Tickets and Prices

Privacy policy

The purpose of this Policy is to set out the data protection and privacy policy of PT Bali Eye Experience (hereinafter referred to as the “Service Provider”), the operator of thewheel.id (hereinafter referred to as the “Website”), and the Service Provider’s data protection and privacy policy, which the Service Provider acknowledges as binding on itself, as the Service Provider aims to ensure the protection of the personal data of users registered on the Website to the fullest extent possible.

By using the website, using any of its services or applications, the User consents to the processing of his/her personal data in accordance with the provisions of this Privacy Policy.

1. Data of the service provider as data controller

The Service Provider’s company name: PT Bali Eye Experience
The Service Provider’s registered office:
The Service Provider’s tax number:
The Service Provider’s telephone number:
E-mail:

2. Definitions

The terms used in this Policy shall be interpreted in accordance with the definitions set out in the interpretative provisions of Act CXII of 2011 on the Right of Informational Self-Determination and Freedom of Information (hereinafter referred to as the Info Act) as follows.

Personal data: data which can be associated with the data subject, in particular the name, the identification mark and one or more factors specific to his or her physical, physiological, mental, economic, cultural or social identity, and the inference which can be drawn from the data concerning the data subject;

Data subject: any natural person (in the case of this Policy, the User) who is identified or can be identified, directly or indirectly, on the basis of specific personal data;

Consent: a voluntary and explicit expression of the data subject’s wishes, based on appropriate information, by which he or she gives his or her unambiguous consent to the processing of personal data concerning him or her, either in full or in relation to specific operations;

Data processing: any operation or set of operations which is performed upon data, regardless of the procedure used, in particular any collection, recording, recording, organisation, storage, alteration, use, retrieval, disclosure, transmission, alignment or combination, blocking, erasure or destruction of data, prevention of their further use, taking of photographs, sound recordings or images and physical features which can be used to identify a person (e.g. fingerprints, palm prints, DNA samples, iris scans);

Data Controller: the natural or legal person or unincorporated body which, alone or jointly with others, determines the purposes for which the data are processed, takes and implements the decisions concerning the processing (including the means used) or implements them through a processor (in the case of this Policy, the Service Provider);

Transfer: making data available to a specified third party;

Disclosure: making the data available to anyone;

Data erasure: rendering data unrecognisable in such a way that it is no longer possible to recover it;

Data marking: the marking of data with an identification mark to distinguish it;

Data blocking: the marking of data with an identifier in order to limit its further processing permanently or for a limited period of time;

Data processing: the performance of technical tasks related to data processing operations, irrespective of the method and means used to perform the operations and the place of application, provided that the technical task is performed on the data;

Data processor: a natural or legal person or unincorporated body which processes data on the basis of a contract with the controller, including a contract concluded pursuant to a legal provision;

3. Principle of data management

The Service Provider shall process the personal data recorded in accordance with the data protection legislation in force at the time, in particular the Info Act, and in accordance with this Policy.

4. Purpose of data processing

The purpose of processing the User’s personal data is to.

  1. To send newsletters and advertising mail and to fulfil other legal obligations of the Service Provider. The Service Provider will not disclose the User’s personal data to unauthorized third parties.
  2. Contacting the Service Provider: on the website, you can send a message directly to the Service Provider via the website interface.

5. Scope of the data processed

The Service Provider processes the following personal data of the User during and after the performance of the service provided by the Service Provider, based on the User’s voluntary consent:

  1. Newsletter and advertising: surname, first name, e-mail address
  2. Contact: name, e-mail address, telephone number

The User is solely responsible for the truthfulness and accuracy of the personal data.

6. Legal basis for processing

The collection and processing of personal data in connection with the operation of the website and its services is based on the voluntary consent of the data subject.

  1. Newsletter, data processing for advertising purposes: if the User so requests, the Service Provider is entitled to send the User an advertisement or an e-mail for advertising purposes. In this case, the User shall provide the Service Provider with the personal data required for sending the newsletter, as detailed in Section 5.1. The legal basis for the processing is the consent of the User. The User acknowledges that, by providing his/her data, he/she also consents to the processing of such data for the purposes of sending newsletters and advertising.
    The Service Provider shall keep a record of the personal data of users subscribed to the newsletter pursuant to Section 6 (5) of Act XLVIII of 2008 on the Basic Conditions and Certain Restrictions of Economic Advertising Activities (hereinafter referred to as the “Advertising Act”). It shall process the data stored in the register until the consent is withdrawn, and shall disclose them to third parties only with the prior consent of the users.
  2. Contact: voluntary consent of the User.

The User gives his consent by using the services of the website (by registering or filling in the contact form).

The Service Provider is not obliged to verify whether the data provided by the User at the time of registration or otherwise when giving consent are true or correct.

The User may withdraw his/her voluntary consent referred to in the previous point at any time. In this case, the Service Provider shall not send the User any more newsletters or other advertising mailings after the withdrawal, and shall delete the User’s data from the data of the users subscribed to the newsletter.

Unless otherwise provided by law, the Service Provider may process the personal data collected for the purpose of fulfilling a legal obligation (in particular, accounting obligation, contractual obligation with the User) or for the purpose of asserting its own or a third party’s legitimate interest, if the assertion of such interest is proportionate to the restriction of the right to the protection of personal data, without further specific consent and even after the withdrawal of the User’s consent.

7. Duration of data management, modification, deletion, objection to data management

The Service Provider shall process personal data processed in connection with the use of the services until the purpose of the data processing is fulfilled.

The User may request the deletion of his/her personal data by sending an e-mail to melvi@thewheel.id. The Service Provider shall also delete the User’s personal data without the data subject’s request, if the processing is unlawful, if the purpose of the processing has ceased to exist, or if the statutory period for storing the data has expired, or if the court or the National Authority for Data Protection and Freedom of Information has ordered it, or if the processing is incomplete or incorrect – and this situation cannot be remedied lawfully – provided that the deletion is not excluded by law.

Instead of deleting the personal data, the Service Provider shall block the personal data if the User so requests or if, based on the information available to it, it can be assumed that deletion would harm the legitimate interests of the User. The blocked personal data shall be processed by the Service Provider only for as long as the data processing purpose that precludes the deletion of the personal data exists. Following the withdrawal of the User’s consent, the Service Provider may continue to process personal data concerning the data subject in order to fulfil its legal obligations (in particular, accounting obligations).

The User may object to the processing of his/her personal data by sending an e-mail to melvi@thewheel.id,
– if the processing or transfer of personal data is necessary solely for the performance of a legal obligation to which the Service Provider is subject or for the purposes of the legitimate interests pursued by the controller, the recipient or a third party, except in the case of mandatory processing;
– if the use or transfer of personal data is for direct marketing, public opinion polling or scientific research purposes; and
– in any other case provided for by law.

The controller shall examine the objection within the shortest possible time from the date of the request, but not later than 15 days, decide whether the objection is justified and inform the applicant in writing of its decision.

If the controller establishes that the data subject’s objection is justified, the controller shall terminate the processing, including further collection and further transfer, and block the data, and notify the objection and the action taken on the basis of the objection to all those to whom the personal data subject of the objection has previously disclosed the personal data subject and who are obliged to take measures to enforce the right to object.

If the data subject does not agree with the decision of the controller or if the controller fails to comply with the 15-day time limit, the data subject may, within 30 days of the notification of the decision or the last day of the time limit, have recourse to the courts. The court shall act out of turn.

If the data subject does not receive the data necessary to exercise his or her rights because he or she objects, he or she may, within 15 days of the notification, take legal action against the controller in order to obtain access to the data. The controller may also take the data subject to court.

If the controller fails to give notice, the recipient may request clarification from the controller of the circumstances surrounding the failure to disclose the data, which the controller shall provide within 8 days of the receipt of the recipient’s request for such clarification. In the event of a request for clarification, the data subject may bring an action against the controller before a court within 15 days of the date on which the clarification was provided, but no later than the time limit for the provision of clarification. The controller may also bring legal proceedings against the data subject.

The controller may not delete the data of the data subject if the processing is required by law. However, the data may not be transferred to the data recipient if the controller has consented to the objection or if the court has ruled that the objection is justified.

8. Request for information

The User has the right to request information at any time about the personal data concerning him/her processed by the Service Provider in connection with the services of the website by sending an email to melvi@thewheel.id or by calling +62 811 3804 100. Upon the User’s request, the Service Provider shall provide information on the data concerning the User processed by the Service Provider in connection with the given service, their source, the purpose, legal basis and duration of data processing, the name and address of the data processor, the legal basis and recipient of the data transfer, and the data processing activities. The Service Provider shall provide the information in writing in an intelligible form within the shortest possible time from the date of the request, but not later than 30 days from the date of the request, upon the data subject’s request. The information shall be provided free of charge. The Service Provider shall consider a request received from an e-mail address previously provided to the Service Provider as a request received from the User. In the case of requests from other e-mail addresses and requests in writing, the User may submit a request only if he has duly proven his capacity as a User.

9. Enforcement options

The User may exercise his/her rights under the Info Act and the Civil Code of 1959 (Ptk.) before the courts, and may also seek the assistance of the National Authority for Data Protection and Freedom of Information in any matter related to personal data (1125 Budapest Szilágyi Erzsébet fasor 22/C, postal address: 1530 Budapest, Pf. 5., ugyfelszolgalat@naih.hu, (+36) 1 391 1400, www.naih.hu).

10. Anonymous data and cookies.

On thewheel.id, in e-mail messages and advertisements, you use so-called. “cookies” and similar technologies such as tracking codes, re-marketing tags, pixels, which are activated after the user’s consent.

These technologies help us better understand user behaviour and interests, helping us to operate more efficiently and effectively.

Our aim is to make the use of thewheel.id as user-friendly and personal as possible. If you wish to opt-out of the collection of non-personal data by these technologies, you can do so in the following ways:

  • you can use the cookie warnings on the website to prevent them from loading,
  • by disabling “cookies” in your browser.

11. What are cookies and how can I change the settings?

Cookies are small text files that a website can use to make your user experience more effective.

Some “cookies” are temporary and disappear when the browser is closed, while there are also permanent versions that stay on your computer for a longer period of time. According to the law, we may store cookies on a visitor’s device only if it is strictly necessary for the functioning of our website.

We need the visitor’s permission to use all other types of cookies. This website uses various cookies. Some cookies that appear on this website are placed by our third party service providers.

Browsers give you the option to change your cookie settings. Most browsers automatically accept cookies by default, but this can be changed to prevent automatic acceptance once set.

To find out more about changing your browser settings, check your browser instructions or help. To find out about cookie settings for the most popular browsers, click on the links below:

Google Chrome
Firefox
Microsoft Internet Explorer 11
Microsoft Internet Explorer 10
Microsoft Edge
Safari

12. Types of cookies

12.1. Essential cookies

Essential cookies help make our website more usable by enabling basic functions such as site navigation and access to secure areas of the website.

The website cannot function properly without these cookies.

  • PHPSESSID Keeps the user session state between page requests until browser is closed
  • CookieConsent Stores the user’s cookie policy on the given domain. 1 year
  • __cfduid The Cloudflare content server identifies web traffic. 1 year
  • JSESSIONID Assigns a unique, anonymous identifier to each page open to improve the usability of the page until the browser is closed
  • wp_woocommerce_session_ Keeps the contents of your shopping cart when navigating between pages until you close your browser
  • woocommerce_items_in_cart Keeps the contents of the shopping cart when navigating between pages until the browser is closed
  • wc_cart_hash_ Associates a unique identifier with each customer so that the system can link orders to the customer 1 day

12.2. Preferential cookies

Preferential cookies allow us to remember information that changes the way a website behaves or looks, such as your preferred language or the region you are in.

12.3. Cookies for statistical purposes

By collecting and reporting data in an anonymous form, statistical cookies help the website owner to understand how visitors interact with the website.

  • _ga Captures a unique identifier to generate anonymous statistical data on the use of the website 2 years
  • _gid Captures a unique identifier to generate anonymous statistical data about the use of the website 2 years
  • _gat Google Analytics uses Google Analytics to control the frequency of queries. until browser close
  • collect Collects data for Google Analytics about the user’s device and browsing habits, across different devices and marketing channels, until the browser is closed.

12.4. Cookies for marketing purposes

We use personalised cookies to track visitors’ website activity. The goal is to serve the most relevant ads to individual users, display content that matches their preferences and encourage them to be active.

  • ads/ga-audiences Used by Google Adwords to target users whose browsing habits indicate that they are more likely to make a purchase until the browser is closed
  • pref Captures a unique identifier, which Google uses to generate statistics about the videos the user has viewed on YouTube. 8 months
  • fr Used by Facebook to target users whose browsing habits indicate a higher propensity to buy 3 months
  • tr Facebook uses it to target users whose browsing habits suggest they are more likely to make a purchase until you close your browser.

13. Checking and disabling cookie settings

Modern browsers allow you to change the “cookie settings”. Some browsers automatically accept “cookies” by default, but this setting can be changed to prevent automatic acceptance in the future.

If you switch, the browser will offer you the option to “set cookies” each time you do so.

The Data Controller will not remember any identifier or password even if “cookies” are enabled. The visitor can use the services in complete safety even if he accepts “cookies”.

Please note that since the purpose of “cookies” is to support and facilitate the usability and processes of the website, we cannot guarantee that a visitor will be able to use all the functions of the website to their full extent if “cookies” are disabled.

The website may then function differently than intended in the browser.

Bali, 1 July 2025.