Facebook-f Instagram Ti-linkedin
Plan Your Holiday

Privacy Policy

I. Introduction & Scope

Estiaco Holidays (Estiaco Holidays Pvt Ltd and Estiaco Maldives Pvt Ltd) is committed to protecting your privacy. This Privacy Policy outlines how we collect, use, disclose, and safeguard your personal information when you use our website, engage with our services, or communicate with us from anywhere in the world.   

This policy applies to all clients, regardless of their location, and covers both our Sri Lanka and Maldives operations.

II. Information We Collect

We collect the following types of personal information:

  • Contact Information: Name, address, email address, phone number.
  • Travel Information: Passport details, visa information, travel preferences, booking details, dietary requirements, accessibility needs.
  • Payment Information: Credit/debit card details (processed securely through third-party gateways; we do not store these).
  • Technical Information: IP address, browser type, device information, website usage data (cookies and similar technologies).
  • Communication Data: Records of correspondence with us.

We collect this information to process your bookings, provide customer support, improve our services, and comply with legal obligations.

III. How We Use Your Information

We use your personal information for the following purposes:

  • Booking and Service Provision: To process bookings, arrange travel services, and provide customer support.
  • Communication: To send booking confirmations, travel updates, and respond to inquiries.
  • Marketing (with Consent): To send promotional offers, newsletters, and marketing communications (you can opt out at any time).
  • Website Improvement: To analyze website usage and improve our services.
  • Legal Compliance: To comply with legal obligations and respond to legal requests.
  • Supplier Communication: To share necessary information with our suppliers (hotels, airlines, etc.) to fulfill your bookings.

IV. Data Sharing and Disclosure

We may share your personal information with:

  • Third-Party Suppliers: Hotels, airlines, tour operators, and other service providers necessary to fulfill your travel arrangements.
  • Payment Processors: Secure third-party payment gateways for processing payments.
  • Legal Authorities: When required by law or to protect our rights.
  • Marketing Partners (with Consent): For marketing purposes, with your explicit consent.

V. Data Security

We implement robust security measures to protect your personal information, including:

  • Secure Servers: Hosting data on secure servers with restricted access.
  • Encryption (SSL): Encrypting data transmitted over the internet.
  • Access Controls: Limiting access to personal information to authorized personnel.
  • Regular Security Audits: Conducting regular security assessments to identify and mitigate risks.

While we take precautions, no online transmission is entirely secure.

VI. Data Retention

We retain personal information for as long as necessary to fulfill the purposes outlined in this policy, or as required by law.

VII. Cookies and Tracking Technologies

We use cookies and similar technologies to enhance your browsing experience. You can manage your cookie preferences through your browser settings.  

VIII. Your Rights (GDPR and Equivalent Rights)

You have the following rights regarding your personal information:

  • Access: Right to access your personal data.
  • Rectification: Right to correct inaccurate data.
  • Erasure (Right to be Forgotten): Right to delete your data.
  • Restriction of Processing: Right to limit how we use your data.
  • Data Portability: Right to receive your data in a portable format.
  • Objection: Right to object to processing.
  • Withdrawal of Consent: Right to withdraw consent for marketing.

To exercise these rights, please contact us at [Your Email Address].

IX. International Data Transfers

Your personal information may be transferred to and processed in countries outside your own. We implement appropriate safeguards to ensure your data is protected.  

X. Third-Party Links

Our website may contain links to third-party websites. We are not responsible for their privacy practices.

XI. Children's Privacy

We do not knowingly collect personal information from children under 16 without parental consent.

XII. Changes to This Privacy Policy

We may update this policy periodically. We will post the updated policy on our website with the effective date.

XIII. Contact Information

For questions or concerns about this policy, please contact info@estiacoholidays.com

XIV. Legal Compliance

This Privacy Policy is designed to comply with:

  • General Data Protection Regulation (GDPR)
  • Australian Privacy Principles (APPs)
  • California Consumer Privacy Act (CCPA)
  • Any other relevant applicable laws.