Effective Date: June 03, 2026


1. Our Commitment to Your Privacy

Your privacy is important to us. Thus, it is a policy of Next Travel Sri Lanka to respect your privacy regarding any information we may collect from you across our website, https://nexttravelsrilanka.com, and other sites we own and operate.

We only ask for personal information when we truly need it to provide a service to you. We collect it by fair and lawful means, with your knowledge and consent. Further, we also let you know why we’re collecting it and how it will be used.

We only retain collected information for as long as it is necessary to provide you with your requested service. We’ll protect whatever the data we store, within commercially acceptable means to prevent loss and theft, as well as unauthorized access, disclosure, copying, use, or modification.

We don’t share any personally identifying information publicly or with third-parties, except when required to by law.

Our website may link to external sites that are not operated by us. Please be aware that we have no control over the content and practices of these sites, and cannot accept responsibility or liability for their respective privacy policies.

You are free to refuse our request for your personal information, with the understanding that we may be unable to provide you with some of your desired services.

Your continued use of our website will be regarded as an acceptance of our practices around privacy and personal information.


2. Information We Collect

We may collect the following types of personal data:

Data TypeExamplesHow We Collect
Contact InformationName, email address, phone numberVia our Contact Us page form OR Booking Form on article pages (e.g., Sri Lankan Food page)
Message ContentYour inquiry or questionVia our Contact Us page form OR Booking Form on article pages
Technical DataIP address, browser typeAutomatically via server logs
Blog CommentsName, email, comment textWhen you leave a comment on our blog

3. How We Use Your Information

We use your personal information only for:

  • Responding to your inquiries sent via our Contact Us page
  • Providing travel-related information or services you requested
  • Improving our website and customer service
  • Managing blog comments (moderation and response)

We do not use your data for marketing, newsletters, or third-party sharing unless you explicitly opt-in.


4. Data Retention Period

We retain your personal data only for as long as necessary:

Data TypeRetention Period
Contact form submissions12 months from the date of submission
Booking form submissions (from article pages)12 months from the date of submission
Blog commentsIndefinitely unless deletion is requested
Deletion request records6 months (for audit/legal purposes)

After the retention period, your data is automatically or manually deleted from our systems.


5. Your GDPR Rights (Important)

If you are located in the European Economic Area (EEA) or under GDPR jurisdiction, you have the following rights:

RightDescription
Right to AccessRequest a copy of all personal data we hold about you
Right to RectificationCorrect inaccurate or incomplete data
Right to Erasure (Right to be Forgotten)Request permanent deletion of your personal data
Right to Restrict ProcessingLimit how we use your data
Right to Data PortabilityReceive your data in a structured, machine-readable format
Right to ObjectObject to data processing based on legitimate interests

6. How to Request Deletion of Your Data (GDPR Data Deletion Request Process)

We take data deletion requests very seriously. We have provided a simple process for you to request erasure of your personal data.

You can request deletion from TWO places on our website:

  1. Via our Contact Us page: Visit https://nexttravelsrilanka.com/contact and click the red “Request Data Deletion” button.
  2. Via ANY article page (e.g., our Sri Lankan Food article): When you visit a page like https://nexttravelsrilanka.com/sri-lankan-food/ (or any other blog post/travel guide), you will see a booking form. Located near that form, you will find a clearly marked red “Request Data Deletion” button.

Step-by-Step Process (Same for both locations):

  1. Click the red “Request Data Deletion” button (on Contact page or any article page).
  2. Enter the email address you used when contacting us or submitting a booking form.
  3. Check your email inbox for a verification link (sent within 2 minutes).
  4. Click the verification link to confirm your identity.
  5. Your personal data will be permanently deleted within 48 hours.
  6. You will receive a confirmation email once deletion is complete.

Response Time:
We will respond to all deletion requests within 30 days as required by GDPR. However, we typically process requests within 48 hours after verification.

What Gets Deleted:
Once your deletion request is verified and confirmed, we will delete:

  • ✅ All contact form submissions associated with your email
  • All booking form submissions (from any article page, such as the Sri Lankan Food page) associated with your email
  • ✅ All blog comments associated with your email
  • ✅ Any other personal data we have collected from you

What We Keep (For Legal/Security Reasons):
We may retain minimal data for legal obligations or security purposes:

  • IP address of the deletion request (for audit trail)
  • Deletion request timestamp and confirmation

This retained data is anonymized and cannot be linked back to you personally.


7. Verification Process (Why We Send a Confirmation Link)

To protect your privacy and prevent unauthorized deletion requests from others, we require email verification before processing any deletion request. This ensures that only you (the actual data subject) can request deletion of your data.

The verification link expires in 1 hour. If it expires, please submit a new request.


8. Cookies Policy

Our website uses minimal cookies. We have implemented a GDPR-compliant cookie consent plugin that allows you to:

  • Accept or decline non-essential cookies
  • Delete cookies at any time via your browser settings

Essential cookies (required for website functionality) cannot be disabled. No tracking or advertising cookies are used without consent.


9. Blog Comments Policy

The owner of this blog reserves the right to edit or delete any comments submitted to this blog without notice due to:

  1. Comments deemed to be spam or questionable spam
  2. Comments including profanity
  3. Comments containing language or concepts that could be deemed offensive
  4. Comments that attack a person individually

GDPR Note for Commenters: If you have left a comment on our blog and wish to have it deleted, please follow the Data Deletion Request process described in Section 6 above.


10. Data Security

We protect your data within commercially acceptable means to prevent loss, theft, unauthorized access, disclosure, copying, use, or modification. Our security measures include:

  • Secure database storage
  • Regular backups
  • Limited staff access to personal data
  • SSL encryption for data transmission

11. Contact Information

If you have any doubts about how we handle user data and personal information, or if you need assistance with a deletion request, feel free to contact us:

MethodDetails
General InquiriesVia our Contact Us page
Privacy Related Questions[email protected]
Data Deletion RequestsUse the “Request Data Deletion” button on our Contact Us page OR on any article page (e.g., Sri Lankan Food page)

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. When we make changes, we will update the Effective Date at the top of this policy. We encourage you to review this policy periodically.

If we make material changes that affect your rights, we will notify you via:

  • A notice on our website homepage
  • An email notification (if you have provided your email)

13. Governing Law

This Privacy Policy is governed by the laws of Sri Lanka, while also respecting the GDPR requirements for our users in the European Economic Area (EEA).


14. Where to Find the Data Deletion Button (Important for Our Readers)

To make it as easy as possible for you to exercise your GDPR rights, we have placed the “Request Data Deletion” button not only on our main Contact Us page but also on every single article page that contains a booking form.

For example:
If you are reading our popular article on “The Amazing Delicacy Of Sri Lankan Food!” at https://nexttravelsrilanka.com/sri-lankan-food/, you will see the red deletion button located near the booking form on that same page. You do NOT need to navigate away from the article you are reading.

This ensures that whether you contacted us via the main contact page OR submitted a booking request directly from an article (like the food guide, travel tips, or destination review), you can request deletion of all your data instantly from that very same page.