Privacy Policy

Last updated: 31 March 2026

1. INTRODUCTION

Natondi Tours Pty Ltd (“Company”, “we”, “us”, “our”) is committed to protecting your personal information and your right to privacy.

For the purposes of applicable data protection laws:

• We act as the “Responsible Party” under the Protection of Personal Information Act, 2013 (“POPIA”), and
• As the “Data Controller” under the General Data Protection Regulation (“GDPR”).

This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information when you:

• Visit our website: http://www.natonditours.com (the “Website”),
• Make travel enquiries or bookings,
• Use any of our services (the “Services”).

By using our Services, you agree to the collection and use of information in accordance with this Privacy Policy.

2. WHAT INFORMATION DO WE COLLECT?

We collect personal information that you voluntarily provide to us when you:

• Request a quote or itinerary
• Make a booking
• Contact us via email, phone, or forms

Types of personal information

Depending on your interaction with us, we may collect:

• Full name
• Email address
• Phone number
• Nationality and travel preferences
• Passport details (where required for bookings)
• Payment-related information (processed securely via third-party providers)
• Any other information necessary to organise your travel

You are responsible for ensuring that the information you provide is accurate and up to date.

3. HOW DO WE USE YOUR INFORMATION?

We use your personal information for the following purposes:

• To prepare quotes, itineraries, and travel arrangements
• To process bookings and payments
• To communicate with you about your travel plans
• To provide customer support
• To improve our services and website
• To comply with legal and regulatory obligations

Legal basis for processing (GDPR)

We process your personal data based on:

• Performance of a contract (to deliver travel services)
• Consent (e.g. marketing or cookies)
• Legitimate interests (e.g. improving services)
• Legal obligations

4. SHARING OF PERSONAL INFORMATION

We may share your personal information with:

Travel service providers

Including:

• Hotels and lodges
• Transport providers
• Tour guides and activity operators

(This is necessary to deliver your travel services.)

Service providers

Such as:

• Payment processors
• IT and website service providers
• Analytics providers

Legal and regulatory authorities

Where required by law.

We ensure that all third parties process your information in accordance with applicable data protection laws.

5. INTERNATIONAL DATA TRANSFERS

As a tour operator working with international clients and suppliers, your personal information may be transferred to and processed in countries outside:

• South Africa, and/or
• The European Economic Area (EEA)

Where such transfers occur, we ensure appropriate safeguards are in place, including:

• Contractual protections
• Working with reputable service providers
• Ensuring adequate levels of data protection

6. HOW LONG DO WE KEEP YOUR INFORMATION?

We retain your personal information only for as long as necessary to:

• Fulfil the purposes outlined in this policy
• Comply with legal, tax, and accounting obligations

In general, we do not retain personal data longer than 2 years after your last interaction, unless required by law or necessary for legitimate business purposes.

7. HOW DO WE KEEP YOUR INFORMATION SAFE?

We implement appropriate technical and organisational security measures to protect your personal information.

However, no system is completely secure, and we cannot guarantee absolute security of data transmitted via the internet.

8. DO WE COLLECT INFORMATION FROM MINORS?

We do not knowingly collect personal information from individuals under the age of 18 without parental or guardian consent.

If we become aware that such data has been collected without consent, we will delete it promptly.

9. YOUR PRIVACY RIGHTS

Under GDPR (for EU/EEA/UK clients)

You have the right to:

• Access your personal data
• Request correction or deletion
• Restrict or object to processing
• Data portability
• Withdraw consent at any time
• Lodge a complaint with a supervisory authority

Under POPIA (South Africa)

You have the right to:

• Access and correct your personal information
• Request deletion or destruction
• Object to processing
• Lodge a complaint with the Information Regulator

Supervisory Authorities

• EU: http://ec.europa.eu/justice/data-protection/bodies/authorities/index_en.htm
• South Africa: https://www.justice.gov.za/inforeg/

To exercise your rights, please contact us using the details below.

10. COOKIES POLICY

We use cookies and similar technologies to:

• Ensure website functionality
• Improve user experience
• Analyse website traffic

Types of cookies:

• Strictly necessary cookies (always active)
• Analytics cookies (only with your consent)
• Functional cookies (only with your consent)

Non-essential cookies are only placed after you provide consent via our cookie banner.

You can withdraw your consent at any time.

11. DO-NOT-TRACK (DNT)

We currently do not respond to Do-Not-Track browser signals, as no uniform standard has been adopted.

12. UPDATES TO THIS POLICY

We may update this Privacy Policy from time to time. The updated version will be indicated by the “Last updated” date.

13. CONTACT DETAILS

If you have any questions or wish to exercise your rights, please contact:

Natondi Tours Pty Ltd

35 Fricker Road

Illovo, Sandton

Johannesburg, 2196

South Africa

Email: hello@natonditours.com

Information Officer

Our Information Officer can be contacted at: hello@natonditours.com

14. AUTOMATED DECISION-MAKING

We do not use your personal information for automated decision-making or profiling.