Skip to content
Skip to main content
TourOperationTourOperation

Privacy Policy

Last updated: March 2026

This Privacy Policy has been prepared to inform you about how your personal data is collected, used, and protected when you use the services provided by TourOperation.com ("Platform", "we", "our", "us").

1. Data Collection

We may collect the following personal data when you use our Platform:

  • Identity Information: First name, last name, email address, phone number
  • Company Information: Company name, tax identification number, business address
  • Account Information: Username, password (stored in encrypted form)
  • Usage Data: IP address, browser information, access times, pages visited
  • Payment Information: Billing address, payment method details (credit card information is not stored directly by us; it is processed by our payment service provider)

2. Data Usage

We use the data we collect for the following purposes:

  • Provision and improvement of Platform services
  • Account creation and management
  • Provision of customer support
  • Billing and payment processing
  • Compliance with legal obligations
  • Informing you about service updates and promotions (with your consent)
  • Ensuring Platform security

3. Mobile Application and Location Data

When you use the TourOperation mobile application, we may collect the following data in addition to the data described above:

  • Location Data: Location information is collected for real-time tracking of guides and drivers during tour operations. Location sharing is entirely optional and can be toggled on or off within the application with a single tap. Location data is used only during active operations and is processed solely for fleet tracking purposes.
  • Background Location Access: Background location permission may be requested to allow location sharing to continue while the application is in the background during an operation. This feature is activated only with the user's explicit consent.
  • Camera Access: Camera access is used to enable quick passenger check-in via QR code scanning. Images captured by the camera are not stored or uploaded to our servers.
  • Push Notifications: A device push token is collected to deliver notifications regarding new reservations, payments, cancellations, and operational changes. You can manage your notification preferences in the application settings.
  • Device Information: Device model and operating system information may be collected to improve application performance and for error reporting.

All data collected through the mobile application is protected to the same security standards as the web platform. Location data is stored with AES-256 encryption and is not shared with third parties.

4. Cookies

Our Platform uses cookies to enhance user experience and improve service quality:

  • Essential Cookies: Required for the core functionality of the Platform (session management, security).
  • Analytics Cookies: Used to understand usage statistics (e.g., Google Analytics).
  • Preference Cookies: Remember your language and display preferences.

You may disable cookies through your browser settings; however, doing so may prevent you from using certain features of the Platform.

5. Third-Party Sharing

We do not share your personal data with third parties except in the following circumstances:

  • Service Providers: Business partners with whom we work for services such as payment processing, email delivery, and server hosting. These partners are authorized to process your data only in accordance with our instructions.
  • Legal Obligations: Sharing may occur pursuant to a court order or legal requirement.
  • Your Consent: Sharing with third parties may occur with your explicit consent.

We do not sell your data to third parties for advertising purposes under any circumstances.

6. Security

We take the following measures to ensure the security of your data:

  • Data transmission via SSL/TLS encryption
  • Database encryption
  • Daily automated backups
  • Hosting on European-based, ISO 27001 certified servers
  • Regular security audits
  • Access control and authorization systems

7. Your Rights

Under the General Data Protection Regulation (GDPR) and applicable data protection legislation, you have the following rights:

  • The right to know whether your personal data is being processed
  • The right to request information regarding processing activities
  • The right to know the purpose of processing and whether data is used in accordance with that purpose
  • The right to know the third parties to whom your data has been transferred, domestically or internationally
  • The right to request rectification if your data is incomplete or inaccurate
  • The right to request erasure or destruction of your data under the conditions provided by applicable law
  • The right to object to any outcome that arises against you as a result of the analysis of your data exclusively through automated systems

8. Contact

For questions or requests regarding our privacy policy, you may reach us through the following channels:

This privacy policy may be updated as necessary. Changes will be published on this page, and you will be notified by email of any significant changes.