Legal information
Privacy Policy
This Privacy Policy explains how Azores Dynamic Tours collects, uses and protects your personal data when you browse our website, contact us or book a tour in São Miguel Island, Azores.
1. Data controller
The entity responsible for processing your personal data ("data controller") is Azores Dynamic Tours, operating tours and related services in São Miguel Island, Azores, Portugal.
You can contact us regarding privacy matters using the details available on our Contact & Book page or:
- E-mail: azoresdynamictours@gmail.com
- Phone / WhatsApp: +351 924 785 899
- São Miguel Island · Azores · Portugal
2. Personal data we may collect
We only collect personal data that is relevant to providing our services and managing your enquiries and bookings. Depending on how you interact with us, we may process:
- Identification data: name, surname;
- Contact details: e-mail address, phone number, country of origin;
- Booking details: dates of stay, preferred tours, number of guests, ages of children, pick-up location, accommodation;
- Health / mobility information: only when you voluntarily provide it so we can adapt the tour (e.g. reduced mobility, pregnancy, specific physical limitations);
- Payment-related information: limited to what is necessary to confirm or record a payment, depending on the method used (we do not store full card details on this website);
- Communication content: messages you send us via forms, e-mail, phone or messaging apps;
- Technical data: IP address, device type, browser, pages visited, date and time of access and similar information, mainly via cookies and analytics tools.
3. Purposes and legal bases for processing
We process personal data for the following purposes and on the following legal bases under the General Data Protection Regulation (GDPR):
-
Managing enquiries and bookings
To answer your questions, send information about tours, check availability and confirm bookings.
Legal basis: performance of a contract or steps taken at your request before entering into a contract (Art. 6(1)(b) GDPR). -
Operating tours and related services
To organise pick-ups, adapt routes to your needs and ensure your safety and comfort during the tour.
Legal basis: performance of a contract (Art. 6(1)(b) GDPR) and legitimate interests (Art. 6(1)(f) GDPR) in providing a safe and high-quality service. -
Administrative and accounting purposes
To issue invoices, manage payments and comply with legal obligations in Portugal.
Legal basis: compliance with legal obligations (Art. 6(1)(c) GDPR). -
Communication and customer support
To keep in touch with you about your booking, changes due to weather or conditions, or to respond to post-tour questions and feedback.
Legal basis: performance of a contract (Art. 6(1)(b) GDPR) and legitimate interests (Art. 6(1)(f) GDPR). -
Marketing and information about services
To send you occasional information about new tours or relevant updates, when you have expressed interest or given consent.
Legal basis: consent (Art. 6(1)(a) GDPR) or legitimate interests (Art. 6(1)(f) GDPR), depending on the case and local rules. -
Website improvement and statistics
To understand how visitors use our website and improve content, navigation and security, using anonymous or aggregated analytics data when possible.
Legal basis: legitimate interests (Art. 6(1)(f) GDPR) and/or consent for non-essential cookies where required.
4. Cookies and similar technologies
Our website may use cookies and similar technologies to ensure basic technical functions, improve performance and, where implemented, support analytics or marketing tools.
In general, we distinguish between:
- Strictly necessary cookies: required for the website to function correctly (e.g. navigation, security). These do not usually require consent.
- Preference or functional cookies: used to remember basic options, such as language or certain display preferences.
- Analytics cookies: used to understand how visitors use the site (pages visited, time spent, approximate location). When used, we aim to configure these tools in a privacy-friendly way.
- Marketing cookies: used to measure campaigns or show ads. These will only be used if explicitly implemented and, when required, with your consent.
If a detailed cookie banner or settings tool is implemented on the site, you can use it to manage your preferences for non-essential cookies at any time. You may also adjust browser settings to block or delete cookies, although this may affect how some parts of the site work.
5. Data sharing and recipients
We do not sell or rent your personal data. We only share it when necessary and proportionate for the purposes described above, for example:
- Service providers: such as IT, hosting, e-mail or analytics providers that help us operate the website and communication. These entities act as data processors and are contractually bound to protect your data.
- Tour-related partners: when we help you coordinate experiences operated by third parties (for example whale watching, certain hikes or hot springs visits), we may share basic information needed for the booking (names, dates, number of people and similar). In those cases, the partner acts as an independent controller for the service they provide.
- Legal and public authorities: when required by law, court order or legitimate request from competent authorities.
If data is transferred outside the European Economic Area (EEA), we will ensure that appropriate safeguards are in place, such as standard contractual clauses or equivalent mechanisms, in accordance with the GDPR.
6. Data retention periods
We keep your personal data only for as long as necessary for the purposes described in this Privacy Policy and to comply with legal obligations.
As a general indication:
- Enquiry and booking data is kept for the duration of the relationship and for a reasonable period afterwards, to handle questions, potential claims and to comply with applicable retention rules.
- Accounting and invoicing data is kept for the period required by Portuguese law and tax regulations.
- Analytics data is kept in an aggregated or anonymised form where possible, or for limited periods defined by the tools used.
Once data is no longer needed, we will delete it securely or anonymise it so that it can no longer be linked to you.
7. Data security
We implement reasonable technical and organisational measures to protect personal data against unauthorised access, loss, misuse, alteration or disclosure. These measures may include secure connections (HTTPS), access controls, backups and other safeguards appropriate to the nature of the data and the risk.
However, no system can be guaranteed to be 100% secure. If we become aware of a data breach that is likely to result in a high risk to your rights and freedoms, we will inform you and the relevant authorities in accordance with applicable law.
8. Your rights under data protection law
Under the GDPR and other applicable laws, you have several rights in relation to your personal data. Subject to certain conditions, you may:
- Access your personal data and obtain a copy;
- Rectify inaccurate or incomplete data;
- Erase data ("right to be forgotten") in specific situations;
- Restrict processing in certain circumstances;
- Object to processing based on legitimate interests, including direct marketing;
- Data portability, where applicable;
- Withdraw consent at any time when processing is based on consent.
To exercise any of these rights, please contact us using the details in section 1. Data controller. We may need to verify your identity before responding to your request.
You also have the right to lodge a complaint with a supervisory authority.
9. Children and minors
Our services are primarily aimed at adults who make bookings on behalf of themselves, families or groups. We do not intentionally collect personal data directly from children without the knowledge and involvement of a parent or legal guardian.
If you believe that a child has provided personal data to us without appropriate consent, please contact us so we can take the necessary steps.
10. Links to other websites and third-party services
Our website and communications may contain links to websites or services operated by third parties. We are not responsible for the privacy practices or content of those external sites.
We recommend that you read the privacy policies of any third-party site or service you visit or use.
11. Changes to this Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our services, applicable law or how we handle personal data. The updated version will be published on this page with a new "Last updated" date.
We encourage you to review this Policy periodically.
12. Contact regarding privacy
If you have any questions, concerns or requests regarding this Privacy Policy or how we handle your personal data, please contact us using:
- E-mail: azoresdynamictours@gmail.com
- Phone / WhatsApp: +351 924 785 899
- Or via the form on our Contact & Book page.