Home / Privacy Policy

Privacy Policy

Your privacy and data protection are important to us. Learn how we collect, use, and protect your personal information.

Legal

Privacy Notice

Effective Date: April 19, 2026 | Last Updated: April 19, 2026

1. Introduction

Chronicles Expedition ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information when you visit our website or use our services. We comply with the General Data Protection Regulation (GDPR) and other applicable data protection laws.

By accessing our website or using our services, you agree to the terms of this Privacy Policy. If you do not agree with our policies and practices, please do not use our services.

2. Who We Are

Data Controller: Chronicles Expedition

Address: [Your Business Address]

Email: privacy@chroniclesexpedition.com

Phone: [Your Phone Number]

If you have any questions about this Privacy Policy or our data practices, please contact us using the information above.

3. What Personal Data We Collect

We may collect and process the following types of personal data:

  • Identification Data: Name, email address, phone number, postal address
  • Booking Information: Travel dates, preferences, dietary requirements, medical information relevant to expeditions
  • Payment Data: Bank details, transaction records, billing information
  • Technical Data: IP address, browser type, device information, operating system
  • Usage Data: Pages visited, time spent on website, referral sources
  • Marketing Preferences: Consent history, email subscription choices
  • Communications: Emails, messages, and feedback you send us

4. How We Collect Your Data

We collect personal data through various methods:

  • Direct Interactions: When you fill out contact forms, make bookings, subscribe to newsletters, or communicate with us
  • Automated Technologies: Through cookies and similar tracking technologies when you browse our website
  • Third Parties: From analytics providers (Google Analytics), advertising networks, and search information providers

5. Legal Basis for Processing

Under GDPR, we process your personal data based on the following legal grounds:

  • Consent: When you have given clear consent for us to process your personal data for specific purposes (e.g., marketing emails)
  • Contract: Processing necessary for a contract with you or to take steps at your request before entering into a contract (e.g., booking expeditions)
  • Legal Obligation: Processing necessary for compliance with legal obligations (e.g., tax and accounting requirements)
  • Legitimate Interests: Processing necessary for our legitimate interests, provided your rights do not override these interests (e.g., improving our services, fraud prevention)

6. How We Use Your Data

We use your personal data for the following purposes:

  • To process and manage your expedition bookings and payments
  • To communicate with you about your bookings, inquiries, and our services
  • To send you marketing communications (with your consent)
  • To improve our website, services, and customer experience
  • To comply with legal and regulatory requirements
  • To protect against fraud and ensure security
  • To analyze website usage and trends

7. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes for which we collected it, including for the purposes of satisfying any legal, accounting, or reporting requirements.

Generally, we retain booking information for 7 years to comply with tax and accounting laws. Marketing data is retained until you withdraw your consent or unsubscribe.

8. Your Data Protection Rights

Under GDPR, you have the following rights:

  • Right to Access: Request copies of your personal data
  • Right to Rectification: Request correction of inaccurate or incomplete data
  • Right to Erasure: Request deletion of your personal data under certain conditions
  • Right to Restrict Processing: Request limitation of how we use your data
  • Right to Object: Object to our processing of your personal data
  • Right to Data Portability: Request transfer of your data to another organization
  • Right to Withdraw Consent: Withdraw consent at any time where we rely on consent to process your data

To exercise these rights, please contact us using the details provided in Section 2. We will respond to your request within one month.

9. Cookies and Tracking Technologies

Our website uses cookies and similar tracking technologies to enhance your browsing experience, analyze website traffic, and understand where our visitors come from.

Types of cookies we use:

  • Essential Cookies: Necessary for the website to function properly
  • Analytical/Performance Cookies: Help us understand how visitors interact with our website
  • Functionality Cookies: Remember your preferences and settings
  • Targeting Cookies: Record your visit to our website, pages visited, and links followed

You can manage your cookie preferences through your browser settings. For more information, visit allaboutcookies.org.

10. Data Security

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction. These measures include:

  • Encryption of sensitive data in transit and at rest
  • Regular security assessments and updates
  • Restricted access to personal data on a need-to-know basis
  • Staff training on data protection and privacy
  • Secure payment processing through PCI-compliant providers

11. International Data Transfers

As an expedition company operating globally, we may transfer your personal data to countries outside the European Economic Area (EEA). When we do so, we ensure appropriate safeguards are in place, such as:

  • Standard Contractual Clauses approved by the European Commission
  • Adequacy decisions for countries with equivalent data protection standards
  • Binding Corporate Rules for intra-group transfers

12. Third-Party Services

We may share your data with trusted third parties who assist us in operating our website, conducting our business, or servicing you. These include:

  • Payment processors (Stripe, PayPal)
  • Email service providers
  • Analytics services (Google Analytics)
  • Booking management systems
  • Insurance providers for expedition coverage

We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third-party service providers to use your personal data for their own purposes.

13. Children's Privacy

Our services are not intended for children under 16 years of age. We do not knowingly collect personal data from children under 16. If you are a parent or guardian and believe your child has provided us with personal data, please contact us immediately.

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or for other operational, legal, or regulatory reasons. We will notify you of any material changes by:

  • Posting the updated policy on this page with a revised effective date
  • Sending you an email notification (if you have provided your email address)

We encourage you to review this Privacy Policy periodically for the latest information on our privacy practices.

15. Contact Us

If you have any questions, concerns, or complaints about this Privacy Policy or our data practices, please contact us:

Chronicles Expedition
Email: privacy@chroniclesexpedition.com

You also have the right to lodge a complaint with your local data protection authority if you believe we have not handled your personal data in accordance with applicable laws.

16. Supervisory Authority

If you are in the European Union and wish to lodge a complaint, you may contact your local supervisory authority. In the UK, this is the Information Commissioner's Office (ICO):

Website: ico.org.uk
Phone: 0303 123 1113