Privacy Policy

Effective Date: Feb 10, 2026

Gray Line Corporation, Inc. (“Gray Line”, “we”, “us”) is committed to protecting your privacy and ensuring transparency regarding how personal data is collected, used, shared, and protected.

This Privacy Policy applies to https://www.grayline.com/ and any associated booking, marketing, or informational pages (the “Site”). By using the Site, you acknowledge that you have read and understood this Privacy Policy.

1. Who We Are

Gray Line Corporation, Inc. is a Maryland non-stock corporation with its principal office at:

1541 N. Marion St, P.O. Box #18267

Denver, CO 80218, USA

Email: [email protected]

Gray Line is the owner and licensor of registered trademarks and branding used by independently owned and operated licensees worldwide (“Licensees”). Gray Line does not itself operate tours or sightseeing services. It operates the Site, facilitates bookings, and transmits reservation data to the relevant Licensee.

Data roles:

  • Gray Line acts as a Data Controller for personal data collected via the Site.
  • Licensees act as independent Data Controllers for services they provide.

2. Personal Data We Collect

We collect personal data directly from you and automatically when you use the Site.

Data you provide may include:

  • Name and contact details
  • Account credentials
  • Billing and transaction information (processed securely by payment providers)
  • Booking, itinerary, and guest details
  • Communications with customer support

Data collected automatically includes:

  • IP address
  • Device and browser information
  • Approximate location
  • Usage and interaction data

3. Lawful Bases for Processing (EEA / UK)

Where applicable, we process personal data under the following lawful bases:

  • Performance of a contract
  • Legal obligation
  • Legitimate interests
  • Consent (where required)

4. Sharing of Personal Data

We may share personal data with:

  • Licensees and service providers necessary to fulfill bookings
  • Payment processors
  • Technology, security, analytics, and marketing providers
  • Authorities where required by law

We do not sell personal data.

5. International Data Transfers

Personal data may be transferred outside your country of residence, including to the United States. Where required, transfers are safeguarded using Standard Contractual Clauses and other lawful mechanisms.

6. Data Retention

We retain personal data only as long as necessary:

  • Booking and transactional data: 10 years
  • Account data: until deletion
  • Marketing data: until consent is withdrawn
  • Legal records: as required by law

7. Your Rights

Depending on your location, you may have rights to access, correct, delete, restrict, object to processing, or withdraw consent. California residents have additional rights under the CCPA/CPRA.

Requests may be sent to [email protected].

8. Security

We implement appropriate technical and organizational safeguards. However, no system can be guaranteed to be 100% secure.

9. Children’s Privacy

The Site is not intended for children under the age of 13, and we do not knowingly collect personal data from children.

10. Updates to This Policy

We may update this Privacy Policy from time to time. Updates will be posted on the Site with a revised effective date.

Cookies Policy

Effective Date: Feb 10, 2026

This Cookies Policy forms part of the Privacy Policy above and explains how Gray Line uses cookies and similar technologies on the Site.

1. What Are Cookies?

Cookies are small text files placed on your device when you visit a website. They help websites function properly, enhance security, and provide information about how the site is used.

2. Types of Cookies We Use

  • Strictly Necessary Cookies – Required for core website functionality and security.
  • Functional Cookies – Enable enhanced features and personalization.
  • **Analytics Cookies

3. Updates to This Policy

We may update this Cookies Policy from time to time. Updates will be posted on the Site with a revised effective date.