Privacy Policy

Effective Date: [Month Day, Year]
Last Updated: [Month Day, Year]
Company: [Legal Company Name] (“Company,” “we,” “us,” “our”)
Website: [your domain]
Contact: [privacy@yourdomain.com] | [postal address] | [phone optional]

1. Who We Are

We operate an adventure travel and motorcycle touring business. This Privacy Policy explains how we collect, use, disclose, and safeguard information when you visit our website, contact us, inquire about tours, book travel, or otherwise interact with us.

2. Scope

This Policy applies to:

  • Visitors to our website and online services

  • Prospective customers submitting inquiries

  • Customers booking tours, rentals, or related services

  • Participants on our trips and events

This Policy does not cover third-party websites, booking platforms, payment processors, social media networks, or partners that may collect data independently.

3. The Information We Collect

A) Information you provide to us

We may collect:

  • Identity & contact details: name, email, phone, address, nationality, passport details (where required for travel logistics)

  • Booking and trip details: itinerary choices, preferences, rooming requests, emergency contact details, dietary needs

  • Payment-related information: billing address and payment status; payment card details are generally processed by our payment processors (we do not store full card numbers)

  • Communications: messages you send, call recordings (if any), support requests

  • Consent-based content: testimonials, images you submit, survey responses

B) Information collected automatically (online)

When you use our website, we may collect:

  • Device and usage data: IP address, browser type, device identifiers, pages visited, time spent, referral URLs

  • Cookies and similar technologies (see Section 8)

C) Information from third parties

We may receive information from:

  • Payment processors (confirmation and fraud signals)

  • Analytics/advertising providers (aggregated usage data)

  • Travel partners (hotels, local operators) as needed to deliver services

  • Booking platforms if you used a reseller or affiliate

4. How We Use Information

We use information to:

  1. Provide and administer services (inquiries, bookings, tour operations, customer support)

  2. Process payments and prevent fraud

  3. Communicate trip updates, confirmations, operational notices, safety instructions

  4. Personalize and improve our site, trips, and customer experience

  5. Marketing (where permitted): newsletters, promotions, retargeting/ads (with cookie controls where applicable)

  6. Legal, safety, and compliance: enforce agreements; manage claims; comply with lawful requests

5. Legal Bases (GDPR/UK GDPR where applicable)

Where EU/UK data protection laws apply, we process personal data under one or more legal bases:

  • Contract necessity (e.g., booking fulfillment)

  • Legitimate interests (e.g., service improvement, fraud prevention, basic marketing)

  • Consent (e.g., optional marketing, certain cookies, special requests)

  • Legal obligation (e.g., tax, accounting, regulatory requirements)

GDPR territorial reach can apply to non-EU businesses when they offer goods/services to people in the EU or monitor behavior in the EU, and regulators have issued guidance on how this “targeting” analysis works.

6. How We Share Information

We may share information with:

  • Service providers (hosting, email, CRM, analytics, payment processing, customer support tools)

  • Travel partners (lodging, local guides, transport providers) only as needed to deliver the trip

  • Professional advisors (legal, accounting, insurance) where necessary

  • Authorities where required by law or to protect rights/safety

  • Business transfers (merger, acquisition, asset sale) with appropriate safeguards

We do not sell personal information in the conventional sense. If we engage in “sharing” for cross-context behavioral advertising under California law, we will provide required opt-out mechanisms.

7. Data Retention

We retain information only as long as reasonably necessary for:

  • Providing services and maintaining business records

  • Legal, tax, accounting, and insurance requirements

  • Managing disputes, claims, and chargebacks

Retention periods vary by data type. You can request deletion subject to legal exceptions.

8. Cookies, Analytics, and Advertising

We use cookies and similar tools to:

  • Operate the site (essential cookies)

  • Understand usage (analytics)

  • Support marketing/advertising (where enabled)

Your choices: You can manage cookies via our cookie banner/preferences tool (if enabled) and through browser controls. Some jurisdictions require opt-in consent for non-essential cookies; we implement consent flows where required.

9. International Data Transfers

We may transfer and process information in the United States and other countries where we or our service providers operate. Where required, we use appropriate safeguards for cross-border transfers (e.g., contractual protections) and implement security controls consistent with the sensitivity of the data.

10. Security

We use reasonable administrative, technical, and physical safeguards designed to protect information. No method of transmission or storage is 100% secure; therefore, we cannot guarantee absolute security.

If we make privacy or security promises, we must follow them; misleading privacy practices can raise U.S. consumer protection issues.

11. Your Privacy Rights

A) United States (including California)

Depending on your state of residence and applicable law, you may have rights such as:

  • Access/know what personal information we collect and use

  • Request deletion (with exceptions)

  • Request correction of inaccurate information

  • Opt out of sale/sharing for targeted advertising (where applicable)

  • Non-discrimination for exercising privacy rights

California specifically provides a right to opt out of “sale or sharing” and related rights administered by the California Attorney General’s office guidance.

B) EU/EEA and UK

Where applicable, you may have rights to:

  • Access, rectify, delete, restrict, object, and data portability

  • Withdraw consent at any time (where processing is based on consent)

  • Lodge a complaint with your supervisory authority

12. How to Exercise Rights

Submit requests to: [privacy@yourdomain.com] with subject line “Privacy Request”.
We may need to verify your identity. Authorized agents may submit requests where permitted by law.

13. Children’s Privacy

Our services are not directed to children under 13 (or under 16 where required by certain laws). We do not knowingly collect personal information from children. If you believe a child provided us information, contact us to request deletion.

14. Communications Preferences

You can unsubscribe from marketing emails using the link in the email. Transactional messages (booking confirmations, safety notices) are not marketing and may continue.

15. Changes to This Policy

We may update this Policy periodically. We will post the revised version with a new “Last Updated” date. Material changes may be communicated by email or prominent notice.