Privacy Policy

Lazy Pirate Malta
Operated by Trendy Group Malta Limited

This Privacy Policy explains how personal information is collected, used, and protected when users visit the Lazy Pirate Malta website or book experiences organised by Trendy Group Malta Limited.

By using this website or booking an experience, you agree to the practices described in this Privacy Policy.

  1. Data Controller

The controller responsible for the processing of personal data is:

Trendy Group Malta Limited
‘Rita Ville’, 1 Triq il Hemel
Swieqi SWQ3050
Malta

Email: info@lazypiratemalta.com

For any questions related to this Privacy Policy or to exercise your data protection rights, you may contact us using the email above.

  1. Personal Data We Collect

When users visit our website or make a booking, we may collect the following personal data.

Information provided directly by the user

When making a reservation through our booking system, users may be asked to provide:

  • Full name
  • Address
  • Postal code
  • Country
  • Email address
  • Phone number

This information is required in order to process bookings and provide the requested services.

Automatically collected information

When visiting the website, certain technical data may be automatically collected through cookies and analytics tools, including:

  • IP address
  • browser type
  • device information
  • pages visited
  • time spent on pages
  • referring website

This information helps us understand how the website is used and improve our services.

  1. Booking System

Bookings for Lazy Pirate Malta experiences are processed through the Turitop booking system.

When users complete a reservation, the information provided is transmitted to and stored within the Turitop platform in order to manage bookings, confirmations, and operational logistics.

Turitop processes personal data in accordance with applicable data protection regulations.

  1. Payment Processing

Payments made through the website are processed securely by Stripe, a third-party payment provider.

Lazy Pirate Malta does not store full credit card details on its own servers.

Payment data is processed directly by Stripe according to their own privacy and security policies.

  1. Communications

We may use the contact information provided by customers to communicate in relation to their booking, including:

  • booking confirmations
  • event reminders
  • operational updates
  • customer support

Customers may also contact us through WhatsApp or phone for support related to their booking or participation in the event.

These communications are used only for operational and customer service purposes.

  1. Third-Party Booking Platforms

Lazy Pirate Malta experiences may also be sold through authorised online travel agencies and third-party platforms, including:

  • Viator
  • GetYourGuide
  • Trip.com
  • Klook
  • Civitatis

When bookings are made through these platforms, personal data is initially collected by the respective platform and then shared with Trendy Group Malta Limited to allow the operation of the booked experience.

Customers should consult the privacy policies of those platforms for further details on how their data is processed.

  1. Website Analytics

Our website uses Google Analytics to analyse how visitors use the website.

Google Analytics uses cookies and similar technologies to collect information about website usage, including pages visited, session duration, and general geographic location based on IP address.

This information helps us understand website traffic and improve our services.

Where applicable, IP anonymisation features may be used to reduce the level of personal identification.

Google may process this data in accordance with its own privacy policies.

  1. Advertising

Lazy Pirate Malta may use online advertising services such as:

  • Google Ads
  • Meta advertising platforms (Facebook and Instagram)

These services may use cookies or tracking technologies to measure advertising performance and understand how users interact with our website.

We do not currently operate structured remarketing campaigns, although advertising platforms may still collect aggregated usage information.

  1. Photographs and Videos

From time to time, photos or video recordings may be taken during events for promotional purposes.

Participants may appear incidentally in photographs or videos taken in a public event environment.

These materials may be used for marketing or promotional content, including social media and website publications.

Participants who do not wish to appear in such materials may inform staff before the event, and reasonable efforts will be made to respect such requests.

  1. Legal Basis for Processing Personal Data

Personal data is processed on the following legal bases under the General Data Protection Regulation (GDPR):

  • Performance of a contract – to process bookings and provide the purchased experience
  • Legitimate interests – to operate, manage, and improve our services and website
  • Legal obligations – where required for accounting, tax, or regulatory compliance
  • Consent – where users have agreed to the use of cookies or tracking technologies for analytics or advertising purposes
  1. Data Retention

Personal data is retained only for as long as necessary to fulfil the purposes for which it was collected.

Booking information and operational data are generally retained for the duration necessary to manage bookings and customer support.

Financial records and transaction data may be retained for a period of up to 10 years in order to comply with Maltese tax, accounting, and regulatory obligations.

  1. Data Security

Trendy Group Malta Limited implements appropriate technical and organisational measures to protect personal data against unauthorised access, misuse, loss, or alteration.

However, no method of transmission over the internet or electronic storage can be guaranteed to be completely secure.

  1. Sharing of Personal Data

Personal data may be shared with third-party service providers where necessary to operate our services, including:

  • booking platform providers (Turitop)
  • payment processors (Stripe)
  • website analytics services (Google Analytics)
  • authorised travel platforms and distribution partners

Personal data may also be disclosed if required by law or competent authorities.

International Data Transfers

Some of our service providers, such as Google, Meta, or Stripe, may process personal data outside the European Economic Area (EEA).

Where such transfers occur, appropriate safeguards are implemented to ensure that personal data remains protected. These safeguards may include the use of Standard Contractual Clauses (SCCs) approved by the European Commission or other legally recognised transfer mechanisms.

  1. Your Data Protection Rights

Under applicable data protection laws, including GDPR, users have the following rights:

  • the right to access their personal data
  • the right to request correction of inaccurate information
  • the right to request deletion of their data where applicable
  • the right to restrict processing of their data
  • the right to object to certain processing activities
  • the right to request data portability

Requests to exercise these rights may be sent to:

info@lazypiratemalta.com

Where processing is based on consent, users may withdraw their consent at any time without affecting the lawfulness of processing carried out before withdrawal.

You also have the right to lodge a complaint with a supervisory authority if you believe that your personal data is being processed unlawfully.

In Malta, the competent supervisory authority is the:

Office of the Information and Data Protection Commissioner (IDPC)

  1. Cookies

Our website uses cookies and similar technologies to improve website functionality, analyse website traffic, and support advertising services.

Further information about the use of cookies is provided in our Cookie Policy.

  1. Children’s Privacy

Lazy Pirate Malta experiences are intended for participants aged 17 years or older, which corresponds to the legal drinking age in Malta.

We do not knowingly collect personal information from children under this age.

If we become aware that personal data from a minor has been collected without appropriate authorisation, we will take steps to delete such information.

  1. Changes to this Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our services, legal requirements, or operational practices.

The updated version will be published on this website.

  1. Data Protection and Privacy

All personal data is processed in accordance with the Data Protection Act (Chapter 586 of the Laws of Malta) and the European Union General Data Protection Regulation (GDPR).

Trendy Group Malta Limited implements appropriate technical and organisational measures to ensure that personal data is processed securely and in compliance with applicable data protection laws.

Further information regarding the collection, use, and protection of personal data can be found in this Privacy Policy and other related legal notices published on this website.

  1. Contact

For any questions regarding this Privacy Policy or the processing of personal data, please contact:

Trendy Group Malta Limited
‘Rita Ville’, 1 Triq il Hemel
Swieqi SWQ3050
Malta

Email: info@lazypiratemalta.com