Privacypolicy.

We collect only what we need to plan your journey and reply to your messages — name, email, phone, dates, and the trip you're interested in. We don't sell your data. We don't share it with anyone outside our delivery network in Morocco. We keep it as long as your booking is active plus seven years for tax and legal compliance, then we delete it. You can ask us what we hold and we'll tell you within thirty days. You can ask us to delete it and we will, subject to legal retention requirements.

A small-group tour operator founded in 1994, registered in Morocco with a UK liaison office for booking and customer service. We are the data controller for personal data collected through this website and our booking process. For data protection queries, write to privacy@sarahdiscoveries.com or use the contact form on our contact page.

Name, email, phone, country of residence, the journey you're interested in, your dates, group size, and anything you tell us about how you want to travel. Voluntarily provided when you write to us.

Passport details for hotel registration as required by Moroccan law, dietary requirements, mobility needs, emergency contact, insurance details, and flight information. Provided after deposit, used only to deliver your trip.

We do not store credit card numbers. Payments go through our UK-regulated payment processor (Stripe) or by bank transfer. We retain proof of payment for seven years as required by HMRC.

Anonymised page-view counts via a privacy-focused analytics tool. No personal identifiers, no cross-site tracking, no third-party advertising cookies. Your IP is processed but not stored.

When you ask us for an itinerary or a price, we use your details to research and reply. That's the only purpose for that data unless you book — in which case the contract basis below kicks in.

Once you book, we share your name and dates with hotels, guides, drivers, and other suppliers in our network to deliver the journey you've paid for. They are bound by their own privacy obligations.

Passport details for hotel registration (Moroccan law). Booking records for seven years (UK tax law). Insurance and emergency contact in case of incident during the trip.

If you tick the brochure-consent box, we email you the brochure and may follow up about your enquiry. You can unsubscribe at any time using the link in any email we send. We don't run a newsletter or marketing list.

If you enquire and don't book, we keep your details for two years in case you come back. After two years, we delete it unless you tell us otherwise.

UK tax law requires us to retain booking and payment records for seven years from the end of the financial year in which the trip departed. After that, we delete it.

If you've consented to receive the brochure, we keep your email until you unsubscribe or three years pass without engagement — whichever is sooner.

The saved-journeys feature uses your browser's local storage. We never see this data. Clearing your browser cache removes it. It is not synced anywhere.

Ask us what we hold about you and we'll send a copy within thirty days.

If anything we hold is wrong, tell us and we'll correct it.

Ask us to delete your data. We will, subject to the seven-year tax retention on booked trips.

Ask us to stop using your data while you dispute something. We will, and only resume after the dispute is resolved.

Get your data in a machine-readable format to take elsewhere. We'll provide it within thirty days.

Object to our use of your data on the legitimate interest basis. We'll stop unless we have compelling grounds to continue.

Withdraw consent at any time. For marketing, the unsubscribe link in any email works. For everything else, write to us.

You can complain to the UK ICO at ico.org.uk or to your local data protection authority. We'd rather hear from you first — but it's your right.

Strictly necessary cookies for the booking form and saved-journeys feature (no consent required under PECR). Anonymised analytics that count page views without identifying you. That's it — no advertising cookies, no third-party trackers, no remarketing pixels. Your browser stores the saved-journeys list locally; we don't see it.

Our website and customer-service systems are hosted in the UK and the EU. To deliver your trip, we share necessary details with our Morocco operations team and the hotels, guides, and drivers in your itinerary. Morocco is not on the UK adequacy list — transfers are made on the basis of the Standard Contractual Clauses (SCCs) supplemented with additional safeguards, which we can describe in detail on request.

We will update this page if we change how we handle data. Material changes will be notified by email if we hold your address. Minor changes — typo fixes, clearer wording — will just appear here with a new revision date. The current version is May 2026.