Privacy Policy

Last updated: April 2026

1. Who We Are

Danescapes is a Malta-based group travel company operated by Daniela and Antoni. We are committed to protecting your personal data and respecting your privacy. This Privacy Policy explains how we collect, use, store, and share your information when you visit our website or book a trip with us.

For any privacy-related enquiries, you can reach us at info@danescapes.com.mt.

2. Information We Collect

2.1 Information You Provide

When you book a trip or interact with us, we may collect:

• Contact details: full name, email address, phone number
• Guest details: names and email addresses of additional travellers in your booking
• Booking details: trip selection, room preferences, add-ons, number of guests
• Payment information: processed securely via Stripe — we do not store your card details
• Communications: messages you send us via email or social media

2.2 Information Collected Automatically

When you visit our website, we may automatically collect:

• IP address and approximate location
• Browser type and device information
• Pages visited and time spent on our website
• Referring website or link

3. How We Use Your Information

We use the information we collect to:

• Process bookings: confirm reservations, process payments, manage your trip
• Communicate with you: send booking confirmations, trip updates, departure information, and post-trip follow-ups
• Manage guest lists: coordinate with accommodation and activity providers at your destination
• Improve our services: analyse website usage to enhance user experience
• Marketing: send newsletters and trip announcements (only with your consent — you can unsubscribe at any time)
• Legal obligations: comply with applicable laws and regulations

4. Legal Basis for Processing (GDPR)

We process your personal data based on the following legal grounds:

• Contractual necessity: to fulfil our booking agreement with you
• Consent: for marketing communications and newsletter subscriptions
• Legitimate interest: to improve our services and website experience
• Legal obligation: to comply with tax, accounting, and other regulatory requirements

5. How We Share Your Information

We do not sell, rent, or trade your personal information. We may share your data with the following parties, solely for the purpose of delivering our services:

• Stripe: for secure payment processing (PCI DSS compliant)
• Accommodation providers: your name and relevant details for hotel reservations
• Transport and activity providers: as needed to operate your trip
• Email service providers: to send booking confirmations and newsletters

All third parties are contractually required to protect your data and use it only for the specified purpose.

6. Data Retention

We retain your personal data for the following periods:

• Booking data: for 3 years after your trip, for accounting and legal purposes
• Newsletter subscribers: until you unsubscribe
• Website analytics: anonymised data retained indefinitely

After the retention period, your data will be securely deleted or anonymised.

7. Cookies

Our website uses only essential cookies required for the website to function properly (e.g., session management, authentication). We do not use advertising or tracking cookies.

You can control cookies through your browser settings. Disabling essential cookies may affect website functionality.

8. Your Rights (GDPR)

Under the General Data Protection Regulation (GDPR), you have the following rights regarding your personal data:

• Right of access: request a copy of the personal data we hold about you
• Right to rectification: request correction of inaccurate or incomplete data
• Right to erasure: request deletion of your data ("right to be forgotten")
• Right to restrict processing: request that we limit how we use your data
• Right to data portability: receive your data in a structured, machine-readable format
• Right to object: object to processing based on legitimate interest or for marketing purposes
• Right to withdraw consent: withdraw consent at any time for consent-based processing

To exercise any of these rights, please contact us at info@danescapes.com.mt. We will respond within 30 days.

9. Data Security

We implement appropriate technical and organisational measures to protect your personal data, including:

• HTTPS encryption on all pages
• Secure payment processing via Stripe
• Access controls limiting who can view personal data
• Regular review of our security practices

While we take every reasonable precaution, no method of transmission over the internet is 100% secure. We cannot guarantee absolute security of your data.

10. International Transfers

Your data may be processed outside of the European Economic Area (EEA) when shared with destination partners. In such cases, we ensure appropriate safeguards are in place in accordance with GDPR requirements.

11. Children's Privacy

Our services are not directed at children under 16. We do not knowingly collect personal data from children under 16 without parental consent. If you believe we have collected data from a child, please contact us immediately.

12. Changes to This Policy

We may update this Privacy Policy from time to time. Any changes will be posted on this page with an updated "Last updated" date. We encourage you to review this page periodically.

13. Complaints

If you are not satisfied with how we handle your data, you have the right to lodge a complaint with the Information and Data Protection Commissioner (IDPC) in Malta:

• Website: idpc.org.mt
• Email: idpc.info@idpc.org.mt

14. Contact Us

For any questions about this Privacy Policy or your personal data:

• Email: info@danescapes.com.mt
• Website: www.danescapes.com