TOURS WITH SONALI

Legal

Privacy Policy

Last updated: January 2026

1. Introduction

Tours with Sonali ("we", "us", or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website or book our services, in strict compliance with the General Data Protection Regulation (GDPR/RGPD).

2. Data Controller

The data controller responsible for your personal data is:
HARSHE SONALI SHRIKANT
Entrepreneur individuel — SIRET: 911 794 550 00036
Paris, France
Email: contact@tourswithsonali.com

3. Information We Collect

We collect and process the following data:

  • Identity Data: Name, surname.
  • Contact Data: Email address, phone number.
  • Booking Data: Tour details, dates, special requirements (dietary, mobility).
  • Technical Data: IP address, browser type, cookies (see Cookie Policy).

4. Legal Basis for Processing

We process your data based on the following legal grounds:

  • Contractual Necessity: To process your booking and provide the tour services.
  • Legal Obligation: To comply with accounting and tax regulations.
  • Consent: For marketing communications (newsletters), which you can withdraw at any time.

5. Data Retention

We retain your personal data only as long as necessary:
- Booking Data: 5 years (for tax/legal compliance).
- Marketing Data: Until you unsubscribe.

6. Your Rights

Under the GDPR, you have the right to:

  • Access your personal data.
  • Correct inaccurate data.
  • Request deletion of your data ("Right to be forgotten").
  • Restrict processing.
  • Data portability.
  • Object to processing.

To exercise these rights, email us at: contact@tourswithsonali.com

7. Third-Party Sharing

We do not sell your data. We share data only with necessary service providers (e.g., payment processors, ticketing partners) who are also GDPR compliant.

8. Data Hosting & International Transfers

Our website is hosted by Vercel Inc. (340 S Lemon Ave #4133, Walnut, CA 91789, USA) on a globally distributed infrastructure. To provide optimal performance, your data may be processed in the following regions:

  • Europe: Paris, France (CDG1)
  • North America: Washington D.C., USA (IAD1)
  • Asia: Mumbai, India (BOM1)

Vercel complies with the EU-U.S. Data Privacy Framework. For transfers outside the EEA, we rely on Standard Contractual Clauses (SCCs) approved by the European Commission to ensure your data remains protected.

9. Cookies

We use essential cookies to make our site work. You can control cookie settings through your browser.

10. Contact Authority

If you believe your rights have been violated, you have the right to lodge a complaint with the French Data Protection Authority (CNIL).