Privacy Policy

Effective date: 09 August 2025

At Crypto Travel, we collect the minimum information necessary to deliver your booking. We favour email as the primary contact method and keep phone numbers optional unless an airline requires it. This notice explains what we collect, why we collect it, and your rights under UK data protection law (UK GDPR).

1) Who we are

Crypto Travel (United Kingdom). For privacy enquiries, contact: privacy@cryptotravel.net. For customer support, contact: support@cryptotravel.net.

2) What we collect

• Booking details: passenger name(s) (as required by airlines), date of birth, gender, and—only if required—return/route details and other itinerary data.
• Contact: email address (required). Phone number is optional unless the carrier requires it for schedule changes or operational updates.
• Payment: we accept crypto via payment processors (e.g., Coinbase Commerce). We do not store your private keys or card details. Crypto transactions appear on public blockchains; wallet addresses may be pseudonymous but not anonymous.
• Technical data: basic logs (IP, browser, device) for security, fraud prevention, and service quality.
• Support messages: information you send when contacting us.

3) Why we collect it (lawful bases)

• Contract: to search, book, issue, and manage your travel.
• Legitimate interests: prevent fraud/abuse, secure our services, improve reliability, and provide updates.
• Legal obligations: comply with requests from airlines, regulators, or law enforcement where applicable.
• Consent: optional marketing emails (you can unsubscribe anytime).

4) How we use your information

• Create and manage bookings; send confirmations, invoices, and travel updates (UK time, Monday–Friday 09:00–17:00).
• Process payments through our chosen crypto payment provider(s).
• Notify you of airline schedule changes when we are informed.
• Respond to your support requests.

5) Sharing your data

We share only what is necessary:

• Airlines/GDS/aggregators: to issue tickets and manage your itinerary.
• Payment processors: to take and verify payments (we don’t store your payment credentials).
• Service providers: secure hosting, email delivery, and database services under contract and confidentiality.
• Legal/Compliance: where required by law.

6) International transfers

Because air travel is global, your data may be processed outside the UK. We use safeguards such as standard contractual clauses or equivalent measures required by UK law.

7) Retention

Booking and invoice records are typically retained for up to 6 years for accounting, audit, and regulatory purposes. Support emails are retained for a shorter period unless required to resolve a case.

8) Cookies & tracking

We use only essential cookies needed to run the site and remember your session. If we add analytics or marketing cookies in the future, we’ll update this notice and request consent where required.

9) Security

We employ technical and organisational measures including HTTPS, access controls, server hardening, and audit logs. Crypto payments are processed by third-party providers; always verify the payment page URL before paying.

10) Your rights (UK GDPR)

You can request to:

• Access, correct, or delete your personal data
• Restrict or object to certain processing
• Receive a copy of your data in portable format
• Withdraw consent to marketing at any time

To exercise your rights, email privacy@cryptotravel.net. We’ll respond as soon as possible and typically within one month.

11) Children

Our services are for adults. We process child passenger data only when necessary to complete a booking provided by an adult.

12) Updates to this policy

We may update this Privacy Policy from time to time. Material changes will be posted on this page with a new effective date.