Privacy Policy

SkyTerminal Limited is committed to protecting your privacy and personal data. This Privacy Policy explains how we collect, use, store, and protect your information when you use our travel booking services.

We comply with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. This policy applies to all personal data we process about you.

We process personal data on the basis of contractual necessity, legal obligations, legitimate business interests and, where required, your consent.

Personal Information: • Full name, date of birth, and gender • Contact details (email, phone number, address) • Passport and travel document information • Payment and billing information • Travel preferences and special requirements

Technical Information: • IP address and browser information • Device type and operating system • Website usage data and cookies • Communication records (calls, emails, chat)

Service Provision: • Processing flight bookings and travel arrangements • Issuing tickets and travel documents • Providing customer support and assistance • Managing your account and preferences

Legal and Business Purposes: • Compliance with legal and regulatory requirements • Fraud prevention and security monitoring • Business analytics and service improvement • Marketing communications (with your consent)

To protect our customers, suppliers and business from fraud, unauthorized transactions and payment abuse, SkyTerminal Limited may use personal information, transaction data, device information, IP addresses, geolocation information and communication records to:

• Verify customer identity.
• Validate payment methods.
• Detect and prevent fraudulent transactions.
• Prevent chargebacks and payment disputes.
• Comply with anti-money laundering, sanctions screening and regulatory requirements.
• Maintain transaction records required by payment processors, banks and card schemes.

Where necessary, transactions may be manually reviewed before ticket issuance.

When you make a payment, your information may be shared with payment service providers, acquiring banks, card networks, fraud-prevention providers and financial institutions for the purpose of:

• Processing payments.
• Verifying cardholder identity.
• Fraud screening and risk assessment.
• Chargeback investigation and dispute resolution.
• Compliance with legal and regulatory obligations.

SkyTerminal Limited does not store full payment card numbers, CVV codes or other sensitive payment authentication data on its own systems.

Payment information is processed through PCI DSS compliant payment service providers.

We may share your personal data with the following parties:

Travel Service Providers: • Airlines, hotels, and other travel suppliers • Travel insurance providers • Ground transportation services

Business Partners: • Payment processors and financial institutions • Technology service providers • Marketing and analytics partners (with consent) • Legal and professional advisors

We do not sell your personal data to third parties for their marketing purposes.

Your personal data may be transferred to and processed in countries outside the UK and EEA, including: • Countries where airlines and travel suppliers operate • Locations of our technology service providers • Destinations you are traveling to

We ensure appropriate safeguards are in place for international transfers, including: • Adequacy decisions by the UK government • Standard contractual clauses • Binding corporate rules • Certification schemes

We retain your personal data for different periods depending on the purpose:

Booking and Travel Data: • Active bookings: Until travel is completed plus 7 years • Cancelled bookings: 3 years from cancellation date • Payment records: 7 years for tax and accounting purposes

Booking records, passenger name records (PNR), ticketing records, invoices, payment records and customer communications may be retained for up to 7 years or longer where required by law, accounting regulations, airline requirements, fraud prevention, dispute resolution or legal proceedings.

Marketing and Communications: • Marketing consent: Until withdrawn or 3 years of inactivity • Customer service records: 3 years from last contact • Website analytics: 26 months

We regularly review our retention periods and delete data that is no longer necessary.

Under UK GDPR, you have the following rights regarding your personal data:

Access and Control: • Right to access your data • Right to rectification (correction) • Right to erasure ("right to be forgotten") • Right to restrict processing

Portability and Objection: • Right to data portability • Right to object to processing • Right to withdraw consent • Right to complain to the ICO

To exercise any of these rights, please contact us using the details provided at the end of this policy.

We use cookies and similar technologies to enhance your experience on our website:

Essential Cookies: • Required for website functionality • Security and fraud prevention • Session management

Optional Cookies: • Analytics and performance monitoring • Personalization and preferences • Marketing and advertising (with consent)

You can manage your cookie preferences through your browser settings or our cookie consent tool.

We implement appropriate technical and organizational measures to protect your personal data:

Technical Safeguards: • SSL/TLS encryption for data transmission • Secure data storage and backup systems • Regular security updates and patches • Access controls and authentication

Organizational Measures: • Staff training on data protection • Regular security assessments • Incident response procedures • Third-party security audits

Access to customer information is restricted to authorised personnel only and is granted solely on a need-to-know basis.

All access activities may be logged and monitored for security, compliance and fraud-prevention purposes.

While we strive to protect your data, no method of transmission over the internet is 100% secure. We encourage you to take precautions when sharing personal information online.

Transaction Records and Dispute Resolution

To protect both customers and SkyTerminal Limited, we may retain records relating to bookings, payments, communications, ticket issuance, fare rule acceptance, IP addresses, device information, transaction history and customer interactions.

Such records may be used to:

• Verify transactions.
• Resolve customer complaints.
• Investigate fraud.
• Respond to payment disputes and chargebacks.
• Comply with requests from financial institutions, payment processors, law enforcement agencies and regulatory authorities.

We may send you marketing communications about our services, special offers, and travel deals:

Communication Types: • Email newsletters and promotional offers • SMS messages for urgent travel updates • Phone calls for personalized offers • Postal mail for exclusive deals

Your Choices: • Opt-in required for marketing communications • Easy unsubscribe options in all emails • Preference management through your account • Contact us to update your preferences

We will only send marketing communications if you have given us your consent or where we have a legitimate interest (and you have not objected).

If you have concerns about how we handle your personal data, please contact us first so we can try to resolve the issue.

Internal Complaints Process: • Contact our customer service team • We will acknowledge your complaint within 48 hours • Investigation and response within 30 days • Escalation to senior management if needed

External Complaints: If you are not satisfied with our response, you have the right to complain to:

Information Commissioner's Office (ICO)
• Website: ico.org.uk
• Phone: 0303 123 1113
• Address: Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors.

How We Notify You: • Email notification for significant changes • Website banner for 30 days after updates • Updated "last modified" date at the top of this policy • Summary of changes available upon request

We encourage you to review this policy periodically to stay informed about how we protect your privacy.

Continued use of our services after policy changes constitutes acceptance of the updated terms.

If you have any questions about this Privacy Policy or how we handle your personal data, please contact us:

General Inquiries: • Email: sales@skyterminal.co.uk • Phone: +44 74 66 33 5677 • Address: 71-75 Shelton Street, Covent Garden, London, WC2H 9JQ

Data Protection Requests: • Subject: "Data Protection Request" • Include: Your full name and contact details • Specify: The nature of your request • Response Time: Within 30 days