1. Introduction

Welcome to Mauritius Conscious Travel (“we,” “us,” “our”). We are incorporated in Mauritius and specialise in creating bespoke travel experiences in the Indian Ocean for our global clientele.

Your privacy is of the utmost importance to us. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website www.mauritiusconscious.com, engage with our services, or communicate with us. We are committed to protecting your personal data in compliance with the highest standards, including the EU General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CPRA), and the Mauritius Data Protection Act 2017.

Please read this policy carefully. By using our services, you agree to the collection and use of information in accordance with this policy.

2. Who is the Data Controller?

For the purpose of applicable data protection laws, the data controller is:

Conscious Travel Ltd,

Vivea Business Park, Moka, Mauritius.

Email for privacy inquiries: hello@mauritiusconscious.com

3. Information We Collect

We collect information that you provide directly to us, information we collect automatically, and information we may receive from third parties.

(A) Information You Provide to Us:

Contact and Identity Data: Full name, email address, phone number, postal address, and passport details.
Trip Planning Data: Information about your travel preferences, interests, dietary requirements, health conditions relevant to your travel, travel dates, number of travellers, budget, and any other information you share in your trip inquiries.
Payment Data: Payment card details or bank account information for booking and payment processing. This is typically processed by our secure third-party payment processors.

(B) Information We Collect Automatically:

Usage and Device Data: When you visit our website, we may automatically collect information such as your IP address, browser type, operating system, device information, pages viewed, and the dates/times of your visits.
Cookies and Tracking Technologies: We use cookies and similar technologies to track activity on our website and hold certain information. Please see our Cookie Policy for more details.

4. How and Why We Use Your Information (Lawful Basis)

We will only use your data when the law allows us to. Most commonly, we will use your data in the following circumstances:

Purpose of Processing	Type of Data Used	Lawful Basis under GDPR
To plan and deliver your travel experience	Identity, Contact, Trip Planning, Payment	Performance of a contract with you
To communicate with you	Identity, Contact, Trip Planning	Performance of a contract; Legitimate interest (to provide excellent customer service)
To process payments	Identity, Contact, Payment	Performance of a contract
To send marketing communications (with your permission)	Identity, Contact	Consent
To improve our website and services	Usage and Device Data	Legitimate interest (to improve our business and offerings)
To comply with legal or regulatory obligations	All relevant data categories	Legal obligation

5. Sharing and Disclosure of Information

We do not sell your data. We may share your information with trusted third parties solely to provide the services you have requested. These include:

Travel Partners: Airlines, hotels, private villas, local tour operators, and transport companies in your destination countries (e.g., Mauritius, Kenya, Seychelles).
Service Providers: IT and web hosting providers, payment processors, and marketing and analytics services.
Legal Authorities: We may disclose your information if required to do so by law or in response to valid requests by public authorities.

6. International Data Transfers

As our client base is in the EU and the USA, and our travel services are in the Indian Ocean, your data will be transferred internationally. When we transfer your data outside the European Economic Area (EEA), we ensure a similar degree of protection is afforded to it by using safeguards such as:

Transferring to countries that have been deemed to provide an adequate level of protection for personal data by the European Commission.
Using specific contracts approved by the European Commission, which give personal data the same protection it has in Europe (known as Standard Contractual Clauses or SCCs).

7. Data Security

We have implemented appropriate technical and organisational security measures designed to protect the security of any personal information we process. However, please also remember that we cannot guarantee that the internet itself is 100% secure.

8. Data Retention

We will only retain your data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.

9. Your Data Protection Rights

Depending on your location, you have certain rights regarding your data.

(A) For Residents of the European Economic Area (EEA) – GDPR Rights:

Right of Access: You have the right to request copies of your data.
Right to Rectification: You have the right to request that we correct any information you believe is inaccurate or complete information you believe is incomplete.
Right to Erasure (Right to be Forgotten): You have the right to request that we erase your personal data, under certain conditions.
Right to Restrict Processing: You have the right to request that we restrict the processing of your personal data, under certain conditions.
Right to Object to Processing: You have the right to object to our processing of your personal data, under certain conditions.
Right to Data Portability: You have the right to request that we transfer the data that we have collected to another organisation, or directly to you, under certain conditions.
Right to Withdraw Consent: Where we rely on consent to process your data, you may withdraw it at any time.

(B) For Residents of California (USA) – CPRA Rights:

Right to Know: You have the right to know what personal information we have collected about you, including the categories of information, the sources, the purpose for collecting it, and the third parties with whom we share it.
Right to Delete: You have the right to request the deletion of your personal information.
Right to Correct: You have the right to request the correction of inaccurate personal information.
Right to Opt-Out of Sale/Sharing: You have the right to direct us not to sell or share your personal information. As stated, we do not sell your personal information.
Right to Non-Discrimination: We will not discriminate against you for exercising any of your CPRA rights.

10. How to Exercise Your Rights

To exercise any of the rights described above, please contact us at:

hello@mauritiusconscious.com

Attn: Data Privacy Manager

Email for privacy inquiries: hello@mauritiusconscious.com

We will respond to your request within the timeframes required by law. We may need to request specific information from you to help us confirm your identity.

11. Children’s Privacy

Our services are not intended for individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that we have collected personal data from a child without verification of parental consent, we will take steps to remove that information from our servers.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. The updated version will be indicated by a “Last Updated” date and will be effective as soon as it is accessible. We encourage you to review this policy frequently to be informed of how we are protecting your information.

13. Contact Us

If you have any questions or comments about this policy, please do not hesitate to contact us at hello@mauritiusconscious.com.

Destinations

Useful Links

Our Company

Contacts

+23054889401

Call or Whatsapp us for inquiries about our trips.

hello@mauritiusconscious.com

Email us your travel inquiry.

Vivea Business Park, Moka. Mauritius Island.

Our Privacy Policy.

1. Introduction