Wednesday, October 1, 2025

Air Icon --°C
Weather Icon Loading...
Clock Icon --:--
Facebook X-twitter Instagram
🔍
Add Your Business
Contact Us

Data Protection and Privacy Policy for Top10Marrakech.com

1. Introduction and Your Right to Information

This Privacy Policy sets out how Top10Marrakech.com collects, uses, and protects your personal information. It aims to protect the privacy of our users and the information you provide. Material changes to the policy will be notified to you as soon as possible so that you are informed about changes in our privacy practices. Below, we summarize how Top10Marrakech.com processes your data in a way that is easy for you to understand, in question-and-answer format.

2. Who Processes Your Data?

3. Who is the Top10Marrakech.com Data Protection Officer (DPO) and How Can They Help You?

The DPO is the person designated to advise Top10Marrakech.com on its obligations under data protection law and to monitor compliance with that law. The DPO is also your main contact for any concerns that you might have regarding your data. In case you have any queries, comments, or suggestions regarding our data usage, please reach out to the DPO at info@top10marrakech.com.

4. For What Purpose Do We Process Your Personal Data?

We collect and process your data given to us voluntarily for the following purposes:

  • Information Request Handling: Handling Information Requests: We process personal data to respond to inquiries, comments, or complaints sent by you through our contact channels. This includes replying to your correspondence and following through as required. Providing this data is voluntary, but essential for us to assist you.
  • Sending Promotional Communications: We collect personal data for sending newsletters, special offers, and experience recommendations in Marrakech. We could analyze your preferences to find more relevant offers for you.
  • User Review and Rating Management: We process your data if you wish to submit a review or rating for any attraction, restaurant, or activity so that we can publish it under the display name chosen by you (unless you wish to remain anonymous).
  • Contest Giveaway Participation: We process information needed to enter and/or participate in contests or giveaways organized by us according to the specific Contest Rules.
  • Social Media Interaction: In case you are following us or interacting with us on any social media platforms, we process data in order to update you about our content and promotions on those specific segments.

5. How Long Will We Process Your Data?

Your data will only be kept for such time as necessary to serve the purpose for which it was collected, to comply with legal obligations, and to defend against potential liabilities.

  • Inquiry Data: Kept until the request is resolved and maintained thereafter as a communication history for any legal periods the Company may require.
  • Marketing Data: Retained indefinitely or until you unsubscribe or send a deletion request.
  • User Reviews: These will remain in the Company’s permanent archive for as long as the review is posted, unless you make a request to remove it.
  • Contest Data: Retained as per each Contest Rule.
  • Social Media Data: This is retained as long as you are our follower or engaged with us on that platform.

6. What is the Lawful Basis for Processing Personal Data?

The legal basis for processing data varies according to the following categories:

  • Inquiries: Consent given by you.
  • Marketing: Majorly on the basis of your consent.
  • User Reviews: Consent.
  • Contest Participation: Your acceptance of the contest terms signifies consent.
  • Social Media: Consent.

7. To Which Recipients Will Your Data Be Communicated?

  • User Reviews: Things published on our website will be made visible to fellow users. It is possible to use a pseudonym or post anonymously.
  • Contest Participant Data: As provided in the contest rules, the data may independently be shared or published.
  • Other Data: Normal procedures never disclose this data to third parties except when required by law.
  • We may engage third-party service providers (e.g., IT hosting, email service providers) who have access to your data to perform services on our behalf. They do so solely under our instructions, maintain strict confidentiality, and are contractually obliged to comply with data protection legislation.

8. Are There Any International Data Transfers?

International transfers of data may happen, particularly if the service providers use servers located outside your own residence country. Those typically mean:

  • Cloud Storage: We store data in a cloud infrastructure (servers located in the EU/USA) using providers that respect strong data protection frameworks like the EU-US Data Privacy Framework or Standard Contractual Clauses (SCCs) approved by the European Commission.
  • We use platforms for sending emails and managing communications that might involve international transfers. These providers will generally offer adequate guarantees via SCCs.

9. Is the Location of Users Who Download the Top10Marrakech.com Mobile Application Known?

Top10Marrakech.com does not currently offer a mobile application. Therefore, we do not collect location data from mobile apps.

10. What Are Your Rights When You Provide Us with Your Data?

You have rights concerning your data:

  • Right to Access: Confirm if we process your data and get a copy.
    Right to Rectification: Ask us to correct inaccurate data.
  • Right to Erasure (“Right to be Forgotten”): Request deletion of your data when it’s no longer necessary.
  • Right to Restriction of Processing: Limit how we use your data in certain circumstances.
  • Right to Data Portability: Receive your data in a structured, commonly used format or have it transferred to another controller.
  • Right to Object: Object to the processing of your data in specific situations.
  • Right Not to Be Subject to Automated Decision-Making: Object to decisions based solely on automated processing.

Key characteristics of these rights:

  • Free of Charge: Exercised for free unless requests are unfounded or excessive.
  • Exercised Directly or Via Representative: You can act yourself or through someone else.
  • Timely Response: We’ll respond within one month, extendable by two months for complex requests.
  • Accessible Means: We’ll inform you how to exercise these rights; electronic requests will be responded to electronically where possible.
  • Complaint Process: If your request isn’t acted upon, we’ll explain why and inform you of your right to complain to a Supervisory Authority (e.g., your local data protection authority).

To help you exercise these rights, we provide specific request forms:

  • Right of Access Form
  • Right to Rectification Form
  • Right to Object Form
  • Right to Erasure Form
  • Right to Restriction of Processing Form
  • Right to Data Portability Form
  • Right Not to Be Subject to Automated Decision-Making Form


All these rights can be exercised using the contact methods provided at the beginning of this policy.

11. How Do We Protect Your Data?

We take full accountability for the individual privacy that we are processing. It implements the strongest physical, organizational, and technological security measures to preserve the integrity and security of the associated data and privacy.

Staff members accessing personal data have undergone training and are aware of their obligations under which they process data.

All contracts with service providers extend to confidentiality clauses and necessary technical and organizational security measures to ensure ongoing confidentiality, integrity, availability, and resilience for processing systems for data.

We regularly evaluate our security techniques to maintain up-to-date adequacy and effectiveness. Every system strives for absolute security, with the understanding that no system is entirely invulnerable. In the event of any breach, we will do the necessary investigations, inform the relevant Supervisory Authority, and notify affected users when appropriate.

12. What Is Your Responsibility as the Data Subject?

Giving us your data means you confirm that you are over fourteen years of age, that the data is true, accurate, complete, and current.

It is your responsibility to update your data to keep it accurate and relevant as your situation changes. For any false or inaccurate data given or failure to update data that may arise in any direct or indirect damages caused, you shall be liable.

Should you provide data about third parties, you further represent that the third parties have been previously informed of all matters in Article 14 of the General Data Protection Regulation and that appropriate consent has been given by them.

13. How Did We Obtain Your Data?

  • Directly from You: Most of the data is furnished by you while contacting us, signing up for marketing, or posting reviews.
  • Social Media Registration: Some data will be received from this platform (allowing for that platform’s privacy policy) in case you register or interact with us through social media.
  • Third-Party Referrals: Sometimes, we might receive your data for marketing purposes by partners or affiliates with your consent, always in compliance with the law.

Get in Touch

Explore unforgettable travel experiences, savor delicious culinary delights, and enjoy top-notch accommodations tailored to your comfort. We aim to make every journey memorable with exceptional services and unbeatable hospitality.

Quick links

Business Categories

Blog Categories

Languages

© 2025 Top 10 Marrakech. Designed by Click Media Lab Inc.