Privacy, Data Protection & GDPR Compliance

1. Our Commitment to Your Privacy

Travel Minded Ltd (“we,” “us,” “our”) is committed to protecting your privacy and handling your personal data responsibly and transparently.

This Privacy & Data Protection Policy explains how we collect, use, store, and protect your personal data in accordance with the UK General Data Protection Regulation (UK GDPR) and other applicable data protection laws.

By using our services or booking a retreat, you acknowledge and consent to the collection and processing of your personal data as outlined below.

2. What Personal Data We Collect

We collect only the data necessary to deliver our retreats safely, legally, and effectively.

General Personal Data

  • Name

  • Email address

  • Telephone number

  • Postal address

  • Payment and billing details

  • Booking and retreat information

Identity & Travel Compliance Data (Passport Information)

Where required by accommodation providers or local law, we may request:

  • A clear image of your passport photo page

  • Full name, nationality, date of birth

  • Passport number and expiry date

This information is requested solely for travel compliance and booking purposes.

Sensitive Personal Data (Collected with Explicit Consent)

  • Dietary requirements

  • Health conditions disclosed for safety or accessibility

  • Emergency contact details

We do not collect more data than is reasonably necessary for these purposes.

3. Why We Collect Your Data

We collect and process personal data to:

  • Manage retreat bookings and payments

  • Communicate important retreat-related information

  • Meet travel, accommodation, and legal compliance requirements

  • Ensure health, safety, dietary, and accessibility needs are met

  • Improve our services where you have opted in

  • Send marketing communications only where you have given consent

4. Legal Basis for Processing

We process your data under one or more of the following lawful bases:

  • Contractual necessity – to deliver your booked retreat

  • Legal obligation – to meet travel, safety, or regulatory requirements

  • Legitimate interest – to operate and improve our services

  • Explicit consent – for sensitive personal data and marketing communications

You may withdraw your consent at any time.

5. How We Store & Protect Your Data

We use appropriate technical and organisational measures to safeguard your data, including secure systems, encryption, password protection, and trusted third-party platforms.

Passport Data Security

  • Stored in encrypted, access-restricted systems

  • Access limited to authorised staff only

  • Never shared via unsecured channels

  • Not physically printed or stored unless legally required, and only temporarily

All personal data is handled confidentially and securely.

6. Who We Share Your Data With

We only share personal data where necessary to deliver our services, including with:

  • Payment processors (for bookings and transactions)

  • Accommodation and travel providers (where legally required)

  • Catering providers (for dietary and accessibility needs)

  • Email and marketing platforms (only if you opt in)

Only the minimum required data is shared.
We never sell, rent, or trade your personal data.

7. Data Retention

We retain personal data only for as long as necessary:

  • Passport data: Deleted permanently within 30 days after your retreat ends, once all provider requirements are fulfilled

  • General personal data: Retained for up to 5 years for accounting and booking records

  • Sensitive data: Deleted immediately after the retreat unless you request otherwise

8. Marketing Communications

We will only send marketing emails or updates if you have given consent.

You may unsubscribe at any time by:

  • Clicking the “unsubscribe” link in any email, or

  • Contacting us directly

Withdrawing consent will not affect your booking.

9. Cookies & Tracking Technologies

Our website uses cookies to ensure essential functionality and improve user experience.

  • Essential cookies are required for site operation and cannot be disabled

  • Analytics and marketing cookies are only used with your explicit consent

We may use third-party tools that collect limited data such as IP address, browser type, device information, and usage patterns.

You can manage or withdraw cookie consent at any time via:

  • Your browser settings

  • Our cookie consent banner

Disabling cookies may affect website functionality.
We do not use cookies to collect sensitive personal data without explicit consent.

10. Your Rights Under GDPR

You have the right to:

  • Access your personal data

  • Correct inaccurate data

  • Request deletion of your data

  • Restrict or object to processing

  • Request data portability

  • Withdraw consent at any time

To exercise your rights, please contact us using the details below.

11. Contact & Complaints

If you have questions, concerns, or wish to exercise your data protection rights, please contact: travelmindedbusiness@gmail.com