01923 883100
My Bookings Change Password LogOut
[email protected] |

GDPR Policy

Company Name: Skylord Travel PLC trading as Skylord Cruise and Holidays
Company Number: 02321377
Registered Office: 124 High Street, Rickmansworth, Hertfordshire, WD3 1AB
Policy Effective Date: 15th June 2025
Reviewed Date: 15th June 2025


1. Introduction

At Skylord Travel PLC, trading as Skylord Cruise and Holidays, we are committed to ensuring the protection, privacy, and security of our customers’ and partners’ personal data in compliance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

This policy outlines how we collect, use, store, share, and protect personal information in the course of our business.


2. Our Role as a Data Controller

We act as a Data Controller for the personal data our customers, suppliers, and staff provide to us. In certain cases, we may also act as a Data Processor on behalf of travel suppliers and partners.


3. Personal Data We Collect

We may collect and process the following types of personal information:

  • Customer Information: Full name, contact details, passport details, date of birth, payment information, travel preferences, medical/dietary needs, emergency contacts.
  • Supplier/Partner Information: Business name, contact details, banking information.
  • Employee Information: HR records, identification documents, payroll details.
  • Website Data: IP addresses, browser information, cookies (see our Cookie Policy).


4. Legal Bases for Processing Data

We process personal data under the following lawful bases:

  • Contractual Obligation – to fulfil travel bookings and provide requested services.
  • Legal Obligation – to meet regulatory requirements (e.g. ATOL, HMRC).
  • Legitimate Interest – for business operations, fraud prevention, and service improvement.
  • Consent – for marketing communications and sensitive data processing (where required).
  • Vital Interests – in rare cases, to protect life and health (e.g. in a travel emergency).


5. How We Use Personal Data

We use your data to:

  • Book and manage your travel arrangements
  • Communicate important travel updates and documentation
  • Comply with legal and regulatory obligations
  • Provide customer service and support
  • Process payments and refunds
  • Send marketing (only with your consent or soft opt-in)
  • Improve our website and service offerings


6. Data Sharing and Third Parties

We only share your data with trusted parties where necessary for providing travel services, including:

  • Airlines, hotels, cruise lines, tour operators
  • Global distribution systems (GDS) and booking engines
  • Insurance providers and visa service providers
  • Payment gateways and financial institutions
  • Government agencies (e.g. border control, customs, ATOL reporting)

All third parties are required to comply with applicable data protection laws and our own high standards of confidentiality and security.


7. Data Retention

We retain personal data only as long as necessary for the purposes collected, or to comply with legal obligations.

Typical retention periods:

  • Travel booking records: 6 years
  • Financial and payment records: 7 years
  • Marketing preferences: Until consent is withdrawn
  • Job applications: 6 months unless hired


8. Data Security

We implement appropriate technical and organisational measures to protect your data, including:

  • Secure servers and encrypted communications (SSL/TLS)
  • Access controls and password protection
  • Regular data backups
  • Staff training in data protection
  • Vendor due diligence and contractual safeguards


9. Your Rights Under GDPR

You have the following rights under the UK GDPR:

  • Right to Access – Request a copy of your personal data
  • Right to Rectification – Correct inaccurate or incomplete data
  • Right to Erasure – Request deletion of your data (in certain cases)
  • Right to Restriction – Limit how we process your data
  • Right to Portability – Request data transfer to another provider
  • Right to Object – Withdraw consent or object to processing
  • Right to Complain – File a complaint with the Information Commissioner’s Office (ICO)

To exercise your rights, contact:
📧 [email protected]
📬 124 High Street, Rickmansworth, Hertfordshire, WD3 1AB


10. Cookies and Tracking Technologies

We use cookies and similar tools on our website to improve user experience, personalise content, and analyse traffic. Please refer to our Cookie Policy for full details.


11. International Data Transfers

In cases where your data is transferred outside the UK/EEA (e.g. to overseas hotels or airlines), we ensure adequate protection through:

  • Adequacy decisions by the UK Government or European Commission
  • Standard contractual clauses (SCCs)
  • Partner agreements with binding data protection terms


12. Updates to This Policy

We may update this policy from time to time to reflect legal or business changes. The latest version will always be published on our website. Please check back regularly.


13. Contact Us

For any questions about this GDPR policy or your data rights, contact:

Data Protection Officer
Skylord Travel PLC trading as Skylord Cruise and Holidays
📧 [email protected]
📬124 High Street, Rickmansworth, Hertfordshire, WD3 1AB
📞 01923 883100