Privacy Policy

Privacy Policy

Home / Privacy Policy

Privacy Policy

🔒 Privacy Policy for Aqdas Travel

Last Updated: November 23, 2025

This Privacy Policy explains how Aqdas Travel collects, uses, protects, and discloses your personal data when you interact with us, including when you visit our website, contact us, or book a Hajj or Umrah package.

Aqdas Travel is committed to protecting your privacy in compliance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

1. Company Information (Data Controller)

  • Company Name: Aqdas Travel

  • Company Number: 16187110

  • Email Address (for Privacy Inquiries): info@aqdastravel.co.uk

  • Phone Number: 0203 504 1818

  • ATOL Number: 12834

  • Regulator: The Information Commissioner’s Office (ICO).

2. The Data We Collect About You

We may collect, use, store, and transfer different kinds of personal data about you:

  • Identity Data: This includes your name, marital status, title, date of birth, gender, and passport number.

  • Contact Data: This includes your residential address, email address, and telephone numbers.

  • Financial Data: This includes bank account and payment card details, which are processed securely via encrypted third parties.

  • Transaction Data: This covers details about payments, services purchased, and travel dates.

  • Technical Data: This includes your Internet Protocol (IP) address, browser type, location, and website usage data (collected via cookies).

  • Special Category Data: This includes information concerning dietary requirements (which may reveal religious beliefs) and relevant health conditions (e.g., mobility issues, medical needs).

3. How We Collect Your Data

We use different methods to collect data from you:

  • Direct Interactions: You provide us with this data when you fill in booking forms, correspond with us by phone, email, or in person, and subscribe to our services.

  • Automated Technologies: As you interact with our website, we automatically collect Technical Data via cookies, server logs, and other similar technologies.

  • Third Parties: We may receive data from external providers, such as airlines, hotels, the Nusuk Hajj platform, and payment service providers.

4. How and Why We Use Your Personal Data (Lawful Basis)

We use your data only when the law allows us to.

  • Performance of Contract: To process and fulfil your Umrah/Hajj booking, including reserving flights, hotels, and ground services. This includes processing payments securely.

  • Legal Obligation: To comply with legal requirements, such as ATOL regulations, financial audits, and public health requirements.

  • Explicit Consent: To process Special Category Data (like dietary or health needs) and share it with suppliers to ensure your safety and comfort during travel. You must explicitly opt-in for this.

  • Legitimate Interest: To administer and protect our business, manage our website, and prevent fraud.

  • Consent: To send you marketing communications about future services or deals. You have the right to withdraw this consent at any time.

5. Disclosure and Sharing of Your Personal Data

We must share your personal data with third parties to successfully complete your travel booking. We require all third parties to respect your data security and treat it legally.

  • Travel Suppliers: We share data with airlines, hotels, ground transport providers, and pilgrimage service providers in Saudi Arabia (including the Nusuk Hajj platform for Hajj bookings).

  • Financial Services: We share data with banks and payment service providers to authorize and complete transactions.

  • Regulators and Authorities: We share data with the Civil Aviation Authority (CAA – ATOL 12834) and the ICO when required by law.

6. International Transfers

As a travel company, we transfer your personal data outside the UK/EEA to Saudi Arabia and other countries where your travel suppliers are based. We put in place suitable safeguards to protect your data during these transfers, such as using standard contractual clauses approved by the ICO.

7. Data Security and Retention

  • Data Security: We employ appropriate technical and organizational measures to prevent your personal data from being accidentally lost, used, accessed, altered, or disclosed in an unauthorized way.

  • Data Retention: We retain your personal data only for as long as necessary. We typically keep booking data for up to six years to meet financial and regulatory (ATOL) obligations.

8. Your Legal Rights (UK GDPR)

Under UK GDPR, you have several rights regarding your personal data:

  • Right to Access: You can request a copy of the personal data we hold about you.

  • Right to Rectification: You can ask us to correct incomplete or inaccurate data we hold about you.

  • Right to Erasure (The Right to be Forgotten): You can ask us to delete your personal data under certain circumstances.

  • Right to Object: You can object to the processing of your data where we are relying on a legitimate interest.

  • Right to Restrict Processing: You can ask us to suspend the processing of your data.

  • Right to Data Portability: You can request the transfer of your data to you or a third party.

  • Right to Withdraw Consent: You can withdraw your consent at any time where we rely on consent to process your data.

To exercise any of these rights, please contact us by email at info@aqdastravel.co.uk.

9. Complaints

You have the right to make a complaint at any time to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues. We kindly ask that you contact us first so we can try to resolve your concern directly.