Privacy Policy

Effective date: 14 April 2026  |  Last updated: 14 April 2026

TOUR2GETHER (PTY) LTD trading as Tour2gether (“Tour2gether”, “we”, “us” or “our”) respects your privacy and is committed to protecting your personal information in accordance with the Protection of Personal Information Act, 4 of 2013 (“POPIA”) and any other applicable data-protection laws. This Privacy Policy explains what personal information we collect, why we collect it, how we use and share it, and the rights you have in respect of it.

1. Who We Are

TOUR2GETHER (PTY) LTD, company registration number 2025/645788/07, is a travel agency and tour broker based in Cape Town, South Africa. For the purposes of POPIA, Tour2gether is the “Responsible Party” in respect of the personal information we collect and process.

Our designated Information Officer can be contacted in writing at accounts@tour2gether.net or on +27 67 585 1110.

2. Personal Information We Collect

Depending on how you interact with us, we may collect the following categories of personal information:

• Identity information: full name, date of birth, gender, nationality, ID number, passport number and passport photograph.
• Contact information: email address, residential or postal address, telephone and mobile numbers.
• Travel information: travel preferences, dietary requirements, mobility requirements, emergency-contact details, flight details and itinerary.
• Health information: medical conditions, disabilities, vaccinations or allergies you disclose to us for the purposes of arranging safe and suitable travel.
• Financial information: proof of payment, bank account details for refunds, and records of payments made to us.
• Communication information: emails, WhatsApp messages and call logs exchanged with Tour2gether staff.
• Website information: IP address, device type, browser type and pages visited, where you use our website.

3. How We Collect Personal Information

We collect personal information directly from you, including when you: request a quote; complete a booking form; send us an email, WhatsApp or telephone enquiry; submit passport copies or proof of payment; or complete a form on our website. We may also collect information from third parties (for example, visa partners, travel insurers or Suppliers) where necessary to complete your booking, and we will inform you when we do so.

4. Why We Collect and Use Personal Information

We process personal information for the following purposes:

• To prepare quotations and process bookings.
• To share your details with Suppliers (tour operators such as Europamundo, hotels, transfer providers, excursion providers) in order to deliver the services you have booked.
• To assist with visa applications through our trusted partners, where you have requested this.
• To process payments and refunds.
• To communicate with you about your booking, changes, reminders, emergencies and post-travel follow-up.
• To comply with our legal, tax and regulatory obligations.
• For fraud prevention, record-keeping and dispute resolution.
• For internal analytics, service improvement and, where you have consented, marketing.

5. Legal Basis for Processing

We rely on the following legal grounds under POPIA: (a) the conclusion and performance of a contract with you; (b) your consent, where applicable (and which you may withdraw at any time); (c) our legitimate interests in operating and improving our business; and (d) compliance with a legal obligation.

6. Sharing Personal Information

We share personal information only to the extent necessary to fulfil your booking and our legal obligations. Categories of recipients include:

• Tour Suppliers (including Europamundo Vacaciones S.A.U.) who deliver the booked services.
• Hotels, transfer companies and excursion providers forming part of your itinerary.
• Visa agents and consular services, where you have asked us to assist.
• Travel insurers, where you choose to purchase insurance through us.
• Banks, payment processors and auditors, for the processing of payments and for our record-keeping obligations.
• Regulators, courts and law-enforcement agencies, where we are legally required to do so.

We do not sell your personal information to any third party.

7. Cross-Border Transfers

Because travel is inherently international, your personal information will be transferred to, and processed in, countries outside South Africa (for example, the countries on your itinerary). We will only transfer personal information across borders where: (a) the recipient is subject to laws, binding corporate rules or contractual provisions providing an adequate level of protection comparable to POPIA; (b) the transfer is necessary for the conclusion or performance of a contract with you; or (c) you have consented to the transfer.

8. Retention

We retain personal information only for as long as is necessary to fulfil the purposes for which it was collected, to comply with our legal, accounting and tax obligations, and to defend potential legal claims. Unless a longer retention period is required by law, we generally retain booking records for five (5) years after the end of the tour. Personal information that is no longer needed is securely deleted or anonymised.

9. Security

We take reasonable technical and organisational measures to protect the personal information we hold against loss, unauthorised access, disclosure, alteration or destruction. These include access controls, secure storage, staff training and confidentiality undertakings. No system is completely secure, and we cannot guarantee absolute security of information transmitted over the internet — but we will notify you and the Information Regulator promptly in the event of any compromise of your personal information that is required to be reported under POPIA.

10. Your Rights

Subject to POPIA, you have the right to:

• Request confirmation of whether we hold personal information about you, and access to that information.
• Request correction or deletion of personal information that is inaccurate, outdated, excessive or unlawfully obtained.
• Object, on reasonable grounds, to the processing of your personal information.
• Withdraw any consent you have given (without affecting the lawfulness of prior processing).
• Lodge a complaint with the Information Regulator.

To exercise any of these rights, please contact our Information Officer using the details in clause 13 below. We may ask you for proof of identity before acting on a request.

11. Direct Marketing

We will only send you direct marketing communications (for example, newsletters about new tours or special offers) where you have consented, or where you are an existing customer and the communication relates to similar services. You can opt out of direct marketing at any time by clicking the unsubscribe link in any marketing email or by contacting our Information Officer.

12. Cookies & Website Tracking

Our website may use cookies and similar tracking technologies to distinguish you from other users, remember your preferences and collect anonymous usage statistics. You can adjust your browser settings to refuse cookies, although doing so may impact the functionality of the website.

13. How to Contact Us

For all privacy-related queries, requests or complaints, please contact:

14. Changes to this Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or in the law. The current version is always available on our website, and the “Last updated” date at the top of this Policy indicates when it was last revised. Where changes are material, we will take reasonable steps to bring them to your attention.