Ayubowan Escapes Privacy Policy

Last updated: 05 AUG 2025

Ayubowan Escapes (“we,” “us,” “our”) is a Sri Lankan travel company offering personalised private tours. We are committed to protecting your privacy and ensuring the security of your personal information. This policy explains what information we collect, why we collect it, how we use it, and the steps we take to safeguard your data. By using our website or booking our services, you consent to the practices described below.

1. Information we collect

We collect only the information necessary to plan and deliver your travel arrangements or to improve our website. Personal information is provided directly by you during enquiries or bookings or collected automatically through our website. We may collect:

• Identity and contact details – your full name, title, gender, date of birth, postal address, email address and telephone numbers. When you book a trip, we may also ask for passport details, nationality and next‑of‑kin information.
• Travel details – preferences or requirements relating to accommodation, itineraries, activities, dietary needs, medical conditions, health information or mobility requirements. We ask for these details only to ensure your comfort and safety and to determine whether a trip is suitable for you.
• Payment information – we integrate with trusted payment gateways to take deposits and process balances. Third‑party payment processors handle your credit/debit card details on our behalf; we do not store full card numbers.
• Browsing data and device information – your IP address, browser type, device information and interactions with our website may be collected automatically via cookies and similar technologies. This helps us understand how visitors use our site and allows us to personalise content.
• Photos and testimonials – we will only publish photos of you or testimonials you provide with your explicit permission. As noted in other tour operator policies, companies should ask for permission before sharing guests’ images.

2. How we collect information

We collect personal data in the following ways:

• When you contact us – via our website enquiry forms, email, telephone, social media or any booking engine, you provide details necessary for us to answer your questions or confirm a tour.
• During booking – we collect additional details needed to create itineraries, secure accommodations, and issue confirmations (for example, passport numbers or medical information for flight bookings).
• Through cookies and analytics – we use essential and analytical cookies to gather information about how visitors use our website (e.g., pages viewed, average time on page). You can decline non‑essential cookies or adjust preferences through your browser settings.
• From third parties – we may receive information from suppliers (such as airlines, hotels or activity operators) or from payment processors when necessary to finalise your booking. We ensure third‑party partners have adequate privacy practices.

3. How we use your information

We handle all personal information with care and only use it for legitimate business purposes. Examples include:

• Providing quotations and travel advice – to send requested information or quotes and to communicate itinerary updates or changes.
• Processing bookings – to secure hotel rooms, arrange transport, flights or tours, and handle payments.
• Managing your trip – to notify you about amendments or changes, handle special requests, or assist during emergencies.
• Improving our services – analysing website usage and feedback helps us improve content and customer experience. We may use aggregated browsing data but never identify individual users.
• Marketing (with consent) – we might send occasional newsletters or personalised offers about new trips or services. You can unsubscribe at any time. We never share marketing lists with unrelated companies.

4. Sharing your information

We respect your privacy and never sell, lease or trade your personal data. We only share information in the following situations:

• Service providers – we share relevant details with hotels, airlines, local guides, drivers and other suppliers solely to fulfil your booking.
• Payment processors – trusted payment gateways process your payment information; we do not store full card details.
• Legal requirements – we may disclose information when required by law or to protect our rights.
• Business transfers – if our company undergoes a merger or acquisition, customer data may be transferred, but it will remain protected by this policy.

We never publicly share photos or comments from you without asking for your permission.

5. Data security

We implement industry‑standard security measures to protect your personal data from unauthorised access, loss or misuse. These include secure databases, password‑protected systems, and restricted access to staff on a need‑to‑know basis. While no online system can be guaranteed 100 % secure, we continually review and improve our security practices. If a data breach occurs, we will notify affected individuals and authorities as required by law.

6. Data retention

We keep personal information only as long as necessary for the purpose for which it was collected and to comply with legal obligations. For example, booking and financial records may need to be kept for several years to meet accounting or regulatory requirements. When information is no longer required, we will securely dispose of or anonymise it.

7. Your rights and choices

You have rights over your personal data. Depending on your jurisdiction (for example, the EU General Data Protection Regulation), these may include:

• Access – you can request a copy of the personal information we hold about you.
• Correction – you can ask us to correct inaccurate or incomplete information.
• Deletion – you can request deletion of your data where it is no longer needed or you withdraw consent (subject to legal retention requirements).
• Objection – you may object to our use of your data for marketing or other specific purposes.
• Complaints – you may lodge a complaint with a supervisory authority if you believe we have not complied with privacy laws.

To exercise these rights, please contact us using the details below. We may need to verify your identity before actioning your request.

8. Cookies and similar technologies

Our website uses cookies and similar technologies to enable core functionality and analyse website traffic. Essential cookies are necessary for the site to function. Analytical and marketing cookies help us understand how visitors use the site and deliver personalised content. You can set your browser to refuse non‑essential cookies or to alert you when cookies are being sent. Please note that disabling cookies may affect website functionality.

9. Changes to this policy

We may update this Privacy Policy from time to time to reflect changes in the law or our services. Significant changes will be posted on this page and, where appropriate, notified via email. Please check back regularly to stay informed. Your continued use of our services following an update constitutes acceptance of the revised policy.

10. Contact us

If you have any questions about this policy, wish to exercise your data rights or have concerns about how we handle your personal information, please get in touch:

• Data Controller: Ayubowan Escapes (Pvt) Ltd
• Contact: Gayan (Director)
• Email: care@ayubowanescapes.com
• Address: 53/1 Ihalawatta, Epaladeniya, Giriulla. 60140 Sri Lanka
• Phone: +94 77475 2863

We are committed to responding promptly to all privacy‑related enquiries