Privacy Policy

Introduction
With this Privacy Policy we inform you about the processing of your personal data and the data protection claims and rights you are entitled to pursuant to Article 13 of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (GDPR):

Step2Arica promises that we shall never sell your data to 3rd parties and that is the fact. We will only share your details with 3rd parties that you expressly consent to being shared with. We take your right to privacy seriously and want you to feel comfortable using our platform (website, apps and other digital services). This Privacy Policy deals with personally identifiable information (referred to as “Data” below) that may be collected by us on our site. This Policy does not apply to other entities that we do not own or control or persons that are not our employees, agents or within our control. Please take time to read our Terms and Conditions.

Processing of Data
Your data is processed by Step2Africa.com and you may contact us via service@step2africa.com
Step2Africa processes the data that we receive from you as part of our business relationship. The information and data concerning you are necessary for the management of your order / your booking and additional services.
Personal data includes your personal details (e.g. name, address, contact details, nationality). In addition, this may include order/booking data (e.g. payment orders), data from the fulfilment of our contractual obligation (e.g. insurance details), advertising and documentation data (e.g. browser records), register data, image and sound data (e.g. telephone recordings), information from your electronic communication with us (e.g. cookies) as well as data for compliance with legal requirements.
Please take note that your user name, e-mail address, or other submissions that you make on this site may contain your real name or other personally identifiable information and, as a result, may appear on this site. Like many platforms, we may also automatically receive general information that is contained in our server log files such as your IP address and cookie information. Information about how advertising may be served on this site (if at all) is set forth below. Step2Africa uses various 3rd party payment gateways to ensure your personal and sensitive credit card information is securely stored. Your credit card details are NOT stored on Step2Africa, instead, your information is securely stored and encrypted with 3rd party partner. In order to ensure the security of your data Step2Africa has set requirements which is fully PCI-DSS compliant and to transfer information between Step2Africa and 3rd party service provider we use a 256-bit TLS/SSL certificate. This means when you save or update your credit card details on Step2Africa, these details are being securely stored and your information cannot be used by malicious 3rd parties.
Step2Africa and its employees are unable to view your cardholder information as our 3rd party truncates your credit card details. You may add, update or delete your credit card information whenever you like.

Use of Data, Purposes and Legal Basis of the Data Processing
We process your personal data in accordance with the GDPR and the Austrian Data Protection Act for the purposes and on the legal basis as outlined below:
Given consent pursuant to Article 6 item 1 a) GDPR, if you have granted us consent to process your personal data. Any consent given may be revoked at any time with future effect. Fulfilment of contractual obligations pursuant to Article 6 item 1 b) GDRP, as the processing of
your personal data is carried out for the order management / your booking and the execution of your orders and all activities required for the operation and management of a tour broker.

Fulfilment of legal obligations pursuant to Article 6 item 1 c) GDPR, as the processing of personal data may be necessary for the purpose of fulfilling legal obligations according to the Austrian Federal Fiscal Act.
For the protection of legitimate interests pursuant to Article 6 item 1 f) GDPR, as if necessary, within the framework of balancing interests of us or a third party, data may be processed, by us or by a third party, beyond the actual fulfilment of the contract, in order to safeguard legitimate
interests (provided that you have not objected to the use of your data pursuant to Article 21 GDPR) e.g.
direct customer approach procedures and review and optimisation of needs analysis, advertising or market and opinion research, telephone records (e.g. customer support,complaints);
consultation of and data exchange with credit agencies for the identification of default risks;
measures for business management and development of services and products;
measures for protecting employees, customers and property;
measures for prosecution.
We may use Data to customize and improve your user experience on this site and to contact you. We will make efforts so that your Data will not be provided to third parties unless:
(i) provided for otherwise in this Privacy Policy;
(ii) we obtain your consent, such as when you choose to opt-in or opt-out to the sharing of Data;
(iii) a service provided on our site requires the interaction with or is provided by a third party, by way of example an Application Service Provider; (iv) pursuant to legal process or law enforcement;
(v) We find that your use of this site violates our Policy, Terms and Conditions, other usage guidelines or as deemed reasonably necessary by us to protect our legal rights and/or property;
(vi) or (vi) this site is purchased by a third party whereby that third party will be able to use the Data in the same manner as we can as set forth in this Policy. In the event you choose to use links that appear on our site to visit other platforms, you are advised to read the privacy policies that appear on those sites.

Recipients of Data
We will transfer some of your data such as names, and contact details, to the tour operator who will carry out the tour service you booked.
Your data may therefore be transferred to a party located outside of the EU (“Africa”), as most of our services and tour operators reside in Africa.
We do not guarantee that the scale of data protection in a third country reaches the same level of protection as within the EU. By choosing a tour operator in a third country / a tour that takes place in a third country you are aware of the fact that the transfer of personal data to a third country is necessary for the performance of the contract between you and Step2Africa company. With regards to the implementation of pre-contractual measures taken at your request (pursuant to Article 49 item 1 b) GDPR), and/or necessary for the conclusion or performance of a contract concluded in your interest between Step2Africa company and the tour operator (according to Article 49 item 1 c) GDPR.
We share personal data with advertising partners, including your email address, as part of the marketing of our services through third parties (to ensure that relevant advertisements are shown to the right audience). We strive to only share email addresses in hashed form to enable the matching of your email address with an existing customer database so that your email address cannot be used for other purposes.

How long we retain your data

Step2Africa company processes your data for the duration of the entire business relationship (from the initiation, and performance until the termination of the contract) and according to the legal safe-keeping and documentation obligations. The statutory limitation periods – in some cases up to 15 years.

Protection Rights
According to Chapter III of GDPR, you have the right to obtain information regarding your data or to limit its processing or to correct, or delete it, the right of objection against processing and the right to data portability.
Therefore, you have the right to revoke any consent given at any time with future effect.
As far as the data processing is legitimated by Article 6 item 1 f) GDPR you have the right to object to the use of your data under Article 21 GDPR.
You can exercise these rights by sending an email to the following address: service@step2africa.com.
Complaints can be sent to the Austrian Data Protection Authority.

Cookies
Since we promised to provide services that meet your requirements, therefore, we set and use cookies to enhance your user experience, such as retaining your settings. Advertisements may appear on our platform and, if so, may set and access cookies on your computer and are subject to the privacy policy of those parties providing the advertisement.

If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.

If you visit our login page, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.

When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.

If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.

Children
We do not allow persons who are ages eighteen or younger to become members of this site.

Media
If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.

What rights do you have over your data?
We provide you with the ability to edit the information in your account by signing into your Account Dashboard or contacting our services desk. You may request deletion of your user account by contacting us. Content or other data that you may have provided to us and that is not contained within your user account, such as posts that may appear within our forums, may continue to remain on our site at our discretion even though your user account is deleted. Please see our Terms and Conditions.

Updating Privacy Policy
Due to the nature of our service, be aware that we may make changes to this Policy from time to time without notification.

We do our best to comply with the standard
While this Privacy Policy states our standards for the maintenance of Data and Step2Africa.com will make its efforts to meet them, we are not in a position to guarantee these standards. There may be factors beyond our control that may result in the disclosure of data. As a consequence, we disclaim any warranties or representations relating to maintenance or nondisclosure of Data.

Hiking & trekking

Bicycling

Romance & Relaxing

Bus tours

Bird watching

Balloon tours

Museum & Gallery

Party & nightlife

Rafting Tour

Train Tours

Waterfalls Tours

Safaris

Privacy Policy

Privacy Policy

Useful Links

About company

Legal

Sign up for our newsletter

Acceptable payment methods.

Copyright © 2024 Step2Africa.com. All Rights Reserved.