🌿
πŸƒ
🌱
🌿
Your Privacy Matters

Privacy Policy

We believe transparency is the foundation of trust. This policy explains exactly what data we collect, why we collect it, and how it is protected.

Effective: January 1, 2025
Last updated: January 1, 2025
Applies to: wildsafari.com
Governed by: Kenyan Law
πŸ”

Our Privacy Commitment to You

At WildSafari, your personal data is treated with the same care we give to every living creature in our park. We collect only what we need, protect it rigorously, and never sell it. This policy is written in plain language β€” no legal jargon β€” so you always know exactly where you stand.

βœ… No data selling πŸ”’ Encrypted storage πŸ“§ Transparent communication 🧹 Minimal collection
🏒

Who We Are

The data controller responsible for your information

WildSafari Ltd. ("WildSafari", "we", "our", or "us") is a wildlife conservation park and safari experience company registered in Nairobi, Kenya. We operate the website wildsafari.com and provide on-site safari tours, animal encounters, and conservation education services.

As the data controller, WildSafari is responsible for deciding how and why your personal data is processed. For all privacy matters, our dedicated Data Protection Officer (DPO) can be reached at:

πŸ“¬
WildSafari Data Protection Officer
Safari Park Road, Jungle District, Nairobi, Kenya 10001
Email: privacy@wildsafari.com
Phone: +1 (800) SAFARI-1 Β· Hours: Mon–Sun, 9AM–5PM EAT
πŸ“‹

Data We Collect

What personal information we gather and how

We collect personal data through three channels: information you provide directly, information collected automatically when you use our website, and information received from third-party partners.

Category Examples Source
Identity Data Full name, date of birth, nationality Provided by you
Contact Data Email address, phone number, postal address Provided by you
Booking Data Tour selection, date, guest count, special requests Provided by you
Payment Data Card type, last 4 digits, billing address (full card numbers are never stored) Payment processor
Health Data Accessibility needs, dietary requirements, medical conditions disclosed for safety Provided by you (optional)
Technical Data IP address, browser type, device type, operating system, pages visited Collected automatically
Usage Data Clicks, time on page, search queries, referral source Collected automatically
Marketing Data Newsletter preferences, communication opt-ins, survey responses Provided by you
Photography Data Photographs or videos taken during your visit (only where you have not opted out) Captured on-site
βœ…
What we do NOT collect: We never collect sensitive personal data such as racial or ethnic origin, political opinions, religious beliefs, trade union membership, genetic data, or sexual orientation β€” unless it is directly relevant to an accessibility or safety requirement you disclose voluntarily.
βš™οΈ

How We Use Your Data

The purposes for which your information is processed

We use your personal data only for clearly defined, legitimate purposes. We never use data in ways that are incompatible with the reason it was originally collected.

  • Processing & managing your booking β€” confirming reservations, sending reminders, and coordinating your safari experience.
  • Processing payments β€” handling deposits, final payments, and issuing refunds securely through our payment processor.
  • Customer support β€” responding to enquiries, complaints, and modification requests.
  • Safety & operational planning β€” ensuring tours are appropriately staffed and accessibility needs are met before your visit.
  • Legal compliance β€” meeting obligations under Kenyan data protection law, tax regulations, and safety legislation.
  • Marketing communications β€” sending newsletters and offers only where you have explicitly opted in. You may unsubscribe at any time.
  • Website improvement β€” using aggregated, anonymised analytics to understand how visitors use our site and improve the experience.
  • Conservation & education β€” using anonymised visit data to support wildlife population reporting and conservation planning.
βš–οΈ

Legal Basis for Processing

Why we are legally permitted to process your data

Under the Kenya Data Protection Act (2019) and applicable international data protection laws, we rely on the following legal bases:

Legal Basis When We Use It
Contractual necessity Processing your booking, managing your visit, and handling payments
Legal obligation Compliance with tax, consumer protection, and safety regulations
Legitimate interests Website analytics, fraud prevention, and service improvement (where not overridden by your rights)
Consent Marketing emails, newsletter subscriptions, non-essential cookies, and on-site photography use
Vital interests Emergency medical situations during your visit where immediate sharing with medical services is necessary
ℹ️
Where we rely on consent, you have the right to withdraw it at any time without affecting the lawfulness of any processing carried out before withdrawal. To withdraw consent, email privacy@wildsafari.com.
🀝

Sharing Your Data

Who we share your information with and why

We do not sell, rent, or trade your personal data to any third party for commercial purposes β€” ever. We may share your data only in the following limited, controlled circumstances:

  • Payment processors (e.g. Stripe, PayPal) β€” to securely process your booking payments. These providers are PCI-DSS compliant and process only the minimum data necessary.
  • Email service providers β€” to deliver booking confirmations, reminders, and newsletters. Providers are contractually bound to process your data only on our instructions.
  • Analytics platforms β€” anonymised, aggregated usage data may be processed by tools such as Google Analytics. No personally identifiable data is shared.
  • Emergency services β€” in a medical emergency on-site, relevant personal and health data may be shared with emergency responders to protect your life.
  • Regulatory authorities β€” where required by law, court order, or lawful government request, we will disclose data to the appropriate authorities.
  • Business transfers β€” if WildSafari is acquired or merges with another entity, your data may be transferred as part of that transaction. We will notify you before any such transfer occurs and your rights will be maintained.
⚠️
Third-party booking platforms: If you booked through a third-party platform (e.g., travel agents or aggregators), their separate privacy policies govern how that platform handles your data. WildSafari only processes the data shared with us for the purpose of fulfilling your booking.
πŸͺ

Cookies & Tracking

How our website uses cookies and similar technologies

Cookies are small text files placed on your device when you visit our website. We use cookies to make the site function properly, remember your preferences, and understand how visitors use our content.

Cookie Type Purpose Duration Type
Session cookies Keep you logged in and remember your booking progress during a single visit Session only Essential
Preference cookies Remember your language, currency, and accessibility settings 12 months Essential
Analytics cookies Collect anonymised data on page visits, clicks, and traffic sources to improve the website Up to 26 months Analytics
Performance cookies Monitor site speed and error reporting to ensure optimal performance 30 days Analytics
Marketing cookies Track visits from advertising campaigns so we can measure effectiveness (only with your consent) Up to 90 days Marketing
πŸŽ›οΈ
Your cookie choices: On your first visit, our cookie banner allows you to accept all cookies, reject non-essential cookies, or customise your preferences. You can change your settings at any time by clicking "Cookie Settings" in the website footer. Note that disabling essential cookies may impair some site functionality.
πŸ—“οΈ

Data Retention

How long we keep your personal information

We retain personal data only for as long as is necessary to fulfil the purpose for which it was collected, or as required by law. The following retention periods apply:

Data Type Retention Period Reason
Booking records 7 years Tax and accounting compliance
Customer account data 3 years after last activity Service delivery and support
Payment data 7 years Financial regulation and fraud prevention
Marketing preferences Until consent withdrawn Consent-based; deleted on opt-out
Health & accessibility data 12 months post-visit Safety records; deleted thereafter
Website analytics data 26 months (anonymised) Website improvement
CCTV footage (on-site) 30 days Security; overwritten automatically

After applicable retention periods expire, your data is securely deleted or permanently anonymised so it can no longer be linked to you.

πŸ™‹

Your Privacy Rights

The rights you hold over your personal information

Under the Kenya Data Protection Act and applicable international regulations, you hold the following rights over your personal data. We will respond to all valid requests within 30 days.

πŸ‘οΈ

Right to Access

Request a copy of the personal data we hold about you at any time, free of charge.

✏️

Right to Rectification

Ask us to correct any inaccurate or incomplete data held about you.

πŸ—‘οΈ

Right to Erasure

Request deletion of your data where we no longer have a lawful reason to retain it.

β›”

Right to Object

Object to processing based on our legitimate interests, including direct marketing.

⏸️

Right to Restriction

Ask us to pause processing of your data in specific circumstances while a dispute is resolved.

πŸ“¦

Right to Portability

Receive your data in a structured, machine-readable format to transfer to another service.

↩️

Right to Withdraw Consent

Withdraw any consent previously given at any time without affecting prior processing.

πŸ›οΈ

Right to Complain

Lodge a complaint with the Office of the Data Protection Commissioner of Kenya (ODPC).

πŸ“©
To exercise any of your rights, email privacy@wildsafari.com with your full name, booking reference (if applicable), and a description of your request. We may need to verify your identity before fulfilling the request to protect your data from unauthorised access.
πŸ”’

Data Security

How we protect your personal information

We take data security seriously and have implemented a comprehensive set of technical and organisational safeguards to protect your personal information from unauthorised access, accidental loss, destruction, or disclosure.

  • TLS/SSL encryption β€” all data transmitted between your browser and our servers is protected by 256-bit encryption.
  • Encrypted data storage β€” personal data stored in our databases is encrypted at rest using AES-256 encryption.
  • Access controls β€” personal data is accessible only to authorised WildSafari staff who require it to carry out their job responsibilities.
  • Staff training β€” all team members who handle personal data receive regular data protection and security training.
  • Regular security audits β€” we conduct annual penetration testing and security reviews of our systems and infrastructure.
  • Breach response plan β€” in the event of a data breach, we will notify affected individuals and the ODPC within 72 hours as required by law.
⚠️
No system is impenetrable. While we employ industry-leading security practices, no transmission over the internet can be guaranteed 100% secure. We encourage you to use strong, unique passwords and to contact us immediately if you suspect any unauthorised activity on your account.
πŸ‘§

Children's Privacy

How we handle data relating to minors

WildSafari is committed to protecting the privacy of children. Our website and online booking services are directed at adults aged 18 and over. We do not knowingly collect personal data directly from children under the age of 18 without verifiable parental consent.

  • When booking for children, all personal data (including names and ages) is collected from the responsible adult at the time of booking.
  • Health or accessibility data relating to children is processed only with the explicit consent of a parent or legal guardian and used solely to ensure their safety during the visit.
  • We do not use children's data for marketing purposes under any circumstances.
  • On-site photographs that may include children are subject to our Photography Policy (Section 8 of our Terms & Conditions). Parents may opt out by notifying staff before the tour.
πŸ“§
If you believe we have inadvertently collected personal data from a child without appropriate consent, please contact us immediately at privacy@wildsafari.com and we will delete it promptly.
🌍

International Data Transfers

What happens when your data crosses borders

WildSafari is based in Kenya, but some of our trusted service providers (such as cloud hosting and payment processing platforms) may process your data in other countries, including within the European Economic Area (EEA), the United Kingdom, or the United States.

Whenever personal data is transferred outside Kenya, we ensure it receives equivalent protection by relying on one or more of the following safeguards:

  • Adequacy decisions β€” transferring only to countries recognised as providing adequate data protection by the ODPC or equivalent authorities.
  • Standard contractual clauses β€” legally binding data processing agreements with all international service providers that impose GDPR-equivalent obligations.
  • Certified frameworks β€” using providers certified under recognised international data protection frameworks where available.

You may request further information about the specific safeguards in place for any international transfer by contacting our DPO at privacy@wildsafari.com.

πŸ”„

Policy Updates

How we notify you when this policy changes

We may update this Privacy Policy from time to time to reflect changes in our services, legal requirements, or best practices. The "Last updated" date at the top of this page will always reflect the most recent revision.

  • Minor updates (e.g. clarifications, formatting) β€” updated on this page with no direct notification.
  • Material changes (e.g. new data uses, new sharing arrangements) β€” we will notify you by email at least 14 days before the changes take effect.
  • Major changes (e.g. changes to legal basis or data controller) β€” we will seek fresh consent where required and provide a clear summary of what has changed.
πŸ“Œ
We recommend bookmarking this page and reviewing it periodically. Continuing to use our services after a policy update is published constitutes acceptance of the revised policy for minor changes only.

Contact Us About Privacy

Have a question about this policy, want to exercise your rights, or want to report a privacy concern? Our dedicated Data Protection Officer is ready to help.

βœ‰οΈ
Email (DPO)
privacy@wildsafari.com
πŸ“ž
Phone
+1 (800) SAFARI-1
πŸ“¬
Post
Safari Park Road, Nairobi, Kenya 10001
πŸ•
Response Time
Within 30 days (typically 3–5 days)

Related Legal Pages