Privacy Policy — Strategic Reservations
Legal

Privacy Policy

Strategic Reservations Limited · Last updated: 1 January 2025
Contents
  1. Who We Are
  2. Information We Collect
  3. How We Use Your Information
  4. Legal Basis for Processing
  5. Sharing Your Information
  6. Data Retention
  7. Your Rights
  8. Cookies
  9. Security
  10. Changes to This Policy
  11. Contact Us
01 — Who We Are

Who We Are

Strategic Reservations Limited ("we", "us", "our") is a company registered in England and Wales (Company Number 15071492). We operate under the trading name Strategic Reservations and provide international flight booking and travel enquiry services.

We are the data controller for the personal information you provide to us through this website or by contacting us directly. This Privacy Policy explains how we collect, use, store and protect your personal data in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

02 — Information We Collect

Information We Collect

Information you provide to us

When you submit a flight enquiry, contact us, or use our website, we may collect the following personal information:

  • Identity data: Full name
  • Contact data: Email address, phone number
  • Travel data: Departure and destination airports, travel dates, cabin class preference, number of passengers
  • Communications: Any messages, notes or additional requirements you provide
  • Transaction data: Details of bookings made, payment records (note: we do not store full card numbers)

Information collected automatically

When you visit our website we may automatically collect technical data including your IP address, browser type and version, pages visited, time and date of visit, and referring website. This is collected via cookies and similar technologies (see Section 8).

03 — How We Use Your Information

How We Use Your Information

We use your personal information for the following purposes:

  • To respond to your flight enquiry and provide fare options
  • To process and confirm flight bookings on your behalf
  • To communicate with you about your booking, changes, or cancellations
  • To send you important travel information relevant to your booking
  • To comply with legal and regulatory obligations (e.g. ATOL protection requirements)
  • To improve our website and services
  • To prevent fraud and maintain the security of our systems

We will only send you marketing communications if you have given us explicit consent to do so, and you may withdraw that consent at any time.

04 — Legal Basis for Processing

Legal Basis for Processing

Under UK GDPR we must have a lawful basis for processing your personal data. We rely on the following bases:

  • Contract: Processing necessary to fulfil your flight booking or respond to a pre-contractual enquiry
  • Legitimate interests: Improving our services, fraud prevention, and communicating with existing customers
  • Legal obligation: Compliance with applicable laws and regulations
  • Consent: Where we send optional marketing communications
05 — Sharing Your Information

Sharing Your Information

We do not sell your personal data. We may share your information with:

  • Airlines and airline booking systems — necessary to make reservations on your behalf
  • Payment processors — to securely handle payments for bookings
  • Technology providers — for website hosting, email and CRM systems (bound by data processing agreements)
  • Regulatory bodies — where required by law or ATOL/IATA regulations
  • Professional advisers — including legal, accounting and insurance advisers where necessary

Any third parties we share data with are required to process it lawfully and to keep it secure. Where data is transferred outside the UK, we ensure appropriate safeguards are in place.

06 — Data Retention

Data Retention

We retain your personal data for as long as necessary to fulfil the purpose for which it was collected:

  • Enquiries that did not result in a booking: Up to 12 months
  • Booking and transaction records: 7 years (to comply with HMRC and financial record requirements)
  • Marketing consent records: Until you withdraw consent, plus a reasonable period thereafter
  • Website usage data: Up to 26 months (standard analytics retention)

After the applicable retention period, data is securely deleted or anonymised.

07 — Your Rights

Your Rights

Under UK GDPR you have the following rights in relation to your personal data:

  • Right of access — to request a copy of the personal data we hold about you
  • Right to rectification — to ask us to correct inaccurate or incomplete data
  • Right to erasure — to ask us to delete your personal data in certain circumstances
  • Right to restrict processing — to ask us to limit how we use your data
  • Right to data portability — to receive your data in a structured, machine-readable format
  • Right to object — to object to processing based on legitimate interests or for direct marketing
  • Right to withdraw consent — where processing is based on consent, you may withdraw it at any time

To exercise any of these rights, please contact us using the details in Section 11. We will respond within 30 days. You also have the right to lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk or by calling 0303 123 1113.

08 — Cookies

Cookies

Our website uses cookies — small text files stored on your device. We use the following types:

  • Essential cookies: Required for the website to function correctly. These cannot be disabled.
  • Analytics cookies: Help us understand how visitors use our site (e.g. pages visited, time on site). Data is aggregated and anonymised where possible.
  • Preference cookies: Remember choices you have made (e.g. language settings).

You can control or disable non-essential cookies through your browser settings. Disabling certain cookies may affect website functionality. For more information about cookies, visit aboutcookies.org.

09 — Security

Security

We take the security of your personal data seriously and implement appropriate technical and organisational measures to protect it against unauthorised access, loss, or destruction. These measures include encrypted data transmission (HTTPS), restricted access to personal data, and regular security reviews.

While we take all reasonable precautions, no method of transmission over the internet is 100% secure. If you have concerns about the security of your data, please contact us immediately.

10 — Changes to This Policy

Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. The "last updated" date at the top of this page will always reflect the most recent version. We encourage you to review this policy periodically.

For significant changes, we will notify you by email (if we hold your contact details) or by a prominent notice on our website.

11 — Contact Us

Contact Us

If you have any questions about this Privacy Policy, wish to exercise your data rights, or have a complaint, please contact us:

Strategic Reservations Limited

Registered in England & Wales · Company No. 15071492

📧 hello@strategicreservations.com

📧 tickets@strategicreservations.com

For data protection queries please mark your subject line: DATA PROTECTION REQUEST