Privacy Policy

JoyTrekking Tours & Safaris

1. Introduction

JoyTrekking Tours & Safaris (“we,” “our,” or “us”) is committed to protecting and respecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information when you visit our website, book our services, or interact with us in any capacity.

This policy applies to all personal information we collect through our website (www.joytrekking.com), booking processes, customer communications, and service delivery for our Mount Kilimanjaro expeditions, Mount Meru climbs, wildlife safaris, Zanzibar experiences, and related adventure travel services.

By using our services or providing us with your personal information, you consent to the collection, use, and disclosure of your information in accordance with this Privacy Policy and applicable data protection laws.

2. Data Controller Information

Legal Entity: JoyTrekking Tours & Safaris
Registration: BRELA Registration Number 563127
Tax Identification: 115-041-576
Tourism License: 022827 (Tourism Class A)
Registered Address: PO Box 2218, Arusha, Tanzania
Contact Information:

Phone: +255 755 557 547
Email: findjoy@joytrekking.com
Website: www.joytrekking.com
Director: January Musa Mziray

For privacy-related inquiries, please contact us using the information above with “Privacy Inquiry” in the subject line.

3. Information We Collect

3.1 Personal Information for Bookings and Services

When you book our services or inquire about our expeditions, we collect the following personal information:

Contact Information:

Full name and preferred name
Email address and phone number
Home address and emergency contact details
Passport information and nationality
Travel insurance details

Medical and Health Information:

Medical conditions and health status
Dietary restrictions and allergies
Fitness level and physical limitations
Medication requirements
Medical certificates (when required)
Emergency medical contact information

Travel and Preference Information:

Travel dates and itinerary preferences
Previous climbing or safari experience
Special requests and accommodation needs
Group composition and relationships
Photography and media preferences

Payment Information:

Payment method details
Billing address
Transaction history and payment status
Bank transfer information (when applicable)

3.2 Website and Digital Information

When you visit our website or interact with our digital platforms, we automatically collect:

Technical Information:

IP address and location data
Browser type and version
Operating system and device information
Website usage patterns and page views
Referral sources and search terms
Cookies and similar tracking technologies

Communication Information:

Email correspondence and inquiry details
Social media interactions
Newsletter subscription preferences
Marketing communication responses
Customer service interactions

3.3 Photography and Media

During your expedition or safari experience, we may collect:

Visual Content:

Testimonials and review content
Photographs and videos taken by our staff
Images shared by customers with us
Group photos and expedition documentation
Social media content featuring our services

4. How We Use Your Information

4.1 Service Delivery and Operations

We use your personal information to:

Expedition Planning and Delivery:

Process bookings and manage reservations
Plan and customize expedition itineraries
Coordinate transportation and accommodation
Ensure appropriate guide and porter assignments
Manage group compositions and logistics
Provide pre-expedition preparation guidance

Safety and Emergency Management:

Assess medical fitness for activities
Maintain emergency contact information
Coordinate medical assistance when needed
Implement safety protocols and procedures
Communicate with emergency services
Manage evacuation procedures if required

Equipment and Service Provision:

Determine appropriate equipment needs
Manage equipment rental agreements
Coordinate meal planning for dietary requirements
Arrange special accommodations
Provide appropriate guide expertise
Ensure compliance with park regulations

4.2 Communication and Customer Service

We use your information to:

Customer Communication:

Respond to inquiries and provide information
Send booking confirmations and updates
Provide pre-expedition preparation materials
Share important safety and travel information
Conduct post-expedition follow-up
Handle complaints and feedback

Marketing and Promotional Activities:

Send newsletters and promotional materials (with consent)
Share expedition updates and company news
Provide information about new services
Invite participation in customer surveys
Share relevant travel and adventure content
Promote special offers and discounts

4.3 Legal and Regulatory Compliance

We process your information to:

Legal Obligations:

Comply with tourism licensing requirements
Meet national park registration obligations
Fulfill tax and financial reporting duties
Respond to legal requests and investigations
Maintain records as required by law
Ensure compliance with health and safety regulations

Business Operations:

Maintain accurate business records
Conduct financial transactions and accounting
Manage insurance claims and coverage
Protect against fraud and security threats
Enforce our terms and conditions
Resolve disputes and legal matters

5. Legal Basis for Processing

Under applicable data protection laws, we process your personal information based on the following legal grounds:

5.1 Contractual Necessity

Processing necessary for the performance of our service contracts, including:

Booking processing and expedition delivery
Payment processing and financial transactions
Service customization and delivery
Safety and emergency management
Equipment provision and management

5.2 Legitimate Interests

Processing necessary for our legitimate business interests, including:

Customer service and communication
Business development and improvement
Marketing and promotional activities (where consent is not required)
Fraud prevention and security
Legal compliance and record keeping

5.3 Consent

Processing based on your explicit consent for:

Marketing communications and newsletters
Photography and media use for promotional purposes
Special category data processing (health information)
Cookies and tracking technologies (where required)
Social media interactions and content sharing

5.4 Legal Obligations

Processing required to comply with legal obligations, including:

Tourism licensing and regulatory requirements
Tax and financial reporting obligations
Health and safety compliance
Law enforcement cooperation
Court orders and legal proceedings

6. Information Sharing and Disclosure

6.1 Service Providers and Partners

We share your information with trusted third parties who assist in service delivery:

Local Service Providers:

Licensed guides and porter services
Accommodation providers and lodges
Transportation companies and drivers
Equipment suppliers and rental companies
Local community partners
Emergency medical services

Technology and Payment Providers:

Website hosting and maintenance services
Payment processing companies (PesaPal, banking partners)
Email and communication platforms
Booking and reservation systems
Customer relationship management tools
Security and fraud prevention services

Government and Regulatory Bodies:

Tanzania National Parks Authority (TANAPA)
Immigration and customs authorities
Tourism licensing authorities
Tax and revenue authorities
Emergency services and medical facilities
Law enforcement agencies (when required)

6.2 Legal and Emergency Disclosures

We may disclose your information when:

Legal Requirements:

Required by law, regulation, or court order
Necessary to protect our legal rights
Required for law enforcement cooperation
Needed to prevent fraud or security threats
Necessary for legal proceedings or disputes
Required for regulatory compliance

Emergency Situations:

Medical emergencies requiring immediate assistance
Safety threats or dangerous situations
Natural disasters or force majeure events
Evacuation or rescue operations
Communication with emergency contacts
Coordination with emergency services

6.3 Business Transfers

In the event of a merger, acquisition, or sale of business assets, your personal information may be transferred to the acquiring entity, subject to the same privacy protections outlined in this policy.

7. International Data Transfers

7.1 Cross-Border Processing

As an international tour operator serving customers from around the world, we may transfer your personal information across international borders for:

Service Delivery:

Communication with international customers
Coordination with international travel partners
Processing of international payments
Emergency communication with home countries
Insurance claim processing
Medical assistance coordination

Technology Services:

Cloud-based data storage and processing
International payment processing systems
Global communication platforms
Website hosting and content delivery
Customer support systems
Security and backup services

7.2 Data Protection Safeguards

When transferring personal information internationally, we implement appropriate safeguards including:

Contractual data protection clauses
Adequacy decisions by relevant authorities
Certification schemes and codes of conduct
Binding corporate rules (where applicable)
Specific authorization for sensitive transfers
Regular review of transfer mechanisms

8. Data Retention

8.1 Retention Periods

We retain your personal information for different periods based on the type of information and purpose of processing:

Booking and Service Information:

Active booking data: Duration of service plus 2 years
Payment and financial records: 7 years (tax compliance)
Medical information: 5 years (safety and liability)
Emergency contact details: Duration of service plus 1 year
Insurance information: Duration of coverage plus 3 years

Communication and Marketing:

Email correspondence: 3 years from last contact
Newsletter subscriptions: Until unsubscribed plus 1 year
Customer service records: 3 years from resolution
Complaint records: 5 years from resolution
Marketing consent records: Until withdrawn plus 2 years

Website and Technical Data:

Website analytics: 26 months (Google Analytics standard)
Cookie data: As specified in cookie settings
Security logs: 1 year from creation
Backup data: 3 years from creation
Technical support records: 2 years from resolution

8.2 Retention Criteria

We determine retention periods based on:

Legal and regulatory requirements
Legitimate business needs
Customer service requirements
Safety and liability considerations
Contractual obligations
Industry best practices

8.3 Secure Deletion

When retention periods expire, we securely delete or anonymize personal information using industry-standard methods to ensure data cannot be recovered or reconstructed.

9. Data Security

9.1 Security Measures

We implement comprehensive security measures to protect your personal information:

Technical Safeguards:

Encryption of data in transit and at rest
Secure server infrastructure and hosting
Regular security updates and patches
Multi-factor authentication systems
Intrusion detection and prevention
Regular security monitoring and auditing

Administrative Safeguards:

Staff training on data protection
Access controls and authorization procedures
Regular security policy reviews
Incident response procedures
Vendor security assessments
Privacy impact assessments

Physical Safeguards:

Secure office and storage facilities
Controlled access to physical records
Secure disposal of physical documents
Equipment security and tracking
Environmental controls and monitoring
Backup and disaster recovery procedures

9.2 Data Breach Response

In the event of a data breach, we will:

Immediately assess and contain the breach
Notify relevant authorities within 72 hours (where required)
Inform affected individuals without undue delay
Provide clear information about the breach impact
Implement additional security measures
Conduct thorough investigation and remediation

10. Your Privacy Rights

10.1 Access and Information Rights

You have the right to:

Access Your Data:

Request confirmation of data processing
Obtain copies of your personal information
Receive information about processing purposes
Learn about data sharing and transfers
Understand retention periods
Know your rights and how to exercise them

Data Portability:

Receive your data in a structured format
Transfer data to another service provider
Request direct transfer where technically feasible

10.2 Correction and Update Rights

You have the right to:

Data Accuracy:

Request correction of inaccurate information
Update outdated personal information
Complete incomplete data records
Verify data accuracy before processing

10.3 Deletion and Restriction Rights

You have the right to:

Data Deletion (“Right to be Forgotten”):

Request deletion of personal information
Withdraw consent for processing
Object to unlawful processing
Request deletion of unnecessary data

Processing Restrictions:

Limit how we use your information
Suspend processing during disputes
Restrict processing for specific purposes
Maintain data without active processing

10.4 Objection and Consent Rights

You have the right to:

Object to Processing:

Object to direct marketing activities
Refuse automated decision-making
Object to legitimate interest processing
Opt-out of profiling activities

Consent Management:

Withdraw consent at any time
Modify consent preferences
Understand consent implications
Receive clear consent requests

10.5 Exercising Your Rights

To exercise your privacy rights:

Contact Methods:

Email: findjoy@joytrekking.com (Subject: “Privacy Rights Request”)
Phone: +255 755 557 547
Mail: PO Box 2218, Arusha, Tanzania

Request Requirements:

Provide clear identification
Specify the right you wish to exercise
Include relevant details and context
Allow reasonable time for response (30 days)

Response Process:

We will acknowledge your request within 48 hours
Verify your identity before processing
Provide requested information or action within 30 days
Explain any limitations or exceptions
Inform you of appeal options if applicable

11. Cookies and Tracking Technologies

11.1 Types of Cookies We Use

Essential Cookies:

Website functionality and navigation
Security and authentication
Load balancing and performance
Shopping cart and booking functionality
Language and preference settings

Analytics Cookies:

Website usage statistics
Performance monitoring
User behavior analysis
Content optimization
Traffic source tracking

Marketing Cookies:

Advertising personalization
Social media integration
Conversion tracking
Remarketing campaigns
Cross-platform advertising

11.2 Cookie Management

You can control cookies through:

Browser settings and preferences
Our cookie consent management tool
Third-party opt-out mechanisms
Privacy-focused browser extensions
Regular cookie deletion

11.3 Third-Party Tracking

Our website may include tracking technologies from:

Google Analytics (website analytics)
Social media platforms (sharing and integration)
Payment processors (transaction security)
Advertising networks (marketing campaigns)
Customer support tools (service delivery)

12. Children’s Privacy

12.1 Age Restrictions

Our services are designed for individuals aged 16 and older. We do not knowingly collect personal information from children under 16 without explicit parental consent.

12.2 Parental Consent

For customers under 18:

Parental or guardian consent is required
Parents must provide emergency contact information
Medical information must be verified by parents
Special safety considerations apply
Additional supervision may be required

12.3 Child Protection

If we discover we have collected information from a child under 16 without proper consent, we will:

Delete the information immediately
Notify parents or guardians
Implement additional safeguards
Review our collection practices
Strengthen age verification procedures

13. Marketing and Communications

13.1 Marketing Consent

We will only send marketing communications with your explicit consent, including:

Newsletter subscriptions
Promotional offers and discounts
New service announcements
Adventure travel content
Customer surveys and feedback requests

13.2 Communication Preferences

You can manage your communication preferences by:

Updating your account settings
Using unsubscribe links in emails
Contacting our customer service team
Modifying consent preferences
Opting out of specific communication types

13.3 Opt-Out Procedures

To stop receiving marketing communications:

Click “unsubscribe” in any marketing email
Email findjoy@joytrekking.com with “Unsubscribe” in the subject
Call +255 755 557 547 to update preferences
Update preferences through your customer account
Send written request to PO Box 2218, Arusha, Tanzania

14. Photography and Media Consent

14.1 Image Collection and Use

During your expedition, we may take photographs and videos for:

Safety and documentation purposes
Marketing and promotional materials
Website and social media content
Customer testimonials and reviews
Educational and training materials

14.2 Consent and Rights

Your Rights Regarding Images:

Opt-out of photography for marketing use
Request removal of images from marketing materials
Retain rights to your personal photographs
Control sharing of images on social media
Receive copies of expedition photographs

Our Use Rights:

Use images for marketing and promotion (with consent)
Share images across digital platforms
Include images in printed materials
Use images for educational purposes
Archive images for historical documentation

14.3 Opt-Out Procedures

To opt-out of photography for marketing purposes:

Inform your guide at the beginning of your expedition
Email findjoy@joytrekking.com before your trip
Specify opt-out preferences in your booking
Request removal of existing images
Update consent preferences at any time

15. Data Protection Officer and Complaints

15.1 Privacy Contact Information

For privacy-related inquiries, complaints, or to exercise your rights:

Primary Contact: January Musa Mziray, Director
JoyTrekking Tours & Safaris
? +255 755 557 547
? findjoy@joytrekking.com
? PO Box 2218, Arusha, Tanzania

15.2 Complaint Procedures

If you have concerns about our privacy practices:

Internal Process:

Contact us using the information above
Provide detailed description of your concern
Include relevant documentation or evidence
Allow 30 days for investigation and response
Escalate to management if unsatisfied

External Authorities:

If you are not satisfied with our response, you may file a complaint with:

Tanzania Data Protection Authority (when established)
Your local data protection authority (for EU residents)
Consumer protection agencies
Tourism regulatory authorities
Legal counsel or privacy advocates

15.3 Resolution Commitment

We are committed to:

Responding to privacy concerns promptly
Investigating complaints thoroughly and fairly
Implementing corrective measures when necessary
Preventing similar issues in the future
Maintaining transparent communication throughout the process

16. Updates to This Privacy Policy

16.1 Policy Changes

We may update this Privacy Policy to reflect:

Changes in our business practices
New legal or regulatory requirements
Technological developments
Industry best practices
Customer feedback and concerns

16.2 Notification of Changes

When we make significant changes to this policy:

We will post the updated policy on our website
Send email notifications to registered customers
Provide clear notice of material changes
Allow reasonable time for review before implementation
Maintain previous versions for reference

16.3 Continued Use

Your continued use of our services after policy updates constitutes acceptance of the revised terms. If you do not agree with changes, please contact us to discuss your options or discontinue use of our services.

17. Contact Information

For any questions, concerns, or requests related to this Privacy Policy or our privacy practices:

JoyTrekking Tours & Safaris
Director: January Musa Mziray
Address: PO Box 2218, Arusha, Tanzania
Phone: +255 755 557 547
Email: findjoy@joytrekking.com
Website: www.joytrekking.com

Business Hours: Monday – Friday, 8:00 AM – 6:00 PM (East Africa Time)
Emergency Contact: Available 24/7 during active expeditions