Privacy Policy

WWW.SILVERTREETRAVEL.COM

Silvertree Travel (“we”, “us”, “our”) is an online travel agency based in Norway, offering travel services to customers in the Nordic region and the European Union. We process personal data in accordance with the General Data Protection Regulation (EU) 2016/679 (“GDPR”) and applicable national data protection laws in Norway and other EU/EEA countries.

This Privacy Policy explains how we collect, use, share and protect your personal data when you visit our website, request an offer, subscribe to our newsletter or make a booking.

What Personal Data We Collect

We may collect the following categories of personal data:

• Identification and contact data: Name, email address, phone number, postal address, date of birth, nationality.
• Travel and booking data: Destinations, travel dates, itinerary, accommodation details, special requests, loyalty numbers.
• Passport and ID data: Passport number, expiry date, issuing country and similar details when required for flights, visas or other travel formalities.
• Payment data: Payment method, transaction details (card data is handled by secure payment providers and is not stored in full by us).
• Account and communication data: Login details, preferences, enquiries, emails, chat messages and feedback.
• Technical and usage data: IP address, browser type, device information, pages visited, referral URLs, cookie identifiers and similar analytics data.
• Marketing data: Newsletter subscriptions, consent choices, and information about which communications you open or interact with.

We use cookies to collect information about how you use the website. Cookies are used to measure how you use the website, so that we can update and improve our website according to your needs. Cookies on Silvertree Norway AS will not be used to personally identify you. We use cookies:

Enable essential website functions, perform analytics to understand how our website is used and improve user experience, Provide personalized content or marketing, where permitted. You can control cookies through your browser settings and, where available, through our cookie banner or preferences tool. Non-essential cookies will only be used with your consent, in line with applicable EU/Nordic rules.

Sharing your personal data
We do not sell your personal data. We only share it where necessary and with appropriate safeguards in place:

Travel suppliers: Airlines, hotels, car rental companies, cruise lines, local agents and activity providers that need traveler names, contact details and, when required, passport data to deliver your booked services. They usually act as independent data controllers with their own privacy policies.

Service providers (data processors): IT hosting, booking systems, payment processors, email and newsletter tools (such as Mailchimp or similar) and analytics providers that process data on our behalf under data processing agreements compliant with GDPR. We require our processors to process personal data only according to our instructions and to implement appropriate security measures.

Because we operate in the travel industry, your personal data may be transferred to, or accessed from, countries outside the European Economic Area (EEA), for example when airlines, hotels or local partners are located in third countries or when IT services are hosted there.

When such transfers occur, we ensure an adequate level of protection by using one or more of the following safeguards:

• Adequacy decisions by the European Commission for certain countries.
• Standard Contractual Clauses approved by the European Commission.
• Other appropriate safeguards permitted under GDPR.

You can contact us if you would like more information about the safeguards used for a particular transfer.

We retain personal data only for as long as necessary for the purposes described in this Privacy Policy or as required by law. In general:

• Booking and travel data are kept for up to 5 years after the end of the trip to comply with Norwegian accounting and bookkeeping requirements and typical limitation periods, unless a longer period is required or permitted by law.
• Newsletter and marketing data are kept until you withdraw your consent or object, or after a defined period of inactivity, after which they are deleted or anonymised.
• Passport and visa data are kept only as long as necessary for issuing tickets and completing travel/visa arrangements, usually until shortly after the end of the trip, unless you explicitly ask us to keep them longer for recurring travel.

When personal data is no longer needed, we delete or anonymise it in a secure manner.

We may update this Privacy Policy from time to time, for example due to changes in our services, legal requirements or technical solutions. The latest version will always be available on our website with an updated “Last updated” date.

The data controller is:
Silvertree Norway AS,
Email: privacy@silvertree.no
If you have questions about this Privacy Policy or our processing of personal data, you can contact us at the email address above.