Privacy Policy

Level Play Commons (“we”, “our”, “us”) is a modern tour operator providing curated travel services. This Privacy Policy explains how we collect, use, disclose, and protect personal data when you visit our website or use our services. If you do not agree with this policy, please do not use our website or services.

1. Who we are and how to contact us

Controller: Level Play Commons Tour Operator, Reg. No. 23809853

Address: 562 Philip Shores, Port Samantha, BR6 9XJ, UK

Email: [email protected] • Phone: +44 3552 176886

2. Scope

This Policy applies to personal data processed through our website and in connection with inquiries, bookings, and traveler support. Additional notices may apply to specific products or jurisdictions.

3. Data we collect

3.1 Information you provide

• Contact details: name, email, phone.
• Inquiry and booking details: travel dates, preferences, group size, passport/ID data where required for permits and tickets.
• Health and dietary information you choose to share so we can tailor trips safely (e.g., allergies, mobility needs).
• Payment-related information: processed via PCI-compliant providers. We do not store full card numbers on our systems.
• Communications: messages, survey responses, and feedback.

3.2 Information collected automatically

• Device and usage data: IP address, browser type, pages viewed, time on page, and referral source.
• Cookies and similar technologies: analytics and experience-improvement cookies; see section 8 for details.

3.3 Information from third parties

We may receive updates from payment processors, anti-fraud providers, and service partners (e.g., airlines, hotels, local operators) necessary to perform your contract.

4. Purposes of processing

• Provide and improve our services, including itinerary design, booking management, and on-trip support.
• Communicate with you about inquiries, proposals, confirmations, and support.
• Personalize your experience (e.g., accessibility, dietary arrangements).
• Analytics and site performance measurement.
• Security, fraud prevention, and legal compliance.
• Marketing communications with your consent, which you can withdraw at any time.

5. Legal bases (UK/EU GDPR)

• Contract performance and pre-contract steps (Article 6(1)(b)).
• Legitimate interests (Article 6(1)(f)) such as service improvement, security, and analytics.
• Consent (Article 6(1)(a)) for optional cookies and marketing.
• Legal obligations (Article 6(1)(c)) including accounting and regulatory requirements.
• Special category data (Article 9): processed only with your explicit consent or where necessary to protect vital interests (e.g., medical needs during travel).

6. Sharing your data

We share data only as necessary:

• Operational partners: licensed guides, transport providers, hotels, and activity operators to deliver your itinerary.
• Technology providers: hosting, email, CRM, analytics (e.g., Google Analytics), and messaging tools under data processing agreements.
• Payment processors: to complete transactions securely.
• Authorities: when required by law or to protect rights and safety.
• Corporate events: in case of merger, acquisition, or reorganization, subject to appropriate safeguards.

7. International transfers

Where transfers occur outside the UK/EU, we rely on adequacy decisions or standard contractual clauses and implement additional safeguards where appropriate.

8. Cookies and tracking technologies

We use cookies to operate the site, measure performance, and improve user experience. You can manage preferences via the cookie banner’s “Customize” button or the Cookie Preferences modal on this site.

• Strictly necessary cookies: essential for core functionality (cannot be turned off).
• Analytics cookies: help us understand usage and improve content (toggle: “Analytics cookies”).
• Experience improvement cookies: support features and personalization (toggle: “Experience improvement”).

Third-party tools used include Google Analytics and Facebook Pixel. You may also control cookies via your browser settings and opt out of Google Analytics with the browser add-on provided by Google.

9. Data retention

We retain personal data only as long as necessary for the purposes described or as required by law. Typical retention: inquiry records up to 24 months; booking and transaction records up to 7 years for legal/accounting; operational files for the duration needed to support customer service and legal obligations.

10. Your rights

Subject to applicable law, you may have the right to:

• Access and obtain a copy of your personal data.
• Rectify inaccurate or incomplete data.
• Erase data (right to be forgotten) where applicable.
• Restrict or object to processing, including profiling for direct marketing.
• Data portability.
• Withdraw consent at any time (does not affect prior processing).
• Lodge a complaint with a supervisory authority. In the UK: ICO (ico.org.uk).

11. Security

We use technical and organizational measures such as encryption in transit, access controls, staff training, and supplier due diligence. No method is 100% secure; we continually improve our safeguards.

12. Children’s data

Our services are not directed to children under 16. Where minors travel, data is collected and processed with appropriate consent for essential travel arrangements only.

13. Do Not Track and signals

Some browsers offer Do Not Track (DNT). We do not respond to DNT signals. Use our on-site cookie preferences to control analytics and experience cookies.

14. Changes to this Policy

We may update this Policy to reflect changes in law or our practices. We will post the updated version with a new “Last updated” date.

15. Contact

For privacy questions or to exercise your rights, contact: [email protected] or write to the postal address above.

If this English version conflicts with a translated version, this English version controls where permitted by law.