top of page
1.png
  • black-instagram-logo-3497
  • Facebook
  • Pinterest
  • youtube-141
  • twitter-logo-black-outline-20846

Privacy Policy

Effective Date: 01/01/2025
Last Updated: 02/13/2025

Introduction

Welcome to Korsara Travel Co. ("Company," "we," "our," or "us"). Your privacy is important to us, and we are committed to protecting it. This Privacy Policy outlines how we collect, use, disclose, and safeguard your personal information when you visit our website, [korsaratravelco.com], or interact with our services.

This policy complies with the Florida Digital Bill of Rights (FDBR), California Online Privacy Protection Act (CalOPPA), Children's Online Privacy Protection Act (COPPA), CAN-SPAM Act, applicable U.S. federal laws, and other relevant data protection regulations, including international laws where applicable (such as GDPR for European visitors).

By using our website and services, you consent to the terms of this Privacy Policy. If you do not agree, please do not use our website or services.

Information
We Collect

We collect personal and non-personal information to enhance our services, process transactions, and improve user experiences.

1. Personal Information (PII)

We may collect the following types of personally identifiable information:

  • Contact Information: Name, email address, phone number, mailing address

  • Booking Information: Travel preferences, accommodation details, passport details (for bookings requiring travel documents)

  • Payment Information: Credit card details (processed securely via third-party payment processors), billing address

  • User Account Data: Login credentials, profile details

  • Communication Data: Messages, inquiries, and customer support interactions

2. Non-Personal Information (Non-PII)

  • Device Information: IP address, browser type, operating system

  • Usage Data: Page visits, referral sources, time spent on pages

  • Cookies & Tracking Technologies: Web beacons, pixels, and analytics data

How We Collect Your Information

We collect information through:

  • Direct interactions: When you fill out forms, book travel, contact support, or subscribe to newsletters.

  • Automated tracking technologies: Cookies, Google Analytics, and similar tools.

  • Third-party integrations: Payment processors, marketing platforms, and affiliate networks.

You may control cookie preferences through your browser settings.

How We Use
Your Information

We use your information to:

  • Process bookings and provide travel services.

  • Communicate updates, special offers, and travel-related insights.

  • Improve our website, marketing, and customer experience.

  • Ensure compliance with legal obligations and protect against fraud.

Marketing & Opt-Out

We may send promotional emails. You can opt-out anytime by clicking "unsubscribe" in our emails or contacting us at escape@korsaratravelco.com.

How We Share
Your Information

To provide our services, we share personal data with select third parties under strict confidentiality agreements. We do not sell or trade personal information.

 

The categories of third parties with whom we share data include:

  • Travel Partners & Suppliers: Airlines, hotels, tour operators, and other travel service providers receive only the necessary booking details to process reservations.

  • Payment Processors: Trusted third-party payment gateways (e.g., Stripe, PayPal) securely handle payment transactions; we do not store credit card information on our servers.

  • Marketing & Analytics Providers: We work with platforms such as Google Analytics, Meta Ads, and email marketing services to understand user behavior and deliver targeted offers. Users can manage their marketing preferences at any time.

  • Legal & Compliance Entities: If required by law, we may share data with government authorities, regulatory bodies, or legal advisors to comply with legal obligations or protect our rights.

We take measures to ensure that all third-party partners adhere to strict data protection standards and contractual safeguards.

Your Privacy Rights

Under the Florida Digital Bill of Rights (FDBR) and applicable laws, you have the right to:

  • Access & Portability: Request a copy of the data we hold about you.

  • Correction: Request corrections to inaccurate data.

  • Deletion (Right to be Forgotten): Request deletion of your data (subject to exceptions).

  • Opt-Out of Data Sharing: Opt out of targeted advertising, profiling, or sales (we do not sell data, but you may opt out of marketing).

  • Limit Use of Sensitive Information: Restrict processing of personal data used for specific purposes.

To exercise your rights, contact us at escape@korsaratravelco.com. We will verify your request before processing it.

Data Security & Retention

We implement industry-standard security measures to protect your data, including encryption, secure servers, and access controls.

  • Breach Notification: In the event of a data breach, we will notify affected users as required by law.

We retain personal data only as long as necessary to fulfill the purposes outlined in this Privacy Policy. The retention periods for different categories of personal data are as follows:

  • Booking & Transaction Data: Retained for 7 years to comply with financial, accounting, and legal obligations, as well as fraud prevention.

  • Personal Contact Information: Retained for 3 years after the last interaction with Korsära Travel Co., unless a request for deletion is received.

  • Marketing & Communication Data: Retained indefinitely until the user opts out of communications or requests deletion.

  • Technical & Analytics Data: Retained for 12 months for website optimization, security, and user experience improvements.

When data is no longer needed, it is securely deleted or anonymized. Users may request early deletion of their data by contacting [Insert Contact Email], subject to legal and regulatory requirements.

Cookies & Tracking Technologies

Our website uses cookies and similar tracking technologies to enhance user experience and improve site performance. Cookies are small data files stored on your device that allow us to recognize your browser and remember preferences.

Types of Cookies We Use:

  1. Essential Cookies: Required for website functionality, including secure logins and transaction processing.

  2. Performance & Analytics Cookies: Used to analyze site traffic, visitor behavior, and improve usability (e.g., Google Analytics).

  3. Marketing & Advertising Cookies: Help deliver personalized ads and measure campaign effectiveness (e.g., Facebook Pixel, Google Ads).

  4. Functionality Cookies: Store user preferences, such as language and region, for a more personalized experience.

Managing Cookies

Users can modify cookie settings through their browser preferences. Disabling certain cookies may impact website functionality. To opt out of third-party tracking, visit:

  • Google Analytics Opt-Out

  • Network Advertising Initiative Opt-Out

Third-Party Links & Services

Our website may contain links to third-party sites. We are not responsible for their privacy practices. Please review their policies before providing any data.

International Data Transfers (GDPR Considerations)

For users outside the U.S., your data may be processed in the United States. By using our services, you consent to this transfer.

If you are an EU/UK resident, you have additional rights under GDPR, including:

  • The right to restrict processing.

  • The right to object to automated decision-making.

To exercise these rights, contact escape@korsaratravelco.com.

Children’s Privacy

Our website is not intended for children under 13. We do not knowingly collect data from minors. If you believe a child has provided personal data, contact us for deletion.

California Online Privacy Protection Act (CalOPPA)

We comply with CalOPPA by:

  • Allowing users to visit our site anonymously.

  • Providing a link to our privacy policy on our homepage or on the first significant page after entering our website.

  • Including the word “Privacy” in our policy link, which is easily found on the page specified above.

  • Notifying users of any privacy policy changes on our Privacy Policy Page.

  • Allowing users to change their personal information by emailing us, logging into their account, chatting with us, or sending a support ticket.

  • Honoring Do Not Track (DNT) signals and not using advertising when a DNT browser mechanism is in place.

  • Allowing third-party behavioral tracking.

Children's Online Privacy Protection Act (COPPA)

We comply with COPPA by:

  • Not marketing to children under the age of 13.

  • Ensuring parental control over the collection of personal information from children under the age of 13.

Fair Information Practices

We comply with the Fair Information Practices by:

  • Notifying users via email within 1 business day in the event of a data breach.

  • Agreeing to the Individual Redress Principle, which allows individuals to legally pursue enforceable rights against data collectors and processors who fail to adhere to the law.

CAN-SPAM Act

We comply with the CAN-SPAM Act by:

  • Not using false or misleading subjects or email addresses.

  • Identifying messages as advertisements in a reasonable way.

  • Including the physical address of our business or site headquarters.

  • Monitoring third-party email marketing services for compliance.

  • Honoring opt-out/unsubscribe requests quickly.

  • Allowing users to unsubscribe by using the link at the bottom of each email.

Google

Google’s advertising requirements can be summed up by Google’s Advertising Principles. They are put in place to provide a positive experience for users.

Google Advertising Principles

We use Google AdSense Advertising on our website. Google, as a third-party vendor, uses cookies to serve ads on our site. Google’s use of the DART cookie enables it to serve ads to our users based on previous visits to our site and other sites on the Internet. Users may opt out of the use of the DART cookie by visiting the Google Ad and Content Network privacy policy.

We have implemented the following:

  • Demographics and Interests Reporting: We, along with third-party vendors such as Google, use first-party cookies (such as the Google Analytics cookies) and third-party cookies (such as the DoubleClick cookie) or other third-party identifiers together to compile data regarding user interactions with ad impressions and other ad service functions as they relate to our website.

Opting out

Users can set preferences for how Google advertises to you using the Google Ad Settings page. Alternatively, you can opt out by visiting the Network Advertising Initiative Opt-Out page or by using the Google Analytics Opt-Out Browser add-on.

User Generated Content

We encourage users to share content such as reviews, comments, or photos. By submitting content, you grant us a non-exclusive, royalty-free, perpetual, and worldwide license to use, modify, and display your content in connection with our services. We reserve the right to monitor and remove any user-generated content that violates our terms or policies.

Social Media Integration

Our website may include social media features and widgets (e.g., the Facebook "Like" button). These features may collect your IP address and the page you are visiting and may set a cookie to enable the feature to function properly. Social media features and widgets are either hosted by a third party or directly on our website. Your interactions with these features are governed by the privacy policy of the company providing them.

Privacy for Specific Services

Some of our services may have specific privacy practices due to the nature of the service. These specific practices will be detailed at the point of data collection.

Mobile App Privacy

If you use our mobile app, this section explains how we handle your personal information via the app. We may collect the following information from our mobile app users:

  • Device Information: IP address, device type, operating system, and mobile network information.

  • Location Data: If you grant permission, we may collect your location data to provide location-based services and offers.

  • App Usage Data: Information about how you interact with the app, such as features used and time spent on the app.

We use this information to provide app functionality, improve our services, and offer personalized recommendations. You can manage your privacy preferences and permissions through your device settings.

Data Anonymization and Aggregation

We may anonymize and aggregate personal data to create statistical or analytical data. This data is used for research, business intelligence, and improving our services. Anonymized data does not identify individual users and is not considered personal data under applicable laws.

Legal Basis for Processing (for GDPR compliance)

For users in the European Union (EU) and the United Kingdom (UK), our legal basis for processing your personal data is as follows:

  • Consent: When you have given explicit consent for processing (e.g., for marketing communications).

  • Performance of a Contract: When processing is necessary for the performance of a contract (e.g., processing bookings).

  • Legal Obligation: When processing is necessary to comply with a legal obligation.

  • Legitimate Interests: When processing is necessary for our legitimate interests, provided these are not overridden by your rights and interests (e.g., fraud prevention).

Automated Decision Making

We may use automated decision-making processes, including profiling, to provide our services efficiently. These processes may include:

  • Fraud detection and prevention.

  • Personalized marketing and recommendations.

  • Booking and reservation management.

You have the right to opt out of automated decision-making processes that have a significant impact on you. To exercise this right, contact us at escape@korsaratravelco.com.

Privacy Notice for Specific Groups

We may have additional privacy notices tailored to specific groups, such as:

  • Job Applicants: Information collected during the recruitment process, such as resumes, interview notes, and background checks.

  • Contractors: Information collected for contractor management and compliance purposes.

  • Business Partners: Information collected for business relationship management and communication.

International Users

If you are accessing our services from outside the United States, please be aware that your information may be transferred to, stored, and processed in the United States. By using our services, you consent to this transfer. We will take all necessary measures to ensure that your data is treated securely and in accordance with this Privacy Policy and applicable data protection laws.

Transparency and Accountability

We are committed to transparency and accountability in our data processing activities. This includes:

  • Regularly reviewing and updating our privacy practices and policies.

  • Conducting privacy impact assessments for new projects and services.

  • Training our employees on data protection principles and practices.

User Consent and Preferences

We respect your privacy preferences and provide options to manage your consent. You can:

  • Withdraw Consent: At any time, you can withdraw your consent for specific processing activities (e.g., marketing communications).

  • Manage Cookies: Adjust your browser settings to manage cookie preferences.

  • Opt-Out of Marketing: Unsubscribe from marketing emails or contact us to update your communication preferences.

Rights of California Residents (CCPA)

If you are a resident of California, you have the following rights under the California Consumer Privacy Act (CCPA):

  • Right to Know: Request information about the categories and specific pieces of personal data we have collected about you.

  • Right to Delete: Request the deletion of your personal data, subject to certain exceptions.

  • Right to Opt-Out: Opt out of the sale of your personal data (we do not sell personal data).

  • Right to Non-Discrimination: Exercise your privacy rights without facing discrimination.

To exercise your CCPA rights, contact us at escape@korsaratravelco.com. We will verify your request before processing it.

Cookie Policy

We use cookies and similar tracking technologies to enhance your experience on our website. This section provides detailed information about our use of cookies.

What Are Cookies?

Cookies are small text files placed on your device when you visit a website. They help us recognize your device and remember your preferences.

Types of Cookies We Use

  • Essential Cookies: Necessary for website functionality and cannot be disabled.

  • Performance & Analytics Cookies: Collect information about how you use our website to improve performance.

  • Marketing Cookies: Track your browsing habits to deliver personalized advertising.

Managing Cookies

You can control cookies through your browser settings. Note that disabling cookies may affect the functionality of our website.

Data Protection Officer

We have appointed a Data Protection Officer (DPO) responsible for overseeing our data protection strategy and compliance. If you have any questions or concerns about our data practices, you can contact our DPO at escape@korsaratravelco.com.

Privacy Shield Framework

We comply with the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework for data transfers between the EU, Switzerland, and the United States. We commit to adhering to the Privacy Shield Principles for all personal data received from the EU and Switzerland.

International Data Transfers

For users outside the U.S., your data may be processed in the United States. By using our services, you consent to this transfer. We will take all necessary measures to ensure that your data is treated securely and in accordance with this Privacy Policy and applicable data protection laws.

Rights of International Users (GDPR)

If you are an EU/UK resident, you have additional rights under GDPR, including:

  • The right to access: Request a copy of the data we hold about you.

  • The right to rectification: Request corrections to inaccurate or incomplete data.

  • The right to erasure: Request deletion of your data (subject to exceptions).

  • The right to restrict processing: Request restrictions on how we use your data.

  • The right to data portability: Request your data in a structured, commonly used, and machine-readable format.

  • The right to object: Object to processing based on legitimate interests or direct marketing.

  • The right to withdraw consent: Withdraw consent for data processing at any time.

To exercise these rights, contact us at escape@korsaratravelco.com. We will verify your request before processing it.

Changes to This Privacy Policy

We may update this policy periodically. The latest version will always be posted on this page with the "Last Updated" date.

We will notify users of significant changes via email or website alerts.

Additional US
State Disclosures

If you are a resident of California, Virginia, or other states with privacy laws, you have additional rights under those state laws. Below are specific disclosures for those states:

1. California Consumer Privacy Act (CCPA)

If you are a resident of California, you have the following rights under the California Consumer Privacy Act (CCPA):

  • Right to Know: You have the right to request information about the categories and specific pieces of personal data we have collected about you, the sources of that data, the purposes for which we use it, and the third parties with whom we share it.

  • Right to Delete: You have the right to request the deletion of your personal data, subject to certain exceptions.

  • Right to Opt-Out: You have the right to opt-out of the sale of your personal data. While we do not sell personal data, this right allows you to opt-out of certain data-sharing practices.

  • Right to Non-Discrimination: You have the right to exercise your privacy rights without facing discrimination in the form of denied services or different pricing.

To exercise your CCPA rights, please contact us at escape@korsaratravelco.com. We will verify your request before processing it.

b. Virginia Consumer Data Protection Act (VCDPA)

If you are a resident of Virginia, you have the following rights under the Virginia Consumer Data Protection Act (VCDPA):

  • Right to Access: You have the right to request a copy of the personal data we have collected about you.

  • Right to Correct: You have the right to request corrections to any inaccurate or incomplete personal data we have about you.

  • Right to Delete: You have the right to request the deletion of your personal data, subject to certain exceptions.

  • Right to Data Portability: You have the right to request your personal data in a portable and readily usable format.

  • Right to Opt-Out: You have the right to opt-out of targeted advertising, the sale of personal data, and profiling that produces legal or similarly significant effects.

To exercise your VCDPA rights, please contact us at escape@korsaratravelco.com. We will verify your request before processing it.

c. Additional State Privacy Laws

Residents of other states with specific privacy laws (e.g., Colorado, Connecticut) have rights similar to those outlined in the CCPA and VCDPA. These rights may include:

  • Right to Access: The right to know the personal data collected about you.

  • Right to Correct: The right to request corrections to your personal data.

  • Right to Delete: The right to request the deletion of your personal data, subject to exceptions.

  • Right to Data Portability: The right to request your personal data in a portable format.

  • Right to Opt-Out: The right to opt-out of data-sharing practices, including targeted advertising and the sale of personal data.

To exercise your rights under these state laws, please contact us at escape@korsaratravelco.com. We will verify your request before processing it.

Contact Us

For privacy-related questions, data requests, or concerns, contact us at:

bottom of page