thrill tours theme park tours roller coaster tours
Instagram X-twitter Tiktok
Act now! Join before July 31st to lock in current prices. Use code EARLYRIDER. No commitment needed.
Days
Hours
Minutes
Seconds

Privacy Policy

Updated on 25.07.25

By using our website or booking with Thrill Tours you confirm that you have read, agree to, and understand, the following Privacy Policy. 

Thrill Tours (“we,” “our,” or “us”) respects your privacy and is committed to protecting your personal data. This Privacy Policy outlines how we collect, use, and manage your information in compliance with the General Data Protection Regulation (GDPR) and other applicable data protection laws when conducting our tours and maintaining our website.

Information We Collect

Personal Data (Provided by You):
Collected via waitlist forms, booking processes, and direct communication. This may include:

Full name, Age, Email address, Residential address, Payment details, Room preferences, Dietary requirements and food allergies, Medical or access needs, Special requests

Technical and Usage Data (Automatically Collected):
When you browse thrill.tours, we collect data automatically via cookies and similar technologies. This may include:

IP address, Browser type and settings, Pages visited and time spent, Device type and operating system, Referrer URLs, Cookie identifiers

This data helps us analyse website performance and improve your personal experience, in full compliance with GDPR requirements.

How We Collect Data
Data is collected through the following methods:

  • Waitlist Forms: Collects limited contact and preference information.
  • Booking Forms: Collects full personal, medical, and payment-related information.
  • Cookies and Tracking Technologies: Collects technical usage data for analytics and necessary site functionality.


Third-Party Services
We use the following third-party providers to assist with data collection and processing:

  • Google LLC – for website traffic analysis and user behaviour insights.
  • Meta Platforms Ireland Ltd – for website traffic analysis and user behaviour insights, from Facebook and Instagram.
  • Stripe Payments Europe Ltd – to securely and safely handle transaction data.

All third-party services we use comply with applicable data protection regulations, including GDPR.

How We Use This Information

We process your personal data in accordance with the General Data Protection Regulation (GDPR) and other applicable laws. Data is used only for specific, legitimate purposes, depending on how and when you interact with us.

1. Waitlist Management
If you join a waitlist for a tour, we may process your information to:

  • Record your interest in one or more future tours
  • Notify you if a space becomes available or a tour opens for booking
  • Offer you the option to confirm your place at a later stage


No payment is required at the waitlist stage, and joining the waitlist does not constitute a confirmed booking.

2. Booking and Operational Purposes
Once a booking is confirmed, we process your data to:

  • Finalise your reservation, issue booking confirmations, and inform you about our insolvency protection insurance in accordance with legal requirements
  • Coordinate hotel stays, transportation, and park admission on your behalf
  • Communicate essential travel information regarding the confirmed tour schedule


3. Age Verification and Participant Eligibility
We collect age data to ensure that all participants meet our 18+ requirement. This is necessary to comply with legal provisions regarding contractual capacity and to enforce our age-restricted participation policy.

4. Voluntary Use for Marketing
With your prior and explicit consent, we may process:

  • Photographs or other content voluntarily shared during or after your tour, for use in promotional materials
  • You retain the right to withdraw this consent at any time without affecting your participation or future eligibility


5. Legal and Regulatory Compliance
We may process your information where necessary to:

  • Comply with legal requirements, such as GDPR, contract law, or tourism regulations
  • Respond to lawful requests from authorities or enforce our terms and conditions

Sharing Of Information

We share personal data strictly on a need-to-know basis and only when required to deliver our services. Your information is never sold or shared for unrelated purposes.

Hotels, Theme Parks, and Tour Partners
We share relevant personal information with accommodation providers, theme parks, and other service partners as necessary to complete your booking and deliver a smooth tour experience.

Payment Processors
When you make a payment, your information is submitted directly to the external payment processor. We do not store or access your full payment details. These third-party processors handle your data securely and in accordance with applicable data protection laws.

Important: We do not sell or trade your personal data to third parties under any circumstances.

Data Retention

We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, including booking management, legal compliance, and financial record-keeping.

Retention Period
Customer data is retained until the tour has been completed and any follow-up communication or processing is finished. After this, personal data is either deleted, unless we are legally required to retain it.

Under Swiss law (Article 958f of the Swiss Code of Obligations), we must retain accounting records, booking confirmations, and payment-related data for 10 years. 

Marketing and Opt-Out Rights
Email addresses and consent records may be retained for ongoing marketing purposes, unless you opt out. Customers may request the deletion of their personal data or unsubscribe from marketing communications at any time. All marketing emails include an unsubscribe link. You may also contact us directly by email to opt out, and we will process your request promptly.

Data Security

We take appropriate technical and organisational measures to protect personal data from unauthorised access, misuse, loss, or disclosure, in accordance with applicable data protection laws.

Security Measures
All personal data is stored on secure servers with encryption and strict access controls. We use HTTPS encryption across our website, and sensitive information is handled in line with current industry best practices.

Access to Data
Access to personal data is limited to authorised personnel only. This includes Thrill Tours staff who require the information for operational purposes, such as managing accommodation, dietary requirements, or special requests. All authorised individuals with access are required to handle data in accordance with applicable data protection laws.

Data Breach Notification
In the event of a data breach, we will notify the appropriate authority and affected individuals when legally required, and take all reasonable steps to contain and resolve the incident.

Data Hosting
Our website is hosted by WPX.net, with all data stored on secure servers located in the Netherlands. All hosting infrastructure remains within the European Economic Area (EEA) and complies with GDPR requirements. We do not transfer your data outside of the EEA without appropriate legal safeguards.

Cookies & Tracking

We use cookies and similar tracking technologies on our website to enhance functionality, improve performance, and comply with applicable data protection laws, including the GDPR.

Use of Cookies
Our website uses the following types of cookies:

  • Necessary Cookies: Essential for basic website functionality, such as page navigation and secure access. These cannot be disabled.
  • Analytics Cookies: Used to collect aggregated, anonymous data about site usage and performance through tools such as Google Analytics. These cookies help us understand how visitors interact with the site and improve user experience.


Consent Management
We use a cookie consent banner powered by CookieYes to inform users about our use of cookies. When you first visit our website, you are given the option to accept or reject non-essential cookies. Your preferences are respected and stored accordingly.

Customer Rights

In accordance with the General Data Protection Regulation (GDPR), you have the following rights regarding your personal data. We are committed to upholding these rights and responding to all valid requests within the legally required timeframes.

Access: You have the right to request confirmation of whether we process your personal data and to receive a copy of the data we hold about you.

Right to Rectification: If any of your personal data is inaccurate or incomplete, you have the right to request that we correct or update it.

Right to Erasure: You may request the deletion of your personal data when there is no lawful reason for us to continue processing it. This includes cases where the data is no longer needed for the purposes for which it was collected.

Right to Data Portability: Where applicable, you may request to receive your personal data in a structured, commonly used, and machine-readable format and request that it be transferred to another data controller.

Right to Object to Processing: You have the right to object to the processing of your data in specific circumstances, including for direct marketing purposes.

Right to Withdraw Consent: If we rely on your consent to process personal data, you have the right to withdraw that consent at any time. This does not affect the lawfulness of processing carried out before the withdrawal.

International Data Transfers

We store and process personal data on secure servers located in the European Economic Area (EEA), primarily in the Netherlands through WPX.net hosting.

In some cases, we use third-party services that may transfer data outside the EEA or Switzerland. These include:

  • Meta Pixel (Facebook/Instagram advertising)
  • Google Analytics (website analytics)
  • Stripe (payment processing)


Where data is transferred internationally, we ensure that adequate safeguards are in place, such as the EU Standard Contractual Clauses (SCCs) or participation in the EU-U.S. Data Privacy Framework, to guarantee lawful and secure data handling.

We continuously monitor our providers to ensure compliance with GDPR and Swiss data protection standards.

Children's Privacy

Our theme park tours and related services are intended exclusively for individuals aged 18 and older. We do not knowingly collect or process personal data from anyone under the age of 18.

During both waitlist registration and tour booking, participants are required to provide their date of birth. This information is necessary for us to verify eligibility and legally store personal data. If a valid date of birth is not provided, we do not retain or process the associated information.

Any data submitted by a minor will be deleted upon discovery.

Policy Updates

We may update this Privacy Policy from time to time to reflect changes in our services, legal obligations, or data handling practices. We encourage you to review this Privacy Policy periodically to stay informed about how we protect your personal data. Your continued use of our website or services after any changes are published constitutes acceptance of the updated policy.

About

  • Company: Thrill Tours
  • Address: Uetlibergstrasse 184, 8045 Zurich, Switzerland
  • Jurisdiction: Switzerland
  • Audience: Thrill-seeking young adults and international tourists aged 18 and above.
  • Contact Information:

Contact

For any questions, concerns, or requests related to this Privacy Policy, please contact us at:

 

By using our services, you confirm that you have read, understood, and agreed to this Privacy Policy.

Join our mailing list

Sign up to our mailing list to stay up to date and receive special offers.