Risper Travel Tours logo
Risper Travel Tours
Privacy & Data Protection

Privacy Policy

This Privacy Policy explains how Risper Travel Tours collects, uses, shares, and protects your personal data when you interact with us as a traveler, partner agency, or corporate client.

Last updated:

This document is provided for information purposes and does not constitute legal advice. Depending on your country of residence, additional rights may be granted under applicable data protection laws (for example, the GDPR in the European Economic Area).

1. Who we are

“Risper Travel Tours” refers to the legal entity operating as a travel agency, tour operator, and destination management company (“DMC”) that organizes and sells your trip, provides local ground-handling services, and operates this website.

In this Privacy Policy, “we”, “us”, and “our” refer to Risper Travel Tours. “You” refers to any person whose personal data we process, including travellers, group leaders, corporate contacts, partner agencies, suppliers, and website visitors.

2. Personal data we may collect

The type of personal data we collect depends on how you interact with us and what services you request. It may include:

  • Contact data: name, email address, phone number, postal address, emergency contact details.
  • Booking information: travel dates, itinerary details, accommodation preferences, room type, meal preferences, and services requested.
  • Identification and document details: passport information, nationality, date of birth, visa details and, where required, copies of identification documents for travel or regulatory purposes.
  • Sensitive / special categories of data: certain information such as dietary restrictions, mobility or accessibility needs, or relevant medical conditions may be collected only where necessary to provide the requested travel services and with your explicit consent, where required by law.
  • Payment and billing information: details needed to process payments and issue invoices. Card payments are usually handled through trusted payment providers and we do not store full card numbers.
  • Corporate & partner data: contact details of travel agents, tour operators, and corporate clients, as well as contract and communication history.
  • Website & communication data: data about how you use our website (pages visited, device information, approximate location), as well as emails, messages, and other communications exchanged with us.

3. How we collect your data

We may collect personal data in different ways, including:

  • When you send us a travel enquiry, request a quotation, or make a booking directly.
  • When you travel as part of a group or through a partner agency that shares your data with us to operate the services.
  • When you subscribe to our newsletter, complete a form, or take part in a survey or promotion.
  • When you communicate with us by email, phone, messaging apps, or social media.
  • Automatically, through cookies and similar technologies when you browse our website (see Section 8 below).

4. Purposes and legal bases for processing

We process personal data only when we have a valid legal basis to do so, such as:

  • Performance of a contract: to answer your enquiries, prepare quotations, confirm bookings, provide travel services, and manage your trip on-site.
  • Compliance with legal obligations: to meet regulatory requirements such as accounting, tax, tourism regulations, safety and security obligations, or requests from public authorities.
  • Legitimate interests: to improve our services, ensure security, manage our relationship with clients and partners, handle complaints, and conduct limited direct marketing to existing customers, where permitted.
  • Consent: in certain situations (for example, sending newsletters to new subscribers or processing sensitive health data for special assistance), we may rely on your explicit consent, which you can withdraw at any time.

5. How we share personal data

To deliver the travel services you request, we may share your data with trusted third parties, strictly on a need-to-know basis:

  • Travel suppliers: airlines, hotels, transport companies, local guides, activity providers, restaurants, event venues, and other suppliers involved in your itinerary.
  • Partner agencies and tour operators: when we act as a DMC on behalf of a foreign travel agency or tour operator, or when another agency acts on our behalf.
  • Service providers: IT, hosting, payment processors, customer relationship tools, email platforms, and other companies that help us run our business. These providers are required to protect your data and use it only according to our instructions.
  • Public authorities: where required by law or legitimate request (e.g. border control, immigration, safety, or health authorities).

We do not sell your personal data. Any sharing for marketing purposes will be based on your consent where required by law.

6. International data transfers

As a travel agency, tour operator, and DMC, we frequently work across borders. This means your personal data may be transferred to and processed in countries different from your country of residence, including destinations where the level of data protection may differ.

Where required by applicable law, we take appropriate safeguards to protect such transfers, for example by using standard contractual clauses, data processing agreements, or transferring data only when necessary to perform the services you have booked.

7. Data retention

We keep personal data only for as long as necessary to fulfil the purposes described in this Privacy Policy, including:

  • to manage your booking and deliver travel services;
  • to comply with legal, accounting, and tax obligations;
  • to handle complaints, disputes, or claims;
  • for a limited period to inform you about similar services you may be interested in, where permitted.

When data is no longer needed, we take steps to securely delete, anonymise, or archive it in accordance with our internal retention rules and legal requirements.

8. Cookies and similar technologies

Our website may use cookies and similar technologies to make the site work properly, remember your preferences, understand how it is used, and improve our services.

Depending on your location, you may be presented with a cookie banner allowing you to accept, refuse, or customise non-essential cookies. You can also usually control cookies through your browser settings. Please note that blocking certain cookies may impact your experience of the site.

9. Data security

We take reasonable technical and organisational measures to protect personal data against accidental or unlawful destruction, loss, alteration, unauthorised disclosure or access. These measures include access controls, staff awareness, secure communications, and the use of reputable hosting and payment providers.

However, no system can be guaranteed to be 100% secure. You are also responsible for taking appropriate precautions, such as using strong passwords and not sharing sensitive information in unsecured channels.

10. Children's data

We may process limited personal data of children when necessary to arrange family trips, school groups, or youth programs, typically through the child's parent, legal guardian, or school representative.

We do not knowingly solicit personal data directly from children for marketing purposes. If you believe that a child has provided personal information to us without appropriate consent, please contact us so that we can take appropriate action.

11. Your data protection rights

Depending on your country of residence and applicable law, you may have some or all of the following rights regarding your personal data:

  • Right of access – to obtain confirmation and a copy of your data.
  • Right to rectification – to correct inaccurate or incomplete data.
  • Right to erasure – to request deletion of data when it is no longer needed or when processing is unlawful.
  • Right to restriction – to limit certain processing in specific circumstances.
  • Right to data portability – to receive data in a structured, commonly used format where processing is based on consent or contract and carried out by automated means.
  • Right to object – to object to certain processing based on legitimate interests, including direct marketing.
  • Right to withdraw consent – where processing is based on your consent, you can withdraw it at any time without affecting the lawfulness of processing before withdrawal.

To exercise any of these rights, please use the contact details provided in Section 13. We may need to verify your identity before responding. You also have the right to lodge a complaint with a competent data protection authority if you believe your rights have been infringed.

12. Changes to this Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, services, or legal requirements. When we make material changes, we will update the “Last updated” date above and, where appropriate, notify you through our website or other communication channels.

We encourage you to review this page periodically to stay informed about how we protect your information.

13. How to contact us

If you have any questions, concerns, or requests regarding this Privacy Policy or our handling of your personal data, you can contact us using the details provided on our contact page.

When contacting us about your data, please include your full name, contact details, and a clear description of your request so we can assist you efficiently.

You may also want to review our General Sales Conditions for information about contractual terms governing bookings and travel services.

← Back to Legal information