Privacy Policy

Escape The Ordinary (ETO)
Effective Date: April 2026

1. Introduction

Escape The Ordinary (“we”, “our”, “us”) is committed to protecting your personal data in accordance with the General Data Protection Regulation (GDPR).

This Privacy Policy explains how we collect, use, and protect your personal data when you visit our website or engage with our services.

2. Data Controller

Escape The Ordinary is the data controller responsible for your personal data.

Contact details:
Email: veronica@escapetheordinary.mu
Location: Mauritius

3. Personal Data We Collect

We may collect and process the following data:

  • Identity Data: name, surname
  • Contact Data: email address, phone number, company name
  • Booking Data: travel preferences, group details, requirements
  • Communication Data: enquiries, messages, correspondence
  • Technical Data: IP address, browser type, device data
  • Usage Data: how you interact with our website
  • Marketing Preferences: your communication preferences

4. Lawful Basis for Processing

Under GDPR, we rely on the following lawful bases:

  • Consent – when you opt in to marketing or submit enquiries
  • Contractual necessity – to provide travel services and manage bookings
  • Legitimate interests – to improve our services and communicate with you
  • Legal obligations – where required by law

5. How We Use Your Data

We use your personal data to:

  • Respond to enquiries and provide proposals
  • Plan and deliver travel experiences
  • Manage bookings and logistics
  • Communicate updates and relevant information
  • Improve our website and services
  • Send marketing communications (only where consent is given)

6. Data Sharing

We may share your data with trusted third parties where necessary:

  • Accommodation providers and local partners
  • Transport and activity providers
  • Payment processors
  • IT, hosting, and analytics providers
  • Email and marketing platforms

All third parties are required to process your data securely and only for specified purposes.

7. International Data Transfers

As we operate in Mauritius, your personal data may be transferred outside the European Economic Area (EEA).

Where this occurs, we ensure appropriate safeguards are in place, such as:

  • Standard Contractual Clauses (SCCs)
  • Working with providers that comply with GDPR standards

8. Data Retention

We retain personal data only as long as necessary to:

  • Fulfil the purposes outlined in this policy
  • Comply with legal and accounting requirements

9. Your Rights Under GDPR

You have the right to:

  • Access your personal data
  • Request correction of inaccurate data
  • Request deletion (“right to be forgotten”)
  • Restrict or object to processing
  • Data portability
  • Withdraw consent at any time
  • Lodge a complaint with a supervisory authority

To exercise these rights, contact us at: jason@escapetheordinary.mu

10. Data Security

We implement appropriate technical and organisational measures to protect your personal data.

However, no method of transmission over the internet is completely secure.

11. Cookies and Tracking

We use cookies and similar technologies to:

  • Improve website functionality
  • Analyse traffic and performance
  • Support marketing and advertising

Where required, we obtain your consent before placing non-essential cookies.

12. Third-Party Links

Our website may contain links to external websites. We are not responsible for their privacy practices.

13. Changes to This Policy

We may update this Privacy Policy from time to time. Updates will be posted on this page with a revised effective date.

14. Contact Us

If you have questions about this policy or your data:

Escape The Ordinary (ETO)
Email: veronica@escapetheordinary.mu
Location: Mauritius