Last updated: April 8, 2026
Nature Wonders, operated by Global Nature Media LLC ("we", "our", "us", or "the Company"), is committed to protecting the privacy and security of your personal information. This Privacy Policy describes how we collect, use, process, and disclose your information, including personal data, when you use our website https://naturewonders.com (the "Site") and related services.
This policy applies to all visitors, users, and others who access or use our services. By accessing or using our Site, you acknowledge that you have read, understood, and agree to be bound by the terms of this Privacy Policy. If you do not agree with our policies and practices, please do not use our Site.
We operate as a data controller for the personal data we process. Our registered office is located at 123 Nature Street, Green Valley, CA 90210, USA. For residents of the European Economic Area (EEA), United Kingdom, and Switzerland, we process your personal data in accordance with the General Data Protection Regulation (GDPR) and other applicable data protection laws.
We collect several types of information from and about users of our Site, including:
When you interact with our Site, you may provide us with:
As you navigate through our Site, we may automatically collect:
We may receive information about you from:
We do not intentionally collect sensitive personal data (such as racial or ethnic origin, political opinions, religious beliefs, health information, or sexual orientation). If you choose to provide such information in user-generated content, you do so at your own discretion.
We use the information we collect for various purposes, as described below. For residents of the EEA, UK, and Switzerland, we process your personal data based on the following legal bases:
| Purpose | Types of Data Used | Legal Basis (EEA/UK) |
|---|---|---|
| To provide and operate our Site and services | Technical Data, Usage Data | Legitimate interests |
| To respond to inquiries and provide customer support | Contact Information, Communication Data | Contract performance |
| To send newsletters and marketing communications (with consent) | Contact Information, Communication Preferences | Consent |
| To personalize content and recommendations | Usage Data, Travel Preferences, Location Data | Legitimate interests |
| To process payments for purchases | Payment Information, Contact Information | Contract performance |
| To analyze and improve our services | Technical Data, Usage Data, Analytics Data | Legitimate interests |
| To comply with legal obligations | Various data as required by law | Legal obligation |
| To protect our rights and prevent fraud | Technical Data, Usage Data, Communication Data | Legitimate interests |
Legitimate Interests: Where we rely on legitimate interests as a legal basis, we have conducted a balancing test to ensure our interests do not override your fundamental rights and freedoms. You have the right to object to processing based on legitimate interests.
We use cookies, web beacons, pixels, and similar tracking technologies (collectively, "Cookies") to collect and store certain information about your interactions with our Site. Cookies are small text files that are placed on your device when you visit our Site.
| Category | Purpose | Examples | Lifespan |
|---|---|---|---|
| Essential Cookies | Required for basic site functionality, such as page navigation, access to secure areas, and load balancing | session_id, csrf_token, load_balancer | Session or up to 24 hours |
| Performance Cookies | Collect anonymous information about how visitors use our site to improve performance | _ga, _gid (Google Analytics), _hj* (Hotjar) | 30 minutes to 2 years |
| Functional Cookies | Remember your preferences and settings for enhanced user experience | theme_preference, language, region_settings | 30 days to 1 year |
| Targeting/Advertising Cookies | Used by advertising partners to deliver relevant ads and measure ad performance | _fbp (Facebook), _gcl_au (Google Ads), IDE (DoubleClick) | 90 days to 2 years |
| Social Media Cookies | Enable social sharing and interaction with social media platforms | datr (Facebook), personalization_id (Twitter) | Session to 2 years |
When you first visit our Site, you will be presented with a cookie consent banner that allows you to customize your cookie preferences. You can adjust these settings at any time by clicking the "Cookie Settings" link in the footer of our Site.
Browser Controls: Most web browsers allow you to control Cookies through their settings. You can:
Important Note: If you disable or refuse Cookies, please note that some parts of our Site may become inaccessible or not function properly. Essential Cookies cannot be disabled as they are necessary for the basic functionality of our Site.
Some Cookies on our Site are placed by third-party service providers. These third parties may use Cookies to:
We do not control these third-party Cookies. For more information about how these third parties use Cookies and your options regarding them, please visit their respective privacy policies.
Our Site does not currently respond to "Do Not Track" (DNT) signals from browsers. However, you can control tracking through the cookie consent manager and browser settings described above.
We engage various third-party service providers to assist in operating our Site, conducting our business, and serving our users. These providers only receive the information necessary to perform their specific functions and are contractually obligated to protect your information.
| Service Category | Providers | Purpose | Data Shared |
|---|---|---|---|
| Web Hosting & Infrastructure | Amazon Web Services (AWS), Cloudflare | Website hosting, content delivery, security | All website data (processed as necessary for operation) |
| Analytics & Performance | Google Analytics, Hotjar | User behavior analysis, site improvement | Anonymized usage data, IP addresses |
| Email Marketing | Mailchimp, SendGrid | Newsletter distribution, email communications | Email addresses, names, engagement data |
| Payment Processing | Stripe, PayPal | Secure payment transactions | Payment details, billing information (processed directly by providers) |
| Advertising | Google Ads, Facebook Ads | Targeted advertising, campaign measurement | Anonymized user data, conversion tracking |
| Customer Support | Zendesk, Intercom | Customer service, ticketing system | Contact information, support inquiries |
| Social Media Integration | Facebook, Instagram, Twitter, Pinterest | Social sharing, authentication | Public profile information (with consent) |
All our third-party service providers are required to enter into data processing agreements (DPAs) with us that:
In the event of a merger, acquisition, reorganization, bankruptcy, or sale of company assets, your information may be transferred as part of that transaction. We will notify you via email and/or a prominent notice on our Site of any change in ownership or uses of your information, as well as any choices you may have regarding your information.
We may disclose your information if required to do so by law or in response to valid requests by public authorities (e.g., court orders, subpoenas, or government investigations). We may also disclose your information to enforce our Terms of Service, protect our rights or property, or ensure the safety of our users or the public.
We may share aggregated, anonymized, or de-identified information that cannot reasonably be used to identify you with partners, researchers, or for public reporting. For example, we may publish reports on travel trends based on anonymized user data.
We take the security of your personal information seriously and implement appropriate technical and organizational measures designed to protect your information from unauthorized access, disclosure, alteration, or destruction.
Our infrastructure providers maintain the following certifications:
In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, we will notify you and the relevant supervisory authorities without undue delay, in accordance with applicable laws. Notifications will include:
While we implement robust security measures, you also play an important role in protecting your information:
Security Limitations: Despite our efforts, no security measures are perfect or impenetrable. We cannot guarantee the absolute security of information transmitted to or from our Site. Any transmission of personal information is at your own risk.
We retain personal information only for as long as necessary to fulfill the purposes for which it was collected, including to satisfy any legal, accounting, or reporting requirements. Our retention periods are determined based on the nature of the data, the purpose for processing, and legal requirements.
| Data Category | Retention Period | Rationale |
|---|---|---|
| Account information | 3 years after last login or account closure | To allow re-activation and maintain service history |
| Contact form submissions | 2 years from submission | For follow-up and customer service records |
| Newsletter subscriptions | Until unsubscribed + 1 year | To honor unsubscribe requests and maintain preferences |
| Transaction records | 7 years from transaction | Legal requirement for financial records |
| User-generated content (photos, reviews) | Indefinitely (unless deleted by user) | To maintain community content and contributions |
| Website analytics data | 26 months | Industry standard for trend analysis |
| Server logs and technical data | 90 days | For security monitoring and troubleshooting |
| Marketing preferences | Until withdrawn + 30 days | To ensure preferences are honored |
At the end of the retention period, we securely delete or anonymize your personal information. Anonymized data may be retained indefinitely for statistical analysis and research purposes.
You may request deletion of your personal information at any time (subject to legal requirements) by contacting us at privacy@naturewonders.com. We will respond to your request within 30 days, or sooner if required by law.
We may retain personal information beyond the specified retention periods when:
Personal information contained in our backup systems is retained according to our backup retention policies (typically 30-90 days). Backup data is secured with the same level of protection as primary systems.
Depending on your location and applicable data protection laws, you may have certain rights regarding your personal information. We are committed to facilitating the exercise of these rights in accordance with applicable law.
| Right | Description | Applicable Laws |
|---|---|---|
| Right to Access | Request access to the personal information we hold about you | GDPR, CCPA, LGPD, PIPEDA, etc. |
| Right to Rectification | Request correction of inaccurate or incomplete information | GDPR, CCPA, LGPD, PIPEDA, etc. |
| Right to Erasure | Request deletion of your personal information (with exceptions) | GDPR (Right to be Forgotten), CCPA |
| Right to Restriction | Request restriction of processing in certain circumstances | GDPR, LGPD, PIPEDA |
| Right to Data Portability | Receive your data in a structured, machine-readable format | GDPR |
| Right to Object | Object to processing based on legitimate interests | GDPR, LGPD |
| Right to Withdraw Consent | Withdraw consent at any time (where processing is based on consent) | GDPR, LGPD, PIPEDA |
| Right to Opt-Out of Sale | Opt-out of the "sale" or sharing of personal information | CCPA, CPA, CTDPA, etc. |
| Right to Non-Discrimination | Not be discriminated against for exercising your privacy rights | CCPA, CPA, CTDPA, VCDPA |
To exercise any of these rights, please submit a verifiable request to us by:
Verification Process: For security purposes, we may need to verify your identity before processing your request. We may ask for additional information to confirm your identity. We will respond to your request within 30 days, or sooner if required by law.
Authorized Agents: You may designate an authorized agent to make a request on your behalf. The agent must provide proof of your written permission or a valid power of attorney. We may still require you to verify your identity directly with us.
If we decline to take action on your request, we will inform you of the reason. You have the right to appeal our decision within 30 days by contacting us at privacy-appeals@naturewonders.com. We will respond to appeals within 60 days.
If you believe we have not addressed your concerns adequately, you have the right to lodge a complaint with your local data protection authority. For EEA/UK residents, you may contact your national supervisory authority. For California residents, you may file a complaint with the California Attorney General.
Nature Wonders is based in the United States. When you use our Site, your personal information may be transferred to, stored, and processed in the United States and other countries where our service providers operate.
For transfers of personal data from the European Economic Area (EEA), United Kingdom, and Switzerland to the United States and other countries, we rely on appropriate safeguards as required by applicable data protection laws:
Your personal information may be processed in the following countries, which may have different data protection laws than your country of residence:
We take appropriate measures to ensure that your personal information receives an adequate level of protection in the countries where we process it.
For significant data transfers, we conduct transfer impact assessments to evaluate the level of data protection in destination countries and implement supplementary measures where necessary to ensure adequate protection.
While we are not required to appoint a Data Protection Officer (DPO) under the GDPR, we have designated a Privacy Officer responsible for overseeing our data protection strategy and implementation.
Our Privacy Officer is responsible for:
For the purposes of the GDPR, we have appointed a representative in the European Union:
Note: DataRep only handles GDPR-related inquiries. For general questions about our Site or services, please use our regular contact channels.
Our Site is not directed to children under the age of 16 (or under 13 in the United States, in compliance with the Children's Online Privacy Protection Act - COPPA). We do not knowingly collect personal information from children without appropriate parental consent.
If you are a parent or guardian and believe that your child has provided us with personal information without your consent, please contact us immediately at privacy@naturewonders.com. We will take steps to:
We support family online safety. While our content is generally family-friendly, we recommend that parents:
In compliance with the Children's Online Privacy Protection Act (COPPA), we:
For educational use by schools and teachers, we offer special arrangements. Educators should contact us at education@naturewonders.com for information about compliant use of our Site in educational settings.
We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, and other factors. We encourage you to periodically review this page for the latest information on our privacy practices.
When we make material changes to this Privacy Policy, we will provide notice through one or more of the following methods:
We consider the following types of changes to be material:
By continuing to use our Site after changes to this Privacy Policy become effective, you acknowledge and agree to the updated policy. If you do not agree with the changes, you should discontinue use of our Site and services.
We maintain an archive of previous versions of this Privacy Policy for your reference. To request a copy of a previous version, please contact us at privacy@naturewonders.com.
Changes to this Privacy Policy become effective on the date specified in the "Last updated" notice at the top of this page. The effective date will always be clearly indicated.
We monitor developments in data protection laws and regulations worldwide and will update this Privacy Policy as necessary to maintain compliance with applicable laws.
If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us using the information below. We are committed to responding to all legitimate inquiries within a reasonable timeframe.
For requests to exercise your privacy rights (access, correction, deletion, etc.):
To report security vulnerabilities or suspected data breaches:
For law enforcement, regulatory authorities, and legal process:
We strive to respond to all inquiries within:
We can respond to inquiries in English, Spanish, French, and German. For other languages, we may use translation services to ensure accurate communication.
Our privacy office operates during standard business hours (Pacific Time). Responses may be delayed during U.S. federal holidays. For urgent matters outside business hours, please use the emergency security contact number.
If you need this Privacy Policy in an alternative format (large print, braille, audio), please contact us at accessibility@naturewonders.com.
This Privacy Policy was last updated on April 8, 2026.