{"id":3,"date":"2025-04-20T17:55:56","date_gmt":"2025-04-20T17:55:56","guid":{"rendered":"http:\/\/safemorocco.local\/?page_id=3"},"modified":"2026-06-01T10:46:27","modified_gmt":"2026-06-01T10:46:27","slug":"privacy-policy","status":"publish","type":"page","link":"https:\/\/staysafemorocco.com\/fr\/privacy-policy\/","title":{"rendered":"Privacy Policy"},"content":{"rendered":"<div class=\"ssm-legal-page\">\n\n<header class=\"ssm-legal-hero\">\n  <span class=\"ssm-legal-eyebrow\">Legal<\/span>\n  <h1 class=\"ssm-legal-h1\">Privacy Policy<\/h1>\n  <p class=\"ssm-legal-lede\">This policy explains what personal data StaySafe Morocco collects, why we collect it, who we share it with, and your rights over it. We respect your privacy and we never sell your data.<\/p>\n  <p class=\"ssm-legal-updated\"><strong>Last updated:<\/strong> 1 June 2026<\/p>\n<\/header>\n\n<nav class=\"ssm-legal-toc\" aria-label=\"Table of contents\">\n  <h2>Contents<\/h2>\n  <ol>\n    <li><a href=\"#sec-1\">Who we are<\/a><\/li>\n    <li><a href=\"#sec-2\">Data we collect<\/a><\/li>\n    <li><a href=\"#sec-3\">How we use your data<\/a><\/li>\n    <li><a href=\"#sec-4\">Legal basis under GDPR<\/a><\/li>\n    <li><a href=\"#sec-5\">Cookies &amp; tracking technologies<\/a><\/li>\n    <li><a href=\"#sec-6\">Third-party services we use<\/a><\/li>\n    <li><a href=\"#sec-7\">Sharing your data<\/a><\/li>\n    <li><a href=\"#sec-8\">International data transfers<\/a><\/li>\n    <li><a href=\"#sec-9\">How long we keep your data<\/a><\/li>\n    <li><a href=\"#sec-10\">Your rights<\/a><\/li>\n    <li><a href=\"#sec-11\">Children&#8217;s privacy<\/a><\/li>\n    <li><a href=\"#sec-12\">How we protect your data<\/a><\/li>\n    <li><a href=\"#sec-13\">Changes to this policy<\/a><\/li>\n    <li><a href=\"#sec-14\">Contact &amp; complaints<\/a><\/li>\n  <\/ol>\n<\/nav>\n\n<section class=\"ssm-legal-section\" id=\"sec-1\">\n  <h2>1. Who we are<\/h2>\n  <p>StaySafe Morocco is a Moroccan-based travel safety platform operating the website <a href=\"https:\/\/staysafemorocco.com\/fr\/\">staysafemorocco.com<\/a> and the StaySafe mobile app for iOS and Android. For the purposes of data protection law, we are the &#8220;data controller&#8221; of personal information collected through the Service.<\/p>\n  <p><strong>Contact:<\/strong> <a href=\"mailto:hello@staysafemorocco.com\">hello@staysafemorocco.com<\/a><\/p>\n<\/section>\n\n<section class=\"ssm-legal-section\" id=\"sec-2\">\n  <h2>2. Data we collect<\/h2>\n  <p>We only collect what we need to run the Service. Specifically:<\/p>\n  <h3>Information you provide<\/h3>\n  <ul>\n    <li><strong>Contact &amp; billing<\/strong> \u2014 name, email, billing address, phone (optional), country.<\/li>\n    <li><strong>Payment<\/strong> \u2014 payment card details are entered directly into Stripe&#8217;s PCI-compliant form. We <em>never<\/em> see or store your full card number. We do store the last 4 digits and card brand for receipts.<\/li>\n    <li><strong>Account credentials<\/strong> \u2014 if you create an account, your username and a hashed password.<\/li>\n    <li><strong>User content<\/strong> \u2014 reviews, community posts, support messages.<\/li>\n  <\/ul>\n  <h3>Information collected automatically<\/h3>\n  <ul>\n    <li><strong>Device &amp; technical data<\/strong> \u2014 IP address, device type, operating system, browser, language, screen size, referrer URL.<\/li>\n    <li><strong>Usage data<\/strong> \u2014 pages visited, features used, links clicked, time on page, error logs.<\/li>\n    <li><strong>Location data<\/strong> \u2014 <em>only when you use SOS or the hospital\/pharmacy finder<\/em>, the app requests your GPS coordinates to find the nearest help. Location is used in the moment and not stored on our servers after the request.<\/li>\n    <li><strong>Cookies<\/strong> \u2014 see Section 5.<\/li>\n  <\/ul>\n  <h3>Information from third parties<\/h3>\n  <ul>\n    <li><strong>Stripe<\/strong> \u2014 payment confirmation, last 4 digits, card brand, country.<\/li>\n    <li><strong>Mobile carrier partners<\/strong> \u2014 eSIM activation status, data consumption, validity dates (no call\/message content).<\/li>\n  <\/ul>\n<\/section>\n\n<section class=\"ssm-legal-section\" id=\"sec-3\">\n  <h2>3. How we use your data<\/h2>\n  <p>We use your data to:<\/p>\n  <ul>\n    <li>Deliver the eSIM you purchased (send the QR code, manage activation).<\/li>\n    <li>Provide the StaySafe app features (SOS calls, hospital finder, city guides).<\/li>\n    <li>Process payments and refunds.<\/li>\n    <li>Respond to your customer support requests.<\/li>\n    <li>Improve the Service through analytics (which features are used, where users get stuck).<\/li>\n    <li>Send essential transactional emails (order receipts, eSIM expiry reminders, refund updates).<\/li>\n    <li>Send marketing emails \u2014 <em>only<\/em> if you have opted in. You can unsubscribe at any time.<\/li>\n    <li>Detect and prevent fraud, abuse, and security incidents.<\/li>\n    <li>Comply with our legal obligations.<\/li>\n  <\/ul>\n<\/section>\n\n<section class=\"ssm-legal-section\" id=\"sec-4\">\n  <h2>4. Legal basis under GDPR<\/h2>\n  <p>If you are in the European Economic Area, the United Kingdom, or other jurisdictions with similar laws, we rely on the following legal bases:<\/p>\n  <ul>\n    <li><strong>Contract performance<\/strong> \u2014 to deliver the eSIM and app features you have asked for.<\/li>\n    <li><strong>Legitimate interest<\/strong> \u2014 for analytics, fraud prevention, and improving the Service. We balance this against your privacy rights and you may object at any time.<\/li>\n    <li><strong>Consent<\/strong> \u2014 for marketing communications, non-essential cookies, and (in the app) location access for SOS\/hospital finder. You can withdraw consent at any time.<\/li>\n    <li><strong>Legal obligation<\/strong> \u2014 for tax records, fraud reporting, and lawful disclosure requests.<\/li>\n  <\/ul>\n<\/section>\n\n<section class=\"ssm-legal-section\" id=\"sec-5\">\n  <h2>5. Cookies &amp; tracking technologies<\/h2>\n  <p>We use cookies and similar technologies to make the Service work and to understand how it&#8217;s used. Categories of cookies we set:<\/p>\n  <ul>\n    <li><strong>Strictly necessary<\/strong> \u2014 login session, shopping cart, security tokens. These cannot be switched off.<\/li>\n    <li><strong>Analytics<\/strong> \u2014 Google Analytics (anonymised IP) measures aggregate site usage.<\/li>\n    <li><strong>Advertising<\/strong> \u2014 Meta (Facebook) Pixel and TikTok Pixel measure conversion of ads. Set only if you accept marketing cookies.<\/li>\n    <li><strong>Preferences<\/strong> \u2014 language preference (English \/ French \/ Spanish) and currency.<\/li>\n  <\/ul>\n  <p>You can manage cookies through your browser settings or by clearing your browser data. Note that disabling strictly necessary cookies will break parts of the site (login, checkout).<\/p>\n<\/section>\n\n<section class=\"ssm-legal-section\" id=\"sec-6\">\n  <h2>6. Third-party services we use<\/h2>\n  <p>To run the Service, we share limited data with carefully selected providers:<\/p>\n  <ul>\n    <li><strong>Stripe<\/strong> (Ireland \/ USA) \u2014 payment processing. <a href=\"https:\/\/stripe.com\/privacy\" target=\"_blank\" rel=\"noopener\">Stripe privacy policy<\/a>.<\/li>\n    <li><strong>Google Maps &amp; Analytics<\/strong> (USA) \u2014 mapping and usage measurement. <a href=\"https:\/\/policies.google.com\/privacy\" target=\"_blank\" rel=\"noopener\">Google privacy policy<\/a>.<\/li>\n    <li><strong>Meta (Facebook)<\/strong> (Ireland \/ USA) \u2014 ad attribution. <a href=\"https:\/\/www.facebook.com\/privacy\/policy\/\" target=\"_blank\" rel=\"noopener\">Meta privacy policy<\/a>.<\/li>\n    <li><strong>TikTok<\/strong> (Ireland \/ USA) \u2014 ad attribution. <a href=\"https:\/\/www.tiktok.com\/legal\/privacy-policy-eea\" target=\"_blank\" rel=\"noopener\">TikTok privacy policy<\/a>.<\/li>\n    <li><strong>WhatsApp Business<\/strong> (Meta) \u2014 customer support messaging.<\/li>\n    <li><strong>WordPress hosting (Hostinger)<\/strong> \u2014 Moroccan \/ European servers.<\/li>\n    <li><strong>Local Moroccan mobile carriers<\/strong> \u2014 eSIM data &amp; voice provisioning (carrier-specific privacy practices apply once data is on their network).<\/li>\n  <\/ul>\n<\/section>\n\n<section class=\"ssm-legal-section\" id=\"sec-7\">\n  <h2>7. Sharing your data<\/h2>\n  <p>We do <strong>not sell<\/strong> your personal data. We share data only with:<\/p>\n  <ul>\n    <li>Service providers listed above, under data processing agreements.<\/li>\n    <li>Public authorities, when legally required (court orders, valid law-enforcement requests, tax authorities).<\/li>\n    <li>A successor entity in the event of a merger, acquisition, or restructuring \u2014 and only under equivalent privacy commitments.<\/li>\n  <\/ul>\n<\/section>\n\n<section class=\"ssm-legal-section\" id=\"sec-8\">\n  <h2>8. International data transfers<\/h2>\n  <p>Some of our service providers (notably Stripe, Google, Meta) are based in the United States. Where data is transferred outside of Morocco or the EEA, we rely on Standard Contractual Clauses or equivalent safeguards approved by the relevant data-protection authorities.<\/p>\n<\/section>\n\n<section class=\"ssm-legal-section\" id=\"sec-9\">\n  <h2>9. How long we keep your data<\/h2>\n  <ul>\n    <li><strong>Order &amp; payment records<\/strong> \u2014 7 years (Moroccan tax law requirement).<\/li>\n    <li><strong>Account data<\/strong> \u2014 for as long as your account is active, plus 12 months after deletion.<\/li>\n    <li><strong>Support messages<\/strong> \u2014 24 months.<\/li>\n    <li><strong>Marketing data<\/strong> \u2014 until you unsubscribe, then deleted within 30 days.<\/li>\n    <li><strong>Analytics<\/strong> \u2014 anonymised and aggregated; retained 26 months in Google Analytics.<\/li>\n    <li><strong>Cookies<\/strong> \u2014 typically 1\u201324 months depending on type; see your browser cookie inspector for specifics.<\/li>\n  <\/ul>\n<\/section>\n\n<section class=\"ssm-legal-section\" id=\"sec-10\">\n  <h2>10. Your rights<\/h2>\n  <p>Subject to applicable law, you have the right to:<\/p>\n  <ul>\n    <li><strong>Access<\/strong> \u2014 request a copy of your data we hold.<\/li>\n    <li><strong>Rectify<\/strong> \u2014 correct inaccurate data.<\/li>\n    <li><strong>Erase<\/strong> \u2014 ask us to delete your data (&#8220;right to be forgotten&#8221;), subject to legal retention obligations.<\/li>\n    <li><strong>Restrict \/ object<\/strong> \u2014 limit how we process your data, or object to processing based on legitimate interest.<\/li>\n    <li><strong>Portability<\/strong> \u2014 receive your data in a machine-readable format and transfer it to another provider.<\/li>\n    <li><strong>Withdraw consent<\/strong> \u2014 for marketing, cookies, or location at any time.<\/li>\n    <li><strong>Lodge a complaint<\/strong> \u2014 with the CNDP (Commission Nationale de contr\u00f4le de la protection des Donn\u00e9es \u00e0 caract\u00e8re Personnel) in Morocco, or with your local data-protection authority.<\/li>\n  <\/ul>\n  <p>To exercise any of these rights, email <a href=\"mailto:hello@staysafemorocco.com\">hello@staysafemorocco.com<\/a>. We respond within 30 days.<\/p>\n<\/section>\n\n<section class=\"ssm-legal-section\" id=\"sec-11\">\n  <h2>11. Children&#8217;s privacy<\/h2>\n  <p>The Service is not directed at children under 16. We do not knowingly collect personal data from anyone under 16. If you become aware that a child has provided us with personal information, please contact us so we can delete it.<\/p>\n<\/section>\n\n<section class=\"ssm-legal-section\" id=\"sec-12\">\n  <h2>12. How we protect your data<\/h2>\n  <p>We use technical and organisational measures to protect your data, including:<\/p>\n  <ul>\n    <li>HTTPS \/ TLS encryption across the entire site and app.<\/li>\n    <li>PCI-compliant payment processing via Stripe (we never see your full card number).<\/li>\n    <li>Encrypted databases for sensitive at-rest data.<\/li>\n    <li>Role-based access \u2014 only authorised team members can see customer data, and only to the extent needed for their job.<\/li>\n    <li>Regular security reviews and dependency updates.<\/li>\n  <\/ul>\n  <p>No system is 100% secure. If a data breach affects you, we will notify you and the relevant authorities as required by law (within 72 hours under GDPR).<\/p>\n<\/section>\n\n<section class=\"ssm-legal-section\" id=\"sec-13\">\n  <h2>13. Changes to this policy<\/h2>\n  <p>We may update this policy from time to time. The latest version will always be at this URL, with a &#8220;last updated&#8221; date at the top. Material changes will be announced by email (for active customers) and prominently in the app.<\/p>\n<\/section>\n\n<section class=\"ssm-legal-section ssm-legal-final\" id=\"sec-14\">\n  <h2>14. Contact &amp; complaints<\/h2>\n  <p>Questions about this policy or about your data?<\/p>\n  <p>\ud83d\udce7 <a href=\"mailto:hello@staysafemorocco.com\">hello@staysafemorocco.com<\/a><br>\n  \ud83d\udcac WhatsApp &amp; in-app chat \u2014 available 24\/7<\/p>\n  <p>You can also lodge a formal complaint with the Moroccan data-protection authority (<a href=\"https:\/\/www.cndp.ma\" target=\"_blank\" rel=\"noopener\">CNDP<\/a>) or your local supervisory authority in the EEA \/ UK.<\/p>\n  <a href=\"\/fr\/contact-page\/\" class=\"ssm-legal-cta\">Contact us \u2192<\/a>\n<\/section>\n\n<\/div>","protected":false},"excerpt":{"rendered":"<p>Legal Privacy Policy This policy explains what personal data StaySafe Morocco collects, why we collect it, who we share it with, and your rights over it. We respect your privacy [&hellip;]<\/p>","protected":false},"author":1,"featured_media":0,"parent":0,"menu_order":0,"comment_status":"closed","ping_status":"open","template":"","meta":{"_acf_changed":false,"footnotes":""},"class_list":["post-3","page","type-page","status-publish","hentry"],"acf":[],"_links":{"self":[{"href":"https:\/\/staysafemorocco.com\/fr\/wp-json\/wp\/v2\/pages\/3","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/staysafemorocco.com\/fr\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/staysafemorocco.com\/fr\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/staysafemorocco.com\/fr\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/staysafemorocco.com\/fr\/wp-json\/wp\/v2\/comments?post=3"}],"version-history":[{"count":10,"href":"https:\/\/staysafemorocco.com\/fr\/wp-json\/wp\/v2\/pages\/3\/revisions"}],"predecessor-version":[{"id":723,"href":"https:\/\/staysafemorocco.com\/fr\/wp-json\/wp\/v2\/pages\/3\/revisions\/723"}],"wp:attachment":[{"href":"https:\/\/staysafemorocco.com\/fr\/wp-json\/wp\/v2\/media?parent=3"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}