Effective date: January 1, 2025 · Last updated: March 21, 2026
This Privacy Policy explains how eTours Marrakech (“we”, “us”, “our”), operating the website https://etoursmarrakech.com, collects, uses, shares, and protects your personal data — including in the context of advertising — and describes your rights depending on where you live.
Applicable laws: GDPR (Europe) · CCPA/CPRA (California) · NJDPA (New Jersey) · Washington Privacy Act · NY SHIELD Act · Massachusetts Ch. 93H · Law No. 09-08 (Morocco)
1. Who We Are
Our website address is: https://etoursmarrakech.com
eTours Marrakech is a travel and tour operator company based in Marrakech, Morocco. We provide guided tours, excursions, and travel experiences in and around Marrakech. We are the data controller responsible for the personal information collected through this website.
Privacy contact: privacy@etoursmarrakech.com
Address: Marrakech, Morocco
2. Data We Collect
Comments
When visitors leave comments on the site, we collect the data shown in the comments form (name, email address, website), along with the visitor’s IP address and browser user agent string to help with spam detection. An anonymized string (hash) created from your email address may be sent to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here: https://automattic.com/privacy/. After approval of your comment, your profile picture is visible to the public in the context of your comment.
Booking & Contact Forms
When you submit a tour booking request or contact form, we collect your name, email address, phone number, travel dates, and any message you provide. This information is used solely to respond to your request and process your booking.
Advertising & Analytics Data
This website displays third-party advertisements. Our advertising partners (including Google AdSense and social media networks) may automatically collect the following data when you visit our site:
- IP address and approximate geolocation (city/country level)
- Device identifiers and advertising IDs (IDFA/GAID)
- Cookie identifiers and browser fingerprint signals
- Pages visited, time on site, clicks, scroll depth, and referral URL
- Ad impressions, clicks, and conversion events
- Browser type, operating system, screen resolution, and language settings
Media
If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.
3. How We Use Your Data
- To respond to tour booking requests and customer inquiries
- To deliver and optimize our website content
- To display personalized or contextual advertising via our ad partners
- To measure advertising performance and audience analytics
- To detect and prevent spam, fraud, and security threats
- To comply with our legal obligations in Morocco, the EU, and the US
- To send you service-related communications (if you have provided your email address)
We never sell your personal data to third parties for their own marketing purposes.
4. Cookies
WordPress Functional Cookies
If you leave a comment on our site, you may opt in to saving your name, email address, and website in cookies for your convenience, so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.
If you visit our login page, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser. When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed. If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.
Advertising & Third-Party Cookies
This website uses advertising cookies placed by our partners to deliver relevant advertisements and measure their performance. These cookies may track your browsing across multiple websites to build an interest profile used for targeted advertising.
| Cookie Type | Purpose | Consent Required? | Retention |
|---|---|---|---|
| Strictly Necessary | Site functionality, security, spam prevention | No | Session / 1 day |
| Functional | Remember preferences, comment data, login | Optional | 1–2 years |
| Analytics | Traffic measurement (Google Analytics, etc.) | Yes (EU / Morocco) | Up to 13 months |
| Advertising / Targeting | Personalized ads, retargeting, frequency capping | Yes — all regions | Up to 13 months |
| Social Media Pixels | Audience building, conversion tracking (Meta, etc.) | Yes — all regions | Up to 90 days |
You can manage or withdraw your cookie consent at any time using our Cookie Preference Center (available in the footer of this site). You can also opt out of personalized advertising directly:
- Google Ad Settings: adssettings.google.com
- EU choices: youronlinechoices.com
- US choices: optout.aboutads.info
5. Embedded Content from Other Websites
Articles and pages on this site may include embedded content (e.g. videos of Marrakech tours, maps, images, social media posts). Embedded content from other websites behaves in the exact same way as if the visitor had visited the other website directly. These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content — including if you have an account and are logged into that website.
6. Who We Share Your Data With
We share data with the following categories of partners, strictly for the purposes described below:
| Partner Type | Purpose | Data Shared |
|---|---|---|
| Ad Networks (Google, Meta, etc.) | Serve targeted ads, measure conversions | Cookie ID, IP, device signals, page context |
| Analytics Providers | Traffic analysis, site performance | Pseudonymized usage data |
| Hosting / WordPress Infrastructure | Website delivery and operations | Server logs, IP addresses |
| Spam Detection (Akismet) | Comment spam filtering | Comment content, IP, email hash |
| Legal / Regulatory Authorities | Compliance with applicable law | As required by law |
If you request a password reset, your IP address will be included in the reset email. International data transfers outside the EEA are protected by Standard Contractual Clauses (SCCs) or adequacy decisions, in compliance with GDPR Chapter V.
Note for California, New Jersey, and Washington residents: Sharing data with advertising partners for cross-context behavioral advertising may constitute a “sale” or “sharing” of personal data under applicable state law. See Section 9 for your opt-out rights.
7. How Long We Retain Your Data
If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.
For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.
Booking inquiry data is retained for 3 years for business and legal record-keeping purposes, after which it is permanently deleted. Advertising cookie data is retained for a maximum of 13 months and up to 24 months for ad measurement purposes, after which it is deleted or anonymized.
8. Your Rights — European Union (GDPR)
If you are located in the European Economic Area (EEA) or United Kingdom, you have the following rights under the GDPR:
- Right of Access (Art. 15) — Request a copy of the personal data we hold about you.
- Right to Rectification (Art. 16) — Request correction of inaccurate or incomplete data.
- Right to Erasure / “Right to be Forgotten” (Art. 17) — Request deletion of your personal data.
- Right to Restriction of Processing (Art. 18) — Ask us to limit how we use your data.
- Right to Data Portability (Art. 20) — Receive your data in a structured, machine-readable format. You can request an exported file of the personal data we hold about you, including any data you have provided to us.
- Right to Object (Art. 21) — Object to processing based on legitimate interest, including profiling for advertising purposes.
- Right to Withdraw Consent (Art. 7(3)) — Withdraw consent at any time without affecting prior lawful processing.
- Right to Lodge a Complaint — Contact your local supervisory authority (e.g., CNIL in France, ICO in UK, BfDI in Germany).
Our legal bases for processing are: Consent (advertising cookies and behavioral tracking), Legitimate Interest (security, spam detection, basic analytics), Contract (booking processing), and Legal Obligation (where required by law).
To exercise your rights, email us at privacy@etoursmarrakech.com. We respond within 30 days.
9. Your Rights — United States
California — CCPA / CPRA
California residents have the following rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA):
- Right to Know — Request disclosure of the categories and specific pieces of personal information collected, used, disclosed, or sold about you.
- Right to Delete — Request deletion of personal information we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.
- Right to Correct — Request correction of inaccurate personal information.
- Right to Opt-Out of Sale/Sharing — We share data with advertising partners, which may constitute a “sale” or “sharing” for cross-context behavioral advertising under California law. Use the “Do Not Sell or Share My Personal Information” link in the footer of this website.
- Right to Limit Sensitive Personal Information — Limit the use of sensitive categories of personal data.
- Right to Non-Discrimination — You will not receive inferior service or be penalized for exercising your privacy rights.
We do not knowingly collect personal information from children under 13. Authorized agents may submit requests on your behalf with written authorization.
New Jersey — NJDPA (effective January 15, 2025)
New Jersey residents have rights under the New Jersey Data Protection Act, including the right to access, correct, delete, and obtain a portable copy of their personal data, and the right to opt out of targeted advertising, the sale of personal data, and profiling for decisions with significant effects. You may also appeal a refused request within 45 days. We respond to verified requests within 45 days, extendable by an additional 45 days with prior notice.
Washington State — WPA & My Health MY Data Act
Washington residents may access, correct, delete, and port their personal data, and opt out of targeted advertising and the sale of personal data. For consumer health data specifically, we will not collect or share such data without explicit opt-in consent, in compliance with the My Health MY Data Act.
New York & Massachusetts (Boston)
Residents of New York (NY SHIELD Act) and Massachusetts (Chapter 93H) benefit from reasonable data security measures, breach notification within legally required timeframes, and opt-out mechanisms for targeted advertising communications.
How to Submit a US Privacy Request
To exercise any of the above rights, please email privacy@etoursmarrakech.com with the subject line “Privacy Rights Request — [Your State]”. We will verify your identity before processing your request and respond within 45 days or as required by applicable state law.
10. Your Rights — Morocco (Law No. 09-08)
In accordance with Moroccan Law No. 09-08 on the Protection of Personal Data and the decisions of the Commission Nationale de Contrôle de la Protection des Données à Caractère Personnel (CNDP), you have the following rights:
- Right of Access — Obtain a copy of the personal data we hold about you.
- Right to Rectification — Request correction of any inaccurate or incomplete data.
- Right to Object — Object to the processing of your data for commercial prospecting or targeted advertising purposes.
- Right to Erasure — Request the deletion of your personal data, except where we are legally required to retain it.
Transfers of your data to third countries (particularly the United States, where our advertising partners are based) are carried out with appropriate safeguards in accordance with Article 43 of Law No. 09-08.
To exercise your rights, contact us at privacy@etoursmarrakech.com. You may also file a complaint with the CNDP at www.cndp.ma.
11. Where Your Data Is Sent
Visitor comments may be checked through an automated spam detection service (Akismet). Data shared with advertising partners (Google, Meta, etc.) may be processed in the United States and other countries. All international transfers are governed by appropriate safeguards — Standard Contractual Clauses for EU transfers, and contractual agreements for Moroccan transfers per Article 43 of Law No. 09-08.
12. Changes to This Policy
We may update this Privacy Policy periodically. We will notify you of material changes by posting a notice on this website and, where required by law, by direct notification. The “Last Updated” date at the top of this page reflects the most recent revision. Continued use of the site after changes are posted constitutes acceptance of the updated policy.
13. Contact Us
If you have any questions about this Privacy Policy, wish to exercise your rights, or want to report a data concern, please contact us:
Email: privacy@etoursmarrakech.com
Website: https://etoursmarrakech.com
Address: eTours Marrakech, Marrakech, Morocco
Response time: 30 days (EU/GDPR) · 45 days (US states) · 30 days (Morocco)