1. Data controller
The main controller is Fly Marrakech SARL AU operating as FlyMarrakech.
To exercise rights or ask a question: use the Contact page details.
Privacy
Privacy policy — FlyMarrakech
How FlyMarrakech handles personal data for Marrakech balloon bookings: purposes, cookies, retention, rights & contact.
Last updated: May 2026.
This policy explains how FlyMarrakech collects and uses personal data through the website, forms and bookings for hot-air balloon flights in Marrakech. It is provided for transparency; align it with Moroccan law (including law 09-08) and, where relevant, the GDPR for people in the European Union.
2. Data collected
We may process: identity and contact data (name, email, phone); booking data (preferred date, number of passengers, language); payment data or transaction references when you pay online via a provider (PayPal or other); messages via forms; minimal technical data (logs, IP address, browser type) for security and site operation.
3. Purposes and legal bases
Data is used to: handle requests and bookings; send confirmations and pre-flight information; invoice and pursue legitimate commercial follow-up; meet legal obligations; secure our systems.
For EU residents where the GDPR applies, we rely notably on contract performance, legitimate interests or consent where required (e.g. certain marketing communications).
4. Cookies and similar technologies
The site may use cookies or similar mechanisms necessary for operation (session, language preference, security) or, where required by law with your consent, for analytics.
You can adjust your browser to refuse some cookies; some features may then be limited.
5. Retention
Data is kept only as long as needed for the purposes above and legal obligations (accounting, disputes).
Marketing data may be kept until you unsubscribe or object where applicable.
6. Recipients and transfers
Data may be shared with subprocessors strictly necessary for hosting, payments or messaging.
Transfers outside Morocco (e.g. EU or US providers) follow safeguards required by applicable law.
7. Your rights
Depending on your situation (Morocco and/or EU), you may have rights of access, rectification, erasure, restriction, objection or portability.
EU residents may lodge a complaint with their local data protection authority.
8. Security
We apply reasonable technical and organisational measures (access control, HTTPS where configured, server hardening).
No system is risk-free; report suspected incidents via Contact.
9. Changes
This policy may be updated to reflect website or legal changes.
The date at the top is revised for material updates.
For contractual terms on bookings, see our Terms & conditions.
This document is not a substitute for legal review or a data protection impact assessment. Complete it with your processing records, subprocessors (hosting, payments, messaging) and legal notices.