CONTACT

GDPR

GDPR
Effective Date: 24/03/2025

1. Introduction
At Ray Travel, we are committed to protecting your personal data and ensuring compliance with the General Data Protection Regulation (GDPR). This policy explains how we collect, process, and safeguard your data under GDPR regulations.

2. Lawful Basis for Processing Data
We process your personal data based on:

  • Consent – When you voluntarily provide your data for marketing or communication purposes.

  • Contractual Necessity – To fulfill agreements such as providing services or processing payments.

  • Legal Obligations – Compliance with tax, legal, and regulatory requirements.

  • Legitimate Interests – Improving our services, security, and fraud prevention.

3. Data We Collect
We collect and process the following personal data:

  • Identification Data: Name, email, phone number, address.

  • Transaction Data: Payment details and purchase history.

  • Technical Data: IP address, browser type, device information, and usage statistics.

  • Cookies & Tracking Data: For analytics, advertising, and user experience improvement.

4. How We Use Your Data
Your personal data is used for the following purposes:

  • Providing and improving our services.

  • Processing payments and fulfilling contractual obligations.

  • Responding to inquiries and customer support.

  • Sending marketing communications (with your consent).

  • Ensuring security and fraud prevention.

  • Complying with legal requirements.

5. Data Sharing and International Transfers
We may share your data with:

  • Third-party service providers (e.g., payment processors, hosting services, analytics tools).

  • Legal authorities if required by law.

  • International partners, ensuring GDPR compliance for data transfers outside the EU.

6. Your GDPR Rights
Under GDPR, you have the following rights:

  • Right to Access – Request a copy of your personal data.

  • Right to Rectification – Correct inaccurate or incomplete data.

  • Right to Erasure (Right to be Forgotten) – Request deletion of your data under certain conditions.

  • Right to Restriction of Processing – Limit how your data is processed.

  • Right to Data Portability – Receive your data in a structured, commonly used format.

  • Right to Object – Object to data processing for marketing or legitimate interests.

  • Right to Withdraw Consent – If processing is based on consent, you can withdraw it anytime.

7. Data Retention Policy
We retain personal data only for as long as necessary to fulfill our obligations and comply with legal requirements. Once no longer needed, data is securely deleted or anonymized.

8. Data Security Measures
We implement strict security measures to protect your data from unauthorized access, loss, or misuse. These measures include encryption, secure servers, and access controls.

9. Cookies and Tracking Technologies
We use cookies to enhance user experience. You can manage cookie preferences in your browser settings. For more details, refer to our [Cookies Policy].

10. Third-Party Links
Our website may contain links to third-party websites. We are not responsible for their privacy policies, so we recommend reviewing their policies before sharing personal data.

11. Updates to This GDPR Policy
We may update this policy to reflect changes in regulations or business practices. Any updates will be posted on this page with a revised “Effective Date.”