Privacy Policy

Overview

This Privacy Policy statement explains how Travel Through Maldives uses personal information collected through travelthroughmaldives.com. Please note that the following information is used solely to provide you with extremely satisfactory service.

Data Controller Information

Legal Basis

• • Consent - Processing data based on your explicit consent
• • Contract Performance - To fulfill our contractual obligations to you
• • Legitimate Interest - For our legitimate business interests
• • Legal Obligation - To comply with applicable laws and regulations

Personal Information We Collect

• • Contact information such as name, email address, mailing address, phone number
• • Demographic information (age, gender, personal interests)
• • Names of other guests staying at the property during your stay
• • Automatically collected information (IP address, browser type, referrer/exit pages, and operating system)

How We Use Your Personal Information

• • To confirm guest reservations
• • To provide necessary feedback for customer requests
• • To improve our marketing efforts and keep guests informed of latest offers
• • To provide responses to specified matters

Data Retention Period

We retain your personal information only for as long as necessary to fulfill the purposes for which it was collected:

• • Booking information: Retained for 7 years after travel completion (tax and financial record requirements)
• • Marketing data: Retained until you withdraw consent or unsubscribe
• • Analytics data: Retained for 2 years
• • Cookie data: 1 day to 2 years depending on cookie type

Data Security and Information Protection

We are responsible for the data and information saved in our servers. Therefore, we have an obligation to protect their security. Your information will not be sold or transferred to any third party unless you consent. (This does not include trusted third parties who work closely with us to maintain the website, conduct our activities, or serve our guests. Your private data and information may be disclosed to support any legal proceedings, but only when required by law. Additionally, when in accordance with the law, your data and information may be disclosed for the purpose of protecting the rights and safety of others.)

Third-Party Service Providers

We may share your data with the following third parties:

• • Resort partners - For booking confirmation
• • Payment processors - For transaction processing
• • Analytics service providers - For website optimization
• • Marketing service providers - For personalized marketing

International Data Transfers

Your data may be transferred to countries outside the EU/EEA. We ensure all international data transfers are protected by appropriate safeguards, including:

• • Adequacy decisions
• • Standard contractual clauses
• • Certification mechanisms

Marketing Technologies and Data Collection

To improve our marketing efforts, technologies such as cookies, web beacons, or scripts may be used to collect information solely for understanding website interactions. For example, we will understand how many users visit specific areas or features within our website and which links or advertisements they click. These types of data and information help understand website usage and specific needs represented by visitors, and develop our marketing efforts while presenting expected interests to guests. (Clicking advertisements, etc.)

Cookie Categories

• • Necessary cookies - Required for basic website functionality
• • Analytics cookies - To understand website usage

You can manage cookie preferences through browser settings

Your Rights

Under applicable data protection laws, you have the following rights:

• • Right of Access - To know details about how we process your personal data
• • Right of Rectification - To request correction of inaccurate personal data
• • Right to Erasure - To request deletion of your personal data
• • Right to Restriction - To restrict how we process your data
• • Right to Data Portability - To receive your data in a structured format
• • Right to Object - To object to data processing based on legitimate interests
• • Right to Withdraw Consent - To withdraw your consent at any time
• • Right to Complain - To lodge a complaint with supervisory authorities

Automated Decision Making

We do not make decisions with legal or significant effects on you based solely on automated processing. If such processing is used in the future, we will ensure appropriate safeguards.

Data Security Measures

We implement appropriate technical and organizational measures to protect your personal data:

• • Data encryption in transit and at rest
• • Access controls and authentication
• • Security monitoring and logging
• • Employee data protection training

Data Breach Notification

In the event of a data breach, we will notify relevant supervisory authorities within 72 hours and affected individuals where appropriate.

Children's Privacy

Our services are not directed to children under 13. If we discover we have collected personal information from a child under 13, we will delete it immediately.

Policy Changes

We may update this Privacy Policy from time to time. Material changes will be notified to you via website notice or email.