Capsule Adventures Privacy Policy

Effective Date: April 24, 2025

Capsule Adventures ("Capsule Adventures", "we", "us", or "our") is a sober travel company with a global customer base. We are committed to protecting your privacy and handling your personal information in a transparent and secure manner. This Privacy Policy explains what personal data we collect from you, how we use and share it, and the rights and choices you have regarding your data. It applies to all users of our websites, products, and services worldwide. By using our services or website, you acknowledge that you have read and agree to the practices described in this Privacy Policy.

We comply with applicable data protection laws, including the EU General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA). We do not sell your personal information. If you have any questions about this policy or how we protect your privacy, please contact us using the information provided at the end of this document.

Data Collection

Information You Provide: We collect personal data that you provide to us when you interact with Capsule Adventures (for example, when you book a trip, sign up on our website, fill out a form, or contact us). This includes, but is not limited to, the following:

  • Contact Details: Your name, email address, phone number, and postal address.

  • Identification and Travel Documents: Passport number, national ID information, visa details, and other identification data needed for travel arrangements.

  • Personal Details for Travel: Date of birth, nationality, gender (if required for bookings), and emergency contact information for your trips.

  • Dietary and Health Information: Any dietary restrictions, food allergies, or health conditions you choose to share with us for trip planning purposes (for example, to arrange appropriate meals or accommodations). This may include sensitive personal data which we handle with extra care and only use for safeguarding your health and comfort during the trip.

  • Travel Preferences and Details: Information related to your travel plans and preferences, such as intended destinations, trip dates, accommodation preferences, activity interests, and any other relevant details you provide about your desired travel experience.

  • Payment Details: Billing information (such as billing address) and transaction details when you make a purchase or booking. Note: Your payment card information (e.g. credit card number) is not collected by us directly but handled by our third-party payment processor as described in the Payment Processing section below.

  • Communications: The content of your communications with us, such as emails, messages, feedback, or inquiries you send to customer support. We may also keep records of your communications and any information you provide during those interactions.

Information Collected Automatically: When you visit our website or use our online services, we may collect certain information automatically from your device or browser, such as your IP address, browser type, device type, unique device identifiers, and browsing actions on our site (e.g. pages viewed, time spent, links clicked). We collect this using cookies and similar tracking technologies as explained in the Cookies and Tracking Technologies section. This automatic data helps us understand how users use our website and enables us to improve the user experience.

No Collection of Children’s Data: Our services are intended for adults. We do not knowingly collect personal information from anyone under the age of 16 (or the relevant minimum age in your jurisdiction). If we become aware that a child under 16 has provided us with personal data without parental consent, we will promptly delete it. If you are a parent or guardian and believe your child has given us information, please contact us so we can take appropriate action.

Payment Processing

When you make payments for Capsule Adventures services (such as paying for a trip booking), those payments are processed by a trusted third-party payment processor. We use Square to securely handle credit/debit card transactions. Capsule Adventures does not directly collect or store your full payment card details (such as the full card number or CVV code).

Here is how payment processing works with respect to your data:

  • Secure Payment Provider: When you enter your payment information on our booking or checkout page, that data is transmitted directly to Square via a secure, encrypted connection. Square will process your payment on our behalf. This means information like your card number, expiration date, and security code are received and processed by Square, not by Capsule Adventures. We do not see or store those sensitive card details in our systems.

  • Limited Data Storage: Capsule Adventures receives from Square a confirmation of payment and basic details necessary for record-keeping. For example, we may store your payment transaction ID, the last four digits of your card (for identification of the payment), the card type (e.g. Visa, MasterCard), and your billing contact information. This information is kept to document your purchase and handle any refunds or customer service issues, but it does not include full card numbers or sensitive payment data.

  • Square’s Privacy Practices: Square, as an independent data controller for payment information, will handle your payment data in accordance with its own privacy policy and security procedures. We recommend you review Square’s privacy policy if you want more information on how they process and protect your payment information.

  • No Permanent Storage of Card Data: Capsule Adventures will never store your credit card number or CVV on our servers. Because we outsource payment processing to Square, your financial details remain secure and are not retained by us after your transaction is completed. This helps protect your financial information.

By making a payment, you authorize Capsule Adventures to charge your chosen payment method via our payment processor. If you have any questions about payment security, feel free to contact us. Remember that any payment transactions are encrypted and transmitted securely; however, no method of transmission over the internet is completely foolproof, so you should also ensure you protect your own payment details (e.g., by only providing them through our secure checkout and not via email).

Data Usage

We use the personal data we collect from you for various purposes necessary to operate our business, provide our travel services to you, and improve your experience. The primary uses of your personal information include:

  • Trip Booking and Fulfillment: We use your information to plan and book your trips. This includes making travel arrangements (such as reserving hotel accommodations, booking transportation and flights, scheduling tours/activities) and preparing any necessary travel documents. For example, we need your passport details to book international flights or accommodations, and we use your name and contact info to make reservations in your name. We will also use your personal details to issue tickets, vouchers, or itineraries for your trip and ensure that your travel goes smoothly.

  • Providing Customer Service: Your information is used to provide you with customer support and service. We may contact you using your phone number or email to communicate about your booking, answer questions you’ve asked, respond to inquiries or requests, and to provide updates or information related to your trip. Having your details allows us to assist you more efficiently and personalize our support (for instance, knowing your travel history or preferences helps us answer your questions in context).

  • Communications About Your Trip: We will send you important communications related to the services you have requested. This includes sending booking confirmations, payment receipts, travel itineraries, reminders about upcoming trips, check-in instructions, changes or updates to your travel plans, and post-trip follow-ups (such as satisfaction surveys or information on future offerings). These service-related messages are necessary to execute our contract with you and ensure you are informed about your travel arrangements.

  • Personalization of Experience: We may use your data and past travel history to tailor our services and recommendations to you. For example, we might suggest trips or activities based on your past trips or interests, or customize content on our website to align with your preferences. Dietary and health information you provide is used strictly to accommodate your needs (e.g., arranging special meals or accessibility accommodations). Any sensitive information (like dietary restrictions or medical info) is used only for the specific purpose for which you provided it – ensuring your comfort and safety – and will not be used for any other purpose without your explicit consent.

  • Marketing and Promotional Communications: With your consent (or as otherwise permitted by law), we may use your contact information to send you marketing materials. This can include newsletters, promotional offers, surveys, or information about new destinations and upcoming trips with Capsule Adventures that we think may interest you. (See the Marketing Communications section below for more details on how we approach marketing and how you can opt out.)

  • Improvement and Analytics: We use data (including automatically collected data about how you use our website) to improve our services and website. For instance, we analyze aggregated information to understand which web pages or trip offerings are most popular, to troubleshoot and enhance the functionality of our website, and to make the user experience more intuitive. We also use data for internal purposes such as auditing, data analysis, and research to help us make informed business decisions and develop new features or services.

  • Security and Fraud Prevention: Information is also utilized to maintain the security of our services, our travelers, and our business. For example, we may use certain data to detect and prevent fraudulent transactions or activities; to debug and repair technical issues; or to enforce our terms and conditions and protect our legal rights.

  • Legal Compliance: In some cases, we need to process personal data to comply with legal obligations. For example, we may keep certain records for accounting/tax purposes, or we may be required by law to provide information to government authorities (such as customs or immigration agencies) for travelers on our tours. We only use and disclose the minimum amount of information necessary to meet our legal requirements.

  • Other Purposes: We may use your information for other purposes that are compatible with the ones listed above and that would be reasonably expected by you, or for which we obtain your consent. We will not use your personal data for entirely new, unrelated purposes without letting you know and, if required, obtaining your permission.

Legal Bases for Processing (EU/UK users): If you are located in the European Economic Area (EEA), United Kingdom, or another region with laws requiring a legal basis for data processing, please note that we only use your personal data when we have a valid legal ground to do so. This means we rely on one of the following bases:

  • Performance of a Contract: We process your personal data to fulfill our contract with you – for example, to provide the travel services you requested (booking your tours, flights, hotels, etc.) and to otherwise perform our obligations and services in connection with your trip.

  • Consent: We rely on your consent in certain cases, such as sending you promotional emails or collecting sensitive personal data like health or dietary information. When consent is our legal basis, you have the right to withdraw that consent at any time.

  • Legal Obligation: We process data when we need to in order to comply with a legal obligation that applies to us (for instance, retaining records for tax purposes or providing information to law enforcement when required by law).

  • Legitimate Interests: We may also process your data as necessary for Capsule Adventures’ legitimate business interests – for example, to improve our services, secure our platform, make travel recommendations, or prevent fraud. When we rely on legitimate interests, we will ensure that our interests are balanced with your rights and freedoms under applicable law. You have the right to object to processing based on our legitimate interests in certain cases (see Your Rights and Choices below).

If you have any questions about the legal basis on which we collect and use your personal data, feel free to contact us for more information.

Data Sharing

We understand the importance of keeping your personal data private. Capsule Adventures does not sell or rent your personal information to third parties for their own marketing or other independent uses. However, in order to run our business and provide you with travel services, we do need to share your information with certain trusted third parties under specific circumstances. This section explains who we share your data with and why:

  • Subcontracted Travel Partners & Suppliers: In order to facilitate your trips, we share relevant information with the local travel partners who actually deliver the services that make up your travel experience. These are companies or individuals we contract with to fulfill your booking, such as local tour operators, guides, transportation providers, hotels or other accommodation services, airlines, and other travel suppliers. We provide them only the data they need to serve you – typically your name and the names of travelers in your party, contact details, and necessary travel document information or preferences. For example, if you book a tour through Capsule Adventures, we will share your name and perhaps your nationality or passport number with the local tour operator so they can secure tickets or permits; if we arrange your hotel, we will send your name (and possibly your phone/email for contact) to the hotel for the reservation; if you have dietary restrictions and we include meals in the trip, we might inform a restaurant or catering service of “vegetarian” or other needs (without more detail than necessary). Our travel partners are contractually and/or legally obliged to use your information only for the purposes of delivering the trip services and to protect your privacy in accordance with applicable laws.

  • Service Providers (Processors): We use a variety of third-party service providers to support our operations and help us provide our services to you. We may share your information with these vendors that perform functions on our behalf. This category includes:

    • Payment Processors: such as Square, which handles payment transactions (as described above in Payment Processing).

    • Cloud Storage and Hosting Providers: that host our website, databases, and IT infrastructure, allowing us to store information and run our site reliably.

    • Analytics and Performance Tools: like Google Analytics or similar services, which receive browsing and usage data through cookies to help us analyze website traffic and user behavior (see Cookies and Tracking Technologies). These tools help us improve the website and are generally restricted to using data in aggregate form.

    • Email and Communication Services: that send out emails or other messages on our behalf (for instance, an email marketing platform to distribute our newsletter, or a service to send booking confirmations and itineraries). These providers would use your email address or phone number only to send the communications that we instruct them to send.

    • Business Support Services: such as customer relationship management (CRM) software, booking management systems, survey tools, or other IT services that may temporarily process some of your data for specific business purposes (e.g., managing bookings, collecting feedback, etc.).

    We only share the necessary information with these service providers for them to perform their functions. They are contractually obligated to keep your information confidential and secure, and to use it only for the purposes we specify. They cannot use your data for their own purposes. For example, our analytics providers cannot suddenly email you or our hosting provider cannot sell your info — they just process it to provide us the service (analytics or hosting) and nothing more.

  • Business Partners (if applicable): In some cases, Capsule Adventures may partner with another company or organization to offer a co-branded service, joint event, or specialized travel program. If you choose to participate in such offerings, we may share your information with those business partners as necessary (for example, if we co-host a sober travel retreat with another travel agency or a wellness organization, we might share participant lists with them). We will let you know if such a partnership is in place for a service you sign up for, and we will only share information with your consent or as needed to carry out the service. Our partners are expected to protect your data in line with this Privacy Policy or an equivalent level of protection, and to use it only for the joint activity, not for other purposes.

  • Legal Requirements and Protection: We may disclose your personal information when we believe in good faith that such disclosure is necessary to comply with a legal obligation or request. This includes sharing data in response to lawful requests by public authorities, such as to meet national security or law enforcement requirements, or to respond to subpoenas, court orders, or other legal process. We may also share information if needed to enforce our agreements or policies, to collect outstanding payments, or to protect the rights, property, or safety of Capsule Adventures, our employees, our customers, or others. For instance, if required by law we might provide information to customs or immigration officials for travelers, or share details with law enforcement to prevent or investigate fraud or other illegal activities.

  • Business Transfers: If Capsule Adventures undergoes a business transaction such as a merger, acquisition by another company, reorganization, or sale of all or part of our assets, your personal data may be transferred to the successor or new owner as part of that transaction. We would ensure that any such transfer is handled in a way that respects your privacy rights – the receiving party would be required to safeguard your data in line with this Privacy Policy (or you would be given notice and a chance to opt out of the transfer if required by law). Similarly, if we ever enter bankruptcy or receivership, your information could be considered an asset subject to transfer, but any new entity would still be bound to honor the commitments we have made in this Policy.

  • With Your Consent or At Your Direction: Aside from the situations above, we will only share your personal data with third parties when you give us consent to do so. For example, if you ask us to share your information with another travel advisor, refer a friend and want us to contact them using your name, or if you provide a testimonial or review and consent to us publishing it (which might include your name or general location). In such cases, we will only share the information you have authorized. You are in control – if not for the purposes listed above, we will seek your permission before sharing your personal data externally.

In all cases of data sharing, we strive to share the minimum amount of information necessary, and we choose partners and service providers who are committed to protecting personal data. If you would like more details about the third parties with whom we share information, you can contact us for a more detailed list. Remember, Capsule Adventures does not sell your personal data to third parties for monetary consideration or for their independent use — any sharing is solely to serve you, run our business, or meet legal obligations as outlined here.

User Rights and Choices

As a user of our services and as the subject of your personal data, you have certain rights regarding how your information is used and what control you have over it. Capsule Adventures is committed to honoring your rights under applicable privacy laws. Your rights may vary depending on your location and the laws that apply to you (for example, GDPR in Europe, CCPA in California), but we extend the spirit of many of these rights to all our customers where feasible. These rights include:

  • Right to Access: You have the right to request a copy of the personal data we hold about you and to obtain information about how we process it. This is sometimes called a “Data Subject Access Request.” Upon verification of your identity, we will provide you with the information we have, including the categories of data, the sources, the purposes for processing, and the third parties with whom it has been shared, as required by law.

  • Right to Rectification (Correction): If any of your personal information is inaccurate or incomplete, you have the right to ask us to correct or update it. We encourage you to keep your information up to date and will make corrections promptly when you request them.

  • Right to Deletion: You can request that we delete your personal data under certain circumstances (this is also known as the “Right to be Forgotten”). For example, if the data we hold is no longer necessary for the original purpose, or if you withdraw your consent and there is no other legal basis for us to keep the data, you can ask that it be erased. Do note that sometimes we may retain certain information when permitted by law – for instance, if we have a legal obligation to keep it (like records of transactions for financial reporting) or if the data is needed to establish or defend legal claims. We will inform you if any such exception applies when you make a deletion request.

  • Right to Restrict Processing: You have the right to ask us to restrict or pause the processing of your personal data in certain scenarios. For example, if you contest the accuracy of the data, or you have objected to processing (see “Right to Object” below) and we are evaluating your request, or if the processing is unlawful and you prefer restriction instead of deletion. When processing is restricted, we will still store your data but will not use it for the time being (except as allowed by law, such as to protect rights or comply with legal obligations).

  • Right to Object to Processing: You have the right to object to our processing of your personal data in certain cases. Notably, you can object to receiving marketing communications at any time (and we will stop sending them). If we are processing your data based on legitimate interests, you can object if you feel such processing has a disproportionate impact on your rights. If you lodge an objection, we will reconsider our justifications for processing and will cease the processing if we cannot demonstrate compelling legitimate grounds that override your interests, rights, and freedoms.

  • Right to Data Portability: To the extent provided by law, you have the right to obtain a copy of the personal data you have provided to us in a structured, commonly used, machine-readable format, and you can ask us to transmit that data to another data controller where technically feasible. In simpler terms, you can ask for your data in a portable form (for example, a CSV file) so that you can reuse it or transfer it to another service. This right applies when the processing is based on your consent or a contract with you and is carried out by automated means.

  • Right to Withdraw Consent: In situations where we rely on your consent to process your personal information (for example, for sending promotional emails or processing sensitive health data), you have the right to withdraw that consent at any time. Withdrawing consent will not affect the lawfulness of any processing we did based on your consent before withdrawal; it just means we will stop the specific activities that were based on consent going forward. For instance, if you gave consent to receive our newsletter, you can withdraw it and we will stop sending you the newsletter.

  • California Privacy Rights: If you are a resident of California, in addition to the rights above (many of which align with CCPA rights), you have the right to request information about the categories of personal information we have collected and disclosed for business purposes in the past 12 months, the categories of sources of that information, the business purposes for collection, and the categories of third parties with whom we shared that information. You also have the right to opt out of the “sale” of your personal information. As noted, Capsule Adventures does not sell personal data in the traditional sense (for money), and we also do not share personal data for targeted advertising without consent. If that ever changes, we will provide a "Do Not Sell or Share My Personal Information" link or mechanism in accordance with the law. Additionally, California law gives you the Right to Non-Discrimination for exercising your privacy rights – we will not deny you services, charge you a different price, or provide a lesser quality of service just because you exercised any of the rights described here. We value all customers equally.

Exercising Your Rights: You may contact us at any time to exercise the applicable rights above. To do so, please reach out using the contact information in the Policy Updates and Contact Info section of this Policy (you can email us at privacy@capsuleadventures.com with your request, for example). Please clearly state what right you wish to exercise and provide us with enough information to verify your identity. We need to verify identity to ensure that we do not disclose or delete personal data in response to fraudulent requests – we may ask for certain information to confirm you are the correct person (for instance, confirming your email address on file, recent booking information, or other details we have on record).

We will respond to your request within the timeframe required by law. For instance, GDPR mandates generally a 1-month response time (which can be extended in certain cases), and CCPA requires a response within 45 days (with possible extension). Our goal is to handle your request as soon as reasonably possible. If we need more time or cannot fulfill your request (due to a legal exception), we will inform you of the reason.

We also want to note that you have the right to lodge a complaint with a data protection authority or regulatory body if you believe we have infringed your privacy rights. For example, if you are in the EU, you can contact the supervisory authority in your country. We encourage you to contact us first so we can address your concerns directly, but you always have this option.

Marketing Communications

Capsule Adventures may send you marketing communications to keep you informed about our latest trips, promotions, and company news, but we strive to do so only in accordance with your preferences and consent.

Subscription to Marketing: If you subscribe to our newsletter or promotional emails (or if you have made a booking with us and have not opted out of marketing), we will use your email address to send you periodic updates. These may include sober travel tips, announcements of new travel destinations or itineraries, special discounts or packages, upcoming events, or stories and resources related to sober travel adventures. In some cases, if you provided a phone number and agreed to SMS marketing, we might send promotional texts, but email is our primary marketing channel.

Opt-In and Consent: In jurisdictions where consent is required (like the EU), we will only send you marketing emails if you have opted in – for example, by ticking a checkbox to receive newsletters, or by signing up on our website. In other cases, if you are an existing customer, local law (like certain “soft opt-in” provisions) might allow us to send you relevant offers, but we will always provide a clear way to opt out.

How to Opt Out: You have the choice not to receive marketing communications from us. If you prefer not to receive these emails or messages, you can opt out at any time. Ways to opt out include:

  • Clicking the “Unsubscribe” link at the bottom of any marketing email you receive from Capsule Adventures. This will remove you from our mailing list (please note it might take a few days to process, and you may receive messages already in production).

  • Replying to a promotional email with a request to unsubscribe, or emailing us directly at privacy@capsuleadventures.com (or the designated contact email) to let us know you no longer wish to receive marketing messages.

  • If applicable, following instructions provided in promotional text messages to stop receiving SMS (e.g., texting "STOP" in reply to an SMS).

Once you opt out, we will cease using your contact information for marketing purposes. There is no charge for opting out, aside from any basic data/communication charges by your carrier or internet provider.

Transactional and Service Emails: Please note that even if you opt out of marketing communications, we will still send you important non-promotional messages. These include communications about your current or past bookings, payment confirmations, travel itineraries, important updates about your trip (e.g., changes in schedule), administrative messages about your account or this Privacy Policy, and responses to your inquiries. These are considered transactional or service-related communications and are necessary for us to provide our services to you. Therefore, they are not subject to the general marketing opt-out. We limit these communications to what is necessary and relevant.

Marketing Preferences: If we ever implement preference centers or more granular control, you could choose which types of content you want to receive (for instance, maybe you only want trip announcements but not our blog updates). We will honor the latest preferences you have communicated to us. If you have multiple communication channels with us (say, multiple emails), please make sure to unsubscribe each email address if you wish to opt out entirely.

We aim to be respectful and not send unwanted messages. We do not share your contact information with third parties for their own marketing. Any promotional messages will come directly from Capsule Adventures. If you receive something that looks suspicious or you think someone has signed you up without permission, let us know so we can investigate. Your communication preferences and satisfaction are important to us.

Cookies and Tracking Technologies

Like most websites, Capsule Adventures uses cookies and similar tracking technologies to enhance your experience on our site, gather analytics, and support marketing efforts. This section explains how we use these technologies and your choices regarding them.

What Are Cookies? Cookies are small text files that are placed on your computer or device when you visit a website. They allow the website to recognize your device and store certain information about your preferences or past actions. Other similar technologies include web beacons (tiny graphics embedded on pages or emails) and pixels or tags (which operate similarly to cookies). For simplicity, we refer to all of these as "cookies and tracking technologies."

Types of Cookies We Use: Capsule Adventures may use a combination of the following types of cookies:

  • Essential Cookies: These are necessary for our website to function properly. For example, they may enable core functionality such as secure log-in (if applicable), session management, or remember your selections as you move between pages. Without these cookies, the services you have asked for (like adding a trip to your cart or checking out) cannot be provided.

  • Functional Cookies: These cookies remember your preferences and enhance the functionality of the site. For instance, they might recall what language or currency you prefer, or keep you logged in between visits (if our site has a login feature), so you don’t have to re-enter information. They make using our site more convenient.

  • Analytics Cookies: We use these to collect information about how visitors use our website. For example, we might use Google Analytics or similar tools which set cookies to collect usage data (such as which pages you visit, how long you stay, how you got to our site, and what you click on). We use this information in aggregate form to understand and improve how our site is used — for example, identifying which trip packages are most popular or if certain pages are causing confusion so we can fix them. The data collected by these analytics cookies does not directly identify you; it is aggregated and used for statistical purposes.

  • Advertising and Social Media Cookies: (If applicable) We may allow third-party advertising partners (like Google or Facebook) to set cookies or similar technologies on our site to collect information about your browsing activities over time and across different websites, in order to show you relevant ads. For example, if you visit our site and show interest in a trip to Bali, you might later see an advertisement for that trip on Facebook. These are called retargeting or advertising cookies. Similarly, if our site has social media plug-ins (like a Facebook "Like" button or Instagram feed), those services may set cookies. We will only use these advertising-related cookies in accordance with applicable law, and typically such cookies are used only if you have accepted them via our cookie consent tool (where required).

Why We Use Cookies: In summary, we use cookies and tracking technologies to provide and optimize our website (ensuring it functions as expected), to remember your preferences, to collect analytics data that helps us improve content and user experience, and (with appropriate consent) to assist with marketing by delivering relevant content or ads.

Your Choices and Controls: You have several options to control or limit how cookies are used:

  • Browser Settings: Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies or alert you when a cookie is being placed. Please note that if you disable cookies entirely, our website (and many other websites) may not function properly. For example, you might not be able to complete bookings or have the site remember your preferences.

  • Cookie Banner/Consent Manager: If you are in a region where cookie consent is required (such as the EU/EEA), when you first visit our site you will see a cookie consent banner. This banner allows you to accept or reject certain categories of cookies (except strictly necessary ones which are always on). You can adjust your choices at any time by accessing our cookie settings tool (if available) or by clearing cookies and revisiting the site to reset your preferences.

  • Opt-Out Mechanisms: For third-party advertising cookies, you can often opt-out directly with those third parties. For example, Google provides a way to opt out of its Analytics and Ads cookies, and the Network Advertising Initiative (NAI) and Digital Advertising Alliance (DAA) offer opt-out pages for member companies. If we use such cookies, we will provide information on how you can opt out. You can also use your browser’s "Do Not Track" setting to signal your preference, though not all websites honor DNT.

Web Beacons and Email Tracking: In addition to cookies on our site, we might use tracking pixels or web beacons in our marketing emails. These are tiny, invisible images or code snippets that tell us if you have opened an email or clicked on a link. We use this to gauge the effectiveness of our communications and to improve our outreach. If you don’t want to be tracked in this way via email, you can opt out of marketing emails (as described in Marketing Communications above) or configure your email client to block remote images.

Third-Party Websites: Our website might contain links to third-party websites (for example, external travel resources, social media pages, or partner sites). If you click those links, you will leave our site and go to the other site, which may place its own cookies. This Privacy Policy and our cookie practices don’t apply to those external sites. We recommend you read the privacy and cookie policies of any third-party site you visit.

By using our site without disabling cookies (and, where required, by affirmatively accepting cookies via our banner), you consent to our use of cookies and similar technologies as described here. We will periodically update our cookie practices and will notify you of any significant changes, in line with the Policy Updates section below.

International Data Transfers

Capsule Adventures is a global company and, as such, your personal information may be transferred to and stored in countries other than your own. We want to be transparent about how we handle international data transfers and assure you that we take steps to safeguard your data wherever it is processed.

Data Locations: Our business is based in multiple locations and we work with travel partners and service providers around the world. The personal data that we collect from you will likely be transferred to, and processed in, countries outside of your home country. For example:

  • If you are located outside the United States, some of your data will be transferred to the United States, because that’s where Capsule Adventures may be headquartered and where we maintain servers or centralized records.

  • If you join a trip in a country different from your residence, relevant information might be transmitted to that country (for instance, sharing your details with a hotel in the destination country).

  • Our service providers (such as cloud hosting, database servers, or customer service centers) might be in various countries. The data they process on our behalf could reside in those locations (e.g., our website hosting might be in North America or the EU; our email service might process data in the U.S.; our analytics data might be stored on servers globally).

Data Protection in Other Countries: The data protection and privacy laws in the countries to which your data is transferred may not be as comprehensive or protective as the laws in your own country. For instance, if you are in the European Union, you should be aware that personal data transferred to the United States or other jurisdictions might not have the same protections as under EU law. However, regardless of where your data is processed, we will ensure appropriate safeguards are in place to protect your personal information.

Safeguards for International Transfers: When we transfer personal data internationally, especially from the EEA/UK or other regions with data transfer restrictions, we take one or more of the following precautions as applicable:

  • Standard Contractual Clauses: We may incorporate the European Commission’s approved Standard Contractual Clauses (SCCs) into our contracts between our affiliated companies or with our service providers. These clauses are legal tools to ensure that your personal data receives an adequate level of protection even after it leaves the EEA/UK.

  • Adequacy Decisions: If we transfer data to a country that the European Commission (or relevant authority) has determined offers an adequate level of data protection (an "adequacy decision"), we may rely on that decision. For example, transfers to countries like Canada, Switzerland, or others deemed adequate can occur just as within the EU.

  • Privacy Shield/Successor Frameworks: (If applicable and valid) In the past, some companies relied on frameworks like the EU-U.S. Privacy Shield. If a new framework or certification mechanism is in place and approved (e.g., an updated Transatlantic Data Privacy Framework), we might participate or use services that are certified under it.

  • Contractual and Organizational Measures: We also ensure through contracts that any third-party data processors handling international data must apply strong privacy and security standards. Internally, we restrict access to your data only to staff or partners who need to process it and who are trained on protecting privacy.

Your Choices: If applicable laws provide you the right to receive details or copies of the safeguards in place for export of your data, we will provide them upon request. For example, EU individuals have a right to ask about the mechanisms for international transfer of their data. We will be transparent and share information within the bounds of confidentiality requirements.

Consent to Transfer: By using our services and providing your information, you consent to the transfer of your personal data to other countries as described in this Policy. We will transfer your data only for the purposes outlined in this Policy and pursuant to appropriate safeguards. If you do not want your data transferred to other countries, please do not use our services (understanding that we need to transfer data internationally to operate our travel business).

We understand that international data transfers can be complex, and we are committed to handling your data in compliance with all applicable cross-border data protection requirements. If you have questions about how your data may be transferred or protected, you can contact us for more information.

Data Security

Protecting your personal data is a priority for Capsule Adventures. We implement a variety of security measures designed to prevent unauthorized access, disclosure, alteration, or destruction of your information. While no system can be guaranteed 100% secure, we strive to use commercially acceptable means to protect your personal data.

Security Measures in Place: Our safeguards include technical, administrative, and physical measures appropriate to the sensitivity of the personal data we handle. These measures include, for example:

  • Encryption: We use encryption protocols such as Secure Socket Layer (SSL)/Transport Layer Security (TLS) to encrypt data transmitted on our website (you can usually see a padlock icon in your browser indicating an SSL connection). This helps protect your payment details and other sensitive data during transmission. We may also encrypt certain sensitive information stored on our systems, adding an extra layer of protection.

  • Secure Infrastructure: Personal data is stored on secure servers. We work with reputable hosting providers that maintain strong physical security at their data centers and robust network security measures (firewalls, intrusion detection systems, etc.). Our systems are regularly updated with security patches to mitigate vulnerabilities.

  • Access Controls: We restrict access to personal information to Capsule Adventures employees, contractors, and partners who need to know that information in order to operate, develop, or deliver our services. Those who are authorized to access personal data are subject to strict contractual confidentiality obligations and may be disciplined or terminated if they fail to meet these obligations. We also use authentication measures (such as passwords and, where appropriate, multi-factor authentication) to ensure that only authorized individuals can access systems that contain personal data.

  • Training and Policies: Our team members are trained on data protection best practices and we have internal policies in place to safeguard privacy. We limit the personal data we collect and ensure that it is used strictly for the intended purposes. We also have procedures to address any suspected data incidents promptly.

  • Payment Security: As noted earlier, we do not store credit card numbers on our systems. Our payment processor, Square, is PCI-DSS compliant (Payment Card Industry Data Security Standard), which means they adhere to high security standards for processing payment information. By outsourcing payment handling to a specialized provider, we reduce the risk associated with handling sensitive financial data.

  • Monitoring and Testing: We may employ tools to monitor our systems for potential vulnerabilities or attacks. We periodically review our security measures and update them in light of new threats or advancements in security technology. In addition, if we work with software developers, we follow secure coding practices to prevent common security issues (like SQL injection or cross-site scripting).

Data Breach Procedures: Despite all efforts, no website or internet transmission is completely secure. In the unlikely event of a security breach that results in unauthorized access to or theft of personal data, Capsule Adventures has an incident response plan in place. We will promptly take steps to contain and investigate the incident, mitigate any harm, and notify affected individuals and relevant authorities as required by law. We will communicate with you about what happened and any steps you may need to take to protect yourself.

Your Responsibilities: It’s also important for you to play a role in keeping your data secure. When you create an account or password with Capsule Adventures (if applicable), choose a strong password and keep it confidential. Don’t share your account details with others, and log out when using shared devices. Be cautious of “phishing” attempts – Capsule Adventures will never ask you for sensitive information like passwords via email. If you suspect any unauthorized activity or receive suspicious communications purporting to be from us, please let us know.

Data Retention: We will retain your personal information only for as long as necessary to fulfill the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. For example, we may keep your data for as long as you maintain an account with us, as needed to provide you with services, and thereafter for legitimate business purposes (such as to maintain records of your transactions for financial reconciliation or to handle any disputes). When we no longer have a need to retain your personal data, we will securely delete, destroy, or anonymize it. If deletion is not feasible (for example, because the data is stored in backup archives), we will segregate it from active use until deletion is possible. We also periodically review the data we hold and erase or anonymize personal data that is no longer required. The exact retention periods for different categories of data depend on the nature of the data and the reasons we collected it. If you want more information about our data retention practices for a specific type of information, you can contact us.

In summary, we take reasonable and industry-standard steps to guard your personal information. However, please understand that no security measure is perfect. We cannot guarantee absolute security, but we will do our best to protect your data and will inform you of any significant issues that arise despite our safeguards.

Policy Updates and Contact Information

Changes to This Policy: Capsule Adventures may update or modify this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or for other operational reasons. When we make changes, we will revise the "Effective Date" at the top of this Policy to indicate when the changes go into effect. If any changes are material (significantly affect how your personal data is handled), we will take reasonable steps to inform you in advance. This might include posting a prominent notice on our website, and/or contacting you directly via email or other contact information you have provided. We encourage you to review this Privacy Policy periodically to stay informed about how we are protecting your information. Your continued use of our services after any updates to this Policy constitutes your acknowledgment of the changes and agreement to the updated terms.

Contact Us: If you have any questions, concerns, or requests regarding this Privacy Policy or the handling of your personal data, please do not hesitate to contact us. We are here to help and address any privacy-related inquiries you may have. You can reach us in the following ways:

  • Email: The best way to reach us is via email at privacy@capsuleadventures.com. You can also use this email to exercise any of your data rights (as described in the User Rights and Choices section) or to ask questions about your data.

  • Postal Mail: You may also write to us at the following mailing address:

    Capsule Adventures LLC
    Attn: Privacy Team
    1607 Crab Orchard Rd.
    Huddleston, VA 24104 USA

  • Phone: If you prefer to speak by phone, you can contact our customer service line at +1 (984) 212-6333. Please ask for the person responsible for privacy inquiries. Our support team will either assist you or direct your call to the appropriate privacy contact. (Note: This phone option is provided for convenience; for official data rights requests, we may still ask that you follow up in writing/email so we have a record of your request.)

We will do our best to respond promptly to your inquiries, typically within a few business days. For requests involving your data (access, deletion, etc.), we may require additional information to verify your identity (as explained earlier) and will respond within the timeframe required by law.

Thank you for trusting Capsule Adventures with your travel experiences and your personal data. We value your privacy and are committed to keeping your personal information safe. If you have any questions or need clarifications about this Privacy Policy, please contact us. Safe and happy travels!