Privacy Policy
Last Updated: 7/1/2026
Grand Magellan Ceylon Tours respects your privacy and is committed to protecting your personal data in compliance with the **Sri Lankan Personal Data Protection Act (PDPA)** and the **EU General Data Protection Regulation (GDPR)**.
1. Data We Collect
We collect personal information such as your name, email address, phone number, passport details (if required for hotel/train bookings), and dietary/medical requirements strictly for the purpose of facilitating your travel itinerary.
2. How We Use Your Data
Your data is used exclusively to:
- Process your booking and manage your tour.
- Communicate with you regarding your itinerary or emergencies.
- Provide legally required details to hotels, government sites (e.g., Sigiriya, National Parks), and domestic airlines.
3. Data Sharing & Security
We do not sell your data to third parties. Data is only shared with verified local partners (hotels, transport providers) strictly for executing your tour. We employ robust security measures to prevent unauthorized access or data breaches.
4. Your Rights
Under the PDPA and GDPR, you have the right to access, rectify, or request the erasure of your personal data. To exercise these rights, please contact our Data Protection Officer at grandmagellanceylontours@gmail.com.