+44 7888 867671

GDPR Compliance

At Endemic Explorer we are committed to protecting the privacy and security of our customers’ personal data. This statement outlines how we collect, use, store, and protect your information in compliance with the General Data Protection Regulation (GDPR) (EU) 2016/679.

1. Data Collection

We collect the following personal data from our customers:

  • Names
  • Addresses
  • Email addresses
  • Telephone numbers

Occasionally, we may also collect additional information such as:

  • Travel preferences and choices
  • IP address
  • Food habits and dietary requirements
  • ID card/passport details (if required by travel suppliers)

This information is collected only when provided voluntarily by customers, such as during bookings, inquiries, or newsletter sign-ups.

2. Purpose of Data Collection & Legal Basis

Your personal data is used for the following purposes:

  • To provide and manage the travel services you have requested.
  • To personalize and enhance your experience, including tailoring travel itineraries and meal options.
  • To send newsletters and updates (only if you have explicitly opted in).
  • To improve our services and customer experience.

We process your personal data based on the following legal grounds under GDPR:

  • Contractual necessity – To fulfill your bookings and deliver services.
  • Legitimate interests – To improve customer experience and operations.

Consent – For newsletters, marketing communications, and optional services.

3. Data Storage and Security

Your personal data is securely stored and managed using:

  • Zoho CRM – For customer relationship management.
  • Google Platforms – For data storage and processing.

We implement appropriate technical and organizational measures to ensure the security and confidentiality of your data.

Data Breach Notification Policy

In the event of a data breach that affects your personal data, we will notify you and relevant authorities in compliance with GDPR obligations.

4. Your Rights Under GDPR

As a data subject, you have the following rights under GDPR:

  • Right to Access – You can request a copy of the personal data we hold about you.
  • Right to Rectification – You can request corrections to any inaccurate or incomplete data.
  • Right to Erasure – You can request the deletion of your personal data, subject to legal obligations.
  • Right to Restrict Processing – You can request restrictions on how we process your data.
  • Right to Data Portability – You can request a transfer of your data to another service provider.
  • Right to Object – You can object to the processing of your data for specific purposes, such as marketing.
  • Right to Withdraw Consent – If you have provided consent for specific processing (e.g., newsletters), you can withdraw it at any time.

To exercise any of these rights, please contact us at [insert contact email].

5. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, or as required by law. Once the retention period expires, your data will be securely deleted or anonymized.

6. International Data Transfers

Some of our service providers, such as Google and Zoho CRM, may process data outside the EU/EEA. In such cases, we ensure compliance with GDPR by implementing:

  • Standard Contractual Clauses (SCCs) approved by the European Commission.

Other appropriate safeguards to protect your data.

7. Third-Party Sharing (Hotels, Tour Guides & Service Providers)

To fulfill your booked services, we share essential personal data with third-party travel suppliers such as:

  • Hotels and lodges for accommodation reservations.
  • Tour guides and operators for excursions and activities.
  • Transport providers (e.g., car rentals, airport transfers).

The personal information shared may include:

  • Name
  • Contact details (email & phone)
  • ID card or passport details (if required by the supplier)
  • Travel preferences

By accepting our data-sharing terms, you authorize us to transfer the above-mentioned details to the relevant travel suppliers who will be delivering your purchased tours and services. These suppliers are responsible for their own GDPR compliance and will process your data in accordance with their policies.

8. Newsletter Opt-In

If you have opted in to receive our newsletter, we will use your email address to send you updates and promotional materials. You can unsubscribe at any time by clicking the “unsubscribe” link in the newsletter or by contacting us directly.

9. Cookies and Tracking Technologies

Our website may use cookies to enhance user experience and analyze website traffic. For details on how we use cookies and tracking technologies, please refer to our [Cookie Policy]. You can manage your cookie preferences at any time.

10. Contact Us

If you have any questions or concerns about how we handle your personal data, or if you wish to exercise your GDPR rights, please contact us at:

11. Updates to This Statement

We may update this GDPR Compliance Statement from time to time to reflect changes in our practices or legal requirements. Any updates will be posted on this page, and we encourage you to review this statement periodically.

COMPANY

POLICIES AND LEGAL

Get In Touch

Logos Endemic Explorer Icon White-03

Find your next adventure

Endemic Explorer’s newsletter is packed with inspiration for your next trip.

Registered Office: Endemic Explorer LTD 71-75 Shelton St, Covent Garden London WC2H 9JQ, United Kingdom , Tel : +44 7888867671

Back-end Office: Endemic Ventures LLP, Floor-10, Nippon Q1 Mall, NH 66, Palarivattom, Kochi, KL INDIA 682028 , Tel : +91 9526833322

Facebook Youtube Instagram Linkedin

Copyright © 2014-2025 Endemic Explorer | All Rights Reserved

TALK TO EXPErT