Your privacy matters to us. This policy explains what personal data we collect, why we collect it, how we use it, and your rights regarding that data. We comply with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
01 Who We Are
Data Controller: T and T Global Services Ltd, registered in England and Wales.
Registered Address: 20 Glentworth Place
Slough
SL1 3UT, London.
Contact: info@TANDTGLOBALSERVICESLTD.com
02 What Data We Collect
We collect personal data in the following ways:
- Information you provide: Name, email address, phone number, postal address, and travel preferences when you make an enquiry, booking, or contact us directly.
- Payment data: Payment card details processed securely via our payment processor. We do not store full card details on our systems.
- Usage data: Information about how you use our website, collected via cookies and analytics tools (see our Cookies Policy).
- Communications: Records of correspondence by email, phone, or post.
03 How We Use Your Data
We use your personal data to:
- Process and manage your travel bookings and enquiries
- Communicate with you about your booking, including confirmations and updates
- Fulfil our legal and contractual obligations
- Improve our website and services through aggregated analytics
- Send you relevant travel information and offers, where you have consented
- Comply with financial, legal, and regulatory requirements
04 Legal Basis for Processing
We process your personal data under the following legal bases:
- Contract performance: To fulfil the travel booking you have requested.
- Legal obligation: To comply with applicable laws and regulations.
- Legitimate interests: To improve our services and communicate with clients in ways they would reasonably expect.
- Consent: For marketing communications, where explicitly given.
05 Sharing Your Data
We share personal data only as necessary:
- Suppliers: Airlines, hotels, tour operators, and transfer companies who need your data to fulfil the booking.
- Payment processors: Secure third-party providers handling card transactions.
- Legal authorities: Where required by law or a court order.
We do not sell your personal data to any third party, and we do not share it for third-party marketing purposes.
06 Data Retention
We retain personal data for as long as necessary to fulfil the purposes outlined in this policy, typically:
- Booking records: 7 years (for financial and legal compliance)
- Marketing consent records: Until consent is withdrawn
- General correspondence: 3 years
07 Your Rights
Under UK GDPR, you have the following rights:
Access
Request a copy of the personal data we hold about you.
Rectification
Ask us to correct inaccurate or incomplete data.
Erasure
Request deletion of your data in certain circumstances.
Restriction
Ask us to limit processing of your data.
Portability
Receive your data in a structured, machine-readable format.
Objection
Object to processing based on legitimate interests or for marketing.
To exercise any of these rights, please contact us at info@TANDTGLOBALSERVICESLTD.com. We will respond within one calendar month. You also have the right to lodge a complaint with the Information Commissioner's Office (ICO).
08 Changes to This Policy
We may update this Privacy Policy periodically. Material changes will be communicated via the website. The "last updated" date reflects the most recent revision.