Book a meeting!

Privacy Policy​

Tofaraa AS Privacy Policy

Our contact details

Name: Tofaraa AS

Address: Austre Sagstadvegen 60, 5243 Bergen Norway

Phone Number: +47 404 56 650 (Available on WhatsApp)

E-mail: info@tofaraa.com

This privacy policy will explain how our organization and our affiliates use the personal data (information) we collect from you when you use our website or services. By using our website or services, you expressly consent to our use and disclosure of your personal data as stated in this policy. This policy is a part of and incorporated with the Terms and Conditions.

The type of personal data we collect

We currently collect and process the following personal data about you:

  • Name (first name and last name)
  • Phone
  • Mailing Address
  • Email
  • Passport details
  • Any information as needed by relevant travel service providers such as airlines, vacation stay providers, tour providers
  • On certain occasions and to a limited extent, we may collect any personal data about you that may be regarded as sensitive personal data such as your racial or ethnic origin, religious or philosophical beliefs, genetic data, and health data. This may include your data on marital status, medical records, national identity number, dietary requirements, health issues, discerning allergies, and data on any special assistance needed on a trip.

You shall provide us personal data which is accurate and true and inform us of any changes. Any failure to provide the necessary personal data or any wrong information provided from your end or any withdrawal of consent that you have provided would mean that we may not be able to perform our travel arrangement-related obligations towards you.

We do not collect any of your banking (credit card/debit card/bank account number) details. Any payments on our site will be processed through PayPal or Vipps or Swish.

How we get the personal data

Most of the personal data we process is provided to us directly by you for one of the following reasons:

  • When you place an order (i.e., purchase services) on the website
  • When you reach out to us for any questions or support or interact with us through chat, phone, or email
  • If you contact or communicate with us for providing feedback or participate in a survey, competition
  • When you interact with us through any social media accounts
  • When you receive marketing materials from us including any newsletter

The data collected may vary depending on your specific travel arrangements.

We also receive information indirectly, from the following sources in the following scenarios:

  • Cookies- Cookies are very small text files that are stored on your system when you visit our website. For more information on cookies, you are suggested to read “What Are Cookies”. If the cookies are not strictly necessary for the provision of our website, we will ask you to consent to our use of cookies when you first visit our website. Cookies will not usually contain any personal data, however, personal data about you that we process may be connected to the information obtained and processed from cookies. You may choose to reject all or some of the cookies wherein you may not be able to access all of the features on the website. The option to manage the cookies will be available in your browser.
  • Strictly Necessary cookies- We use these cookies to perform basic functions such as remembering items placed in a virtual shopping cart, access features of the website, or e-billing. You may disable these cookies by changing your browser settings, but this may affect how our website functions.
  • Personalization/Customisation cookies- We use these cookies to store information about your preferences including language preferences, your location to personalize the website for you.
  • Google Analytics. This is a web analytics service provided by Google, Inc. (“Google”). Google Analytics collects information about your visit to the website, what pages you visit, how often you visit, IP address, web browser, and location. For more information on Google’s ability to use and share information collected about you, please read the Google Terms of Use and Google Privacy Policy at https://tofaraa.com//policies.google.com/privacy?hl=en-US as amended from time to time. The information generated by this cookie will be transmitted to and stored by Google on servers in the United States.
  • Google AdSense. Third-party vendors, including Google, use cookies to serve ads based on a user’s prior visits to our website. Google’s use of advertising cookies enables it and its partners to serve ads to users based on their visit to our sites. Users may opt-out of personalized advertising by visiting Ads Settings.
  • Facebook Advertisements- We use the services of Facebook Inc. (“Facebook”) to deliver our advertisements that may be relevant to you. You can control how Facebook uses data to show you ads by using your ad preference settings in Facebook. Further information about how Facebook uses personal information can be found at https://tofaraa.com//www.facebook.com/about/privacy/.
  • The cookies will collect information regarding:
    • Your website preferences
    • Your language preferences
    • Website pages that you visited or accessed
    • Information on your interaction with the website such as click patterns, website navigation paths, transactions performed
    • Information about the timing, frequency, and pattern of website use
    • Type of browser used
    • Domain name
    • Operating system
    • IP address
    • Unique device identifier and device type
    • Your usage
    • Your location, time zone

Information collected from third parties

We may receive information from any third parties such as your employer, family member, a friend who may avail/book certain travel services on your behalf. This information can include information such as your name, phone, address, email, passport details, data regarding your dietary requirements, health issues, discerning allergies, and other relevant information as needed in order to avail travel services. In such cases, we will rely on the authority of the person providing such information that confirms you have provided your consent to the sharing of such information with us. Also, if you book any travel services on behalf of another person, you warrant that you have obtained the consent of that other person for sharing information with us and the other person is agreeable to the terms in this policy. You should promptly inform us if you know that your personal data has been provided to us by another person without your consent. Similarly, you shall also inform us in case you do not have the consent of that other person whose data you are sharing with us.

We use the information to:

  • Provide, operate, maintain and improve our website
  • Provide travel-related services/products
  • Facilitate and manage your travel bookings
  • Communicate with you regarding any support, inquiry, competition, offers, survey, or feedback
  • To provide optimized services (your information helps us to more effectively respond to your customer service requests and support needs)
  • Bill you for the services
  • Improve our services
  • Verifying your identity
  • Statistics and record-keeping, accounting, billing, collection of proceeds
  • Understand and analyse how you use our website
  • Communicate with you, either directly or through one of our partners, including for updates, notifications, and any marketing or promotional purposes
  • Information collected through cookies will be used to optimize your online experience on the website, making the web pages user-friendly, customization of the web page based on your preferences, understand user behaviour, marketing purposes, provide recommendations, tracking your visit to our website, record the discussion thread during a chat with our support staff, and serving you with an advertisement for our products or services.
  • Contact you for market research purposes
  • Avoid, identify, investigate any fraud or malicious activity
  • Comply with legal requirements

We may share this information with:

  • Our service providers, advisors that will include third parties as stated below
  • Third parties that include hotels, airlines, agents, courier services, car rental companies, or any similar entities to the extent necessary to deliver the travel-related services. Note that such third parties will use your personal data as stated in their privacy policy and may also contact you for obtaining any additional information as necessary to facilitate your travel arrangement. We advise you to review such third-party privacy policies when you avail services from us. You may also request you to provide their privacy policies to you.
  • Governmental authorities including customs and immigration authorities
  • Our affiliates, partners
  • Event organisers
  • Person making your travel arrangements on your behalf

We may share information in connection with the performance of any contractual obligations or where the disclosure is mandated by law or if we believe that disclosure of the information is necessary and suitable to prevent any risk or injury. For example, we may disclose personal information to third parties for business purposes such as third-party service providers that provide services to us stated above and also providers who perform  processing, customer service, and other related services. We may also share your information in connection with a corporate transaction, such as corporate restructuring, sale of a business, merger, or asset sale.

Data Transfers

Any of the above entities may be located in countries outside of EEA and Switzerland. We may transfer your personal data to countries that may not provide corresponding levels of data security as your home country. We perform the international transfers if they are necessary for the performance of a contract with you. Before sharing personal data outside EEA and Switzerland, we will take necessary steps to ensure that your personal data will be given adequate protection as required by applicable data privacy laws by putting in place appropriate international data transfer mechanisms. When you purchase our services, we act as the controller of your personal data. Since we deal with many different entities across the globe, it is not possible for us to set out herein the list of such entities nor the global locations wherein your personal data will be sent.

Under the General Data Protection Regulation (GDPR), the lawful bases we rely on for processing this information are:

(a) Your consent. You can remove your consent at any time. You can do this by contacting us at the contact details stated herein. However, if withdraw your consent, you may be unable to use our website. For example, when you use cookies other than strictly necessary cookies, we will ask for your consent. When you sign up for a newsletter, you rely on your consent. When we receive information about you from a person such as your employer who makes bookings on your behalf, we rely on the authority of that person to act on your behalf.

(b) We have a contractual obligation. This includes performing any obligations under any contract that we enter with you such as providing you travel related services. For example, if you avail services from us related to air travel booking, we will use your personal data to share it with airlines so that your flight can be booked.

(c) We have a legal obligation. This includes processing your information to comply with any legal obligation such as to give information including your personal data to any regulatory authorities on their request or to prevent any fraud.

(d) We have a legitimate interest. This includes processing information when there is a legitimate interest such as to protect or assert rights of any party including protecting your interests where we find it necessary to do so or keep records for proper management of our business or any market research. For example, information collected through the use of cookies will be used to improve our website or to prevent any security threats.

We will only collect sensitive personal data in compliance with GDPR, with your explicit consent and where it is reasonably necessary for, or directly related to, one or more of our functions unless otherwise required to do so by law. For example, the performance of a contract with you such as making any travel arrangements may necessitate collecting of sensitive personal data. This is in conformity with Article 6(b) of GDPR where processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract. Another basis for obtaining the sensitive personal data is your consent. This is in conformity with Article 6(a) of GDPR where the data subject has given consent to the processing of his or her personal data for one or more specific purposes. For example, if you intend to make a travel insurance application, you will have to provide health data to us and thereby you consent that we can use and reveal that data to arrange a travel insurance on your behalf.  We will not use sensitive personal data for any other purpose other than the purpose for which it was collected, unless we subsequently receive your further consent for using it for another purpose.

How we store your personal data

Your information is securely stored in Norway via Microsoft cloud. We will retain your personal information only for as long as is necessary. We will retain your personal information as long as we have a continuing relationship with you such as you are availing services from us. We will retain the data to comply with any of our legal or contractual obligations. On the expiry of any foregoing stated periods, as applicable, we will either delete or de-identify your personal information.

We shall take reasonable measures to prevent unauthorized use, access, misuse, loss, destruction, or alteration of your personal data under our control by putting in place necessary administrative, technical, security, physical and virtual controls ensuring a level of security appropriate to protect personal data. The website utilizes Secure Sockets Layer (SSL) to ensure the secure transmission of your personal data. We protect your personal data by enabling encryption of sensitive data. We review our security procedures constantly to ensure protection for personal data at all times. However, we are not responsible for the acts and omissions of any third parties including their security controls.

Children’s Information

Our services are not meant for children. We do not knowingly collect any personal data from children under the age of 18. If you think that your child has provided personal information on our website, you are suggested to contact us promptly and we will do our reasonable efforts to promptly remove such information from our accounts.

Opt-Out

If you have agreed to receive marketing mails (which is voluntary) you will receive emails from us including any marketing, promotional emails and newsletters. You may discontinue receiving such communications from us for any reason by clicking on the “unsubscribe” link in your email communications.

Third-Party Websites

Our organization’s website may contain links to other websites. Our privacy policy applies only to our website, so if you click on a link to another website, you should read their privacy policy.

Your data protection rights

As per the applicable data protection law, you have rights including:

  1. Your right of access – You have the right to ask us for copies of your personal information.
  2. Your right to rectification – You have the right to ask us to rectify personal information you think is inaccurate. You also have the right to ask us to complete information you think is incomplete.
  3. Your right to erasure – You have the right to ask us to erase your personal information in certain circumstances.
  4. Your right to restriction of processing – You have the right to ask us to restrict the processing of your personal information in certain circumstances.
  5. Your right to object to processing – You have the right to object to the processing of your personal information in certain circumstances.
  6. Your right to data portability – You have the right to ask that we transfer the personal information you gave us to another organization, or you, in certain circumstances.
  7. Your right to withdraw your consent.

If you make a request, we have one month to respond to you. Please contact us at the contact details stated herein if you wish to make a request. We may verify your identity before fulfilling any of your requests. We may charge any fee if permitted by law.

Contact Us

Please contact us at the below details if you wish to make a request.

Name: Tofaraa AS

Address: Austre Sagstadvegen 60, 5243 Bergen Norway

Phone Number: +47 404 56 650 (Available on WhatsApp)

E-mail: info@tofaraa.com

How to complain

If you have any concerns about our use of your personal data, you can make a complaint to us at the details above specified. If you are not happy with our resolution of your complaint, you have the right to raise a complaint with the supervisory authority where you live, where your work, or where the infringement took place. You can also complain to the Norway Data Protection Authority at https://tofaraa.com//www.datatilsynet.no/en/about-us/.

Changes

We may modify this policy from time to time and the changes will be posted on this page. You are requested to frequently check the website for any changes to this policy. If there are any material changes, we will notify you by email or as otherwise required by applicable law.

April 2023

Quick links

Africa with Children
Travel Insurance
My bookings

PROUD MEMBERS OF

About us

Privacy Policy
Terms & Conditions
FAQ

CONTACT US
info@tofaraa.com
FOLLOW US
Youtube Linkedin Instagram Facebook
© Tofaraa Ltd. 2025, All rights reserved. - Tofaraa AS - org. nr 926 801 112 NO - Enterprise: K2020253548 ZA
EN
EN NO SE

Schedule Your Appointment

Contact Us