GDPR Compliance & Privacy Policy

Last Updated: April 8, 2026

1. Scope & Applicability

This policy applies to all users from the European Economic Area (EEA) and complies with Regulation (EU) 2016/679 – the General Data Protection Regulation (GDPR).

ChinaTripLine acts as a data controller for personal data you provide or we collect when using our website, itineraries, tools, or services.

2. Data We Collect

We may collect the following personal data:

  • Contact information (name, email address, phone if provided)
  • Usage data (IP address, browser, device, pages visited, session data)
  • Information submitted via forms (custom tour inquiries, subscriptions)
  • Cookie and tracking data (for analytics and ads)

3. Legal Bases for Processing

We process your data only on valid legal grounds under GDPR:

  • Your explicit consent
  • Performance of a requested service
  • Legitimate interest (analytics, security, service improvement)
  • Compliance with legal obligations

4. User Rights Under GDPR

As an EEA user, you have the right to:

  • Access your personal data
  • Rectify inaccurate data
  • Erasure (“right to be forgotten”)
  • Restrict processing
  • Data portability
  • Object to processing
  • Withdraw consent at any time

5. How to Exercise Your Rights

To exercise any GDPR right, contact us at: [email protected]

We will respond to valid requests within one month as required by GDPR.

6. Cookies & Tracking

We use cookies and similar technologies for functionality, analytics, and personalized advertising (including AdSense). You may manage or reject cookies in your browser settings.

7. Data Sharing & Third Parties

We may share data with:

  • Hosting and technical service providers
  • Analytics platforms (Google Analytics)
  • Advertising partners (Google AdSense)
  • Affiliate and booking partners (where you use links)

All third parties are required to comply with GDPR.

8. Data Security & Retention

We use technical and organizational security measures to protect your data. We retain personal data only as long as necessary for the purposes stated.

9. International Data Transfers

Your data may be transferred and stored outside the EEA. All transfers comply with GDPR adequacy decisions or appropriate safeguards.

10. Changes to This Policy

We may update this policy. Changes will be posted on this page with a revised date.

11. Contact

Data Controller: ChinaTripLine
Email: [email protected]