Travel Orbit — Your Journey, On Your Terms

Privacy & Cookies Policy

Last updated: 21 May 2026

Data controller: Travel Orbit Ltd (Company No. 17221281)

1. Who we are

Travel Orbit Ltd (“Travel Orbit”, “we”, “us”) is a travel agency registered in England & Wales (Company No. 17221281), with its registered office at 116a City Road, Bradford, BD8 8JT, United Kingdom. We are the data controller responsible for the personal data described in this policy.

For any privacy question, to exercise your rights, or to raise a concern, contact us at info@travelorbit.co.uk or by telephone on 02039323459.

2. The personal data we collect

Depending on how you interact with us, we may collect:

  • Identity and contact data — name, date of birth, gender, postal address, email address, and telephone number.
  • Travel document data — passport number, nationality, expiry date, and passport copies, where required to ticket or to process a visa (including Umrah visa applications).
  • Booking and enquiry data — departure airport, destinations, travel dates, passenger counts, fare and package preferences, and the content of enquiries you submit.
  • Payment data — information necessary to take payment. Card details are processed by our regulated payment provider; we do not store full card numbers on our own systems.
  • Special category data — only where you provide it and it is necessary (for example, health or accessibility requirements for a trip, or information implicit in religious travel such as Umrah). We process this only with your explicit consent or another lawful basis.
  • Technical data — IP address, device and browser type, and how you use our website, collected via cookies and analytics.

3. How we use your data and our lawful bases

  • To arrange and manage your booking (performance of a contract) — taking enquiries, obtaining quotes, ticketing, and liaising with suppliers.
  • To meet legal and regulatory obligations (legal obligation) — including ATOL reporting, anti-fraud checks, and records we are required to keep.
  • To respond to enquiries and provide customer service (legitimate interests) — managing the lead you submit and following up.
  • To send marketing (consent) — only where you have opted in; you can withdraw consent at any time.

4. Who we share your data with

We share personal data only as needed to deliver your travel arrangements, with:

  • Principal Suppliers — airlines, hotels, ground operators, and destination management companies fulfilling your booking.
  • Ticketing and consolidation partners through whom we source fares, and parties connected to our ATOL/IATA obligations.
  • Payment and finance providers — our payment processor and, where you use a Fly-Now-Pay-Later facility, the relevant lender.
  • Government and visa authorities — including the Saudi Ministry of Hajj and Umrah for Umrah visa applications, and border or security authorities where legally required.
  • Professional advisers and IT providers who support our business under appropriate confidentiality and data-processing terms.

5. International transfers

Delivering travel often requires sending your data outside the United Kingdom — for example, to a hotel abroad or to the Saudi authorities for an Umrah visa. Where we transfer personal data internationally, we rely on an adequacy decision where one exists, or otherwise put in place an appropriate safeguard such as the UK International Data Transfer Agreement (IDTA) or the Addendum to the EU Standard Contractual Clauses, and carry out a transfer risk assessment where required.

6. How long we keep your data

We keep personal data only for as long as necessary for the purposes set out above and to meet our legal, accounting, and regulatory obligations. Booking and financial records are retained for the period required by UK tax and travel-industry rules; enquiry data that does not become a booking is held for a shorter period and then deleted.

7. How we protect your data

Our website is served over HTTPS, and we apply appropriate technical and organisational measures to protect your data, including sensitive documents such as passport copies. Access is restricted to staff who need it to perform their role.

8. Your rights

Under UK GDPR you have the right to:

  • access a copy of the personal data we hold about you;
  • have inaccurate data corrected;
  • request erasure of your data in certain circumstances;
  • restrict or object to certain processing;
  • data portability; and
  • withdraw consent at any time where we rely on consent.

To exercise any of these rights, contact us at info@travelorbit.co.uk. You also have the right to complain to the Information Commissioner’s Office (ICO) at ico.org.uk, although we would welcome the chance to resolve your concern first.

9. Cookies

We use strictly necessary cookies to make the website work, and analytics cookies to understand how visitors use our site so we can improve it. Non-essential cookies are set only with your consent, and you can manage cookies through your browser settings at any time.

10. Changes to this policy

We may update this policy from time to time. The “last updated” date above shows when it was last revised. Material changes will be reflected on this page.

Travel Orbit Ltd · Registered in England and Wales · ATOL Protected