Skip to content

Privacy Policy

Effective as of December 27, 2025

Introduction

Nomada Tour ("we," "us," or "our") respects your privacy. This Privacy Policy explains how we collect, use, share, and protect your personal information when you use our website, book tours, or communicate with us.

Your Consent: By using our services, you agree to this Privacy Policy. If you disagree with any part, please don't use our services or contact us to discuss your concerns.

Information We Collect

Personal Information You Provide

When you inquire about or book a tour, we collect:

  • Contact details: Name, email address, phone number, mailing address
  • Travel information: Passport details (for permits), date of birth, nationality
  • Preferences: Dietary restrictions, accessibility needs, special requests
  • Emergency contacts: Name and phone number of emergency contact person
  • Payment information: Processed securely by third-party payment processors (we don't store full card details)

Information We Collect Automatically

When you visit our website, we automatically collect:

  • Usage data: Pages viewed, time spent, links clicked
  • Device information: Browser type, operating system, IP address
  • Cookies: Small files that help us remember your preferences
  • Analytics data: Via Google Analytics to understand how people use our site

Information from Third Parties

We may receive information about you from:

  • Travel agencies or partners who refer you to us
  • Social media platforms if you interact with our content
  • Review platforms like TripAdvisor or Google Reviews

How We Use Your Information

We use your information for legitimate business purposes only:

Tour Planning & Delivery

Arrange accommodation, transportation, activities, permits, and all services in your itinerary

Communication

Send booking confirmations, itinerary updates, travel tips, and respond to your inquiries

Payment Processing

Process deposits, final payments, and issue invoices (via secure third-party processors)

Safety & Emergency

Contact emergency contacts if needed, coordinate with local authorities in emergencies

Service Improvement

Analyze feedback, improve our tours, train staff, and enhance customer experience

Marketing (with consent)

Send newsletters, special offers, and travel inspiration (you can opt-out anytime)

Legal Compliance

Comply with Mongolian tourism regulations, tax requirements, and legal obligations

We will never: Sell your data to third parties, use your information for purposes you haven't consented to, or share your data for others' marketing without your explicit permission.

How We Share Your Information

We share your information only when necessary to deliver your tour or as required by law:

Trusted Service Providers

To operate your tour, we share relevant information with:

  • Hotels & Ger Camps: Name, check-in/out dates, special requests
  • Drivers & Guides: Name, phone number, itinerary details
  • Activity Providers: Name, group size, any special requirements
  • Local Authorities: For national park permits and protected area access

All providers are contractually obligated to protect your data and use it only for tour delivery.

Payment Processors

Payments are processed securely via Stripe. All payment data is encrypted and handled by Stripe's secure infrastructure.

We never see or store your full credit card numbers.

Analytics & Marketing Tools

  • Google Analytics: Website usage statistics (anonymized)
  • Email Marketing: Newsletter distribution (opt-out available)
  • Social Media Pixels: Facebook, Instagram (can be disabled)

Legal Requirements

We may disclose your information if required to:

  • Comply with Mongolian law or legal processes
  • Respond to government requests or court orders
  • Protect our rights, property, or safety, or that of our customers
  • Investigate fraud or security issues

Data Security

We take data security seriously and implement multiple safeguards:

Technical Security

  • SSL/TLS encryption for website
  • Encrypted data storage
  • Secure cloud backups
  • Regular security audits
  • Firewall protection

Operational Security

  • Limited staff access to personal data
  • Confidentiality agreements for all employees
  • Secure password policies
  • Regular staff training on data protection
  • Incident response plan

Important: While we use industry-standard security measures, no system is 100% secure. We cannot guarantee absolute security of data transmitted over the internet. Please use strong passwords and be cautious about sharing sensitive information via email.

Data Retention

Data TypeRetention Period
Active BookingsDuring trip + 2 years after completion
Inquiry Data3 years (or until removal requested)
Financial Records7 years (Mongolian tax law)
Marketing DataUntil unsubscribe or 3 years of inactivity
Website Analytics26 months (anonymized)

After retention periods expire, we securely delete or anonymize your data. Some information may be retained longer if required by law or for legitimate legal purposes (e.g., disputes, investigations).

Your Privacy Rights

You have the following rights regarding your personal data:

Right to Access

Request a copy of all personal data we hold about you

Right to Correction

Ask us to correct inaccurate or incomplete information

Right to Deletion

Request deletion of your data (subject to legal retention requirements)

Right to Opt-Out

Unsubscribe from marketing emails at any time

Right to Data Portability

Receive your data in a commonly used format

Right to Object

Object to processing of your data for marketing purposes

How to Exercise Your Rights

To make a request, email hello@nomada.mn with:

  • Subject line: "Privacy Rights Request"
  • Your full name and email used for booking
  • Specific request (access, deletion, correction, etc.)
  • Booking reference number (if applicable)

We'll respond within 30 days. We may ask for ID verification.

Cookies & Tracking Technologies

What Are Cookies?

Cookies are small text files stored on your device when you visit our website. They help us remember your preferences and understand how you use our site.

Types of Cookies We Use

  • Essential Cookies (Required): Necessary for website functionality. Cannot be disabled.
  • Analytics Cookies (Optional): Help us understand visitor behavior via Google Analytics.
  • Marketing Cookies (Optional): Track visits for relevant advertising (Facebook, Google Ads).
  • Preference Cookies (Optional): Remember your settings and choices.

Managing Cookies

You can control cookies through:

Children's Privacy

Our services are not directed to children under 13. We do not knowingly collect personal information from children under 13 without parental consent.

If we discover we've collected information from a child under 13 without parental consent, we'll delete it immediately. If you believe a child has provided us with their information, contact us at hello@nomada.mn.

International Data Transfers

Our business is based in Mongolia, but we use some service providers located in other countries (e.g., US-based cloud storage, European payment processors). When we transfer your data internationally, we ensure:

  • Providers comply with international data protection standards
  • Appropriate safeguards are in place (e.g., Standard Contractual Clauses)
  • Your data remains protected regardless of location

Changes to This Privacy Policy

We may update this Privacy Policy to reflect changes in our practices, technology, or legal requirements. When we make significant changes:

  • We'll update the "Last Updated" date at the top
  • We'll notify you via email if you're an active customer
  • We'll post a notice on our website for 30 days

Continued use of our services after changes indicates acceptance of the updated policy.

Contact Us

If you have questions, concerns, or want to exercise your privacy rights, please contact us:

General Inquiries

Email: hello@nomada.mn

Phone: +976 9424 9725

WhatsApp: +976 9424 9725

Privacy-Specific Requests

Email: hello@nomada.mn

Response Time: Within 30 days

Address: Ulaanbaatar, Mongolia