Privacy Policy
Effective Date: 1 January 2026
At PeakWander, we are committed to protecting and respecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website peakwander.com and use our travel services. Please read this policy carefully. If you do not agree with the terms of this privacy policy, please do not access the site.
We are a data controller under the UK General Data Protection Regulation (GDPR) and the Data Protection Act 2018. Our privacy practices are designed to ensure compliance with these laws.
1. Information We Collect
We collect several types of information for various purposes to provide and improve our service to you.
Personal Data
While using our Service, we may ask you to provide us with certain personally identifiable information that can be used to contact or identify you ("Personal Data"). This includes:
- Contact Information: First name, last name, email address, phone number, and postal address.
- Travel Details: Passport information, nationality, date of birth, dietary requirements, and health information necessary for travel bookings or insurance.
- Payment Information: Billing address and payment card details (processed securely via third-party payment processors; we do not store full card details).
- Account Information: Username and password (if you create an account).
Usage Data
We also collect information that your browser sends whenever you visit our Service ("Usage Data"). This data may include information such as your computer's Internet Protocol (IP) address, browser type, browser version, the pages of our Service that you visit, the time and date of your visit, the time spent on those pages, and other diagnostic data.
2. How We Use Your Information
We use the collected Personal Data for various purposes, including:
- Service Provision: To process your bookings, purchase travel tickets, reserve accommodation, and provide tailored itineraries.
- Communication: To send you confirmations, updates, safety alerts regarding your trip, and respond to your inquiries.
- Marketing: With your consent, to send you newsletters, travel offers, and promotional materials that may be of interest to you.
- Security: To detect, prevent, and address technical issues, fraudulent activity, and security threats.
- Legal Compliance: To comply with legal obligations, such as immigration requirements, tax regulations, and data protection laws.
- Analysis: To analyze usage patterns to improve our website, services, and customer experience.
Legal Basis for Processing
Under the GDPR, we rely on the following legal bases to process your data:
- Contract: Performance of a contract for travel services (e.g., booking a tour).
- Legitimate Interest: For direct marketing and fraud prevention, provided your interests and rights do not override these.
- Consent: Where you have given explicit consent for us to process your data for specific purposes (e.g., sending marketing emails).
- Legal Obligation: Where we are required to collect data by law (e.g., passenger details for airlines).
3. Sharing Your Information
We may share your personal information with third parties in the following circumstances:
- Service Providers: We share data with trusted third-party companies who perform services on our behalf, such as travel booking agents, airlines, hotels, transport providers, payment processors, IT service providers, and data analytics services.
- Legal Requirements: We may disclose information where we are legally required to do so in order to comply with any legal obligation, court order, or government request.
- Business Transfers: In the event of a merger, sale, or transfer of assets, your data may be transferred to the new owner.
We do not sell your personal data to third parties for their own marketing purposes.
4. Data Security
We implement appropriate technical and organizational measures to protect your Personal Data against unauthorized or unlawful processing, accidental loss, destruction, or damage. However, no method of transmission over the Internet or method of electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your Personal Data, we cannot guarantee its absolute security.
5. Data Retention
We will retain your Personal Data only for as long as is necessary for the purposes set out in this Privacy Policy. We will retain and use your Personal Data to the extent necessary to comply with our legal obligations (for example, for accounting or tax purposes), resolve disputes, and enforce our legal agreements and policies.
Typically, we retain booking data for 7 years following the completion of your trip to comply with UK consumer law and tax regulations. Marketing data is retained until you withdraw your consent.
6. Your Legal Rights
Under the GDPR, you have the following rights regarding your Personal Data:
- The Right to Access: You have the right to request a copy of your Personal Data.
- The Right to Rectification: You have the right to request correction of any inaccurate or incomplete data.
- The Right to Erasure: You have the right to request that we erase your Personal Data, subject to certain conditions.
- The Right to Restrict Processing: You have the right to request that we restrict the processing of your Personal Data.
- The Right to Object to Processing: You have the right to object to our processing of your Personal Data.
- The Right to Data Portability: You have the right to request that we transfer the data that we have collected to another organization, or directly to you, under certain conditions.
If you make a request, we have one month to respond to you. If you would like to exercise any of these rights, please contact us using the details provided below.
7. International Data Transfers
As a travel agency, we may need to transfer your information to countries outside the United Kingdom to facilitate your travel bookings (e.g., to a hotel in Japan or an airline in the USA). When we transfer your data, we ensure a similar degree of protection is afforded to it by utilizing safeguards such as standard contractual clauses approved by the UK authorities, or ensuring the recipient country has an adequacy decision from the UK government.
8. Cookies and Tracking
We use cookies and similar tracking technologies to track the activity on our Service and hold certain information. Cookies are files with a small amount of data which may include an anonymous unique identifier. You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, you may not be able to use some portions of our Service. For more details, please refer to our Cookies Policy.
9. Children's Privacy
Our Service does not address anyone under the age of 18 ("Children"). We do not knowingly collect personally identifiable information from anyone under the age of 18. If you are a parent or guardian and you are aware that your Child has provided us with Personal Data, please contact us. If we become aware that we have collected Personal Data from children without verification of parental consent, we take steps to remove that information from our servers.
10. Changes to This Privacy Policy
We may update our Privacy Policy from time to time. Thus, you are advised to review this page periodically for any changes. We will notify you of any changes by posting the new Privacy Policy on this page. These changes are effective immediately after they are posted on this page.
11. Contact Us
If you have any questions about this Privacy Policy, please contact us:
PeakWander
42 Division Street
Sheffield, S1 4GF
United Kingdom
Email: [email protected]
Phone: +44 131 7395 8867