Privacy Policy

1. WHO WE ARE

Peregrina Travel Limited ("Peregrina", "we", "us", "our") is a travel design and concierge company incorporated in England and Wales with registered office at 71-75 Shelton Street, London WC2H 9JQ.

​

We are a data controller under the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018, which means we are responsible for deciding how and why your personal data is collected and used.

​

If you have any questions about this Privacy Policy or how we handle your personal data, please contact us at:

Email: info@peregrinatravel.com
Post: 71-75 Shelton Street
Covent Garden
London
WC2H 9JQ

2. WHAT PERSONAL DATA WE COLLECT

Depending on how you interact with us, we may collect and process the following categories of personal data:

Identity data: full name, date of birth, nationality.

Contact data: email address, phone number, home address.

Travel and booking data: passport details (including passport number, expiry date, and nationality), travel dates, destination information, itinerary details, and dietary or accessibility requirements.

Financial data: payment information processed via our payment provider. We do not store card details directly.

Special category data: where relevant to your trip, we may collect information about health conditions, mobility limitations, allergies, or dietary requirements. This data is treated with the highest level of care and is only collected and shared where strictly necessary to arrange your trip safely.

Communications data: emails, enquiry form submissions, and any other correspondence you send to us.

Contract data: information provided through PandaDoc or other contract documents, including signatures and declarations.

Technical data: IP address, browser type, device information, and website usage data collected via cookies and analytics tools (see Section 7).

3. HOW WE COLLECT YOUR PERSONAL DATA

We collect personal data in the following ways:

Directly from you, when you contact us by email, complete an enquiry form on our website, or provide information as part of the booking and contract process via PandaDoc or similar.

Automatically, when you visit our website, through cookies and analytics tools (see Section 7).

From third parties, such as suppliers or other members of your travelling party, where relevant to arranging your trip.

4. WHY WE USE YOUR PERSONAL DATA AND OUR LEGAL BASIS

We only use your personal data where we have a lawful basis to do so under UK GDPR.

We use your identity, contact, and travel data to respond to your enquiry and design your trip. Our legal basis for this is legitimate interests. Specifically, our interest is in providing our services to existing clients and potential clients.

​

We use your identity, contact, booking, financial, and contract data to enter into and perform our contract with you. Our legal basis is performance of a contract.

​

We share relevant identity and travel data with third-party suppliers in order to arrange your trip. Our legal basis is performance of a contract. Where we share special category data such as health or dietary information, we will ask for your explicit consent beforehand.

We use financial and contract data to process your payments. Our legal basis is performance of a contract.

​

We retain identity, contact, financial, and contract data to comply with legal obligations such as tax record-keeping. Our legal basis is legal obligation.

​

We use technical data collected via cookies and analytics tools to understand how visitors use our website and to improve it. Our legal basis is legitimate interests for essential analytics, and consent for non-essential cookies.

​

Where we rely on legitimate interests as our legal basis, we have satisfied ourselves that those interests are not overridden by your rights. You have the right to object to any processing based on legitimate interests: see Section 8.

​

Where we process special category data, we will always ask for your explicit consent first and use it only for the specific purpose for which it was provided.

5. WHO WE SHARE YOUR PERSONAL DATA WITH

We may share your personal data with the following categories of recipients:

​

Third-party travel suppliers: including hotels, airlines, transfer operators, guides, activity providers, and other service providers, where necessary to arrange and deliver your trip. Each supplier operates as an independent data controller in respect of the data they receive.

​

Contract and document management providers: platforms we use to prepare, send, and store client agreements and related documentation.

​

Website analytics providers: services we use to understand how visitors use our website and to improve our offering.

​

Payment processing providers: services we use to process client payments securely. We do not store card details directly.

​

Professional advisers: including lawyers and accountants, where necessary.

​

Regulatory or government authorities: where required to do so by law.

​

We do not sell your personal data to any third party, and we do not share it for marketing purposes without your consent.

6. HOW LONG WE KEEP YOUR PERSONAL DATA

We retain personal data only for as long as necessary for the purposes for which it was collected, or as required by law. As a general guide:

Client and booking data: retained for six (6) years from the end of your trip or the date of our last interaction, in line with standard contractual limitation periods under English law.

Enquiry data (where no booking was made): retained for up to twelve (12) months from the date of your enquiry, after which it will be securely deleted.

Financial records: retained for six (6) years in accordance with HMRC requirements.

Technical and analytics data: retained in accordance with our analytics provider's data retention settings, typically no longer than twenty-six (26) months.

After the applicable retention period, your data will be securely deleted or anonymised.

7. COOKIES AND WEBSITE ANALYTICS

Our website uses cookies and similar tracking technologies to help us understand how visitors use our site and to improve your experience.

What are cookies? Cookies are small text files placed on your device when you visit a website. They allow the website to recognise your device and remember certain information about your visit.

​

What cookies do we use?

Essential cookies: necessary for the website to function. These cannot be switched off.

Analytics cookies: we use an analytics tool to collect anonymised information about how visitors use our website, including which pages are visited and how visitors navigate the site. This data helps us improve our website and your experience of it.

Wen you first visit our website, you will be asked to consent to non-essential cookies. You can update your cookie preferences at any time via the cookie settings on our website. You can also control cookies through your browser settings, although disabling certain cookies may affect your experience of the site.

For more information about cookies and how to manage them, visit www.allaboutcookies.org.

8. YOUR RIGHTS

Under UK GDPR, you have the following rights in relation to your personal data:

Right of access: you have the right to request a copy of the personal data we hold about you.

Right to rectification: you have the right to ask us to correct any inaccurate or incomplete data we hold about you.

Right to erasure: you have the right to ask us to delete your personal data in certain circumstances (for example, where it is no longer necessary for the purpose for which it was collected).

Right to restriction: you have the right to ask us to restrict the processing of your data in certain circumstances.

Right to data portability: you have the right to receive your personal data in a structured, commonly used format where processing is based on consent or contract.

Right to object: you have the right to object to processing based on legitimate interests, including for direct marketing purposes.

Right to withdraw consent: where processing is based on your consent, you have the right to withdraw that consent at any time. Withdrawal of consent does not affect the lawfulness of processing carried out before withdrawal.

To exercise any of these rights, please contact us at [INSERT EMAIL]. We will respond within one calendar month. We may need to verify your identity before processing your request.

If you are unhappy with how we have handled your personal data, you have the right to lodge a complaint with the Information Commissioner's Office (ICO), the UK's data protection regulator:

Website: www.ico.org.uk
Telephone: 0303 123 1113

We would, however, appreciate the opportunity to address your concerns directly before you contact the ICO, so please do reach out to us in the first instance.

9. THIRD-PARTY LINKS

Our website may contain links to third-party websites. This Privacy Policy applies only to our website and services. We are not responsible for the privacy practices of any third-party sites and encourage you to read their privacy policies before providing any personal data.

10. CHANGES TO THIS PRIVACY POLICY

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. The current version will always be available on our website. Where changes are significant, we will take reasonable steps to notify you.

This Privacy Policy was last reviewed and updated in March 2026.

11. CONTACT US

If you have any questions, concerns, or requests relating to this Privacy Policy or how we handle your personal data, please contact us.