To preserve everyone's safety our services are in standby. We're adopting safety and sterilization measures. We'll open back the next season, on March 1st 2021.

Learn More

Privacy Statement (US)

This privacy statement was last changed on 05/01/2021, last checked on 12/01/2021, and applies to citizens of the United States.

In this privacy statement, we explain what we do with the data we obtain about you via https://www.stunningbikecotours.com. We recommend you carefully read this statement. In our processing we comply with the requirements of privacy legislation. That means, among other things, that:

  • we clearly state the purposes for which we process personal data. We do this by means of this privacy statement;
  • we aim to limit our collection of personal data to only the personal data required for legitimate purposes;
  • we first request your explicit consent to process your personal data in cases requiring your consent;
  • we take appropriate security measures to protect your personal data and also require this from parties that process personal data on our behalf;
  • we respect your right to access your personal data or have it corrected or deleted, at your request.

If you have any questions, or want to know exactly what data we keep of you, please contact us.

1. Purpose and categories of data

Categories of personal information to be collected and the purpose for which the categories shall be used.

1.1 We use your data for the following purpose:

Contact - Through phone, mail, email and/or webforms

The following categories of data are collected

  • A first and last name
  • Account name or alias
  • A home or other physical address, including street name and name of a city or town
  • An email address
  • A telephone number
  • Any other identifier that permits the physical or online contacting of a specific individual
  • IP address
  • Passport number
  • Driver's license
  • State identification card number

1.2 We use your data for the following purpose:

Payments

The following categories of data are collected

  • A first and last name
  • Account name or alias
  • A home or other physical address, including street name and name of a city or town
  • An email address
  • A telephone number
  • IP address
  • Financial information such as bank account number of credit card number
  • Geolocation data

1.3 We use your data for the following purpose:

Registering an account

The following categories of data are collected

  • A first and last name
  • Account name or alias
  • A home or other physical address, including street name and name of a city or town
  • An email address
  • A telephone number
  • IP address
  • Geolocation data

1.4 We use your data for the following purpose:

Newsletters

The following categories of data are collected

  • A first and last name
  • An email address
  • IP address

1.5 We use your data for the following purpose:

To support services or products that a customer wants to buy or has purchased

The following categories of data are collected

  • A first and last name
  • A home or other physical address, including street name and name of a city or town
  • An email address
  • A telephone number
  • IP address
  • Geolocation data

1.6 We use your data for the following purpose:

To be able to comply with legal obligations

The following categories of data are collected

  • A first and last name
  • A home or other physical address, including street name and name of a city or town
  • Passport number
  • Driver's license
  • State identification card number

1.7 We use your data for the following purpose:

Compiling and analyzing statistics for website improvement.

The following categories of data are collected

  • IP address
  • Geolocation data

1.8 We use your data for the following purpose:

To be able to offer personalized products and services

The following categories of data are collected

  • A first and last name
  • An email address
  • IP address
  • Geolocation data

1.9 We use your data for the following purpose:

To sell data to Third Parties

The following categories of data are collected

  • Geolocation data

2. Sharing with other parties

We only share or disclose this data to other recipients for the following purposes:

Purpose of the data transfer: Payments
Country or state in which this third party is located: United States

Purpose of the data transfer: Bookings
Country or state in which this third party is located: United States

We disclose personal information if we are required by law or by a court order, in response to a law enforcement agency, to the extent permitted under other provisions of law, to provide information, or for an investigation on a matter related to public safety.

3. How we respond to Do Not Track signals & Global Privacy Control

Our website responds to and supports the Do Not Track (DNT) header request field. If you turn DNT on in your browser, those preferences are communicated to us in the HTTP request header, and we will not track your browsing behavior.

4. Cookies

Our website uses cookies. For more information about cookies, please refer to our Cookie Policy on our Do Not Sell My Personal Information webpage. 

We have concluded a data processing agreement with Google.

5. Security

We are committed to the security of personal data. We take appropriate security measures to limit abuse of and unauthorized access to personal data. This ensures that only the necessary persons have access to your data, that access to the data is protected, and that our security measures are regularly reviewed.

The security measures we use consist of:

  • Username and Password
  • DNSSEC
  • TLS / SSL
  • Physical security measures of systems which contain personal data.
  • Security software
  • HTTP Strict Transport Security
  • X-Content-Type-Options
  • X-XSS-Protection
  • X-Frame-Options
  • No Referrer When Downgrade header
  • Content Security Policy

6. Third party websites

This privacy statement does not apply to third party websites connected by links on our website. We cannot guarantee that these third parties handle your personal data in a reliable or secure manner. We recommend you read the privacy statements of these websites prior to making use of these websites.

7. Amendments to this privacy statement

We reserve the right to make amendments to this privacy statement. It is recommended that you consult this privacy statement regularly in order to be aware of any changes. In addition, we will actively inform you wherever possible.

8. Accessing and modifying your data

If you have any questions or want to know which personal data we have about you, please contact us. Please make sure to always clearly state who you are, so that we can be certain that we do not modify or delete any data of the wrong person. We shall provide the requested information only upon receipt of a verifiable consumer request. You can contact us by using the information below. You have the following rights:

8.1 Right to know what personal information is being collected about you

  1. A consumer shall have the right to request that a business that collects personal information about the consumer disclose to the consumer the following:
    1. The categories of personal information it has collected about that consumer.
    2. The categories of sources from which the personal information is collected.
    3. The business or commercial purpose for collecting or selling personal information.
    4. The categories of third parties with whom the business shares personal information.
    5. The specific pieces of personal information it has collected about that consumer.

8.2 The right to know whether personal information is sold or disclosed and to whom

  1. A consumer shall have the right to request that a business that sells the consumer’s personal information, or that discloses it for a business purpose, disclose to that consumer:
    1. The categories of personal information that the business collected about the consumer.
    2. The categories of personal information that the business sold about the consumer and the categories of third parties to whom the personal information was sold, by category or categories of personal information for each third party to whom the personal information was sold.
    3. The categories of personal information that the business disclosed about the consumer for a business purpose.

8.3 The Right to equal service and price, even if you exercise your privacy rights

We shall not discriminate against a consumer because the consumer exercised any of the consumer’s privacy rights, including, but not limited to, by:

  1. Denying goods or services to the consumer.
  2. Charging different prices or rates for goods or services, including through the use of discounts or other benefits or imposing penalties.
  3. Providing a different level or quality of goods or services to the consumer, if the consumer exercises the consumer’s privacy rights.
  4. Suggesting that the consumer will receive a different price or rate for goods or services or a different level or quality of goods or services. However, nothing prohibits us from charging a consumer a different price or rate, or from providing a different level or quality of goods or services to the consumer, if that difference is reasonably related to the value provided to the consumer by the consumer’s data.

8.4 The right to delete any personal information

  1. A consumer shall have the right to request that a business delete any personal information about the consumer which the business has collected from the consumer.
  2. A business that receives a verifiable request from a consumer to delete the consumer’s personal information pursuant to subdivision (a) of this section shall delete the consumer’s personal information from its records and direct any service providers to delete the consumer’s personal information from their records.
  3. A business or a service provider shall not be required to comply with a consumer’s request to delete the consumer’s personal information if it is necessary for the business or service provider to maintain the consumer’s personal information in order to:
    1. Complete the transaction for which the personal information was collected, provide a good or service requested by the consumer, or reasonably anticipated within the context of a business’s ongoing business relationship with the consumer, or otherwise perform a contract between the business and the consumer.
    2. Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity; or prosecute those responsible for that activity.
    3. Debug to identify and repair errors that impair existing intended functionality.
    4. (Exercise free speech, ensure the right of another consumer to exercise his or her right of free speech, or exercise another right provided for by law.
    5. Comply with the California Electronic Communications Privacy Act pursuant to Chapter 3.6 (commencing with Section 1546) of Title 12 of Part 2 of the Penal Code.
    6. Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when the businesses’ deletion of the information is likely to render impossible or seriously impair the achievement of such research, if the consumer has provided informed consent.
    7. To enable solely internal uses that are reasonably aligned with the expectations of the consumer based on the consumer’s relationship with the business.
    8. Comply with a legal obligation.
    9. Otherwise use the consumer’s personal information, internally, in a lawful manner that is compatible with the context in which the consumer provided the information.

9. Right to opt out

You shall have the right, at any time, to direct us not to sell your personal information to a third party. For more information about the possibility of submitting an opt-out request, please refer to our Do Not Sell My Personal Information page.

10. Selling of personal data to third parties

A list of the categories of personal information we have sold to a third party in the preceding 12 months:

  • Internet activity information, including, but not limited to, browsing history, search history, and information regarding a consumer's interaction with an Internet Web site, application, or advertisement

A list of the categories we have disclosed for a business purpose in the preceding 12 months:

  • A first and last name
  • A home or other physical address, including street name and name of a city or town
  • An email address
  • A telephone number
  • IP address
  • Internet activity information, including, but not limited to, browsing history, search history, and information regarding a consumer's interaction with an Internet Web site, application, or advertisement
  • Geolocation data

11. Children

Our website is not designed to attract children and it is not our intent to collect personal data from children under the age of consent in their country of residence. We therefore request that children under the age of consent do not submit any personal data to us.

12. Contact details

Stunning Bike Co-Tours
Via Rezzonico, 32
22100 - Como (CO)
Italy
Italy
Website: https://www.stunningbikecotours.com
Email: privacy@stunningbikecotours.com

Phone number: +393394364906

Annex

Service: "FAST" Customer Support

What we collect and store

When you register on our support site we will store the following information.
  • Your first name
  • Your last name
  • Your email address
  • (if Oxygenna login) Envato username
When you create a ticket on our support site we will store the following information.
  • Ticket Subject
  • Ticket Type
  • Comment Content
  • Upload Attachment
  • Oxygenna Purchase Information
  • Extra Fields (here you should list any extra fields you have created)
When you reply to a ticket on our support site we will store the following information.
  • Comment Content
  • Upload Attachment

What we do with the information we gather

Members of our team have access to the information you provide us. For example, both Administrators and Ticket Agents can access:
  • Ticket Subject
  • Ticket Type
  • Comment Content
  • Oxygenna Purchase Information
  • Upload Attachment
Other customers will be able to view any tickets or comments you create unless you mark the ticket as private.

Who we share your data with

This service does not share any personal data with any 3rd parties.

-

Service: WooCommerce

We collect information about you during the checkout process on our store.

What we collect and store

While you visit our site, we’ll track:
  • Products you’ve viewed: we’ll use this to, for example, show you products you’ve recently viewed
  • Location, IP address and browser type: we’ll use this for purposes like estimating taxes and shipping
  • Shipping address: we’ll ask you to enter this so we can, for instance, estimate shipping before you place an order, and send you the order!
We’ll also use cookies to keep track of cart contents while you’re browsing our site. When you purchase from us, we’ll ask you to provide information including your name, billing address, shipping address, email address, phone number, credit card/payment details and optional account information like username and password. We’ll use this information for purposes, such as, to:
  • Send you information about your account and order
  • Respond to your requests, including refunds and complaints
  • Process payments and prevent fraud
  • Set up your account for our store
  • Comply with any legal obligations we have, such as calculating taxes
  • Improve our store offerings
  • Send you marketing messages, if you choose to receive them
If you create an account, we will store your name, address, email and phone number, which will be used to populate the checkout for future orders. We generally store information about you for as long as we need the information for the purposes for which we collect and use it, and we are not legally required to continue to keep it. For example, we will store order information for XXX years for tax and accounting purposes. This includes your name, email address and billing and shipping addresses. We will also store comments or reviews, if you choose to leave them.

Who on our team has access

Members of our team have access to the information you provide us. For example, both Administrators and Shop Managers can access:
  • Order information like what was purchased, when it was purchased and where it should be sent, and
  • Customer information like your name, email address, and billing and shipping information.
Our team members have access to this information to help fulfill orders, process refunds and support you.

What we share with others

This section doesn't share any data with third-parties

Payments

We accept payments through Stripe. When processing payments, some of your data will be passed to Stripe, including information required to process or support the payment, such as the purchase total and billing information. Please see the Stripe Privacy Policy for more details. -

Service: iThemes Security

What personal data we collect and why we collect it

Cookies

Visiting the login page sets a temporary cookie that aids compatibility with some alternate login methods. This cookie contains no personal data and expires after 1 hour.

Security Logs

The IP address of visitors, user ID of logged in users, and username of login attempts are conditionally logged to check for malicious activity and to protect the site from specific kinds of attacks. Examples of conditions when logging occurs include login attempts, log out requests, requests for suspicious URLs, changes to site content, and password updates. This information is retained for 60 days.

Who we share your data with

When running Security Check, ithemes.com will be contacted as part of a process to determine if the site supports TLS/SSL requests. No personal data is sent to ithemes.com as part of this process. Requests to ithemes.com include the site's URL. For ithemes.com privacy policy details, please see the iThemes Privacy Policy.

This site is scanned for potential malware and vulnerabilities by the iThemes Site Scanner. We do not send personal information to the scanner; however, the scanner could find personal information posted publicly (such as in comments) during the scan.

How long we retain your data

Security logs are retained for 60 days.

Where we send your data

This site is part of a network of sites that protect against distributed brute force attacks. To enable this protection, the IP address of visitors attempting to log into the site is shared with a service provided by ithemes.com. For privacy policy details, please see the iThemes Privacy Policy. -

Service: Forminator

Which forms collect personal data?

The forms which collect your personal data are:
  • Checkin
  • Newsletter
  • User Registration

What personal data do we collect and why?

By default Forminator captures the IP Address for each submission to a Form. Other personal data such as your name and email address may also be captured, depending on the Form Fields.

When visitors or users submit a form, we capture the IP Address for spam protection. We also capture the email address and might capture other personal data included in the Form fields. We collect the following data for the contact forms, checkin, newsletter and user registration:
  • Name and Surname, to proceed with the online checkin and to give you a better personalised service
  • Address, Country  and Citizenship, to proceed with the online checkin
  • Birthdate, to proceed with the online checkin
  • User Name and Password, to register an user account
  • ID, Passport or Driver's Licences data, to proceed with the online checkin
  • Email address, to register an user account, proceed with the online checkin or contact you
  • Phone number, proceed with the online checkin or contact you

How long we retain your data

When visitors or users submit a form we retain the data as long as the services require it.

Where we send your data

All collected data might be sent to our workers or contractors to perform necessary actions based on the form submission.

Third Parties

Forminator Forms uses these third parties:

  • Google reCAPTCHA. Enabled when you added reCAPTCHA on your forms. We use Google reCAPTCHA for spam protection. Their privacy policy can be found here
-

Service: Stripe

Information shared with a payment provider to process payments includes:
  • Name
  • Email
  • Address
  • Phone
  • City/State/Zip
  • Unique payment identifier
  • Payment provider identifier
This plugin/extension sets the following cookies: -

Service: YITH

What we collect and store

YITH WooCommerce Affiliates

While you visit our site, we’ll track:
  • Visits to the store: we’ll use this to generate statistics for affiliates and administrators.
  • Location, IP address and browser type: we’ll use this just for statistics, and to let administrators supervise traffic generated by affiliates.
  • Affiliate’s name, username, email address: we’ll use this information to register and keep track of affiliates.
We’ll also use cookies to keep track of visit and sales generate by affiliates.

YITH Booking and Appointment for WooCommerce

While you visit our site, we’ll track information concerning users’ bookings: date, number of people, services added and all other information about the booking.

Who on our team has access

YITH WooCommerce Affiliates

Members of our team have access to the information you provide us. For example, both Administrators and Shop Managers can access:
  • Affiliate’s personal details;
  • System-generated commissions;
  • Payments sent to the affiliates;
  • Visits and sales generated through referral links.
Our team members have access to this information to correctly manage the affiliation system, and perform required actions in order to prevent customers from any inappropriate usage of the affiliate program.

YITH Booking and Appointment for WooCommerce

Members of our team have access to the information you provide us. For example, both Administrators and Shop Managers can access to information about customer bookings.

What we share with others

YITH WooCommerce Affiliates

We send payments through PayPal. When processing payments, some of your data will be passed to PayPal, including information required to process or support the payment, such as the commission total and payment information. Please see the PayPal Privacy Policy for more details.

YITH Booking and Appointment for WooCommerce

We share the availability calendars with external services, such as booking.com or Airbnb, as we sell our bookable products through these portals, to sync the availability information and prevent overbooking.

en_US