Privacy Policy

Saro Tours & Travels (“Saro Tours”, “we”, “us”, or “our”) respects your right to privacy and is committed to protecting personal data in accordance with the Data Protection Act, 2019 (Kenya), the EU General Data Protection Regulation (GDPR), the UK GDPR, the California Consumer Privacy Act (CCPA), and other applicable tourism and consumer protection regulations worldwide.

This Privacy Policy explains how we collect, use, disclose, store, and secure personal data when you interact with our website, booking platforms, social media, and offline services. It also outlines your rights and how you can exercise them.

Saro Tours & Travels is the data controller responsible for your personal data. For questions or to exercise your rights, please contact our Data Protection Officer at info@sarotoursandtravels.com or write to Mogotio 20, Westlands, Nairobi, Kenya.

- Identification data (full name, nationality, passport or ID details where required for travel bookings)

- Contact data (email addresses, postal address, telephone numbers, emergency contact details)

- Booking data (travel preferences, itineraries, accommodation details, dietary requirements, insurance information)

- Payment data (transaction references processed through secure payment partners; we do not store full card numbers)

- Technical data (device identifiers, IP address, browser type, operating system, referral URLs, and analytics data collected via cookies and similar technologies)

- Marketing and communication preferences, survey responses, testimonials, and competition entries

- Consent: for marketing communications, optional cookies, and special-category data (e.g., medical or dietary details) provided voluntarily

- Contract: to create quotations, confirm bookings, provide customer service, and deliver travel experiences you request

- Legal obligation: to comply with taxation, immigration, tourism licensing, anti-money laundering, and safety regulations

- Legitimate interests: to improve our services, secure our systems, prevent fraud, and tailor offerings, provided such interests do not override your rights

- Vital interests: to protect your life or that of another person in an emergency while travelling

- Manage enquiries, quotations, reservations, payments, and changes to your itinerary

- Coordinate with airlines, hotels, ground handlers, guides, insurers, and other vetted suppliers to fulfil travel services

- Personalise communications, send travel documentation, and issue alerts about regulatory or health requirements

- Administer loyalty programmes, promotions, competitions, and satisfaction surveys

- Maintain business records, perform analytics, measure marketing effectiveness, and enhance website performance

- Detect, investigate, and prevent fraudulent activity or breaches of our terms and applicable law

We use essential cookies to operate the website and optional analytics/marketing cookies to improve your experience. Optional cookies are only activated with your consent through our cookie notice, which lets you accept or decline. You can review or change your preference at any time by clearing the “cookie_consent” cookie in your browser or contacting us for assistance. See section 11 for more detail on international frameworks governing cookies.

- Travel partners: airlines, hotels, destination management companies, activity providers, and insurance partners that enable us to deliver contracted services

- Regulatory authorities: immigration, customs, tourism regulators, and law enforcement when required by law or court order

- Service providers: payment processors, IT support, marketing platforms, cloud providers, and professional advisers bound by confidentiality obligations

- Corporate transactions: potential buyers or investors in the event of a merger, acquisition, or restructuring, subject to contractual safeguards

Given the global nature of travel, personal data may be transferred outside Kenya to destinations with different data protection standards. We use appropriate safeguards such as contractual clauses, supplier audits, and reliance on adequacy decisions recognised under the Kenyan Data Protection Act, GDPR, and other applicable regimes. Where such safeguards are unavailable, we will request your explicit consent or rely on necessity for the performance of a contract or vital interests.

We retain personal data only for as long as necessary to fulfil the purposes outlined in this policy, including satisfying legal, accounting, reporting, and tourism licensing requirements. Typical retention periods include:

- Booking and contractual records: 7 years from the end of the financial year in which the service was delivered, as required by Kenyan company and tax law

- Marketing data: until you withdraw consent or opt out of communications

- Incident, insurance, or dispute records: for the duration of the investigation and any applicable statutory limitation period

Subject to applicable law, you may exercise the following rights: access, rectification, erasure, restriction, portability, objection, withdrawal of consent, and the right to lodge a complaint with the Office of the Data Protection Commissioner (ODPC) in Kenya or your local supervisory authority. To submit a request, contact info@sarotoursandtravels.com and include proof of identity for verification.

We do not knowingly collect personal data from children under 16 without the consent of a parent or guardian. Where travel arrangements for minors require personal data, we process such data solely for the purpose of providing the requested services and in line with applicable child protection laws.

We implement administrative, technical, and organisational safeguards including access controls, encryption in transit, supplier due diligence, and incident response procedures to protect personal data from unauthorised access, alteration, disclosure, or destruction.

We may update this Privacy Policy to reflect legal or business changes. The “Last updated” date below indicates when the policy was revised. Significant changes will be communicated via our website or direct notice where appropriate.

Email: info@sarotoursandtravels.com

Telephone: +254700134965

Postal: Mogotio 20, Westlands, Nairobi, Kenya