Section 01
Overview
At Extended Travel & Expeditions, your privacy matters deeply to us. This Privacy Policy explains how we collect, use, store, and protect your personal information when you interact with our website, booking platform, or any of our travel services. By using our services, you consent to the practices described in this policy. We encourage you to read it carefully and contact us if you have any questions. We are committed to handling your data with the highest standards of security, transparency, and respect.
Section 02
Information We Collect
We collect personal information that you voluntarily provide to us when making a booking, enquiry, or subscription. This may include: — Full name, date of birth, and nationality — Passport or national identity details (for visa facilitation and safari permits) — Contact information: email address, phone number, and postal address — Payment information (processed securely via PCI-compliant third parties) — Travel preferences, dietary requirements, and medical conditions relevant to your safety — Communications you send to us via email, phone, or our website forms We may also automatically collect certain technical data when you visit our website, including IP address, browser type, referring URLs, pages visited, and time spent on pages. This data is used solely to improve our website experience.
Section 03
How We Use Your Information
Your personal information is used exclusively to deliver and improve our services. Specifically, we use it to: — Process and confirm your bookings, payments, and related arrangements — Facilitate visa applications and communicate with relevant authorities on your behalf — Send booking confirmations, itineraries, travel advisories, and essential updates — Respond to your enquiries and provide customer support — Comply with legal, regulatory, and contractual obligations — Improve our services through anonymised usage analytics We will only send you marketing communications if you have opted in to receive them, and you may unsubscribe at any time. We do not use your data for automated decision-making or profiling.
Section 05
Data Retention
We retain your personal information for as long as is necessary to fulfil the purposes outlined in this policy, including satisfying any legal, accounting, or reporting obligations. For active clients, we retain records for the duration of our relationship and for a period of seven years thereafter, in compliance with Kenyan tax and legal requirements. Visa and travel document information is retained only for as long as required by the relevant authorities and then securely deleted. You may request deletion of your data at any time, subject to our legal and contractual obligations.
Section 06
Data Security
We implement robust technical and organisational measures to protect your personal information against unauthorised access, loss, destruction, or disclosure. These include: — Encrypted data transmission via HTTPS/TLS across all our digital platforms — Secure, access-controlled storage for all physical and digital records — Restricted staff access to personal data on a need-to-know basis — Regular security assessments and staff training on data protection While we strive to protect your information, no system is entirely infallible. In the unlikely event of a data breach that poses a risk to your rights, we will notify you and the relevant authorities in accordance with applicable law.
Section 07
Your Rights
You have the following rights in relation to your personal data, which you may exercise at any time by contacting us: — Right to access: Request a copy of the personal information we hold about you — Right to rectification: Request correction of inaccurate or incomplete data — Right to erasure: Request deletion of your data, subject to our legal obligations — Right to restriction: Request that we limit how we process your data — Right to portability: Request your data in a structured, machine-readable format — Right to object: Object to processing of your data for marketing or profiling purposes — Right to withdraw consent: Where processing is based on your consent, withdraw it at any time We will respond to all valid requests within 30 days. We will not charge a fee for exercising these rights unless requests are manifestly unfounded or excessive.
Section 09
Children's Privacy
Our services are not directed at children under the age of 18. We do not knowingly collect personal information from minors without the explicit consent of a parent or legal guardian. Where minors are included in a booking (for example, as part of a family safari), the booking is made by and on behalf of an adult, and we collect only the minimum information necessary to fulfil the service safely and legally. If you believe we have inadvertently collected a minor's data, please contact us immediately and we will delete it promptly.
Section 10
Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or the services we offer. When we do, we will revise the "Last Updated" date at the top of this page. For significant changes, we will notify active clients via email or a prominent notice on our website. We encourage you to review this policy periodically to stay informed about how we protect your information. Your continued use of our services after any changes constitutes acceptance of the updated policy.
Section 11
Contact & Data Controller
Extended Travel & Expeditions is the data controller responsible for your personal information. If you have any questions, concerns, or requests relating to this Privacy Policy, please contact us: Extended Travel & Expeditions Nairobi, Kenya Phone: +254 727 943 157 Email: privacy@extendedstays.co.ke Website: extendedstays.co.ke