Privacy Policy

Last updated: 02 September 2025
Controller: LowkeyTrips (“we”, “us”).
How to contact us: Use our contact form 

What we do

This website showcases our services and provides a way to contact us. We do not run analytics that track individuals, advertising pixels, or other non-essential cookies.

Personal data we process

  • Contact form: name, email address, and your message (so we can reply).

  • Emails (follow-up): if you continue the conversation by email after we reply, we’ll process the data in that correspondence.

  • Server logs (automatic): IP address, date/time, URL, referrer, and user-agent collected by our hosting provider for security and troubleshooting.

We don’t have public comments, user registration, or customer accounts. Contact-form entries are not stored in WordPress; they are delivered to our mailbox.

Why we process your data (legal bases)

  • Replying to enquiries: to respond to your message. Legal basis: consent (Art 6(1)(a)) – the user explicitly opts in by submitting the form.

  • Security/fraud prevention: via server logs. Legal basis: legitimate interest (Art 6(1)(f) GDPR)

No automated decision-making or profiling.

Cookies & similar technologies

We do not set non-essential cookies for visitors. WordPress may set strictly necessary cookies for logged-in administrators; these aren’t used for site visitors.

External links & WhatsApp

Our site includes links to third-party platforms (e.g., Instagram, Facebook) and a WhatsApp contact link. If you click any of these links—including our WhatsApp link that opens in wa.me—you will be redirected to the platform’s own site or app, where your data will be processed under that service’s privacy policy and may be subject to different data transfers or cookie practices. Visiting these external sites is entirely optional.

How long we keep data

  • Messages (email/contact form): up to 12 months, then deleted/archived unless needed longer to handle requests or legal obligations.

  • Server logs: kept only as long as necessary for security/troubleshooting, then deleted or anonymised by our host.

Who processes your data (recipients/processors)

We use EU-based/EU-region services and have data-processing terms in place:

  • Web hosting: Hostinger (EU).

  • Email: Zoho Mail (EU region endpoints).

  • Email delivery/service: Brevo (EU region).
    We don’t sell your data. We share data only if required by law or to protect our rights.

International transfers

We aim to keep processing within the EEA. Following links to third-party platforms (e.g., Instagram, Facebook, WhatsApp) may involve transfers outside the EEA under those providers’ safeguards.

Your rights (EEA/UK)

You can request access, rectification, erasure, restriction, objection, and data portability (subject to GDPR conditions).
To exercise your rights, please use the contact form at /contact/#contactform. You can also lodge a complaint with the Austrian Data Protection Authority (Datenschutzbehörde).

You can withdraw your consent at any time via the contact form; withdrawal does not affect processing based on consent before withdrawal.

Children

Our site/services aren’t directed to children under 16.

Changes

We’ll update this notice if our processing changes and indicate the new “Last updated” date.