Effective: January 2026 | Compliance: GDPR, CCPA, CASL
Magallones Travel & Tours Inc. is dedicated to protecting the privacy and security of our global users. This policy outlines how we collect, process, and protect your personal information across our ecosystem, including our flight search, membership tiers, and agent portals.
As a global booking platform, your personal data may be transferred to and processed in countries other than your country of residence (e.g., to Amadeus servers in Europe or Royal Scenic in Canada) for the sole purpose of fulfilling travel bookings. We ensure all partners adhere to equivalent data protection standards.
You have the "Right to be Forgotten" and the right to data portability. Request data deletion or access at any time via our portal.
Magallones Travel does not sell your personal data. Californians have the right to opt-out of data sharing for cross-context behavioral advertising.
We only send marketing communications with express consent. All marketing emails include a functioning unsubscribe mechanism.
We collect information necessary for booking fulfillment, including travel preferences and passenger details. However, we maintain a strict Zero-Storage PCI policy. Credit card details are passed ephemerally and are never stored in our MariaDB instances.
To protect against "Bad Actors" and payment fraud, we collect IP addresses, device identifiers, and browser fingerprints. This data is used exclusively for security auditing and ensuring the integrity of our booking platform.