gullfoss, island

Privacy and Confidentiality

Your privacy is very important to us and the purpose of this policy is to clearly explain how we will collect, process and store your information, so that you can feel secure about what happens to your data.


Vulkan Travels personal data policy in accordance with GDPR

The General Data Protection Regulation (GDPR) entails new procedures and restrictions for the processing of personal data.
The entity responsible for your personal data is Vulkan Travel LLC.

Vulkan Travel LLC.
Cheyenne, Wyoming
82003-7007 US
PO Box 20310
PMB 79120

(Administration only, not sales office.)

 Telephone:  (929) 458-2174 and (253) 254-7682
 E-mail: [email protected]

Personal data that we need

In order to help you as our customer, we will ask you for the following information: Names of all travellers, as well as the postal address, telephone number and e-mail address of the lead traveller. If children are travelling, we will need to ask for their dates of birth in order to make sure you are charged the right price. For certain activities, such as diving or horseback riding, our suppliers will need to know your height and weight. We may also need additional information from you in certain cases, such as any special needs or requests, for example.


Processing of personal data

Personal data is processed in accordance with applicable and relevant legislation, and in accordance with the general data protection regulation. Personal data is used only for business purposes in order to provide our customers with the best possible service and to meet our obligations to you prior to and when entering into an agreement, and for marketing purposes.

Transfer of personal data

In order for us to meet our obligations to you as our customer, we will need to forward your personal data to our sub-contractors, such as airlines, hotels and activity providers, so that the right person receives plane tickets, accommodation and anything else including in their booking. Our subcontractors and partners are also subject to the applicable data protection regulation and act as data controllers or data processors in accordance with a valid data processing agreement. We make use of a number of different IT systems in our business, which are used to process your personal data. Some of these systems are cloud-based or installed on the premises of our supplier, who acts in accordance with our instructions and in compliance with a personal data processing agreement. Your personal data may therefore be transferred to a third country in cases where cloud services or servers are located in such a country.


Protection of personal data

Personal data is protected against unauthorised use, disclosure, deletion or alteration by physical, technical or organisational measures which are adopted in proportion to the risk, such as accidental loss or damage or unauthorised access in the course of data processing.


Storage period for personal data

Vulkan Travel will store your personal data for two years or in accordance with applicable legislation. Once you have signed up to our newsletter and promotional emails, or if you already receive our newsletter and promotional emails from a previous trip, then we will store your personal data for this purpose until further notice.


Implementation of this policy

Staff at Vulkan Travel have been made aware of this policy and are instructed to follow it, alongside other applicable data protection laws.


Access to data/deletion requests/data portability

Following written request and to the extent required under applicable law, Vulkan Travel will provide you with information regarding the personal data that we process. If any of this data is incorrect, we will correct or delete the data upon request. We also facilitate the portability(transfer) of your data upon request.


Payments with credit/debit card

When making a card payment, you are only required to provide your name, card number, card type, card validity and CVC code (digits on the back of your card). Vulkan Travel will not save any card details; instead, we work with DIBS AB, which processes your information. Both Vulkan Travel and DIBS use SSL encryption to safeguard user security. Vulkan Travel is certified in accordance with PCI DSS.


Verified By Visa och Mastercard SecureCode - the latest standard for card security

Verified by Visa and MasterCard SecureCode is the latest standard for the secure identification of card customers when making online purchases (known as 3D Secure). Card issuers which offer this service to their customers will be able to identify and verify the identity of their customers in a secure manner. The customer is linked to their card issuer and asked to give a user name and password.


About cookies

By setting your web browser to accept cookies, you give your consent for to use cookies in the manner set out below. A cookie is a small text file which is placed on your computer when you access and which can be found on your computer whenever you visit the website again in the future. This type of cookie usually remains on your device until you delete it yourself. primarily uses cookies in order to provide you with better service and in order to compile information about the number of visitors to our website. As a means of improving our website and product offerings, we use Google Analytics to compile information about how users navigate our website: We also use cookies to collect aggregate data about things such as the website’s number of users, their operating systems, web browsers, amount of time spent on the site, new versus returning customers, etc. This data is not used to personally identify you.


About session cookies

In order to ensure that certain functions on work correctly and to make sure that the right pages are shown to the right people, the website uses so-called session IDs. When you visit, our technical partner VISIT ( places a unique ID number on your computer for this specific visit – this is a so-called ‘session cookie’.  

Thanks to this cookie, you do not need to fill out all of your details again each time you navigate backwards in the booking dialogue, for example. The ‘session cookie’ is not saved but instead disappears once you switch off your computer. You can opt to block cookies from being saved on your computer and you can withdraw your consent whenever you like through the settings in your web browser. You can also choose to block all cookies or only certain kinds of cookies. You can also choose to delete persistent cookies that have been stored on your hard drive. If you choose to set your web browser so that it does not allow the use of cookies on then this will mean that certain features on will not function correctly in all respects.


Other programmes/websites

Our websites may include links to other programmes and/or websites that are not under the control of Vulkan Travel. This privacy policy only applies to your use of services provided by Vulkan Travel. Vulkan Travel is not liable for the content of linked programmes/websites or for any processing of personal data which may be undertaken by the owners or operators of such linked websites.


Questions/concerns about your privacy

If you believe that our processing of your personal data is not compliant with applicable regulations, you are welcome to contact the Swedish Data Protection Authority (Datainspektionen) by email at [email protected] or by telephone on: (+46) 08- 657 61 00.