Privacy Policy
1. Introduction
Tafea Tourism (“we,” “our,” or “us”) is deeply committed to protecting your privacy and safeguarding your personal data. We understand the importance of privacy in the digital age and recognize our duty to secure the information entrusted to us. This Privacy Policy outlines the types of data collected through our website, tafea-tourism.com, and provides transparency around the legal bases, methods of processing, and your rights relating to your personal data in accordance with the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).
2. Scope and Data Controller
This Privacy Policy applies to all visitors, users, and others who access or interact with the services and content provided via tafea-tourism.com (the “Website”). For purposes of applicable data protection laws including the GDPR, the data controller responsible for your personal data is Tafea Tourism.
If you have any questions about this Privacy Policy or our data handling practices, please contact us at: [email protected].
3. Categories of Data Processed
We may collect, use, store, and transfer different kinds of personal data which we categorize as follows:
a. Usage Data
Information about how you use our Website, including browser type and version, IP address, access times, pages viewed, referring URLs, and session details.
b. Account Data
Information you provide when creating an account or interacting with our services, including your full name, postal address, email address, and phone number.
c. Profile Data
Information about your preferences, booking history, feedback or survey responses, and behavioral data collected through interaction.
d. Communication Data
Details of your contact with us such as inquiries, support requests, submitted forms, correspondence history, and notes from interactions.
e. Technical Data
Device information including device type, operating system, screen resolution, and browser configurations gathered automatically.
f. Transaction Data
Details regarding transactions you perform on our Website, including payment method, billing and shipping addresses, reservation history, and related records.
g. Preference Data
Information regarding marketing preferences, communication consents, interests in services or destinations, and engagement with promotional materials.
4. Legal Bases for Processing
We process your personal data based on one or more of the following legal grounds under the GDPR and comparable CCPA bases:
– Performance of a Contract: For processing necessary to fulfill services you’ve requested or entered into via the Website.
– Legitimate Interests: For improving service quality, conducting analytics, marketing lawful services, or ensuring network and information security.
– Consent: For marketing communications, non-essential cookies, or data voluntarily provided by you.
– Legal Obligation: For compliance with laws, regulations, or judicial proceedings.
5. Your Rights
Subject to applicable law, you may exercise the following rights regarding your personal data:
– Right of Access: Obtain a copy of your data undergoing processing.
– Right to Rectification: Request correction of inaccurate or incomplete personal information.
– Right to Erasure: Request deletion of your personal data where applicable.
– Right to Restriction: Request temporary or permanent restriction on processing activities.
– Right to Data Portability: Receive your personal data in a structured, commonly used, machine-readable format.
– Right to Object: Object to data processing based on legitimate interests or direct marketing.
– Right to Withdraw Consent: Where processing is based on consent, you can revoke it at any time without affecting lawful processing based on prior consent.
To exercise these rights, please contact us via [email protected].
6. Security Measures
We implement security best practices to protect your personal data including but not limited to:
– End-to-end encryption during data transmission and secure storage of sensitive data.
– Role-based access control to restrict internal data access to only those with a legitimate need.
– Regular data backups, disaster recovery protocols, and systems monitoring.
– Staff training and privacy governance procedures in accordance with global data protection standards.
7. International Data Transfers
We may transfer your personal data to jurisdictions outside your country of residence, including countries outside the European Economic Area (EEA). In such cases, we ensure data is protected through legally approved mechanisms such as Standard Contractual Clauses, Privacy Shield (where relevant), and technical safeguards mandated by the GDPR and other applicable laws.
8. Data Retention
We retain personal data according to strict retention schedules and subject to the purpose of collection:
– Usage Data: Retained for up to 12 months for analytics and performance monitoring.
– Account and Profile Data: Retained for the duration of the user relationship and up to 2 years following its termination.
– Communication Data: Retained for 24 months for quality assurance and customer service evaluations.
– Transaction Data: Retained for 7 years in compliance with financial recordkeeping duties.
– Preference Data: Updated periodically based on current consent and retained until consent is withdrawn.
9. Cookie Policy
Tafea Tourism uses cookies and similar technologies to enhance the website experience, analyze usage patterns, and provide personalized content:
– Essential Cookies: Required for navigating and accessing secure features of the Website.
– Functional Cookies: Store user preferences to improve usability.
– Analytics Cookies: Collect information in aggregate form to help us understand visitor behavior and optimize service delivery.
– Performance Cookies: Track page load times and interaction metrics to maintain system performance.
10. Cookie Management & Compliance
In accordance with the GDPR and CCPA, users can manage cookie preferences at any time. Upon first visit to tafea-tourism.com, you will be prompted with a cookie consent tool, allowing you to accept or reject optional cookies. You may also configure your browser to block cookies or notify you before they’re installed. Certain functionalities may be limited if non-essential cookies are disabled.
California residents have the right to opt out of the “sale” of personal information under the CCPA. Although we do not sell personal data in the traditional sense, we honor these rights and provide equivalent protections.
11. Children’s Privacy
We do not knowingly collect or solicit personal data from children under the age of 13. If we become aware that such data has been collected without verified parental consent, we will promptly delete it. Parents or guardians who believe that personal data of a child has been collected may contact us at [email protected].
12. Policy Updates
We reserve the right to amend this Privacy Policy to reflect technological, legal, or operational changes. Users will be informed of material changes via notices on tafea-tourism.com or through other appropriate communication channels. Continued use of the Website indicates consent to such updates.
13. Contact
For questions, requests, or concerns regarding privacy practices, including exercising your data protection rights, please contact us directly at:
Email: [email protected]
We are committed to full compliance with all applicable data privacy laws and are available to address privacy-related queries. Please reach out if you require clarification, support, or wish to lodge a complaint relating to this Privacy Policy or your data rights.