1. Introduction
Eindhoven Cycling Tours respects your privacy and handles personal data with care. This privacy policy explains what personal data we collect, why we collect it, how long we keep it, and what rights you have.
If you process personal data, a privacy statement is mandatory, and under the GDPR you must clearly inform people what you do with their data and why.
2. Who we are
Eindhoven Cycling Tours
Website: www.eindhovencyclingtours.com
If you have questions about this privacy policy or about your personal data, you can contact us through the contact page on this website.
3. Personal data we collect
We may collect the following personal data when you book a tour, contact us, or use our website:
- Name
- Email address
- Phone number
- Booking details
- Number of participants
- Messages you send us through forms or email
- Payment status or payment confirmation details
- Technical website data, such as IP address, browser type, and cookies
GDPR applies when a business in the EU processes personal data, and personal data includes information that can identify a person directly or indirectly.
4. Why we collect personal data
We use personal data only when necessary for our services and website.
- To process and manage bookings
- To send booking confirmations and practical tour information
- To answer questions and contact requests
- To improve our website and services
- To meet legal and administrative obligations
Under GDPR, businesses must have a valid reason for processing personal data and must clearly explain the purpose.
5. Legal basis for processing
We process personal data on one or more of the following legal bases:
- Contract: to process your booking and deliver the tour
- Legal obligation: to keep records required for accounting or tax purposes
- Legitimate interest: to manage and improve our business and website
- Consent: where required, for example for optional cookies or marketing messages
GDPR requires a valid legal basis for processing personal data.
6. How long we keep your data
We do not keep personal data longer than necessary.
- Booking and contact data is kept as long as needed to handle the booking or request
- Administrative data may be kept longer where required by law or accounting obligations
- Website analytics data is kept only as long as useful for website insights
GDPR requires businesses to keep personal data no longer than necessary for the purpose for which it was collected.
7. Sharing personal data
We do not sell your personal data.
We may share limited personal data with service providers when necessary to operate our business, such as:
- Payment providers
- Website hosting providers
- Email service providers
- Technical service providers that help us maintain the website
These parties only receive the data they need to perform their service.
8. Your rights
Under GDPR, you have rights regarding your personal data. These can include:
- The right to access your personal data
- The right to correct inaccurate data
- The right to request deletion of your data
- The right to object to certain processing
- The right to withdraw consent where processing is based on consent
Businesses must facilitate the exercise of these rights.
9. Data security
We take appropriate technical and organisational measures to protect personal data against loss, misuse, or unauthorized access.
If your website collects personal data, using HTTPS is recommended to protect data in transit.
10. Changes to this policy
We may update this privacy policy from time to time, for example when the website, our services, or legal requirements change.
11. Contact
If you have questions about this privacy policy or about how we handle your data, please contact Eindhoven Cycling Tours through the contact page on this website.