top of page

PRIVACY POLICY

VIAARORA TRAVEL CONSULTING – PRIVACY POLICY (FULLY UK-GDPR COMPLIANT)

 

Last updated: 30th November 2025

 

1. Introduction ViaArora Travel Consulting (“ViaArora”, “we”, “us”, “our”) is committed to protecting your personal data and respecting your privacy.

This Privacy Policy explains how we collect, use, store, share, and protect your information when you visit our website, contact us, or use our travel-consulting services.

We act as the Data Controller for all personal data that we process.


If you have any questions, you may contact us:
Email: poonamarora@thejltgroup.co.uk
Phone: 07305809286
Address: 14 Hollingsworth Road, Croydon, CR0 5RP, UK.

2. What Information We Collect We may collect and process the following types of data:

2.1 Personal Information

  • Full name

  • Email address

  • Phone number

  • Postal address

  • Date of birth (if required for bookings)

  • Passport details

  • Travel history & travel preferences

  • Dietary, accessibility, or special-assistance requirements

  • Payment information (processed via secure third-party gateways)

  • Emergency contact information

2.2 Technical & Usage Data

  • IP address

  • Browser type, device type, operating system

  • Website behaviour analytics (via cookies)

  • Location data (approximate, when enabled)

2.3 Communications

  • Emails, messages, enquiry forms

  • Customer service interactions

  • Marketing preferences

3. Legal Basis for Processing (UK GDPR Article 6) We process your data under the following lawful bases:

3.1 Contract

To deliver travel-consulting services and fulfil bookings.

3.2 Legal Obligation To comply with:

  • accounting requirements

  • consumer protection laws

  • travel-industry regulations

  • HMRC recordkeeping

3.3 Consent For:

  • marketing emails

  • WhatsApp communication (when initiated by us)

  • storing sensitive data (e.g., passport copies)

3.4 Legitimate Interests For:

  • fraud prevention

  • IT and cybersecurity

  • business analytics and service improvement

  • general communication relating to enquiries

 

Where legitimate interests are used, they do not override your rights.

4. How We Use Your Information

We use your personal data to:

  • Provide and manage travel-consulting services

  • Arrange bookings (flights, hotels, tours, transfers)

  • Process payments and issue invoices

  • Communicate regarding enquiries or updates

  • Send travel reminders, confirmations, or itinerary information

  • Personalise our recommendations

  • Comply with legal and regulatory requirements

  • Improve our website and customer experience

  • Send marketing communications (only when consent is provided)

5. How We Share Your Data We may share your personal information with:

5.1 Travel Service Providers

  • Airlines

  • Hotels

  • Tour operators

  • Car hire companies

  • Cruise operators

  • Travel insurance providers

 

5.2 Technical & Operational Partners

  • Payment processors

  • CRM and email providers

  • Cloud hosting providers

  • IT security services

  • Document storage providers

 

5.3 Legal & Compliance Requirements We may disclose information:

  • to law enforcement

  • to government authorities

  • if required by court order

  • for fraud prevention

 

5.4 Business Transfers

If ViaArora is merged or acquired, customer data may be transferred as part of the transaction (you will be notified).

 

We never sell your personal data.

6. International Data Transfers

As we provide global travel services, your data may be transferred to countries outside the UK/EEA (e.g., airlines/hotels abroad).

We ensure protection through:

  • UK GDPR adequacy decisions

  • Standard Contractual Clauses (SCCs)

  • Partner contractual safeguards

  • Only working with reputable suppliers

7. How Long We Keep Your Data (Retention Schedule)

Data Type - Retention Period

Booking records (flights/hotels/tours) - 6 years (legal requirement)

Passport information - Deleted after travel is completed, unless retention required for dispute resolution

Payment records - 6 years (HMRC)

Client communications - 3 years

Complaints/claims - 6 years

Marketing data (email list) - Until you unsubscribe

Website analytics - 14–26 months depending on provider

Financial dispute or insurance-related data - Up to 7 years

8. Cookies & Tracking Technologies (PECR Compliance)

We use:

  • essential cookies

  • analytics cookies (e.g., Google Analytics)

  • performance cookies

  • tracking pixels (if using Meta/Google ads)

A cookie banner will allow you to:

  • Accept all

  • Reject non-essential

  • Manage preferences

You can disable cookies at any time in your browser.

9. Your Data Rights

  • Under UK GDPR, you have the right to:

  • Access your data

  • Correct inaccurate data

  • Request deletion (“right to be forgotten”)

  • Restrict processing

  • Data portability

  • Object to processing (including marketing)

  • Withdraw consent anytime

  • Lodge a complaint with the ICO

UK ICO Contact: https://ico.org.uk

To exercise any rights, email: poonamarora@thejltgroup.co.uk

10. How We Protect Your Data (Security Measures)

We use:

  • SSL encrypted website

  • Encrypted data storage

  • Multi-factor authentication

  • Restricted staff access

  • Secure password policies

  • Encrypted transfer of passport copies

  • Regular cybersecurity monitoring

  • Secure third-party payment processors (PCI-DSS compliant)

Despite this, no digital system is 100% secure — but we minimise risk with best practices.

11. Children’s Privacy

We do not knowingly collect data from individuals under 16.
If we discover such data was collected, it will be deleted immediately.

 

12. Links to Third-Party Websites

Our site may link to third-party websites.
We are not responsible for their privacy practices.

 

13. Changes to This Policy

We may update this Privacy Policy occasionally.
Revisions will be posted on our website with an updated “Last Updated” date.

bottom of page