Privacy Policy

Overview

This Privacy Policy explains how Safari Flamingo, Lda (“Flamingo Experiences”, “we”, “us”) collects and processes personal data in connection with our website and our tours, experiences, events and transfers.

This policy is provided for information purposes. In case of discrepancies between language versions, the Portuguese version should prevail.

1. Data Controller (Portugal / EU)

Entity: Safari Flamingo, Lda
NIPC (VAT): PT514213825
Address: Urbanização Sopé da Serra Lote 49, 2710-675 Várzea de Sintra, Portugal
Email: go@flamingoexperiences.com
Technical matters: webmaster@webxtek.com

2. Personal Data We Collect

Depending on how you use the website, we may collect:

• Identification and contact data: name, email, phone number.
• Booking and service data: service selected, dates, destinations, preferences, messages you send us.
• Communications: content of messages and support requests.
• Technical and usage data: IP address, device/browser information, pages visited and interactions.
• Security/anti-abuse data: signals used to protect forms and prevent fraud (e.g., reCAPTCHA).

We do not intentionally collect special category data (e.g., health data). If you share sensitive information with us, we will only process it to handle your request and as permitted by law.

3. Purposes and Legal Bases (GDPR)

We process your personal data for:

• Responding to enquiries and requests (legitimate interest; pre-contractual steps).
• Managing bookings and providing services (performance of contract; pre-contractual steps).
• Customer support and service communications (legitimate interest; contract).
• Marketing communications (consent, where required; you can opt out at any time).
• Website security and abuse prevention (legitimate interest).
• Compliance with legal obligations (legal obligation).

4. Cookies and Similar Technologies

We use cookies and similar technologies for essential operation, preferences, analytics and security. For details, please see our Cookies Policy.

5. Data Sharing

We do not sell your personal data. We may share data with:

• Service providers acting on our instructions (e.g., website hosting, analytics, email tools, customer support).
• Payment and booking partners, where applicable, to complete a transaction.
• Public authorities, when required by law.

All processors are bound by contractual obligations of confidentiality and data protection.

Processors and Partners We Rely On

• Google Maps (embedded maps or JavaScript API; functional display of locations).
• YouTube (embedded videos; loads YouTube Iframe API when a video is present).
• Google Analytics (analytics; loaded only after consent; IP anonymization where applicable).
• Cloudflare Turnstile (essential anti‑bot protection; loaded only on forms).
• Google reCAPTCHA (anti‑bot; loaded only on forms when used).
• Sender.net (newsletter embeds/tracking; loaded only after marketing consent; unsubscribe always available).
• Resend (transactional emails for contact and operational communications).
• Cloudflare (hosting/CDN and security services).
• FareHarbor (booking flows and payments where applicable).
• Instagram Graph API (feed content fetched via site endpoint; no client third‑party embeds).
• Vimeo (embedded videos; loads player scripts when present).

6. International Transfers

Some service providers may process data outside the European Economic Area. When this happens, we use appropriate safeguards (e.g., Standard Contractual Clauses) as required by the GDPR.

7. Retention

We keep personal data only for as long as necessary for the purposes described above and to meet legal obligations. Retention periods may vary by type of data and legal requirements (e.g., invoicing records).

8. Security

We implement technical and organisational measures to protect personal data against unauthorised access, loss or misuse. No system is 100% secure; if you suspect an issue, contact us.

9. Your Rights

Subject to applicable law, you may request:

• Access, rectification, erasure.
• Restriction or objection to processing.
• Data portability.
• Withdrawal of consent (where processing is based on consent).

To exercise your rights, contact go@flamingoexperiences.com.

You also have the right to lodge a complaint with the Portuguese supervisory authority (CNPD) or with your local EU authority.

You can manage cookie preferences at any time via the “Manage cookies” link in the footer or the banner. Marketing emails include an unsubscribe link.

10. Changes to This Policy

We may update this Privacy Policy from time to time. The latest version will always be available on this page.