Privacy Policy

**Your Travel Company**

**Privacy Policy**

_Last updated: [Insert Date]_

**1. Introduction**

Your Travel Company ("we", "us", or "our") is committed to protecting and respecting your privacy. This Privacy Policy explains how we collect, use, store, and protect your personal information when you use our services or visit our website.

**2. Data Controller**

For the purposes of the Data Protection Act 2018 and the UK General Data Protection Regulation (UK GDPR), the data controller is:

Your Travel Company 

123 Travel Lane 

London, SW1A 1AA 

United Kingdom 

Email: privacy@yourtravelcompany.co.uk 

Phone: +44 (0)20 1234 5678

**3. Information We Collect**

We may collect and process the following personal information about you:

**3.1 Information You Provide Directly**

- **Personal Details:** Name, address, date of birth, nationality.

- **Contact Information:** Email address, telephone numbers.

- **Payment Information:** Credit/debit card details, billing address.

- **Travel Preferences:** Accommodation choices, special dietary requirements, accessibility needs.

- **Identification Documents:** Passport details, visa information.

**3.2 Information We Collect Automatically**

- **Website Usage Data:** IP address, browser type, pages visited, and other analytics.

- **Cookies:** Small text files placed on your device to collect standard internet log information and visitor behaviour.

*Explanation:* **Cookies** are small data files stored on your device to enhance website functionality and user experience.

**3.3 Information from Third Parties**

- **Travel Agents or Partners:** Information provided when you book through third-party platforms.

- **Public Sources:** Information available publicly, such as social media profiles.

**4. How We Use Your Information**

We use your personal information for the following purposes:

**4.1 To Provide Services**

- Processing bookings and payments.

- Communicating with you about your travel arrangements.

- Customising your travel experience based on your preferences.

**4.2 For Marketing Purposes**

- Sending promotional materials, special offers, and newsletters (with your consent).

- Conducting surveys and market research to improve our services.

**4.3 Legal Obligations**

- Complying with legal and regulatory requirements.

- Preventing fraud and other criminal activities.

**5. Legal Basis for Processing**

We process your personal information based on the following legal grounds:

- **Contractual Necessity:** To fulfil our contract with you when you book a holiday.

- **Consent:** When you opt-in to receive marketing communications.

- **Legal Obligations:** To comply with laws and regulations.

- **Legitimate Interests:** For improving our services and ensuring website security.

**6. Sharing Your Information**

We may share your personal information with:

**6.1 Service Providers**

- **Accommodation Providers:** Hotels, resorts, and other lodging facilities.

- **Transport Companies:** Airlines, car hire services, and transfer operators.

- **Tour Operators:** Local guides and activity providers.

**6.2 Third-Party Partners**

- **Payment Processors:** For handling transactions securely.

- **IT Service Providers:** For website hosting and maintenance.

- **Marketing Agencies:** For sending promotional communications (with your consent).

**6.3 Legal Requirements**

- **Government Authorities:** When required by law, such as customs and immigration authorities.

- **Law Enforcement Agencies:** For the prevention and detection of crime.

**7. International Data Transfers**

Your personal information may be transferred to countries outside the United Kingdom and the European Economic Area (EEA) where data protection laws may differ.

**7.1 Safeguards**

When transferring data internationally, we ensure appropriate safeguards are in place, such as:

- **Standard Contractual Clauses:** Legal contracts ensuring data protection standards.

- **Privacy Shield Frameworks:** For transfers to the United States (although currently invalidated, alternative measures are used).

**8. Data Security**

We implement various security measures to protect your personal information:

- **Encryption:** Securing data during transmission and storage.

- **Access Controls:** Limiting access to personal data to authorised personnel only.

- **Regular Audits:** Assessing our data processing and security practices.

**9. Data Retention**

We retain your personal information only for as long as necessary to fulfil the purposes we collected it for, including legal, accounting, or reporting requirements.

- **Booking Information:** Retained for a minimum of six years for tax purposes.

- **Marketing Data:** Retained until you opt-out or withdraw your consent.

**10. Your Rights**

Under the Data Protection Act 2018 and UK GDPR, you have the following rights:

**10.1 Right to Access**

You can request a copy of the personal information we hold about you.

**10.2 Right to Rectification**

You can ask us to correct any inaccurate or incomplete data.

**10.3 Right to Erasure**

You can request the deletion of your personal information under certain circumstances.

**10.4 Right to Restrict Processing**

You can ask us to suspend the processing of your personal information.

**10.5 Right to Data Portability**

You can request to receive your personal data in a structured, commonly used, and machine-readable format.

**10.6 Right to Object**

You can object to the processing of your data for direct marketing and other purposes based on legitimate interests.

**10.7 Rights Related to Automated Decision-Making**

We do not use automated decision-making or profiling that produces legal effects concerning you.

**10.8 How to Exercise Your Rights**

To exercise any of these rights, please contact us at:

Email: privacy@yourtravelcompany.co.uk 

Address: Data Protection Officer, Your Travel Company, 123 Travel Lane, London, SW1A 1AA, United Kingdom

We will respond to your request within one month, as required by law.

**11. Cookies and Tracking Technologies**

**11.1 What Are Cookies?**

Cookies are small files placed on your device to collect information about your website usage.

**11.2 Types of Cookies We Use**

- **Essential Cookies:** Necessary for website functionality.

- **Analytical Cookies:** Help us understand how visitors interact with our website.

- **Marketing Cookies:** Used to deliver relevant advertisements.

**11.3 Managing Cookies**

You can control cookies through your browser settings. However, disabling cookies may affect website functionality.

**12. Third-Party Links**

Our website may contain links to third-party websites. We are not responsible for the privacy practices of these websites. We encourage you to read their privacy policies.

**13. Children’s Privacy**

Our services are not intended for individuals under the age of 16. We do not knowingly collect personal information from children.

**14. Changes to This Privacy Policy**

We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated "Last updated" date.

**15. Complaints**

If you believe that we have not complied with data protection laws, you have the right to lodge a complaint with the Information Commissioner's Office (ICO):

Website: [www.ico.org.uk](https://www.ico.org.uk) 

Phone: +44 303 123 1113

**16. Contact Us**

If you have any questions or concerns about this Privacy Policy or how we handle your personal information, please contact us:

Email: privacy@yourtravelcompany.co.uk 

Phone: +44 (0)20 1234 5678 

Address: Data Protection Officer, Your Travel Company, 123 Travel Lane, London, SW1A 1AA, United Kingdom

---

**Explanations of Complicated Terms**

- **Data Controller:** The organisation responsible for determining the purposes and means of processing personal data.

- **UK GDPR:** United Kingdom General Data Protection Regulation, a legal framework for data protection.

- **Personal Information:** Any data that can identify an individual, such as name, address, or email.

- **Standard Contractual Clauses:** Legal agreements ensuring that personal data transferred outside the UK/EEA is protected.

- **Data Portability:** The ability to move personal data from one service provider to another.

---

By using our services or visiting our website, you acknowledge that you have read and understood this Privacy Policy.