Privacy Policy

Last updated: December 2024

1. Data Controller

allowaiyjw B.V. (registration number 92543017, VAT number NL874216509B01) is the data controller responsible for your personal data. Our registered office is located at Beukenlaan 64, 2557 MP The Hague, Netherlands. If you have any questions about this privacy policy or our data practices, please contact us at privacy@allowaiyjw.life.

2. Data Collection

The data we collect includes personal information that you provide to us directly when using our services, visiting our website, or contacting us. This may include:

• Contact information (name, email address, phone number, postal address)
• Travel preferences and requirements
• Payment and billing information
• Passport and identification details (when required for bookings)
• Emergency contact information
• Communication records and correspondence
• Website usage data and cookies
• Special requirements (dietary restrictions, accessibility needs, medical information)

3. How We Use Your Data

We explain how we use your information for various purposes related to providing our travel services and maintaining our business relationship with you:

• To provide and manage travel services and bookings
• To communicate with you about your travel arrangements
• To process payments and handle billing
• To provide customer support and respond to inquiries
• To send you important travel updates and notifications
• To comply with legal and regulatory requirements
• To improve our services and website functionality
• To send marketing communications (with your consent)

4. Legal Basis for Processing

Under GDPR, we process your personal data based on the following legal grounds:

• Contract performance: To fulfill our travel service contracts with you
• Legitimate interests: For business operations, customer service, and service improvement
• Legal compliance: To meet legal and regulatory obligations
• Consent: For marketing communications and non-essential cookies
• Vital interests: In emergency situations during travel

5. Data Sharing and Disclosure

We may share your personal data with the following categories of recipients:

• Travel suppliers (airlines, hotels, tour operators, car rental companies)
• Payment processors and financial institutions
• Insurance providers (when you purchase travel insurance)
• Government authorities and border control (as required by law)
• Emergency services and medical providers (in case of emergencies)
• Professional advisors (legal, accounting, consulting services)
• IT service providers and data processors

6. Data Retention

We retain your personal data for as long as necessary to fulfill the purposes for which it was collected, including legal, accounting, and reporting requirements. Generally, we keep customer data for 7 years after the completion of travel services, unless a longer retention period is required by law or you request earlier deletion (where legally permissible).

7. International Data Transfers

When you travel internationally, we may need to transfer your personal data to countries outside the European Economic Area (EEA). We ensure appropriate safeguards are in place, including adequacy decisions by the European Commission, standard contractual clauses, or other approved transfer mechanisms under GDPR.

8. Your Rights

Under GDPR and applicable data protection laws, you have the following rights:

• Right of access: Request copies of your personal data
• Right to rectification: Request correction of inaccurate data
• Right to erasure: Request deletion of your data (subject to legal requirements)
• Right to restrict processing: Limit how we use your data
• Right to data portability: Receive your data in a structured format
• Right to object: Object to processing based on legitimate interests
• Right to withdraw consent: Withdraw consent for consent-based processing
• Right to lodge a complaint: Contact the Dutch Data Protection Authority

9. Data Security

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction. These include encryption, access controls, regular security assessments, and staff training. However, no method of transmission over the internet is completely secure.

10. Cookies and Website Data

Our website uses cookies and similar technologies to enhance your browsing experience, analyze website traffic, and provide personalized content. For detailed information about our use of cookies, please see our Cookie Policy.

11. Marketing Communications

With your consent, we may send you marketing communications about our services, special offers, and travel-related information. You can opt out of marketing communications at any time by clicking the unsubscribe link in our emails or contacting us directly.

12. Children's Privacy

Our services are not directed to children under 16 years of age. We do not knowingly collect personal data from children under 16 without parental consent. If we become aware that we have collected personal data from a child under 16, we will take steps to delete such information.

13. Changes to This Policy

We may update this privacy policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of any material changes by posting the updated policy on our website and updating the "last updated" date.

14. Contact Information

If you have any questions, concerns, or requests regarding this privacy policy or our data practices, please contact us:

You also have the right to lodge a complaint with the Dutch Data Protection Authority (Autoriteit Persoonsgegevens) if you believe we have not handled your personal data in accordance with applicable law.