Privacy Policy — Morning Star

Morning-star tours and safari cc (“we”, “us”) takes your privacy seriously. This policy explains what personal information we collect when you use our website or book a tour, why we collect it, how we keep it safe, and what rights you have over it.

1. Information we collect

We collect only what we need to plan your trip and stay in touch.

Contact details you give us in an enquiry or booking form: name, email address, phone / WhatsApp number, postal address.
Trip details: the tour you're interested in, travel dates, number of travellers, room preference, any special requests.
Payment information: bank transfer references and proof-of-payment documents you send us. We do not store credit card numbers — online card payments (when offered) are processed by a PCI-compliant third party.
Account data: a customer account is created automatically when you submit a verified enquiry; we store your email, name, and the booking history under that account.
Technical data: IP address, browser type, pages visited — collected via standard web server logs to detect abuse.

2. Why we use it

To respond to your enquiry and send a personalised quote.
To confirm bookings, send invoices and trip documents (vouchers, day-by-day plans, joining instructions).
To verify your email address via a 6-digit code (one-time passcode) before we store an enquiry.
To keep records required by Namibian tax and accounting law.
To send occasional follow-ups (post-trip thank-yous, similar tours) — you can opt out at any time.

3. Who we share it with

We share only what's needed to deliver your trip:

Tour suppliers — accommodation, transport, activity operators, game guards. They receive your name, traveller count, and any relevant dietary or medical notes.
Payment providers — our bank, plus any online payment gateway if you pay by card.
Email delivery — our email service sends transactional messages on our behalf.

We do not sell, rent or trade your data to anyone for marketing purposes.

4. How long we keep it

Active customer records: as long as you have an open booking or have travelled with us in the last 5 years.
Booking and tax records: 7 years from the end of the financial year, as required by Namibian law.
Marketing contacts: until you ask us to remove you, or 3 years of inactivity, whichever is sooner.

5. How we protect it

Our website runs over HTTPS and is fronted by Cloudflare's web-application firewall.
Customer passwords are stored as one-way bcrypt hashes; one-time codes are stored as bcrypt hashes too and expire after 15 minutes.
Admin access to the booking system is limited to named staff with role-based permissions and 2-factor authentication wherever practical.
Backups are encrypted at rest.

6. Cookies

We use a small number of essential cookies — for the login session, CSRF protection, and to remember your shopping cart across pages. We do not currently use third-party advertising or tracking cookies.

7. Your rights

You can at any time:

Ask for a copy of the data we hold about you.
Ask us to correct inaccurate information.
Ask us to delete your account and all related data — subject to the retention obligations in section 4.
Opt out of marketing emails by clicking unsubscribe in any email or telling us directly.

To exercise any of these rights, email us at . We aim to respond within 14 working days.

8. International transfers

Some of our service providers (email, web infrastructure) are based outside Namibia. Where this is the case we choose providers with industry-standard security and contractual data-protection commitments.

9. Changes to this policy

We'll update this page when we change how we handle your data and bump the “last updated” date at the top. Material changes will also be flagged in the next email we send you about your booking.

10. Contact

Questions or concerns? Reach us at or call +264 81 362 4491.

By submitting an enquiry or booking with us, you acknowledge that you've read and accepted this Privacy Policy together with our Terms & Conditions.