Privacy Policy

Who We Are

Holistic Safaris is operated by Kai Kata FZE, a company registered in the United Arab Emirates. We organise and facilitate wellness experiences, desert coaching events, and art therapy sessions in Ras Al Khaimah, UAE.

This Privacy Policy explains how we collect, use, store, and protect your personal data when you visit our website at holisticsafaris.com, make a booking, or otherwise interact with us.

Information We Collect

We collect information you provide directly to us, information collected automatically, and information from third parties:

Information you provide:

• Full name and contact details (email address, phone number)
• Booking and payment information (processed securely via Stripe — we do not store card details)
• Health disclosures provided voluntarily for event participation safety
• Email address when signing up to our newsletter or lead capture form
• Communications you send us via email or WhatsApp

Information collected automatically:

• IP address, browser type, operating system, and device identifiers
• Pages visited, time on page, and referral source via Google Analytics 4
• Session recordings and heatmaps via Microsoft Clarity
• Cookie identifiers set by Google Tag Manager, Meta Pixel, and our own site

Information from third parties:

• Payment status and transaction IDs from Stripe
• Ad interaction data from Meta (Facebook/Instagram) if you click our advertisements

How We Use Your Information

We use the information we collect for the following purposes:

• Processing bookings: to confirm your reservation, send event details, and manage payments
• Communication: to respond to enquiries, send booking confirmations, and share event reminders
• Marketing: to send newsletters or promotional emails where you have opted in or made a booking (you may unsubscribe at any time)
• Abandoned booking reminders: if you begin a booking but do not complete payment, we may send a single reminder email to the address provided
• Analytics: to understand how visitors use our website and improve the experience
• Advertising: to show relevant ads on Meta (Facebook/Instagram) and Google to people who have visited our site or expressed interest in our events
• Safety: to manage participant welfare at our events
• Legal compliance: to meet our obligations under UAE law

Legal Basis for Processing

Where the General Data Protection Regulation (GDPR) or UK GDPR applies to European or UK visitors, we rely on the following legal bases:

• Contract: processing necessary to fulfil a booking you have made with us
• Legitimate interests: analytics, security, fraud prevention, and sending abandoned booking reminders
• Consent: email newsletter sign-ups, non-essential cookies, and advertising retargeting
• Legal obligation: compliance with UAE regulations and applicable law

For visitors based in the UAE, processing is conducted in accordance with Federal Decree-Law No. 45 of 2021 on Personal Data Protection (PDPL).

Cookies & Tracking Technologies

Our website uses the following technologies that may store data on your device:

• Google Tag Manager (GTM-W92VZ8ZR): manages and fires all third-party tags from a single container
• Google Analytics 4 (G-3KLKGZE9SW): tracks page views, sessions, and ecommerce events (view_item, begin_checkout, purchase)
• Meta Pixel (1078674116325637): tracks visits and conversions for advertising on Facebook and Instagram; we also use Meta Conversions API (CAPI) to send conversion data directly from our server for improved accuracy
• Microsoft Clarity: records anonymised session replays and heatmaps to help us improve the site
• Stripe: sets cookies required for secure payment processing

Sharing Your Information

We do not sell your personal data. We may share it with:

• Stripe: to process payments securely. Stripe is PCI-DSS compliant.
• Resend: our email delivery provider, used to send booking confirmations and reminders
• Meta Platforms: advertising data shared via the Pixel and Conversions API for campaign measurement and retargeting
• Google: analytics and advertising data via Google Analytics 4 and Google Tag Manager
• Neon (database): our cloud database provider, which stores booking records securely
• Vercel: our hosting provider, which processes web requests and stores application data
• Legal authorities: where required by UAE law or a valid legal request

All third-party processors are contractually obligated to handle your data securely and only for the purposes we specify.

International Data Transfers

Our website is hosted on Vercel infrastructure which may process data in the United States and other regions. Our database provider (Neon) and email provider (Resend) may also process data outside the UAE.

Where data is transferred outside your country of residence, we ensure appropriate safeguards are in place, including standard contractual clauses where required under GDPR, and equivalent protections for UAE residents.

How Long We Keep Your Data

• Booking records: retained for 7 years for accounting and legal compliance purposes
• Email newsletter subscribers: retained until you unsubscribe
• Analytics data: retained according to the retention settings of each analytics provider (typically 14 months for GA4)
• Abandoned booking data: a single reminder may be sent within 48 hours; the record is retained as part of the booking record

You may request deletion of your personal data at any time by contacting us at hello@holisticsafaris.com, subject to our legal retention obligations.

Your Rights

Depending on your location, you may have the following rights regarding your personal data:

• Access: request a copy of the personal data we hold about you
• Rectification: ask us to correct inaccurate or incomplete data
• Erasure: ask us to delete your data ("right to be forgotten")
• Restriction: ask us to limit how we use your data
• Portability: receive your data in a structured, machine-readable format
• Objection: object to processing based on legitimate interests, including direct marketing
• Withdraw consent: where processing is based on consent, you may withdraw it at any time without affecting prior processing

Children's Privacy

Our events and services are intended for adults aged 18 and over. We do not knowingly collect personal data from children under 18. If you believe a child has provided us with personal data, please contact us immediately and we will delete it.

Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or legal requirements. When we make material changes, we will update the "Last Updated" date at the top of this page.

We encourage you to review this policy periodically. Continued use of our website after changes constitutes your acceptance of the updated policy.

Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or your personal data, please contact us:

• Email: hello@holisticsafaris.com
• WhatsApp: +971 50 152 5960
• Company: Kai Kata FZE, Ras Al Khaimah, United Arab Emirates

If you are based in the EU or UK and are not satisfied with our response, you have the right to lodge a complaint with your local data protection supervisory authority.