GDPR & Privacy Policy​

​

1. Introduction
Maj Travel Services Limited trading as Maj Travel Concierge (“we”, “us”, “our”) is
committed to protecting your personal data and respecting your privacy. This Privacy
Policy explains how we collect, use, store, and protect your information in accordance with
the UK GDPR, Data Protection Act 2018, and all applicable regulations.

2. Data We Collect
We may collect the following categories of data:
• Personal Information: Name, email address, phone number, billing address.
• Travel Information: Flight details, passport information (when required for booking),
loyalty numbers, travel preferences.
• Membership Information: Subscription tier, payment confirmations, account notes.
• Technical Data: IP address, device type, browsing behaviour (via cookies).
• Communication Data: Messages, forms submitted, customer service interactions.

3. How We Use Your Data
We process your data for the following purposes:
• To provide travel concierge services, including flight searches, booking, SmartTravel
monitoring, accommodation, transfers, and refunds.
• To manage your membership and payments.
• To personalise your customer experience.
• To comply with legal obligations (e.g., AML, invoicing).
• To improve our services and website performance.

4. Lawful Basis for Processing

We rely on the following lawful bases:
• Consent – when you voluntarily submit data through our forms.
• Contract – to fulfil travel services and membership features.
• Legitimate Interest – to improve our operations and prevent misuse.
• Legal Obligation – where required by regulatory bodies or tax authorities.

5. Data Sharing
We only share your data with:
• Airlines, hotels, and travel partners necessary for fulfilling your booking.
• Payment processors such as Stripe, Wix Payments, PayPal, Klarna, etc.
• Virtual Assistants working under confidentiality agreements.
• IT service providers supporting website and CRM operations.

We do NOT sell your data to third parties.

6. Data Storage & Security
We use secure systems, including Wix, HubSpot, and encrypted storage channels. We apply
strict access controls, password protection, and data minimisation practices.

7. Data Retention
We retain personal data only for as long as necessary:
• Travel records – up to 7 years (for legal and accounting purposes).
• Membership data – for the duration of your membership + 12 months.
• Marketing consent – until you withdraw consent.

8. Your Rights Under GDPR

You have the right to:
• Access your data.
• Request correction or deletion.
• Withdraw consent at any time.
• Restrict or object to processing.
• Request data portability.
Please email info@majtravelservices.com to exercise any of these rights.

9. Cookies & Tracking
Our website uses cookies to enhance user experience, analyse traffic, and support secure
checkout. You can manage cookie settings through your browser.

10. International Transfers
Where required for bookings, your data may be transferred outside the UK/EU (e.g.,
airlines, hotels). We ensure appropriate safeguards are in place.

11. Contact Details
Maj Travel Concierge
Email: info@majtravelconcierge.com
If applicable, ICO registration number will be added when completed.

12. Policy Updates
We may update this Privacy Policy periodically. The latest version will always be posted on
our website.