Privacy Policy

Privacy Policy

Privacy Policy

Himillo Tour and Travel Limited (“we”, “our”, or “us”) respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, store, and share your information when you use our website or book with us.


1. Who We Are

Himillo Tour and Travel Limited is a UK-based travel agency registered in England and Wales.
Registered Office: [Insert business address]
Company Number: [Insert company number]
Email: [Insert email address]
Phone: [Insert phone number]

We act as a data controller for the personal data you provide to us.


2. What Information We Collect

We may collect and process the following types of personal data:

  • Identity Data: Full name, date of birth, gender, nationality, passport details.

  • Contact Data: Address, email, phone number.

  • Booking Data: Travel preferences, accommodation details, visa information, flight details.

  • Payment Data: Card or bank details (processed securely by our payment partners; we do not store full card details).

  • Technical Data: IP address, browser type, device, and website usage statistics.

  • Communication Data: Emails, messages, or enquiries sent through our website or social media.


3. How We Collect Your Data

We collect personal information in the following ways:

  • When you make a booking or enquiry through our website or by phone.

  • When you sign up for updates, newsletters, or promotions.

  • When an organisation (e.g., a mosque or group organiser) provides your details for a group booking.

  • Automatically through cookies and analytics when you visit our website.


4. How We Use Your Data

We use your personal data to:

  • Process and manage your bookings, payments, and travel arrangements.

  • Communicate with you regarding your booking, support, or enquiries.

  • Provide customer service and aftercare.

  • Comply with legal, financial, or regulatory requirements.

  • Improve our website, products, and customer experience.

  • Send you updates or offers (only with your explicit consent).


5. Legal Basis for Processing

We process your personal data based on one or more of the following:

  • Contractual necessity — to fulfil your booking or provide requested services.

  • Legal obligation — to comply with UK laws and travel regulations.

  • Legitimate interests — to improve our business operations and communication.

  • Consent — when you subscribe to receive marketing or promotional messages.


6. Sharing Your Data

We may share your data with:

  • Trusted travel partners (e.g., airlines, hotels, visa providers) for booking fulfilment.

  • Payment providers such as Stripe, for secure transaction processing.

  • IT and website service providers that help us operate our business.

  • Government or regulatory authorities when required by law.

We never sell or rent your personal data to third parties.


7. International Data Transfers

Some of your data may be shared with travel partners or service providers located outside the UK, for example in Saudi Arabia for Umrah-related services.
In such cases, we take all reasonable steps to ensure that your information remains protected in accordance with UK data protection law.


8. Data Retention

We keep your personal data only for as long as necessary to fulfil the purpose for which it was collected, including for accounting, reporting, or legal obligations.
Typically:

  • Booking data: up to 1 years

  • Enquiry data: up to 1 years

  • Marketing data: until you unsubscribe


9. Your Rights

Under UK data protection law, you have the right to:

  • Request access to your personal data.

  • Request correction or deletion of inaccurate data.

  • Object to or restrict processing in certain cases.

  • Request a copy of your data (data portability).

  • Withdraw consent at any time (for marketing or optional communications).

To exercise these rights, contact us at [Insert email address].
We will respond within one month in accordance with UK GDPR.


10. Cookies and Tracking

Our website uses cookies to improve functionality, performance, and analytics.
You can control or disable cookies through your browser settings.
For more details, please see our Cookie Policy (if applicable).


11. Data Security

We use secure servers and encryption to protect your personal data.
All payments are processed via Stripe using industry-standard encryption.
While we take every precaution, no online transmission is completely secure, and you share information at your own risk.


12. Updates to This Policy

We may update this Privacy Policy from time to time.
The most recent version will always be available on this page, with the updated date shown at the top.