Data Protection

Seville Tours is committed to protecting your personal data in accordance with the General Data Protection Regulation (GDPR) and Spanish data protection laws.

Our Commitment:

• Transparent data collection and processing practices
• Lawful basis for all data processing activities
• Data minimization - we only collect what we need
• Purpose limitation - data used only for stated purposes
• Regular review and deletion of unnecessary data

Under GDPR, you have comprehensive rights regarding your personal data:

Right to Information:

Be informed about how your data is collected and used.

Right of Access:

Request a copy of all personal data we hold about you.

Right to Rectification:

Correct inaccurate or incomplete personal data.

Right to Erasure:

Request deletion of your personal data in certain circumstances.

Right to Data Portability:

Receive your data in a machine-readable format to transfer to another service.

Technical Safeguards:

• End-to-end encryption for all data transmission
• Secure, encrypted databases with access controls
• Regular security updates and vulnerability assessments
• Multi-factor authentication for staff accounts

Organizational Measures:

• Staff training on data protection principles
• Confidentiality agreements for all employees
• Data breach response procedures
• Regular compliance audits