Privacy Policy
Last Updated: October 18, 2025
1. Introduction
Apalee Guide ("we", "our", "us") is committed to protecting and respecting your privacy. This Privacy Policy explains how we collect, use, and safeguard your personal data when you visit our website, book our services, or interact with us in any way.
We are committed to complying with the UK Data Protection Act 2018, the UK General Data Protection Regulation (UK GDPR), and all applicable data protection laws. This policy is designed to help you understand what information we collect, why we collect it, and how you can update, manage, or request deletion of your information.
2. Who We Are
Apalee Guide is a cultural tour guide service based in London, UK. We are the data controller responsible for your personal data.
Our contact details are:
- Address: 1 Shortlands, London W6 8DR
- Phone: +442032398646
- Email: privacy@apalee.com
3. Information We Collect
We collect and process the following categories of personal data:
3.1 Information you provide to us directly:
- Contact information (name, email address, phone number, postal address)
- Booking details (tour preferences, dates, group size, special requirements)
- Payment information (we do not store complete credit card details)
- Communications with us (emails, contact form submissions, feedback)
- Marketing preferences
3.2 Information we collect automatically:
- Technical information (IP address, browser type and version, time zone setting)
- Visit information (pages viewed, time spent on site, navigation paths)
- Device information (device type, operating system)
- Location data (if permitted by your device settings)
- Cookie data (see our Cookie Policy for details)
4. How We Collect Your Data
We collect your data through:
- Direct interactions: When you complete forms on our website, correspond with us, or book tours
- Automated technologies: Through cookies and similar tracking technologies (see our Cookie Policy)
- Third parties: We may receive information about you from third-party booking platforms if you book our services through them
5. How We Use Your Data
We use your personal data for the following purposes:
| Purpose | Types of Data | Lawful Basis |
|---|---|---|
| To register you as a customer and process your booking | Contact information, booking details | Performance of a contract with you |
| To provide our tour services | Contact information, booking details, special requirements | Performance of a contract with you |
| To process payments | Contact information, payment information | Performance of a contract with you |
| To communicate with you about your booking | Contact information, booking details | Performance of a contract with you |
| To send you service emails (booking confirmations, updates, etc.) | Contact information | Performance of a contract with you |
| To manage our relationship with you (responding to inquiries, feedback) | Contact information, communications | Legitimate interests |
| To send you marketing communications about our services | Contact information, marketing preferences | Consent or legitimate interests (depending on relationship) |
| To improve our website and services | Technical information, visit information | Legitimate interests |
| To administer and protect our business and website | Technical information | Legitimate interests |
6. Marketing Communications
We may send you marketing communications about our tours and services if:
- You have explicitly consented to receive such communications; or
- You have previously purchased services from us and have not opted out of receiving marketing
You can opt out of receiving marketing communications at any time by:
- Clicking the "unsubscribe" link in any marketing email
- Contacting us at privacy@apalee.com
- Updating your preferences in your account (if applicable)
7. Data Sharing
We may share your personal data with:
7.1 Service providers:
- Payment processors to handle transactions
- Email service providers for communications
- Cloud storage providers for secure data storage
- IT service providers who support our website and systems
7.2 Professional advisors:
- Lawyers, accountants, and insurers as necessary
7.3 Authorities:
- Law enforcement or other authorities where we are required to do so by law
We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.
8. International Transfers
We primarily store and process your data within the UK and the European Economic Area (EEA). However, some of our service providers may be based outside the UK/EEA or may use data processing facilities outside the UK/EEA.
Whenever we transfer your personal data outside the UK/EEA, we ensure a similar degree of protection is afforded to it by implementing appropriate safeguards, such as:
- Transferring to countries that have been deemed to provide an adequate level of protection for personal data by the UK government
- Using specific contracts approved by the UK government (Standard Contractual Clauses) which give personal data the same protection it has in the UK
- Transferring to providers based in the US if they are part of the UK-approved transfer mechanisms
9. Data Security
We have implemented appropriate security measures to prevent your personal data from being accidentally lost, used, or accessed in an unauthorized way, altered, or disclosed. These measures include:
- Encryption of sensitive data
- Secure hosting environments
- Regular security assessments
- Access controls and authentication procedures
- Staff training on data protection
We have procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
10. Data Retention
We will only retain your personal data for as long as necessary to fulfill the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.
To determine the appropriate retention period for personal data, we consider:
- The amount, nature, and sensitivity of the personal data
- The potential risk of harm from unauthorized use or disclosure
- The purposes for which we process your personal data
- Whether we can achieve those purposes through other means
- The applicable legal requirements
Typical retention periods:
- Booking information: 7 years from tour completion (for tax and accounting purposes)
- Marketing preferences: Until you unsubscribe or ask us to delete your data
- Website usage data: 26 months
11. Your Legal Rights
Under UK data protection laws, you have rights regarding your personal data, including:
| Right | What This Means |
|---|---|
| Right to be informed | You have the right to be informed about how we collect and use your personal data |
| Right of access | You can request copies of your personal data |
| Right to rectification | You can request that we correct inaccurate or incomplete information |
| Right to erasure | You can request that we delete your personal data in certain circumstances |
| Right to restrict processing | You can request that we limit how we use your data |
| Right to data portability | You can request that we transfer your data to another organization or to you |
| Right to object | You can object to our processing of your personal data |
| Rights related to automated decision making | You have rights regarding automated decisions made about you without human involvement |
If you wish to exercise any of these rights, please contact us at privacy@apalee.com.
You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive, or excessive. Alternatively, we may refuse to comply with your request in these circumstances.
We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it.
We try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.
12. Third-Party Links
Our website may include links to third-party websites, plug-ins, and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements. When you leave our website, we encourage you to read the privacy notice of every website you visit.
13. Cookies
Our website uses cookies and similar technologies to distinguish you from other users of our website. For detailed information on the cookies we use and the purposes for which we use them, please see our Cookie Policy.
14. Changes to This Privacy Policy
We may update this privacy policy from time to time. The updated version will be indicated by an updated "Last Updated" date at the top of this page. We encourage you to review this privacy policy periodically to stay informed about how we are protecting your information.
15. How to Contact Us or Make a Complaint
If you have any questions about this privacy policy or our privacy practices, please contact us at:
- Email: privacy@apalee.com
- Post: Data Protection Officer, Apalee Guide, 1 Shortlands, London W6 8DR
- Phone: +442032398646
You have the right to make a complaint at any time to the Information Commissioner's Office (ICO), the UK supervisory authority for data protection issues (www.ico.org.uk). We would, however, appreciate the chance to deal with your concerns before you approach the ICO so please contact us in the first instance.