OneTwoTrip Privacy Policy

1. Collection of information 

2. How we use your personal information and the basis on which we use it

3. Your rights over your personal information

5. Sharing your personal information

6. Information Security and Storage

7. International Data Transfer

8. Changes to the policy

9. Contact us


This Privacy Policy explains how OneTwoTrip Travel Agency LLP ("OneTwoTrip", "we", "us" and "our") collect, use, disclose and transfer your personal information when you book travel products and supplementary services on our website and over the telephone (referred to collectively in this policy as "the Services"). Personal information is information, or a combination of pieces of information that could reasonably allow you to be identified. Please read this Privacy Policy carefully prior to starting to use this Website.  Information about our use of Cookies and other device identifying technologies is set out in our Cookies policy.

  1. Collection of information 

We will collect personal information about you from a variety of sources, including information we collect from you directly (e.g. when you provide us information for booking purposes), and information we collect from you from other sources, described below. 

Please note that we may be required by law to collect certain personal information about you, or as a consequence of any contractual relationship we have with you. Failure to provide this information may prevent or delay the fulfillment of these obligations. We will inform you at the time your information is collected whether certain data is compulsory and the consequences of the failure to provide such data. 

  • Information you give to us. During all bookings we collect and store all the personal information that you provide us via the Internet and/or telephone for booking purposes, including customer name, mobile number, e-mail address, passport data, payment information and other data required for making purchases. When booking flights on someone's behalf please ensure you have that person's permission to provide us with their personal information.
  • Information we may collect about you.  We may also obtain information automatically about your use of our services as described in our cookies policy.   
  • Information we receive about you from third parties.  We work closely with our affiliated entities, service providers and business partners and we may also receive information about you from them.
  1. How we use your information and the basis on which we use it

We use information collected through our services to: 

  • Provide you with and personalise our Services, for example to send booking confirmations and notifications of flight cancellations and delays; 
  • deal with enquires and complaints;
  • keep the Services secure and prevent fraud;
  • contact you with marketing and offers and information relating  to our other products and services which may be of interest to you (unless you have opted out of marketing, or we are otherwise prevented by law from doing so); 
  • inform about current promotions; 
  • send you Service related communications, including announcements and administrative messages;
  • comply with legal obligations to which we are subject and cooperate with regulators and law enforcement bodies

Please note that your card details are only needed to pay for the Services that you have selected through our Website.  This process is completely automated and does not require an operator to participate. 

We must have a legal basis to process your personal information. In most cases the legal basis will be one of the following: 

  • To fulfill our contractual obligations to you, for example to provide you with the Services, and to contact you with messages, notifications or alerts that are necessary in order to deliver our Services such as booking confirmation emails. Where you have created an account with us, we will use your information to maintain and administer it to ensure that it is kept up-to-date and accessible.
  • To comply with our legal obligations, or for compliance, regulatory and auditing purposes. For example, we may retain information where we are required by law, or if we are compelled to do so by a court order or regulatory body.
  • To meet our legitimate interests, for example to understand how you use our Services and to enable us to derive knowledge from that and to enable us to develop new services. This includes understanding and evaluating how, when and why people are using the website, monitoring the numbers of users who make bookings with us and analyzing what aspects of our Services are being used.  When we process personal information to meet our legitimate interests, we put in place robust safeguards to ensure that your privacy is protected and to ensure that our legitimate interests are not overridden by your interests or fundamental rights and freedoms. For more information about the balancing test we carry out to process your personal information to meet our legitimate interests, please contact us at the details below.

We may obtain your consent to collect and use certain types of personal information when we are required to do so by law (for example, in relation to our direct marketing activities and cookies and other tracking technologies). If we ask for your consent to process your personal information, you may withdraw your consent at any time by contacting us using the details at the end of this privacy policy.

  1. Your rights over your personal information 

You have certain rights regarding your personal information, subject to local law. These include the following rights to: 

  • Access your personal information 
  • Rectify the information we hold about you
  • Erase your personal information 
  • Restrict our use of your personal information 
  • Object to our use of your personal information 
  • Receive your personal information in a useable electronic format and transmit it to a third party (right to data portability) 
  • Lodge a complaint with your local data protection authority. 

If you would like to discuss or exercise such rights, please contact us at the details below. 

We encourage you to contact us to update or correct your information if it changes or if the personal information we hold about you is inaccurate. 

We will contact you if we need additional information from you in order to honour your requests.

If you no longer wish to receive non-transactional communications from us, please click the "unsubscribe" link in any email from us, update your marketing preferences in your account, or contact us at the address below.

  1. Sharing your personal information

We do not rent, sell or share personal information about you with other people or non-affiliated companies except to provide or improve the products or services you have requested, when we have your permission, or under the following circumstances:

  • with Suppliers, such as airlines and agents acting on behalf of airlines so that they can deliver the services you have requested through the Services.  These Suppliers may also contact you to obtain additional details in order to deliver their services.  We do not control the policies or practices of these suppliers, therefore you should review the Suppliers privacy policy to understand their specific privacy and information usage practices.  
  • with our Service Providers, who we engage to help us provide the Service and our services to you, including payment processing, fraud prevention, business analysis, marketing research and customer assistance. 
  • with our Business Partners.  In particular, we offer certain products and services jointly with our business partners. If you wish to use or gain access to these jointly offered additional products and services, we may need to provide our partners with your personal information. Please refer to the business partner's privacy policy to understand their privacy and information usage practices which are beyond our control.  
  • when required by law to comply with  requirements of law enforcement authorities, e.g. police, or with judicial proceedings, court orders or other legal processes as well as for evidential purposes or enforcement of our legal rights;
  • when we have a good-faith belief that such disclosure is necessary to investigate, prevent or take measures with regard to illegal or allegedly illegal activity of third parties;
  • for protection and assertion of the rights, property and safety of OneTwoTrip, our customers or third parties; and
  • to execute corporate transactions, such as mergers, consolidations or asset sales.

Because we operate as a global business, the recipients referred to above may be located outside the jurisdiction in which you are located (or in which we provide the Services). See the section on "International data transfer" below for more information. 

We may also generate, use and disclose aggregated and/or anonymized information and statistics about the Services for marketing and strategic purposes and share these with third parties. However, no visitor to our Services will be individually identifiable from these aggregated and/or anonymised information and statistics.

Please note that there may be links on this Website to third-party websites which are outside of our control and are not covered by this Privacy Policy.  If you access other services using the links provided, the operators of these services may collect information from you which will be used by them in accordance from their privacy policy, which may differ from ours.  

  1. Information security and storage 

OneTwoTrip takes the security and confidentiality of your personal information very seriously. For this reason, we have implemented a combination of corresponding administrative and technical solutions, security practices and processes to maintain the confidentiality of your personal data that you provide us:

  • all personal information is stored in an encrypted form;
  • we use encryption to transfer your personal data between our servers and your browser;
  • we monitor access activity, changing passwords regularly;
  • we use antivirus software and intrusion detection systems to prevent unauthorised access to personal data.

We implement technical and organizational measures to ensure a level of security appropriate to the risk to the personal information we process. These measures are aimed at ensuring the on-going integrity and confidentiality of personal information. We evaluate these measures on a regular basis to ensure the security of the processing. We will keep your personal information for as long as we have a relationship with you. Once our relationship with you has come to an end, we will retain your personal information for a period of time that enables us to:

  • Maintain business records for analysis and/or audit purposes 
  • Comply with record retention requirements under the law
  • Defend or bring any existing or potential legal claims
  • Deal with any complaints regarding the services

We will delete your personal information when it is no longer required for these purposes. If there is any information that we are unable, for technical reasons, to delete entirely from our systems, we will put in place appropriate measures to prevent any further processing or use of the data.]

  1. International Data Transfers

Your personal information may be transferred to, stored, and processed in a country that is not regarded as ensuring an adequate level of protection for personal information by the European Commission. 

We have put in place appropriate safeguards (such as contractual commitments) in accordance with applicable legal requirements to ensure that your data is adequately protected. For more information on the appropriate safeguards in place, please contact us at the details below. 

  1. Changes to our Privacy Policy

You may request a copy of this privacy policy from us using the contact details set out below. We may modify or update this privacy notice from time to time. Please check back frequently to see if any changes or updates have been made. 

If we change this privacy policy, we will notify you of the changes. Where changes to this privacy notice will have a fundamental impact on the nature of the processing or otherwise have a substantial impact on you, we will give you sufficient advance notice so that you have the opportunity to exercise your rights (e.g. to object to the processing). 25 May 2018

  1. Contact Us

OneTwoTrip Travel Agency LLP is the controller responsible for the personal information we collect and process. 

If you have any questions about this Privacy Policy, or our Services generally you can contact us at:

275 New North Road, Office 386, London, N1 7AA, United Kingdom

Our Data Protection Officer can be contacted at: FAO Data Protection Officer 

Last Updated: 25 May 2018

We are committed to working with you to obtain a fair resolution of any complaint or concern about privacy. If, however, you believe that we have not been able to assist with your complaint or concern, you have the right to make a complaint to the data protection authority of the country in which you are a resident using their website.