Last reviewed: 6 May 2025

Privacy Policy

This notice explains how La Zingara Catamaran Charters ("La Zingara", "we", "us") collects and handles personal data when you browse our website, use the booking assistant, submit the contact form or communicate with our crew. We are established in Malta and operate from Triq Sa Maison, Il-Furjana (Floriana/Valletta). You can contact the data protection lead at catamaranmaltacharters@gmail.com or by phone on +356 99934881.

Personal data we collect

• Website interactions: device, browser and usage information captured through essential cookies and, when you consent, Microsoft Clarity analytics. IP addresses are truncated and stored by Microsoft for up to 13 months.
• Booking assistant selections: boats, itineraries and dates you view or pre-select. These stay in your browser unless you proceed to contact us.
• Contact enquiries: details you provide through the contact form or WhatsApp including name, email, phone, group size, occasion and preferred dates.
• Operational communications: follow-up notes about your charter such as catering preferences, invoice details and payment confirmations.

Why we use your data

• Providing quotes and managing bookings (contractual necessity) – responding to enquiries, reserving vessels, issuing invoices and communicating itineraries.
• Improving our services and website (legitimate interests or consent for analytics) – understanding which pages visitors find helpful and resolving usability issues.
• Legal compliance – maintaining accounting records and responding to lawful requests from Maltese authorities.
• Safety and fraud prevention – screening enquiries for spam or abuse and protecting our vessels, crew and guests.

Who receives your data

We only share personal data with trusted processors and only for the purposes described above:

• Formspree (United States/EU) hosts the contact form submission and forwards it to our email inbox. Formspree stores submissions for spam filtering and troubleshooting for up to 90 days.
• Microsoft Clarity (EU data centre) provides optional analytics when you accept cookies. Session recordings are pseudonymised and retained for up to 13 months.
• Meta/WhatsApp processes chat metadata and message content when you start a conversation with our charter team.
• Payment and invoicing partners engaged during booking confirmation to settle deposits and balances.
• Cloud hosting and IT support providers that keep this website online and secure.

We require all processors to sign agreements that respect GDPR, apply appropriate safeguards and only process data under our instructions.

International transfers

Whenever data leaves the EU/EEA (for example to Formspree or Meta), we rely on the European Commission’s standard contractual clauses and the recipient’s supplementary safeguards. Copies are available on request.

How long we keep your data

• Contact enquiries and booking records – up to 24 months after your charter or enquiry closes.
• Invoice and transaction information – at least 10 years to meet Maltese tax obligations.
• Analytics data – up to 13 months as controlled by Microsoft Clarity.
• Cookie consent preferences – 12 months unless you update or delete them sooner.

Your privacy rights

If you are in the EU/EEA or UK you have the right to:

• Access the personal data we hold about you.
• Request corrections of inaccurate or incomplete information.
• Request deletion or restriction of your data in certain circumstances.
• Object to processing carried out under legitimate interests.
• Withdraw consent for analytics at any time using the Cookie settings.
• Request a copy of your data in a portable format.
• Lodge a complaint with the Office of the Information and Data Protection Commissioner (IDPC) in Malta.

Send requests to catamaranmaltacharters@gmail.com. We respond within one month and may ask for proof of identity before sharing information.

How we protect your data

• HTTPS encryption across the entire site and forced redirects to secure pages.
• Role-based access to booking records for our core crew only.
• Routine patching of website dependencies and monitoring for unusual traffic.
• Incident response runbook outlining steps for containment, notification and remediation.

Updates to this policy

We update this policy when we add new services, change suppliers or need to comply with law. Significant changes will be communicated via the website footer and, where appropriate, by email to confirmed charter clients.