September 2026 cohort — booking now.See dates

Evertrail Tours

Privacy.

Last updated May 2026

This Privacy Policy explains how Evertrail Tours (“we”, “us”, “our”) collects, uses, and protects information about you when you visit evertrailtours.jp or book a tour with us. We're a small travel atelier based in Naha, Okinawa, Japan.

Who is responsible

Evertrail Tours is the data controller for the personal information described below. Questions about this policy or your data can be sent to info@evertrailtours.jp.

What we collect

We only collect what we need to run a tour booking and reply to enquiries:

  • Enquiry data: the name, email, and message you provide when you contact us or submit a booking enquiry.
  • Booking data: once a tour is confirmed, the additional details we need to operate it — passport name, travel dates, group size, dietary requirements, emergency contact, and any access or mobility considerations you choose to share.
  • Payment data: handled by our payment processor (we receive a confirmation, not your full card details).
  • Communications: the content of emails and messages you exchange with us.
  • Usage data: aggregate, non-identifying statistics about pages viewed on the site. No third-party trackers, no advertising cookies. See our Cookie Policy for details.

We don't buy or rent personal information from third parties, and we don't knowingly collect information from anyone under 16. If you believe a child has shared information with us, contact us and we'll delete it.

How we use it

We use your information to plan and run your tour, reply to enquiries, send booking-related messages, process payments, and comply with our legal obligations (tax records, consumer-protection requirements). With your separate opt-in, we may also send you occasional updates about new tours or seasonal departures — you can unsubscribe at any time from any such email.

Where applicable laws require a legal basis (e.g. GDPR), we rely on: performance of a contract (booking and operating tours), legitimate interests (replying to enquiries, securing the site), consent (marketing emails), and legal obligation (tax and regulatory record-keeping).

Who we share with

We share information with vendors and partners only when needed to deliver your tour — accommodation providers, transport partners, activity operators, and our payment processor. We require these partners to handle your data only for the purpose we share it for.

We may also disclose information when legally required (tax authorities, regulators, or law enforcement under a valid order) or to protect our rights, your safety, or the safety of others.

We do not sell your personal information, and we do not share it with advertisers.

International transfers

We're based in Japan, but our website, email, and some vendors operate in other countries (including the United States and within the EU/EEA). When your information is transferred outside your country, we use providers that offer appropriate safeguards — encryption in transit, contractual data-protection terms, and recognised legal mechanisms where required (e.g. EU Standard Contractual Clauses).

How long we keep it

We retain booking records for as long as required by Japanese tax and consumer-protection law (typically seven years from the end of the relevant accounting year). Enquiries that don't lead to a booking are deleted after 24 months. Marketing contacts are kept until you unsubscribe or ask us to remove you.

Your rights

Depending on where you live, you may have the right to access, correct, delete, or restrict our use of your personal information, to receive a copy of it in a portable format, or to object to certain uses (including direct marketing). You also have the right to withdraw any consent you've given us at any time.

To exercise any of these rights, email info@evertrailtours.jp and we'll respond within 30 days. If you're in the EU/EEA or UK and you believe we've handled your data incorrectly, you can complain to your local data-protection authority. In Japan, the relevant authority is the Personal Information Protection Commission (PPC).

How we protect your information

We use encryption in transit (HTTPS), restrict access to your data to the small team that needs it, and review our practices regularly. No system is perfectly secure — if we ever believe your data has been compromised, we'll notify you and the relevant authorities as required by law.

Changes to this policy

We may update this policy from time to time — usually to reflect a change in our practices or in the law. When we do, we'll update the “last updated” date at the top of this page. Material changes will be highlighted on the site.