Privacy Policy

Thank you for your interest in this Privacy Policy! At MoroccoTours.co, we take the protection of your Personal Data very seriously.

In principle, we will only use your Personal Data in accordance with the applicable data protection laws, in particular Morocco’s Law No. 09-08 (“Law No. 09-08”), the General Data Protection Regulation (“GDPR”), and only as described in this Privacy Policy.

Unfortunately, it is in the nature of things that these explanations sound very technical, but we have tried to describe the most important things as simply and clearly as possible when creating them.

Responsible for the data processing policy

Responsible for data processing in accordance with the provisions of Law No. 09-08 and the GDPR is:

MoroccoTours.co

N° 11 Imm V CIBAM II, Ave Moulay Hassan Gueliz, Marrakech

If you have any questions about Cookies or about data protection in general, you can reach us at +212-666-168-288 or via our Contact Form.

General information on data processing

In the course of our business and website operations, we process data. This also includes disclosure by transmission to third parties and, where applicable, to so-called third countries outside Morocco. Where we transfer data outside Morocco, this is governed by Processing Agreements that include Standard Contractual Clauses to ensure a high level of data protection.

Data processing

All Personal Data that we obtain from you via the website will only be processed if:

  • You have given your consent.
  • The data is necessary for the fulfillment of a contract or pre-contractual measures.
  • The data is necessary for the fulfillment of a legal obligation or
  • The data is necessary to protect legitimate interests, provided that your interests are not overridden.

Data Storage and retention

MoroccoTours.co processes and stores your Personal Data only for the period of time required to achieve the respective processing purpose or for as long as a legal retention period (in particular Morocco’s commercial and tax laws) exists. Once the purpose has been achieved or the retention period has expired, the corresponding data is routinely deleted.

Data that you provide automatically

  1. Log files

We collect data on every visit to our website. The access data includes the name of the website accessed, file, date and time of access, amount of data transferred, notification of successful access, browser type and version, the user’s operating system, referrer URL (the previously visited page), IP address, and the requesting provider.

Log file information is stored for security reasons (e.g., for the clarification of abuse or fraud) for a maximum of 7 days and then deleted. Data whose further storage is necessary for evidentiary purposes is exempt from deletion until the respective incident is finally clarified. The legal basis for the data processing is our legitimate interest in providing an appealing website.

  1. Use of cookies

We use so-called cookies on our web site. Cookies are small text files that are stored on your respective device (PC, smartphone, tablet, etc.) and saved by your browser. For further information, please refer to our Cookie Policy. The legal basis for the use of cookies is your consent as well as our legitimate interest.

  1. Google Fonts

We integrate the fonts of the provider, Google LLC, whereby the user’s data is used solely for the purpose of displaying the fonts in the user’s browser. The integration is based on our interest in the efficient and secure use of fonts and their uniform display and integration. The legal basis for this processing is our legitimate interest.

  1. Google Contact Form 7

We use the standard version of the Contact Form 7 plugin to handle requests. In accordance with Google’s privacy policy, this is done through WP Forms in the default version: No data theft, No storage of your form entries on the software provider’s website, No sending of data to external servers, and No use of cookies The use of our contact form is done with the consent of the user to store personal data, which is your consent and our legitimate interest.

  1. WordPress

We also use the Content Management System (CMS) of WordPress, a service provided by Automattic Inc., to publish and maintain the created and edited content and texts on our website. This means that all content and texts submitted to us are transferred to WordPress. This represents a legitimate interest.

Data that you provide voluntarily

  1. Contacting us

If you contact us, we process the following data from you for the purpose of processing and handling your inquiry: Name, contact details (phone number and e-mail address) (if provided by you), and your message The legal basis of the data processing is our obligation to fulfill the contract and/or to fulfill our pre-contractual obligations and/or our legitimate interest in processing your inquiry.

  1. When you use our services

The protection of your data is particularly important to us in the performance of our services. We therefore only want to process as much Personal Data (for example, your name, address, e-mail address, or telephone number) as is absolutely necessary. Nevertheless, we rely on the processing of certain Personal data to fulfill our contractual obligations to you or to carry out pre-contractual measures.

When using our services, you can submit, share, and publish Personal Data. Some of the Personal Data you provide may be considered “special” or “sensitive”. This includes Personal Data concerning, for example, your health, racial or ethnic origins, sexual orientation, and religious beliefs. By choosing to provide this data, you consent to our processing of that data.

You have choices about the Personal Data you upload and share. You don’t have to provide Personal Data; however, Personal Data helps you get more from our Services. It’s your choice whether to include special category data and whether to make that special category data public. Please do not post, upload, or add data that you would not want to be available.

The legal basis for the processing of your personal and special category data is the establishment and implementation of the user contract for the use of the service as well as your consent. We store the data until you delete your user account. Insofar as legal retention periods are to be observed, storage also takes place beyond the time of deletion of a user account.

You may withdraw your consent and request that we stop using and/or disclosing your personal and special category data by submitting your request to us in writing.

  1. Payment data

If you make a purchase, your payment will be processed via our payment system provider. Payment data will solely be processed through our payment service provider. The legal basis for the provision of a payment system is the establishment and implementation of the user contract for the use of the service.

  1. Administration

We process data within the scope of administrative tasks as well as the organization of our business, financial accounting, service, and compliance with legal obligations, such as archiving. In doing so, we process the same data that we process in the context of providing our contractual services (see above). The purpose and our interest in the processing lie in the administration, financial accounting, and archiving of data, i.e., tasks that serve the maintenance of our business activities, the performance of our tasks, and the provision of our services.

Duration of data storage

We only store Personal Data for as long as it is necessary for the purposes for which it is processed or for as long as any consent you have given us has been revoked by you. Insofar as statutory retention obligations must be observed, the storage period for certain data as per Moroccan regulation is up to 10 years, irrespective of the processing purposes.

Transfer of Personal Data

We will not disclose or otherwise distribute your Personal Data to third parties unless this is necessary for the performance of our services, you have consented to the disclosure, or the disclosure of data is permitted by relevant legal provisions.

However, we are entitled to outsource the processing of your Personal Data in whole or in part to external service providers to support us, for example, in the technical operation of the service and the website, data management, the provision and performance of service marketing, as well as the implementation and fulfillment of reporting obligations.

The service providers commissioned by us, however, will process your data exclusively in accordance with our instructions, and we remain, in accordance with Law No. 09-08 and the GDPR, responsible for the protection of your data. Doing so, we always make sure that service providers commissioned by us are carefully selected and follow strict contractual regulations, technical and organizational measures, and additional controls by us.

We may also disclose Personal Data to third parties if we are legally obliged to do so, e.g., by court order, or if this is necessary to support criminal or legal investigations or other legal investigations or proceedings at home or abroad or to fulfill our legitimate interests.

Social Media

We are present on social media on the basis of our legitimate interests. If you contact us via social media platforms, you should note that the chat history can neither be deleted by us nor by you. And that, in accordance with the GDPR, the relevant social media platform and we are jointly responsible for the processing of your data and enter into a so-called joint controller agreement. The legal basis for the use of the relevant social media platform is our legitimate interest, your consent, or, in the case of a pre-contractual relationship with us, the initiation of a contractual service, if any.

Social Plugins

Social buttons from social networks are used on our website. These are only integrated into the page as HTML links, so that when you call up our website, no connection with the servers of the respective provider is established. A connection is only established if you click on one of the buttons, and the website of the respective social network opens in a new window of your browser.

Automated decision-making

Automated decision-making, including profiling, does not take place.

Do Not sell.

We do not sell your Personal Data.

Children Data

We do not knowingly collect and process Personal Data about children.

Your data subject rights

These rights are standardized in Law No. 09-08 and the GDPR. These include:

  • the right to information,
  • the right to rectification,
  • the right to erasure,
  • the right to restrict data processing,
  • the right to data portability,
  • the right to object to data processing,
  • the right to revoke any consent you have given, and
  • the right to lodge a complaint with the competent supervisory authority.

Please contact us at any time with questions and suggestions regarding data protection and to enforce your rights.

Updating your information

If you believe that the information we hold about you is inaccurate or that we are no longer entitled to use it and want to request its rectification, deletion, or object to its processing, please do so by contacting us.

Access requests and updating your Personal Data

In the event that you wish to make a Data Subject Access Request, you may inform us in writing of the same. We will respond to requests regarding access and correction as soon as reasonably possible. Should we not be able to respond to your request within thirty (30) days after receiving it,

We will inform you in writing within thirty (30) days of the time by which we will be able to respond to your request. If we are unable to provide you with any Personal Data or make a correction requested by you, we shall generally inform you of the reasons why we are unable to do so (except where we are not required to do so under the respective legal regulations mentioned above).

Security and confidentiality

Our data processing is subject to the principle that we only process personal data that is necessary for the use of our services. In doing so, we take great care to ensure that your privacy and the confidentiality of all Personal Data are always guaranteed.

All transmitted data is protected by HTTPS encryption. Hyper Text Transfer Protocol Secure (HTTPS) is a protocol used to ensure secure data transmission on the Internet. The public-private key procedure is used here. This means that data encrypted with a publicly accessible key can only be decrypted again with a separate private key.

We also use technical and organizational security measures (TOMs) throughout the company to protect the data we manage from you against accidental or intentional manipulation, loss, destruction, or access by unauthorized persons.

 

Advertising and Marketing

Insofar as you have also given us your consent, we may contact you for the purposes of advertising and marketing via the communication channels you have given your consent to. Advertising and Marketing generally take the form of e-mail but may also include other less traditional or emerging channels. These forms of contact will be managed by us or by our contracted service providers. Every directly addressed marketing message sent or made by us or on our behalf will include a means by which you may unsubscribe or opt out.

 

Links to other providers

Our website also contains clearly recognizable links to the websites of other companies. Insofar as there are links to the websites of other providers, we have no influence on their contents. Therefore, no guarantee or liability can be assumed for these contents. The respective provider or operator of the pages is always responsible for the content of these pages.

 

Changes and updates

We kindly ask that you regularly inform yourself about the content of our privacy policy. We will amend the privacy policy as soon as changes to the information processing activities we carry out make this necessary. We will inform you as soon as the changes require an act of cooperation on your part (e.g., consent) or other individual notification. This Privacy Policy was last updated on Monday, January 16, 2023.

Concerns and Contact

If you have any concerns about a possible compromise of your privacy or misuse of your Personal Data on our part, or any other questions or comments, you can contact us.