Talaa Trip

Privacy Policy

Your data, protected under Egyptian Law 151/2020

Last updated: May 2026

1Scope of this Policy

• This Policy explains how Talaa Trip collects, uses and protects your personal data.
• It applies to all users: guests, property owners, visitors and anyone using our apps or website.
• This Policy forms an integral part of our Terms of Service.
• We comply with Egyptian Personal Data Protection Law No. 151 of 2020.

2Categories of Data We Collect

• Identity: full name, national ID / passport, date of birth.
• Contact: phone number, email address, mailing address.
• Account: username, hashed password, profile photos.
• Bookings & payments: booking history, payment tokens, invoices.
• Usage: device type, OS, IP address, pages visited.
• Location: approximate (IP-based); precise location only with your explicit permission.
• Conversations: in-app negotiation messages between guest and host.

3Processing Purposes & Legal Basis

• Creating and managing your account (basis: contract performance).
• Fulfilling bookings and processing payments (basis: contract performance).
• Fraud prevention and identity verification (basis: legitimate interest + legal obligation).
• Customer support (basis: contract performance).
• Improving the service via aggregated analytics (basis: legitimate interest).
• Marketing — only with your explicit consent, withdrawable at any time.
• Compliance with legal and tax obligations.

4Sharing With Third Parties

• We never sell your personal data to any third party.
• Payment processors (Paymob / Fawry) — only as needed to complete the transaction.
• Cloud providers — to run servers and databases.
• SMS & WhatsApp providers — to deliver verification codes.
• Government and judicial bodies — only upon formal lawful request.

5Data Retention

• Active account data: as long as the account is open.
• Booking and invoice records: 5 years after account closure per Egyptian commercial and tax law.
• Fraud / abuse records: up to 7 years to protect other users.
• Backups: up to 90 days before full purge.

6Your Rights as a Data Subject

• Access: receive a copy of the data we hold about you.
• Rectification: correct any inaccurate data.
• Erasure: request deletion of your account (subject to legal retention).
• Portability: receive your data in a machine-readable format.
• Objection: refuse processing for marketing or analytics.
• Withdraw consent at any time.
• To exercise any right, email talaa.support@gmail.com — we respond within 30 days.

7Security & Data Protection

• All data is encrypted in transit (TLS 1.2+) and at rest (AES-256).
• Passwords are hashed (bcrypt) and never stored in plain text.
• Payment data is passed directly to certified PCI-DSS gateways.
• Internal access is role-based (RBAC).
• In case of a breach, we notify the competent authority within 72 hours.

8Use by Minors

• The service is intended only for users aged 18+.
• We do not knowingly collect data from anyone under 18.
• If we discover a minor is using the service, we immediately delete their account.

9Cookies & Similar Technologies

• We use strictly necessary cookies for login and preferences.
• We use analytics cookies to measure performance (consent required on web).
• We do not use third-party advertising cookies inside the app.

10Changes to this Policy

• We may update this Policy from time to time.
• Material changes are announced in-app at least 30 days before they take effect.
• The 'Last updated' date at the top always reflects the latest revision.