Privacy policy

What data we collect, how we use it, and your rights. GDPR and CCPA compliant.

Effective date: April 21, 2026 · Last updated: April 21, 2026

Summary

MarrakechFlights.com collects minimal data — we don't sell it to anyone, we don't run retargeting ads, and we don't profile you across sites. Here's exactly what happens when you use our site.

Data we collect

When you browse the site

Analytics: aggregated page views, referring sites, country-level location, browser type. This uses privacy-focused analytics (no personal identifiers, no cross-site tracking).
Server logs: IP address, timestamp, requested URL. Retained 30 days for security monitoring, then automatically deleted.

When you use the search form

Origin city, destination, dates, passengers, class — these are passed to the search partner (Aviasales, Hotellook, etc.) and not stored on our servers
Search parameters do not identify you personally

When you click an affiliate link

A tracking parameter (marker ID + sub-ID) is appended to the destination URL. This tells the merchant the booking came from us — it does NOT share personal information about you.

When you sign up for our newsletter

Email address only
Country (for regional deal relevance)
Home airport preference (optional)

Newsletter signups are processed by our email provider (Buttondown or MailerLite — check individual sign-up form for current provider). We do not sell or share this list with third parties.

When you contact us

We retain email correspondence for as long as necessary to resolve your inquiry, then archive or delete based on the nature of the contact.

Cookies

We use a minimal cookie set:

Session cookie — expires when you close your browser. Used to remember your search form state.
Preferences cookie — remembers your currency choice (EUR, USD, GBP) for up to 30 days.
Analytics cookie — anonymous, aggregated only. Used to understand which content is most useful.

We do NOT use: Facebook Pixel, Google Ads tracking, retargeting pixels, or cross-site tracking cookies.

Third-party services

When you click an outbound booking link, you leave our site and enter the merchant's site. Their privacy policy then applies. We recommend reviewing the privacy policies of:

Aviasales / Jetradar (flights)
Booking.com, Expedia, Hotels.com, Agoda (hotels)
GetYourGuide (activities)
Discover Cars (rentals)
Airalo (eSIMs)

Your rights (GDPR)

If you're in the EU, EEA, UK, or Switzerland, you have the following rights:

Access — request a copy of any personal data we hold about you
Correction — ask us to correct inaccurate data
Deletion — ask us to delete your data ("right to be forgotten")
Portability — ask us to export your data in a machine-readable format
Objection — object to specific uses of your data
Restriction — ask us to limit processing of your data

Email contact@marrakechflights.com to exercise any of these rights. We respond within 30 days.

Your rights (California CCPA/CPRA)

California residents have additional rights including the right to know what personal information is collected, the right to delete, and the right to opt out of sale (we don't sell data, but you can confirm this).

Data retention

Server logs: 30 days
Analytics data: 14 months aggregated, deleted thereafter
Newsletter subscription: until you unsubscribe
Contact emails: 24 months, then archived or deleted

Security

We take reasonable measures to secure personal data:

HTTPS everywhere (enforced)
Server-side encryption of stored data
Limited employee access
No credit card data ever touches our servers (bookings happen on merchant sites)

Changes

We may update this policy. Material changes will be announced via the newsletter (if you're subscribed) and will update the "Last updated" date above.

Contact

Privacy inquiries: contact@marrakechflights.com with "Privacy" in the subject line.