PRIVACY POLICY

Privacy Policy

At Itaca Tours (“Company,” “we,” “our,” or “us”), we respect your privacy and are committed to safeguarding the personal data you entrust to us. This Privacy Policy sets out in detail how we collect, use, disclose, retain, and protect your information when you interact with our services. It applies to all visitors and users of our websites, including itacatours.com and our booking subdomain booking.itacatours.com (together, the “Sites”), as well as to interactions through offline channels such as email, telephone, or in-person communications.

By using our Sites or engaging with our services, you acknowledge that you have read and understood this Privacy Policy and agree to the terms described herein. Our practices are designed to ensure compliance with the applicable laws of both the United States, where our parent company is established, and the European Union, where our booking partner operates under the General Data Protection Regulation (GDPR).

Itaca Tours LLC is incorporated in the United States and has its registered office at:

971 US Highway 202N, Suite N, Branchburg, NJ, 08876, United States.

For questions, concerns, or additional information regarding this Privacy Policy, you may contact us at: privacy@itacatours.com

Scope of This Policy

This Privacy Policy applies broadly to all individuals who interact with our websites and services. It covers not only casual visitors who browse our Sites without making a booking, but also registered users, customers who complete reservations, and individuals who submit contact forms, appointment requests, or detailed travel questionnaires. The scope also extends to any personal data that we collect directly from you, as well as information that we process on your behalf through our booking interfaces and affiliated platforms.

Importantly, this Policy applies regardless of your geographical location. Whether you access our Sites from within the United States, the European Union, or elsewhere, the same fundamental privacy principles apply. We are committed to ensuring that the handling of your personal data is transparent, consistent, and compliant with both U.S. regulations and international standards such as the EU General Data Protection Regulation (GDPR).

Information We Collect

We collect and process different categories of personal data depending on how you interact with our services. This may include personal identifiers, such as your full name, email address, telephone number, and, where necessary, your postal address when you provide billing or shipping details for invoices, reservations, or travel documentation. In addition, when payments are processed directly through Itaca Tours, we may collect payment and billing data, which may include details of the payment method used (for example, PayPal, bank account information, or credit/debit card details). For security reasons, we never store the full Primary Account Number (PAN) of your credit card, nor do we retain authentication codes such as CVC, CVV, or CID. However, we may store certain transaction details, invoicing information, and your payment history in order to comply with our financial and tax obligations.

When you browse our websites or use our booking platforms, we also collect technical and usage data, such as your Internet Protocol (IP) address, browser type and version, device identifiers, operating system, time zone, and language settings. We monitor website usage information including the pages you visit, access times, referring and exit pages, duration of visits, clickstream data, and interaction with elements of the site. This information helps us understand user behavior, improve the functionality of our websites, and provide a more tailored experience.

Like most online services, we rely on cookies and other tracking technologies to gather data about your online interactions. These may include persistent and session cookies, web beacons, tracking pixels, and local storage mechanisms. Such technologies are used to remember user preferences, analyze site traffic, personalize content, and display advertisements based on your interests.

We may also process third-party data, which refers to information we receive from service providers, affiliates, and partners that facilitate travel bookings on our behalf. This can include booking confirmations, questionnaire responses, or other data required to complete your reservation. In some cases, we may also collect information from publicly available sources or from your interaction with third-party platforms—for instance, if you choose to link your social media account, submit reviews, or share travel content publicly.

By combining these categories of information, we are able to provide our services effectively, ensure secure transactions, and deliver a more personalized and reliable customer experience.

How We Collect Your Information

We obtain personal data through several different channels. Most commonly, information is provided directly by you when you complete and submit forms on our website, such as contact forms, appointment scheduling requests, booking requests, or detailed travel planning questionnaires. Information may also be collected when you create or manage a customer account, when you communicate with us through email, telephone, or live chat, or when you voluntarily provide feedback, surveys, or other user-generated content.

In addition to direct interactions, certain categories of information are collected automatically whenever you visit our websites or interact with our services. This occurs through the use of cookies, tracking pixels, session logs, and similar technologies, which allow us to understand your navigation behavior, record your device details, and enhance the performance of our platforms.Finally, we may also receive information from third parties. These third-party sources include our trusted travel and activity partners, who may share booking details made via affiliate links; payment processors and financial institutions, which provide transaction confirmations and fraud-prevention signals; and analytics or advertising platforms, which may share aggregated or profile data in accordance with applicable laws.

Purposes of Processing

We process personal data for a range of purposes that are essential for the proper functioning of our services. The primary purpose is to facilitate travel bookings and related services, ensuring that reservations are transmitted to the correct providers and confirmed with the necessary details. We also process data to handle payments and invoicing, issuing receipts, and complying with financial recordkeeping obligations.

Another important use of your information is for communications. We contact you regarding reservation confirmations, travel updates, cancellations, modifications, or support inquiries. This may also extend to personalized travel suggestions, newsletters, promotional content, or tailored recommendations, always respecting your preferences and, where required by law, only with your explicit consent.

We use personal data to manage accounts and customer profiles, which allows you to view booking history, store preferences, and benefit from loyalty or promotional programs. Additionally, data is analyzed to monitor traffic and improve our websites, optimize performance, and enhance the user experience.

From a business perspective, personal data is also processed for market research and feedback collection, allowing us to understand customer trends and adapt our services accordingly. Furthermore, data may be used for security purposes, including the detection, investigation, and prevention of fraud, abuse, or suspicious activities. Lastly, we retain and process certain data to ensure compliance with our legal obligations, such as taxation, accounting, and regulatory reporting.

Legal Bases for Processing

The legal basis upon which we process personal data depends on the jurisdiction and the specific context of your interaction. In many cases, processing is based on your consent, such as when you opt in to receive newsletters, marketing communications, or agree to the use of cookies. Another common legal ground is the performance of a contract, since in order to deliver the travel services you request, we must process and transmit your booking data.

We may also rely on our legitimate interests, which include the operation and continuous improvement of our business, fraud prevention, ensuring system and network security, and analyzing website usage to optimize customer experience. Finally, some processing is carried out due to legal obligations, which may include complying with fiscal regulations, fulfilling reporting requirements, or responding to lawful requests from public authorities and courts.

Disclosure and Sharing of Data

We do not sell your personal information. However, in the course of providing our services, we may share your data with carefully selected third parties. These include service providers and affiliates who support our core business operations, such as payment processors, IT service providers, analytics firms, and cloud hosting companies. We may also share data with travel activity providers and partners who are directly responsible for delivering your booked services, such as airlines, hotels, and tour operators.

In certain cases, and only with your consent where legally required, we may share data with marketing and advertising partners to personalize offers and communications. We may also disclose information to professional advisors, auditors, regulatory bodies, or law enforcement agencies where this is necessary to comply with contractual or legal obligations, to protect our rights, or to respond to legal claims.In the event of a corporate restructuring, such as a merger, acquisition, or sale of assets, your personal data may be transferred to the successor entity, which will continue to respect the commitments outlined in this Privacy Policy. All third parties that receive data from us are contractually required to maintain strict confidentiality and to implement appropriate technical and organizational safeguards to protect your information.

International Data Transfers

Because our services are global in nature, your personal information may be transferred to, stored in, and processed in countries different from your country of residence. For example, data collected through our U.S.-based operations may be accessed by our European booking partner, and vice versa.

Whenever personal data is transferred across borders, we implement safeguards to ensure an adequate level of protection. These may include reliance on adequacy decisions issued by the European Commission, the use of Standard Contractual Clauses (SCCs), or other lawful mechanisms recognized under applicable privacy laws. Our goal is to ensure that your data enjoys the same level of protection no matter where it is processed.

Data Retention

We retain your personal data only for as long as is necessary to achieve the purposes for which it was collected, or as long as required by applicable law. In practical terms, this means:

  • Information used to provide travel services and reservations will be retained for the duration of the contractual relationship and a reasonable period thereafter to handle any follow-up issues.
  • Financial and billing information will be stored for at least five years, in line with standard legal and tax record-keeping obligations.
  • Certain data may be retained longer where necessary to comply with legal requirements, resolve disputes, enforce agreements, or defend legal claims.

Once the applicable retention period has expired, we securely delete, anonymize, or aggregate your data so that it can no longer be linked to you.

Cookies and Tracking Technologies

Our Sites use cookies, web beacons, pixels, and similar tracking technologies to improve your browsing experience and support our business operations. These technologies allow us to remember your preferences (such as language or login settings), measure the effectiveness of marketing campaigns, analyze traffic patterns, and optimize website performance.

Cookies can be either session cookies, which expire when you close your browser, or persistent cookies, which remain stored on your device until manually deleted or until they reach their expiration date.

You remain in control of how cookies are used. You can manage your cookie preferences through our Cookie Banner or adjust your browser settings to block or delete cookies. Please note, however, that disabling certain cookies may affect the functionality and usability of the Sites.

Security Measures

We take data security seriously and apply a combination of administrative, technical, and physical safeguards designed to protect your personal information against unauthorized access, loss, misuse, or disclosure. These measures may include encryption, secure server hosting, access controls, and regular monitoring of our systems.

That said, it is important to recognize that no system of data transmission over the Internet or method of electronic storage can be guaranteed to be completely secure. While we continuously strive to enhance our security posture, we cannot guarantee absolute security of information transmitted to or from our Sites.

Your Privacy Rights

Depending on your place of residence and the applicable laws, you may be entitled to a number of privacy rights. These can include the right to:

  • Request access to the personal data we hold about you, as well as obtain a copy in a commonly used format.
  • Request corrections or updates to ensure that your information is accurate and complete.
  • Request the deletion of your data or the restriction of its processing under certain circumstances.
  • Withdraw any consent you have previously provided, such as for marketing communications.
  • Object to processing activities based on our legitimate interests, including profiling or targeted advertising.
  • Request the transfer (portability) of your data to another service provider.
  • File a complaint with a supervisory authority if you believe that your rights have been violated.

To exercise these rights, you may contact us at privacy@itacatours.com. We are committed to responding within the timelines established by applicable law, which may vary depending on your jurisdiction.

Minors

Our services are designed and intended for individuals who are 18 years of age or older. We do not knowingly collect or process personal data from children without appropriate authorization. Minors under the age of 18 may only use our services with the explicit and verifiable consent of a parent or legal guardian.

In cases where we become aware that personal data has been collected from a minor without the necessary consent, we reserve the right to take corrective measures, which may include deleting the information from our records, canceling any associated bookings, and restricting access to our Sites or services. Parents or guardians who believe that their child has provided us with personal data without consent should contact us immediately at privacy@itacatours.com so that we can take the necessary steps.

Links to Other Websites

Our Sites may contain links to third-party websites and external resources. These links are provided for your convenience and to enhance your travel planning experience. However, please note that once you leave our Sites, we have no control over the privacy practices or content of those external platforms.

We are not responsible for how third-party websites handle personal data. We strongly encourage you to read and evaluate the privacy policies of any external sites you visit before providing personal information or engaging in transactions with them.

Changes to This Privacy Policy

We may update or amend this Privacy Policy periodically to reflect changes in our business practices, technological developments, or legal requirements. Any modifications will be published directly on our Sites, accompanied by an updated “Last Updated” date displayed at the top of the page.

We encourage you to review this Privacy Policy regularly to remain informed of how we protect your information. Your continued use of the Sites and services following the publication of a revised version constitutes your acceptance of the updated terms. If the changes are significant, we will take additional steps to notify you, such as by sending an email to registered users or displaying a prominent notice on our Sites.

Contact Information

If you have any questions, concerns, or requests related to this Privacy Policy, or if you wish to exercise your data protection rights, you may reach us using the following details:

Itaca Tours LLC
971 US Highway 202N, Suite N, Branchburg, NJ, 08876, United States
Email: privacy@itacatours.com

We are committed to responding promptly and in accordance with the applicable legal timeframes.

Updated Sep 10, 2025

Scroll to Top