Privacy Policy

This privacy policy describes how Al Rayyan Tourism & Travel Company W.L.L. collects, uses, and protects your personal information when you use our online platform or services. We are committed to protecting your privacy and handling your data in a transparent and lawful manner, in compliance with applicable data protection laws, including the General Data Protection Regulation (GDPR).

Who We Are

Al Rayyan Tourism & Travel Company W.L.L. is a tourism company offering comprehensive travel packages, hotel and flight bookings, visa processing assistance, corporate travel management, luxury and adventure tours, MICE services, car rentals, and destination management services. Our address is Building 32, Fahad Al Salem Street, 5th Floor, 5th Floor, Kuwait City, Al Asimah Governorate, 13001, Kuwait. For the purposes of data protection laws, Al Rayyan Tourism & Travel Company W.L.L. is the data controller responsible for the personal information collected through this service.

Information We Collect

We collect various types of information in connection with your use of our site and services:

1. Information You Provide Directly: This includes information you give us when you book a service, create an account, contact us, or otherwise interact with our platform. This may include:
   • Contact details (e.g., name, email address, phone number, postal address).
   • Identification information (e.g., date of birth, passport details, nationality).
   • Payment information (e.g., credit/debit card details, billing address).
   • Travel preferences and requirements (e.g., dietary restrictions, medical needs, seating preferences, loyalty program details).
   • Account login credentials.
   • Communications with us (e.g., emails, chat messages).
2. Information Collected Automatically: When you visit our site or use our services, we may automatically collect certain information about your device and usage, using cookies and similar technologies. This may include:
   • IP address.
   • Browser type and version.
   • Operating system.
   • Referring URLs.
   • Pages visited on our site.
   • Time and date of visit.
   • Device identifiers.
3. Information from Third Parties: We may receive information about you from third parties, such as business partners (like airlines, hotels, car rental companies), technical service providers, and marketing partners. For example, if you book a hotel through our service, the hotel may provide us with information about your stay.

Lawful Basis for Processing Your Information

We process your personal information based on the following legal grounds under GDPR:

• Performance of a Contract: We process your data to fulfill our contractual obligations to you, such as processing your bookings, providing the requested travel services, and managing your account.
• Legitimate Interests: We process data for our legitimate business interests, provided these do not override your fundamental rights and freedoms. This includes improving our services, preventing fraud, conducting analytics, personalizing your experience, and communicating with you about services relevant to your interests.
• Compliance with Legal Obligations: We process your data when necessary to comply with legal or regulatory obligations, such as tax requirements, immigration laws, or responding to legal requests.
• Consent: Where required by law, we may rely on your explicit consent to process certain types of data, particularly sensitive personal data (e.g., health information related to travel requirements) or for sending direct marketing communications. You have the right to withdraw consent at any time.

How We Use Your Information

We use your personal information for various purposes, including:

• Processing and managing your travel bookings and arrangements (flights, hotels, car rentals, tours, etc.).
• Providing you with the services you request.
• Processing payments and managing billing.
• Communicating with you regarding your bookings, inquiries, and service updates.
• Creating and managing your account on our platform.
• Personalizing your experience on our site and tailoring service offerings.
• Improving our services, site functionality, and customer support.
• Conducting analytics and research to understand service usage and trends.
• Sending you marketing communications about our services, offers, and promotions, where you have consented or where legally permitted.
• Preventing and detecting fraud or other illegal activities.
• Complying with legal and regulatory requirements.
• Managing and protecting our business operations.

Sharing Your Information

We may share your personal information with third parties under specific circumstances:

• Service Providers: We share data with third-party vendors and partners who perform services on our behalf, such as airlines, hotels, car rental companies, tour operators, payment processors, visa service providers, and IT service providers. These parties are required to protect your data and use it only for the purposes we specify.
• Legal and Regulatory Authorities: We may disclose your information if required by law, court order, or government regulation, or if we believe it is necessary to protect our rights, property, or safety, or the rights, property, or safety of others.
• Business Transfers: In the event of a merger, acquisition, or sale of all or a portion of our assets, your personal information may be transferred as part of that transaction.
• With Your Consent: We may share your information with other parties when we have your explicit consent to do so.

Some of the recipients of your data may be located outside the European Economic Area (EEA) or the United Kingdom. When we transfer your data internationally, we implement appropriate safeguards to ensure your data is protected, such as relying on standard contractual clauses approved by the European Commission, binding corporate rules, or transferring to countries deemed adequate by the relevant authorities.

Data Retention

We retain your personal information only for as long as necessary to fulfill the purposes for which it was collected, including for the purposes of satisfying any legal, accounting, or reporting requirements. To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.

Your Data Protection Rights

Under applicable data protection laws, including GDPR, you have certain rights regarding your personal data. These rights may include:

• The Right to Access: Request a copy of the personal data we hold about you.
• The Right to Rectification: Request correction of inaccurate or incomplete personal data.
• The Right to Erasure (Right to Be Forgotten): Request the deletion of your personal data under certain conditions.
• The Right to Restriction of Processing: Request that we limit how we use your personal data under certain conditions.
• The Right to Data Portability: Request to receive your personal data in a structured, commonly used, and machine-readable format and transmit it to another controller, where processing is based on consent or contract and carried out by automated means.
• The Right to Object: Object to the processing of your personal data under certain conditions, particularly where processing is based on legitimate interests or for direct marketing.
• The Right to Withdraw Consent: Withdraw your consent at any time where processing is based on consent. Withdrawal does not affect the lawfulness of processing based on consent before its withdrawal.
• The Right to Lodge a Complaint: Lodge a complaint with a supervisory authority if you believe our processing of your personal data infringes applicable law.

Please note that these rights may be subject to certain limitations and exceptions.

Data Security

We implement appropriate technical and organizational measures to protect your personal information from unauthorized access, use, disclosure, alteration, or destruction. However, no method of transmission over the internet or electronic storage is completely secure, and we cannot guarantee absolute security.

Third-Party Links

Our site may contain links to third-party websites or services that are not operated by us. This privacy policy does not apply to third-party websites. We encourage you to review the privacy policies of any third-party sites you visit.

Children's Privacy

Our services are not directed to individuals under the age of 16. We do not knowingly collect personal information from children under 16. If we become aware that we have collected personal information from a child under 16 without verifiable parental consent, we will take steps to delete that information.

Changes to This Policy

We may update this privacy policy from time to time to reflect changes in our practices or legal requirements. We will post the updated policy on our site. We encourage you to review this policy periodically.

Contact Us

If you have questions about this privacy policy or our data practices, please contact us in writing at the following address:

Al Rayyan Tourism & Travel Company W.L.L.
Building 32
Fahad Al Salem Street,
5th Floor,
Kuwait City, Al Asimah Governorate,
13001, Kuwait