Privacy Policy

Last updated: February 19, 2026

Introduction

ODISEA ("we", "us", or "our") operates the website odisea.tours and provides guided tour services in Prague, Czech Republic. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information when you visit our website or use our services. We are committed to protecting your privacy in accordance with the General Data Protection Regulation (GDPR) and applicable Czech data protection laws.

Information We Collect

We collect information that you provide directly to us and information that is collected automatically when you use our services.

Information You Provide

  • Name, email address, and phone number when you book a tour or submit an inquiry
  • Payment information processed securely through our payment provider
  • Language preferences and special requests related to your booking
  • CV and professional information if you apply to work with us as a guide

Automatically Collected Information

  • Device information, browser type, and operating system
  • IP address and approximate geographic location
  • Pages visited, time spent on pages, and navigation patterns

How We Use Your Information

  • To process and manage your tour bookings and communicate booking confirmations
  • To respond to your inquiries, comments, or questions
  • To improve our website, services, and customer experience
  • To send you marketing communications (only with your explicit consent)
  • To comply with legal obligations and protect our legitimate interests

Legal Basis for Processing

  • Contract: Processing necessary to fulfill your tour booking
  • Consent: For marketing communications and non-essential cookies
  • Legitimate interest: For website analytics and service improvement
  • Legal obligation: To comply with tax, accounting, and regulatory requirements

Sharing Your Information

We do not sell your personal data. We may share your information only with the following categories of service providers who assist us in operating our business:

  • Payment processors for secure transaction handling
  • Email service providers for booking confirmations and communications
  • Analytics services to help us understand website usage

Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, including to satisfy legal, accounting, or reporting requirements. Booking data is retained for up to 3 years after your last interaction with us. Job application data is retained for 1 year after the application process concludes.

Your Rights

Under the GDPR, you have the following rights regarding your personal data:

  • Right of access: Request a copy of the personal data we hold about you
  • Right to rectification: Request correction of inaccurate or incomplete data
  • Right to erasure: Request deletion of your personal data
  • Right to restrict processing: Request that we limit how we use your data
  • Right to data portability: Receive your data in a structured, machine-readable format
  • Right to object: Object to processing based on legitimate interests or for marketing purposes

Data Security

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction. This includes encrypted data transmission (SSL/TLS), secure server infrastructure, and regular security assessments.

Contact Us

If you have any questions about this Privacy Policy or wish to exercise your data rights, please contact us at [email protected]. You also have the right to lodge a complaint with the Czech Data Protection Authority (ÚOOÚ) if you believe your data protection rights have been violated.