Skip to main content

Privacy Policy

Last updated: March 2026

Atlas Folks ("we," "us," "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website (atlasfolks.ma) and use our services.

Please read this Privacy Policy carefully. If you do not agree with our policies and practices, please do not use our website or services.

1. Information We Collect

Information You Provide Directly

Booking & Inquiry Form

  • Name, email address, phone number
  • Travel dates and group size
  • Trip preferences and interests
  • Passport information (name, nationality, passport number) — collected only after booking confirmation
  • Dietary requirements and health conditions
  • Emergency contact information
  • Payment information (credit card details, billing address)

Email Communications

Customer Account

  • If you create an account, we store login credentials, booking history, and saved preferences

Information Collected Automatically

Website Activity

  • Pages visited, time spent on each page
  • Links clicked, searches performed
  • Device type, operating system, browser
  • IP address and approximate location
  • Referral source (how you found us)

This is collected via:

  • Standard web server logs
  • Cookies and similar tracking technologies
  • Analytics tools (Google Analytics or similar)

Information from Third Parties
  • Payment processor data (Stripe, PayPal) — limited to transaction confirmation
  • Insurance provider information (if you provide policy details)
  • Airport/transport provider data (if we arrange transfers)

2. How We Use Your Information

To Process Your Booking

  • Confirm reservations, send itineraries, and trip details
  • Process payments and send invoices
  • Arrange flights, transfers, accommodation, and activities
  • Communicate changes or cancellations

To Provide Customer Support

  • Respond to your inquiries and questions
  • Troubleshoot technical issues
  • Provide pre-trip information and guidance
  • Handle complaints or disputes

To Improve Our Services

  • Analyze website usage and performance
  • Understand traveler preferences and behavior
  • Improve trip design and itineraries
  • Test new features

To Communicate

  • Send trip reminders, weather updates, and logistical information
  • Share post-trip follow-up and feedback requests
  • Send newsletters or promotional content (only if you've opted in)
  • Notify you of policy changes or safety updates

For Legal & Safety

  • Comply with Moroccan and international law
  • Prevent fraud or unauthorized access
  • Protect the rights, property, and safety of Atlas Folks, our travelers, and our staff

3. Legal Basis for Processing (GDPR)

If you are in the European Union, we process your data on these legal bases:

  • Contractual necessity — to fulfill your booking and provide the services you've purchased
  • Legitimate interest — to improve our services, prevent fraud, and analyze website performance
  • Consent — for marketing communications (you can withdraw this anytime)
  • Legal obligation — to comply with Moroccan law and tax requirements

You have the right to object to processing based on legitimate interest.

4. Who We Share Your Information With

Service Providers

  • Payment processors (Stripe, PayPal, bank transfers)
  • Email service providers
  • Web hosting and analytics platforms
  • Insurance companies (for evacuation coverage verification)

Travel & Accommodation Partners

  • Hotels, guesthouses, and camps where you'll stay
  • Transport companies (guides, drivers, camel handlers)
  • Airline and airport staff (for transfers)
  • Activity providers (guides, instructors, local partners)

We share only the information necessary for them to provide their service (name, arrival date, dietary requirements, contact info, etc.). We require all partners to protect your data and use it only for the purpose agreed.

Legal Requirements

  • Moroccan tax and tourism authorities (if required by law)
  • Law enforcement or courts (if legally required)
  • Insurance providers (for evacuation or claim purposes)

We do NOT sell, rent, or trade your personal information to third parties for marketing purposes.

5. International Data Transfers

Your information may be transferred to and stored in Morocco, the European Union, or other countries where our service providers operate. Morocco has different data protection standards than the EU. By using our services, you consent to the transfer, storage, and processing of your information outside your home country.

If you are in the EU and have concerns, you can contact us — we can discuss appropriate safeguards (standard contractual clauses, etc.).

6. Data Retention

Booking Information

  • Kept for the duration of your trip plus 7 years (required by Moroccan tax law)
  • Longer if needed for legal disputes or safety investigations

Website Activity & Analytics

  • Kept for 12 months, then anonymized
  • Cookies expire after 12 months (or per your settings)

Email Communications

  • Kept indefinitely unless you request deletion
  • We may need them for disputes, feedback, or service improvement

Payment Information

  • Not stored by us — payment processors maintain it (see their privacy policies)
  • We keep transaction receipts for 7 years (tax requirement)

You can request deletion of your personal data anytime (see "Your Rights" below). We'll delete it within 30 days unless we have a legal obligation to keep it.

7. Cookies & Tracking

What We Use

  • Essential cookies — for site functionality (login, booking form, language preference)
  • Analytics cookies — to understand how you use our website (Google Analytics)
  • Marketing cookies — to show relevant ads if you leave our site (if enabled)

Your Choices

  • Accept or reject cookies when you first visit
  • Adjust cookie settings in your browser anytime
  • Opt out of Google Analytics via their opt-out tool
  • Disable cookies entirely (but our site may not work properly)

We do NOT track you across other websites without your consent.

8. Third-Party Links

Our website may contain links to external sites (airlines, insurance providers, hotels). We are not responsible for their privacy practices. Read their privacy policies before sharing information with them.

9. Data Security

We take security seriously:

  • HTTPS encryption for all website communication
  • Password protection for customer accounts
  • Limited employee access to sensitive data
  • Regular security reviews

However, no system is 100% secure. We cannot guarantee absolute protection against unauthorized access, hacking, or data breaches. We'll notify you immediately if your personal data is compromised.

10. Your Rights

Depending on where you live, you may have the right to:

Access

  • Request a copy of your personal data we hold

Correction

  • Ask us to correct inaccurate information

Deletion

  • Request we delete your data (right to be forgotten) — unless we have legal reason to keep it

Restriction

  • Ask us to stop processing your data while you investigate an issue

Portability

  • Receive your data in a portable format to move to another provider

Objection

  • Object to us processing your data for marketing or analytics

Withdraw Consent

  • Unsubscribe from marketing emails or withdraw consent anytime

To exercise these rights, email info@atlasfolks.com with "Data Request" in the subject line. Include which right you're exercising and relevant details. We'll respond within 30 days.

11. Children's Privacy

Our services are not intended for children under 13. We do not knowingly collect information from children under 13. If we discover we've collected data from a child without parental consent, we'll delete it immediately.

Parents who believe their child has provided information should contact us at info@atlasfolks.com.

12. Marketing Communications

Opt-In

  • We only send newsletters or promotional content if you've explicitly agreed
  • You can opt in when booking or by contacting us

Opt-Out

  • Unsubscribe anytime by clicking the link in any email
  • Or contact us to be removed from our mailing list
  • We'll remove you within 7 days

We will always send transactional emails (booking confirmations, trip updates, etc.) regardless of opt-out status.

13. California Privacy Rights (CCPA)

If you are a California resident, you have the right to:

  • Know what personal data we collect and how we use it
  • Delete personal data we've collected
  • Opt out of the "sale" of personal data (we don't sell data, but CCPA is broad)

To make a request, email info@atlasfolks.com with "CCPA Request" and your name. We'll respond within 45 days. You can also use an authorized agent to submit requests on your behalf.

14. Changes to This Policy

We may update this Privacy Policy as our business practices change or to comply with new laws. We'll post the updated policy on this page with a new "Last updated" date.

If we make material changes, we'll notify you via email or prominent notice on our website. Your continued use of our website after updates means you accept the new policy.

15. Contact Us

Privacy Questions or Requests

Email: info@atlasfolks.com
Subject: "Privacy Policy" or "Data Request"

Mailing Address:
Atlas Folks
Marrakech, Morocco

We'll respond to all privacy inquiries within 24–48 hours. For complex requests (like data access), we may need up to 30 days.

Data Protection Authority (EU)

If you are in the EU and believe we've violated GDPR, you can file a complaint with your local data protection authority. Links to EU authorities are here: https://edpb.europa.eu/about-edpb/board/members_en

16. Moroccan Legal Compliance

This Privacy Policy complies with Moroccan Law 09-08 on the Protection of Individuals with Regard to the Processing of Personal Data, as well as GDPR where applicable.

Thank you for trusting Atlas Folks with your information. We're committed to using it responsibly.