Privacy Policy

1. Introduction
Madadays Ltd. (“we,” “us,” or “our”) is committed to protecting the privacy and security of your personal information. This Privacy Policy describes how we collect, use, and share your personal data when you use our services, including our website, booking services, and related activities.

2. Data Controller
Madadays Ltd., SC808201 10/5 Dryden St, EH7 4PR, UK, is the data controller responsible for your personal data.

3. Information We Collect
We collect personal information from you when you:
– Make a booking: This includes your name, contact details, payment information, and travel preferences.
– Contact us: This includes your name, contact details, and the content of your communication.
– Use our website: We may collect information about your browsing activity, such as your IP address and cookies.
– Provide feedback or reviews: We collect your name and the content of your feedback.
– Disclose accessibility requirements or health conditions.

4. How We Use Your Information
We use your personal information for the following purposes and lawful bases:
– To process and manage your bookings and travel arrangements (Contract).
– To communicate with you regarding your bookings and provide customer support (Contract/Legitimate Interest).
– To share necessary information with our freelance guides and service providers for the execution of your booked activities (Contract).
– To process payments securely through Stripe (Contract/Legal Obligation).
– To comply with legal and regulatory obligations (Legal Obligation).
– With your consent, to send you marketing communications about our products and services (Consent).
– To assess and accommodate accessibility needs (Legitimate Interest/Contract).
– To respond to your inquiries and feedback (Legitimate Interest).
– To improve our website and services (Legitimate Interest).

5. Data Sharing
We may share your personal information with:
– Our freelance guides and service providers who are essential for delivering the tours and activities you have booked.
– Third-party payment processors (e.g., Stripe) to facilitate secure payments.
– Regulatory authorities or law enforcement agencies when required by law.
– Third party processors, for example, cloud storage providers.
– Other third parties with your explicit consent.

6. Data Security
We implement appropriate technical and organizational measures to protect your personal data from unauthorized access, disclosure, alteration, and destruction. We use secure servers and encryption to protect your data.

7. Data Retention
We retain your personal data only for as long as necessary for the purposes for which it was collected or as required by law.

8. Your Rights Under GDPR
Under the General Data Protection Regulation (GDPR), you have the following rights:
– Right to Access: You can request a copy of the personal data we hold about you.
– Right to Rectification: You can ask us to correct inaccurate or incomplete personal data.
– Right to Erasure (“Right to be Forgotten”): You can ask us to delete your personal data in certain circumstances.
– Right to Restriction of Processing: You can ask us to limit how we use your personal data.
– Right to Data Portability: You can request a copy of your personal data in a portable format.
– Right to Object: You can object to our processing of your personal data in certain circumstances.
– Right to Withdraw Consent: If we rely on your consent, you can withdraw it at any time.
– Right to Complain to the ICO: You have the right to lodge a complaint with the Information Commissioner’s Office (ICO), the UK’s data protection regulator.

9. Marketing Communications
We will not send you marketing communications about our products and services without your consent. You can withdraw your consent at any time by contacting us or by using the unsubscribe link in our marketing emails.

10. Cookies
Our website uses cookies to enhance your browsing experience. Please refer to our Cookie Policy [Link to Cookie Policy] for detailed information on the types of cookies we use and how you can manage your preferences.

11. International Data Transfers
If we transfer your personal data outside the UK, we will ensure appropriate safeguards are in place, such as standard contractual clauses or adequacy decisions, to protect your data.

12. Third-Party Links
Our website may contain links to third-party websites. We are not responsible for the privacy practices of these websites.

13. Children’s Privacy
Our services are not intended for children under the age of 16. We do not knowingly collect personal information from children under 16. If we become aware that we have collected personal information from a child under 16, we will take steps to delete it.

14. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. We will notify you of any significant changes by posting the new policy on our website.

15. Contact Us
If you have any questions or concerns about this Privacy Policy or our data protection practices, or to exercise your rights, please contact us at:
Madadays Ltd.
10/5 Dryden St, EH7 4PR, UK
+44 7441 118844
info@madaday.com
www.madadays.com