Privacy
Policy.

When you message the operator on WhatsApp, the message content (your name as supplied, dates, group size, pickup hotel, package preference, optional budget hint) is retained as part of the booking record. WhatsApp itself stores the underlying message metadata under WhatsApp/Meta's own privacy framework.

When you complete a booking, the booking record retains: full name, phone number, email (where provided), pickup hotel address, booking dates, package booked, payment method used (last 4 digits of card or bank transfer reference), and post-trip review consent flag. No full card numbers, no CVV, no payment-credential storage on operator-side systems.

Cookies on this website: a session cookie maintains your visit context. No third-party tracking cookies set without consent. Analytics (when enabled) collects anonymized page-view data — country, browser, page-path, referrer — without individual identification. No advertising-network cookies set on this site.

Booking record data is used to: confirm and run the booked session (driver dispatch, guide assignment, post-session communication), process payment, follow up post-trip for review collection (one WhatsApp message, one optional follow-up), and meet UAE legal obligations (DTCM operator reporting, tax records).

We do not sell or rent personal data to third parties. We do not share data with marketing networks or data brokers. We share data only with: the booking-payment processor (UAE-licensed gateway, for card transactions), the WhatsApp/Meta platform (for the message channel), and UAE government bodies where required by law.

We do not use guest data for retargeting advertising on Meta, Google, or TikTok networks. We do not run lookalike-audience segmentation against guest contact data. The operator's marketing relies on organic search, direct enquiries, and review-based reputation — not paid retargeting against past guests.

Under the UAE Personal Data Protection Law (Federal Decree-Law No. 45 of 2021), you have the right to: know what data we hold about you, correct inaccurate data, request deletion of data we no longer need, withdraw consent for any processing that relies on consent (post-trip marketing follow-up, for example), and complain to the UAE Data Office if you believe your rights have been violated.

To exercise these rights, email [email protected] referencing your booking date and the right you want to exercise. We respond within 30 days. Verification of identity required for sensitive requests (full data export, account deletion) — typically a copy of the same ID used at booking.

Where our processing is also subject to GDPR (visitor from EEA, browser geolocation in EU/EEA), the parallel GDPR rights apply: access, rectification, erasure, restriction, portability, objection, automated decision-making opt-out. We treat GDPR rights as additional to UAE PDPL — never substituting one for the other.

First-party session cookie: maintains your visit context across page navigation. Expires at the end of the browser session. No personal data inside the cookie.

Analytics cookie (when enabled): anonymized visit metrics — country, browser, page-path, referrer, time-on-page. Aggregated reporting; no individual identification. Configurable opt-out via the cookie banner where present.

Third-party cookies set by embedded content (Google Maps tile, YouTube video embed, WhatsApp widget): governed by the third-party's own cookie policy. The operator does not control these. Disable third-party cookies in your browser settings if you prefer to block them.

Booking record: retained for 7 years from booking date to satisfy UAE tax-record requirements and DTCM reporting. After 7 years, automatically deleted unless required for an open dispute.

WhatsApp message thread: retained on operator's WhatsApp Business account for 5 years from last message in the thread. Automatically archived after that.

Email correspondence: retained for 5 years from last message in the thread. Automatically archived after that.

Post-trip review and feedback: retained indefinitely if positive (anonymized for site display). Retained for 3 years if negative for operator-side service-improvement tracking, then automatically deleted.

Email: [email protected] with subject line 'Privacy request — [your right]'. Include your booking date and a brief description of the request. We acknowledge within 5 working days and complete the request within 30 days.

WhatsApp: +971 52 440 9525, mention you want to make a privacy/data request. Reply within 5 minutes during operating hours; the team escalates the thread to the operator's data handler.

UAE Data Office: if you believe your rights are being violated and the operator response doesn't satisfy, you can complain to the UAE Data Office under PDPL provisions. The Data Office handles complaints and conducts investigations independently.