Privacy Policy

1. Introduction

thrushhikp B.V. ("we," "our," or "us") is committed to protecting your privacy and personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website thrushhikp.top or use our bicycle tour services.

As a company registered in the Netherlands (Chamber of Commerce: 61285021, VAT: NL637152058), we comply with the General Data Protection Regulation (GDPR), the Dutch Data Protection Act (Uitvoeringswet AVG), and other applicable privacy laws.

2. Data Controller Information

3. Information We Collect

3.1 Personal Information You Provide

• Contact information (name, email address, phone number)
• Booking information (tour preferences, dates, group size)
• Payment information (processed by secure third-party payment processors)
• Communication preferences and marketing consent
• Special requirements or accessibility needs
• Emergency contact information

3.2 Information Automatically Collected

• IP address and device information
• Browser type and version
• Pages visited and time spent on our website
• Referral source and exit pages
• Location data (with your consent)

3.3 Cookies and Tracking Technologies

We use cookies and similar technologies to enhance your experience. For detailed information about our cookie usage, please refer to our Cookie Policy.

4. How We Use Your Information

4.1 Legal Bases for Processing

We process your personal data based on the following legal grounds:

• Contract Performance: To provide our bicycle tour services
• Legitimate Interest: To improve our services and website functionality
• Consent: For marketing communications and non-essential cookies
• Legal Obligation: To comply with tax, accounting, and safety regulations

4.2 Purposes of Processing

• Processing and managing tour bookings
• Providing customer support and responding to inquiries
• Processing payments and managing refunds
• Ensuring safety during tours
• Improving our services and website
• Sending marketing communications (with consent)
• Complying with legal and regulatory requirements
• Preventing fraud and ensuring security

5. Information Sharing and Disclosure

We may share your information with:

• Service Providers: Payment processors, booking systems, and IT support
• Tour Partners: Local guides and partner organisations involved in tour delivery
• Legal Authorities: When required by law or to protect our rights
• Emergency Services: In case of accidents or emergencies during tours

We do not sell, rent, or trade your personal information to third parties for marketing purposes.

6. Data Retention

We retain your personal data for the following periods:

• Booking Information: 7 years for tax and legal compliance
• Marketing Data: Until you withdraw consent or 3 years of inactivity
• Website Analytics: 26 months (Google Analytics default)
• Customer Support Records: 2 years after resolution

7. Your Rights Under GDPR

As a data subject, you have the following rights:

To exercise these rights, contact us at [email protected]. We will respond within 30 days.

8. International Data Transfers

Your data is primarily processed within the European Union. If we transfer data outside the EU, we ensure adequate protection through:

• Adequacy decisions by the European Commission
• Standard Contractual Clauses (SCCs)
• Certification schemes or codes of conduct

9. Data Security

We implement appropriate technical and organisational measures to protect your data:

• SSL/TLS encryption for data transmission
• Secure servers and regular security updates
• Access controls and staff training
• Regular security assessments
• Data backup and recovery procedures

10. Children's Privacy

Our services are not directed to children under 16. We do not knowingly collect personal information from children under 16. If you are a parent or guardian and believe your child has provided us with personal information, please contact us.

11. Changes to This Privacy Policy

We may update this Privacy Policy periodically. We will notify you of any material changes by posting the new policy on our website and updating the "Last updated" date. Your continued use of our services after such changes constitutes acceptance of the updated policy.

12. Contact Information and Complaints

For privacy-related questions, concerns, or to exercise your rights, contact us:

If you are not satisfied with our response to your privacy concerns, you have the right to lodge a complaint with the Dutch Data Protection Authority (Autoriteit Persoonsgegevens):