Last Updated: January 1, 2026
This Privacy Policy describes how Bismej Tours ("we", "us", or "our") collects, uses, discloses, and protects your personal information when you use our website (bismejtours.com) and services. By accessing our website or using our services, you consent to the practices described in this policy.
1. Information We Collect
1.1 Personal Information
We collect personal information that you voluntarily provide to us, including:
- Contact Information: Full name, email address, telephone number, physical address
- Booking Information: Travel dates, destination preferences, special requirements, passport information (for visa processing)
- Payment Information: Credit/debit card details (processed through secure payment gateways), billing address
- Communication Data: Correspondence with our team, feedback, survey responses
- Demographic Information: Age, nationality, travel group composition
1.2 Automated Collection
When you visit our website, we automatically collect:
- Technical Data: IP address, browser type and version, time zone setting, browser plug-in types, operating system
- Usage Data: Pages visited, time spent on pages, navigation paths, clickstream data
- Cookies Data: Session cookies, persistent cookies (see our Cookies Policy for details)
1.3 Third-Party Sources
We may receive information about you from:
- Travel agencies and partners
- Social media platforms (when you interact with our profiles)
- Publicly available sources
- Service providers (payment processors, analytics providers)
2. How We Use Your Information
We use your personal information for the following purposes:
- Service Delivery: To process bookings, arrange travel services, and provide customer support
- Communication: To send booking confirmations, itinerary updates, travel advisories, and respond to inquiries
- Marketing: To send promotional materials about our tours and services (with your consent)
- Improvement: To analyze website usage and improve our services and user experience
- Legal Compliance: To comply with legal obligations, including tax and immigration requirements
- Security: To protect against fraud, unauthorized transactions, and other illegal activities
3. Legal Basis for Processing
We process your personal information based on the following legal grounds:
- Contractual Necessity: To fulfill our contract with you (processing bookings)
- Legal Obligation: To comply with French and EU laws and regulations
- Legitimate Interests: To improve our services and prevent fraud
- Consent: For marketing communications and cookies (where required)
4. Data Sharing and Disclosure
We may share your information with:
4.1 Service Providers
- Hotels, transportation companies, and activity providers in France
- Payment processing companies (Stripe, PayPal)
- Email service providers and customer relationship management tools
- Analytics and marketing service providers
4.2 Legal Requirements
We may disclose your information if required by law or in response to:
- Court orders or legal processes
- Requests from government authorities
- Investigations of potential violations of our Terms & Conditions
- Protection of our rights, property, or safety
4.3 Business Transfers
In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of the transaction.
5. International Data Transfers
As a company operating in France and serving international clients, your data may be transferred to and processed in countries outside the European Economic Area (EEA). We ensure appropriate safeguards are in place, including:
- Standard contractual clauses approved by the European Commission
- Adequacy decisions for countries with equivalent data protection laws
- Explicit consent for transfers to third countries
6. Data Retention
We retain your personal information only for as long as necessary:
- Booking Data: 7 years from the completion of travel (for tax and legal purposes)
- Marketing Data: Until you unsubscribe or request deletion
- Website Analytics: 26 months from your last visit
- Customer Service Records: 5 years from last interaction
After the retention period, we securely delete or anonymize your data.
7. Your Rights (GDPR/CCPA)
Depending on your location, you have the following rights:
Right to Access
Request a copy of your personal data we hold
Right to Rectification
Correct inaccurate or incomplete data
Right to Erasure
Request deletion of your data ("right to be forgotten")
Right to Restriction
Limit processing of your data
Right to Data Portability
Receive your data in a structured, machine-readable format
Right to Object
Object to processing based on legitimate interests
To exercise these rights, please contact us at privacy@bismejtours.com.
8. Security Measures
We implement robust security measures to protect your data:
- SSL/TLS encryption for data transmission
- Secure servers with firewalls and intrusion detection systems
- Regular security audits and vulnerability assessments
- Employee training on data protection and confidentiality
- Access controls and authentication mechanisms
- Regular data backups and disaster recovery plans
9. Children's Privacy
Our services are not directed to children under 16. We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately.
10. Third-Party Links
Our website may contain links to third-party websites (hotels, attractions, partner services). We are not responsible for the privacy practices of these websites. Please review their privacy policies separately.
11. Changes to This Policy
We may update this Privacy Policy periodically. The updated version will be posted on our website with a new "Last Updated" date. We encourage you to review this policy regularly.
12. Contact Information
For questions, concerns, or requests regarding this Privacy Policy, contact our Data Protection Officer:
Bismej Tours
Data Protection Officer
52 Av. de la Somme, 33700 Mérignac, France
Email: privacy@bismejtours.com
Phone: +33 5 561 46 317