01 Introduction
1.1 We are committed to safeguarding the privacy of our website visitors and enquiring
customers.
1.2 This policy applies where we are acting as a data controller with respect to your personal
data — in other words, where we determine the purposes and means of the processing of that
personal data.
1.3 We use cookies on our website. Insofar as those cookies are not strictly necessary for the
provision of our website and services, we will ask you to consent to our use of cookies when
you first visit our website.
1.4 In this policy, “we”, “us” and “our” refer to Kaylux Travel, operating at kayluxtravel.com.
02 The Personal Data We Collect
2.1 Below we set out the categories of personal data that we process and, where relevant, the
source of that data.
2.2 Contact data. We may process data that enables us to get in touch with you. This may
include your name, email address, telephone number and postal address. The source of this
data is you.
2.3 Communication data. We may process information contained in or relating to any
enquiry or communication that you send to us, including the content of the message and any
metadata associated with it.
2.4 Usage data. We may process data about your use of our website and services. This may
include your IP address, geographical location, browser type and version, operating system,
referral source, length of visit, page views and navigation paths, as well as information about
the timing, frequency and pattern of your use. The source of this data is our analytics
tracking system.
03 Purposes of Processing & Legal Bases
3.1 Below we set out the purposes for which we may process personal data and the legal
bases of that processing.
3.2 Operations. We may process your personal data for the purposes of operating our
website and providing our services, including responding to travel enquiries.
3.3 Relationships and communications. We may process contact data and communication
data for the purposes of managing our relationships, communicating with you by email or
telephone, providing support and handling enquiries. The legal basis for this processing is
our legitimate interests, namely communications with our website visitors and the
maintenance of customer relationships.
3.4 Direct marketing. We may process contact data for the purposes of creating and sending
direct marketing communications by email. The legal basis for this processing is your
consent. You may withdraw consent at any time by contacting us or using the unsubscribe
link in any marketing email.
3.5 Research and analysis. We may process usage data for the purposes of researching and
analysing the use of our website and improving our services. The legal basis for this
processing is our legitimate interests, namely monitoring, supporting and improving our
website and business.
3.6 Record keeping. We may process your personal data for the purposes of creating and
maintaining our business records. The legal basis for this processing is our legitimate
interests, namely ensuring that we have access to all the information we need to run our
business properly.
3.7 Security. We may process your personal data for the purposes of security and the
prevention of fraud and other criminal activity. The legal basis for this processing is our
legitimate interests, namely the protection of our website, services and business, and the
protection of others.
3.8 Legal claims. We may process your personal data where necessary for the
establishment, exercise or defence of legal claims. The legal basis for this processing is our
legitimate interests, namely the protection and assertion of our legal rights.
3.9 Legal compliance. We may also process your personal data where such processing is
necessary for compliance with a legal obligation to which we are subject, or in order to
protect your vital interests or the vital interests of another person.
04 Sharing Your Personal Data
4.1 We may disclose your personal data to our insurers and professional advisers insofar as
reasonably necessary for the purposes of obtaining or maintaining insurance coverage,
managing risks and obtaining professional advice.
4.2 Your personal data held in our website database will be stored on the servers of our
hosting services provider.
4.3 In addition to the specific disclosures set out in this section, we may disclose your
personal data where such disclosure is necessary for compliance with a legal obligation to
which we are subject, or in order to protect your vital interests or the vital interests of
another person. We may also disclose your personal data where necessary for the
establishment, exercise or defense of legal claims.
05 International Transfers of Your Personal Data
5.1 Our website hosting facilities are situated in the United Kingdom and/or the European
Economic Area. Transfers of personal data between the UK and EEA are protected under UK
data protection law.
5.2 Some of our third-party service providers (such as analytics providers) may be situated
or process data outside the UK and EEA. Where this is the case, such transfers are made
subject to appropriate safeguards, including standard data protection clauses approved by
the relevant supervisory authority. You can request further information about such transfers
by contacting us.
06 Retaining & Deleting Personal Data
6.1 Personal data that we process for any purpose shall not be kept for longer than is
necessary for that purpose.
6.2 We will retain your personal data as follows:
(a) Contact data will be retained for a minimum of 1 year and a maximum of 3 years from
the date of your most recent contact with us;
(b) Communication data (enquiries, emails) will be retained for a minimum of 1 year and a
maximum of 3 years from the date of the communication; and
(c) Usage data will be retained for 26 months from the date of collection, in line with
standard analytics retention periods.
6.3 Notwithstanding the above, we may retain your personal data where such retention is
necessary for compliance with a legal obligation to which we are subject, or in order to
protect your vital interests or the vital interests of another person.
07 Your Rights
7.1 Under data protection law, you have the following principal rights:
(a) Right to access — you can ask for copies of your personal data that we hold.
(b) Right to rectification — you can ask us to correct inaccurate or complete incomplete
personal data.
(c) Right to erasure — you can ask us to erase your personal data in certain circumstances.
(d) Right to restrict processing — you can ask us to limit how we use your personal data.
(e) Right to object — you can object to our processing of your personal data.
(f) Right to data portability — you can ask that we transfer your personal data to you or
another organization.
(g) Right to complain — you can lodge a complaint with the UK Information Commissioner’s
Office (ICO) at ico.org.uk.
(h) Right to withdraw consent — where processing is based on consent, you can withdraw it
at any time.
7.2 These rights are subject to certain limitations and exceptions. You can learn more by
visiting ico.org.uk.
7.3 You may exercise any of your rights by written notice to us using the contact details in
section 13 below.
08 About Cookies
8.1 A cookie is a file containing an identifier (a string of letters and numbers) that is sent by
a web server to a web browser and stored by the browser. The identifier is then sent back to
the server each time the browser requests a page from that server.
8.2 Cookies may be either “persistent” cookies or “session” cookies: a persistent cookie will
be stored by a web browser and will remain valid until its set expiry date, unless deleted by
the user before that date; a session cookie will expire at the end of the user session, when the
web browser is closed.
8.3 Cookies may not contain any information that personally identifies a user, but personal
data that we store about you may be linked to the information stored in and obtained from
cookies.
09 Cookies We Use
9.1 We use cookies for the following purposes:
(a) Security — we use cookies as an element of the security measures used to protect our
website and services generally;
(b) Analysis — we use cookies to help us analyse the use and performance of our website and
services; and
(c) Cookie consent — we use cookies to store your preferences in relation to the use of
cookies more generally.
10 Cookies Used by Our Service Providers
10.1 Our service providers use cookies and those cookies may be stored on your
device when you visit our website.
10.2 We use Google Analytics to gather information about the use of our
website. The information gathered is used to create reports about website
usage. You can find out more about Google’s use of information at google.com/
policies/privacy/partners and review Google’s privacy policy at
policies.google.com/privacy.
11 Managing Cookies
11.1 Most browsers allow you to refuse to accept cookies and to delete existing
cookies. You can find up-to-date guidance via the following links:
— Chrome
— Firefox
— Opera
— Internet Explorer
— Safari
— Edge
11.2 Blocking all cookies will have a negative impact upon the usability of many
websites.
12 Amendments
12.1 We may update this policy from time to time by publishing a new version on our
website.
12.2 You should check this page occasionally to ensure you are happy with any changes to
this policy.
12.3 We may notify you of significant changes to this policy by email where we hold your
contact details.
13 Our Details
13.1 This website is owned and operated by Kaylux Travel.
13.2 You can contact us:
(a) using our website contact form at kayluxtravel.com; or
(b) by email, using the email address published on our website.
13.3 If you have any concerns about how we handle your personal data, you also have the right to lodge a complaint with the UK Information Commissioner’s Office at ico.org.uk or by calling 0303 123 1113.
© 2025 Kaylux Travel · kayluxtravel.com