and their personal information very seriously. Our

principles for processing personal information are:

• We will process all personal information fairly and lawfully

• We will only process personal information for specified and lawful purposes

• Where practical, we will keep personal information up to date

• We will not keep personal information for longer than is necessary

Data Subjects Rights under GDPR

An individual can request information from us about:

• What personal information we hold about an individual

• The categories of personal information we collect from an individual

• The purposes for collecting and processing personal information from an individual

• How long we plan to keep the personal information

• The process to have incomplete or inaccurate personal information corrected or completed

• Where applicable, the process for requesting erasure of the personal information or for

restricting the processing of personal information in accordance with data protection laws,

as well as to object to any direct marketing from us

• About any automated decision-making that we use

Our GDPR Compliance Plan

Here's an overview of our steps that we are taking to ensure compliance with GDPR:

• We conducted a data mapping inventory and analysis of collected personal information in

our systems and records

• We have established procedures and policies to restrict processing of personal information

• We have updated our procedures for data breaches and incident responses

• We have updated our Privacy Policy

• We have reviewed all processing activities to identify the legal basis for processing

personal information and to ensure that each basis is appropriate for the activity it relates

• We have reviewed the contracts we have in place with our third-party vendors, service

providers, contractors and agents to ensure that they also commit to protect the data they

hold on our behalf, use it only for services we have instructed them to perform, and retain

it only for the period of time we instruct

If you have any questions about this GDPR Compliance Statement, or our privacy or security

practices, please contact us:

• Website: https://www.europeanodyssey.com/

• Email: hello@europeanodyssey.com

• Phone: 00 351 933 645 100