The Travel Lady - Privacy Policy  

Privacy Notice – For The Travel Lady & Not Just Travel (agency) - February 2026


Companies House Company Registration 12167039


Information Commissioners Office Registration reference ZC078553


Date registered

13 January 2026



The Travel Lady & Not Just Travel Agency is committed to protecting your personal information and being transparent about how we use it. This Privacy Notice explains what data we collect, why we collect it, the legal basis for doing so, how long we keep it, and the rights you have under UK data protection law.


Appropriate legislation includes:

  • EU/UK General Data Protection Regulation (GDPR)
  • Data Protection Act 2018
  • Privacy & Electronic Communications Regulations
  • Data Use & Access Act 2025
  • All other legislation relevant to the Travel Agency

 

1. Purpose of Processing

We collect and use your personal information to:

  • Arrange and manage travel bookings
  • Provide quotes, itineraries, and travel documentation
  • Communicate with you about your trip
  • Process payments and issue invoices
  • Provide customer support
  • Meet legal and regulatory requirements (e.g., immigration, security, accounting)
  • Send marketing communications where you have agreed to receive them

 

2. Legal Basis for Processing

We rely on the following lawful bases under the UK GDPR:

  • Contract – to process your booking or take steps at your request before entering into a contract
  • Legal obligation – to comply with laws such as financial reporting or travel security requirements
  • Consent – for marketing communications or where required for specific types of data
  • Legitimate interests – to improve our services, manage our business, and ensure website security

 

3. Information We Collect


Personal and Contact Details

  • Name
  • Address
  • Email
  • Phone number
  • We may also collect medical information relevant to your holiday/travel

 

Travel Information

  • Passport details
  • Date of birth
  • Nationality
  • Travel preferences
  • Itinerary details
  • Emergency contact information

 

Payment Information

  • Billing address
  • Payment card details (processed securely by third‑party providers)

 

4. Who We Share Your Information With

We only share your information when necessary to provide our services or meet legal requirements. This may include:

  • Airlines, hotels, tour operators, cruise lines, car hire companies
  • Travel insurance providers (if requested)
  • Payment processors
  • Regulatory or government authorities (e.g., border control, security agencies)
  • IT and website service providers who support our systems

We do not sell your personal data.


5. Marketing

We may send you travel offers, newsletters, or updates only if you have given your consent or if you are an existing customer and the marketing relates to similar services.

You can opt out of marketing at any time by:

  • Clicking “unsubscribe” in our emails
  • Contacting us directly

 

6. Data Retention

We keep your personal information only for as long as necessary for the purposes described above, including:

  • Booking and travel records: typically retained for 6 years for accounting and legal purposes
  • Marketing data: kept until you withdraw consent, request deletion or we have not heard from you for 5 years

 

7. Protection of Your Data

We use appropriate technical and organisational measures to protect your information, including:

  • Secure servers and encrypted connections
  • Access controls and staff training
  • Internal Policies
  • Regular monitoring for security vulnerabilities

While we take all reasonable steps to safeguard your data, no system is completely secure.


8. Your Rights

Under UK data protection law, you have the right to:

  • Access your personal data
  • Correct inaccurate or incomplete information
  • Request deletion of your data (in certain circumstances)
  • Restrict or object to processing
  • Request data portability
  • Withdraw consent at any time (see below)

To exercise any of these rights, contact us using the details at the end of this notice.


9. Right to Withdraw Consent

 

Where we rely on your consent—such as for marketing—you may withdraw it at any time. This will not affect the lawfulness of processing carried out before withdrawal.

 

10. Right to Complain to the ICO

If you are unhappy with how we handle your personal data, you can contact us first so we can try to resolve the issue. You also have the right to lodge a complaint with the Information Commissioner’s Office (ICO), the UK’s data protection regulator.

For details, visit the ICO’s website.


11. Contact Us

If you have any questions about this Privacy Notice or wish to exercise your rights, please contact:


The Travel Lady & Not Just Travel.

Email: judy.mason@notjusttravel.com

Phone: 07799 060902

Address: 52 The Crescent, Bricket Wood, St. Albans, Hertfordshire, United Kingdom, AL2 3NF