BOA - Bosnia Outdoor Adventures
ToursGuidesAboutSafetyFAQ
Plan tripBook a tour
Legal

Privacy & GDPR

How we collect and protect your data when you book with BOA.

Last updated: January 2025

Your privacy matters to us

We collect only what we need to deliver great adventures. Your data is never sold, and you're always in control.

This Privacy Policy explains how BOA – Bosnia Outdoor Adventures ("BOA," "we," "us," or "our") collects, uses, and protects your personal information when you use our website, book tours, or communicate with us.

We are committed to GDPR compliance and respect for your data rights. BOA is the data controller for information collected through our services.

Information We Collect

  • Contact information: Name, email address, phone number, and country of residence.
  • Booking details: Tour preferences, dates, group size, dietary requirements, and medical conditions (when disclosed).
  • Payment information: Processed securely through our payment provider. We do not store full card details.
  • Communication records: Emails, WhatsApp messages, and booking form submissions.
  • Website usage: Anonymous analytics data including pages visited, time on site, and referral sources.

How We Use Your Information

  • To process and confirm your tour bookings.
  • To communicate essential tour information, including meeting points, weather updates, and itinerary changes.
  • To respond to your inquiries and provide customer support.
  • To send occasional updates about new tours or special offers (only with your consent).
  • To improve our services based on feedback and usage patterns.
  • To comply with legal obligations and protect our rights.

Information Sharing

  • Guides: Necessary booking details are shared with guides to deliver your tour safely.
  • Service providers: Transport operators and accommodation partners receive only essential logistics information.
  • Payment processors: Secure payment handling through PCI-compliant providers.
  • Legal requirements: When required by law or to protect safety.
  • We never sell your personal information to third parties for marketing purposes.

Data Security

  • All data transmission is encrypted using SSL/TLS technology.
  • Access to personal data is restricted to authorized BOA team members only.
  • Regular security reviews and updates to protect against vulnerabilities.
  • Secure cloud storage with industry-standard protection measures.
  • Immediate notification in the unlikely event of a data breach affecting your information.

Your Rights (GDPR)

  • Access: Request a copy of all personal data we hold about you.
  • Rectification: Correct any inaccurate or incomplete information.
  • Erasure: Request deletion of your data (subject to legal retention requirements).
  • Portability: Receive your data in a structured, machine-readable format.
  • Objection: Opt out of marketing communications at any time.
  • Complaint: Lodge a complaint with a supervisory authority if you believe your rights have been violated.

Data Retention

  • Booking records: Retained for 7 years for legal and tax purposes.
  • Marketing preferences: Kept until you unsubscribe or request deletion.
  • Website analytics: Anonymized data retained for 26 months.
  • Communication records: Deleted after 3 years unless part of an active booking relationship.
  • You may request early deletion of non-essential data at any time.

Cookies & Tracking

Our website uses essential cookies required for functionality and anonymous analytics cookies to understand how visitors use our site. We do not use advertising cookies or track you across other websites.

You can control cookie preferences through your browser settings. Disabling essential cookies may affect website functionality.

Exercise your data rights

To access, correct, or delete your personal data, contact us at hello@boa.ba. We'll respond within 30 days.

Terms of Service →Contact Us →