Maricm Travel

Privacy Policy

Last updated: August 27, 2025

This Privacy Policy explains how Maricm Travel collects, uses, stores, and protects your personal data when you visit or interact with our website and services. It is written in clear, plain English. If you have any questions or want to exercise your rights, contact us using the details below.

1. Who we are — data controller

Company name: Maricm Travel
Address: 8 rue de la Bareyre, 43320 Saint Jean de Nay, France
Email: [email protected]
Phone: +33 6 44 66 58 20

Maricm Travel is the data controller for the personal data processed under this policy.

2. Scope & purpose

This policy covers personal data collected:

  • when you contact us (contact form, email, phone),
  • when you request or book travel services through us,
  • when you browse our website (cookies, analytics),
  • when you sign up to receive emails from us.

We use your data to:

  • respond to enquiries and provide customer support;
  • process and manage bookings, payments, and travel documents (e-tickets, vouchers);
  • send transactional communications related to bookings (confirmations, receipts, itinerary, cancellations);
  • send marketing communications only with your consent;
  • comply with legal, tax and accounting obligations;
  • improve and secure our website and services (analytics, fraud prevention).

3. Legal basis for processing

We rely on the following legal bases under the GDPR:

  • Contract performance: processing necessary to perform a booking or provide services you requested (e.g., booking confirmation, itinerary delivery).
  • Consent: for marketing emails, newsletters, and non-essential cookies. You can withdraw consent at any time.
  • Legal obligation: when we must retain data for compliance with tax, accounting, or safety rules.
  • Legitimate interests: for fraud prevention, site security, and improving our services (we balance these interests against your rights).

4. What personal data we collect

Contact & identification

  • Name, email address, phone number, postal address.

Booking and travel data

  • Trip details (dates, destination, accommodation, passenger names), payment details (transaction reference — note: we do NOT store full card numbers), travel preferences.

Technical & website data

  • IP address, browser and device information, pages visited, cookies and analytics identifiers.

Customer service

  • Messages, notes from calls, and any documents you upload.

5. How long we keep your data

We keep personal data only as long as necessary for the purpose collected and in line with legal obligations:

  • Contact enquiries: typically retained for up to 3 years unless you request deletion sooner.
  • Booking records & invoices: retained as required by law for accounting/tax purposes (typically up to 10 years); booking-related data may be kept for customer service and liability reasons for a similar period.
  • Marketing consents: retained while you remain subscribed or until you withdraw consent.
  • Website analytics: aggregated/anonymised after a short period; raw logs retained for a limited time for security.

(Please note: retention times may be adjusted to meet specific legal obligations. Contact us if you need a precise retention schedule.)

6. Cookies & similar technologies

We use cookies to run the site and improve your experience. Some cookies are strictly necessary; others are for analytics or advertising and are only used with your consent via our cookie banner. For details see our Cookie Policy: {cookie_policy_url}.

You can manage cookie preferences via the banner or your browser settings.

7. Third parties & processors

We may share data with third-party processors to provide services, including (examples — update as needed):

  • Website host and platform (WordPress hosting provider)
  • Payment processors (when you pay online)
  • Email provider (e.g., Amazon SES or other SMTP service for transactional emails)
  • Travel suppliers (hotels, airlines, activity operators) to fulfill bookings
  • Analytics providers (e.g., Google Analytics)
  • Legal or regulatory authorities if required by law

Where personal data is transferred outside the EU/EEA, we ensure appropriate safeguards (EU Standard Contractual Clauses or other legal mechanisms) are in place.

Important: you should update this section in admin to list the exact service providers you use.

8. Your rights under the GDPR

You have the right to:

  • Access the personal data we hold about you.
  • Rectify inaccurate or incomplete data.
  • Erase your data (“right to be forgotten”) where legal grounds allow.
  • Restrict processing in certain circumstances.
  • Object to processing based on legitimate interests or for direct marketing.
  • Data portability — receive your data in a structured, machine-readable format.
  • Withdraw consent at any time for processing based on consent.

To exercise any right, contact us at [email protected] or by post to the address above. We will respond within statutory timeframes.

If you are not satisfied with our response, you may lodge a complaint with the CNIL (Commission Nationale de l’Informatique et des Libertés) in France.

9. Marketing & emails

We only send marketing emails where you have given consent. All marketing emails include an unsubscribe link or clear instructions to stop receiving messages. Transactional emails required to manage your booking (confirmations, receipts, itineraries, safety notices) are sent on the basis of contract performance and legitimate interest and do not require separate consent.

If you wish to unsubscribe or manage preferences, follow the link in any email or contact us at [email protected].

10. Security

We implement reasonable technical and organisational measures to protect personal data (access controls, encrypted transmission for forms, regular security updates). However, no method of transmission over the internet is completely secure. If you believe your data has been compromised, contact us immediately.

11. Children

Our services are not intended for children under 16. We do not knowingly collect personal data from minors. If you believe we have collected such data, contact us to request deletion.

12. Automated decision-making & profiling

We do not carry out automated decision-making or profiling that produces legal or similarly significant effects on you.

13. Changes to this policy

We may update this policy to reflect changes in our practices or legal requirements. We will publish the revised policy on this page with an updated “Last updated” date.

14. How to contact us / make a request

Maricm Travel
17 Cr Gambetta, 69003 Lyon
Email: [email protected]
Phone: +33 6 44 66 58 20

For data protection concerns, you may also contact the CNIL: https://www.cnil.fr (or your local supervisory authority).