Enquire Now

Privacy Policy

1. Introduction

Arundel Holidays is committed to protecting and respecting your privacy. This Privacy Policy explains how we collect, use, disclose and safeguard your personal information when you interact with our website, make a booking or communicate with us in any way.

We handle your personal data responsibly and in accordance with applicable data protection legislation, including the Personal Data Protection Act of Sri Lanka and any other relevant regulations.

By using our services or providing us with your personal information, you consent to the practices described in this Privacy Policy.

2. Information We Collect

2.1 Information You Provide Directly

  • Identity information: Full name, date of birth, gender, nationality, passport number and expiry date
  • Contact information: Email address, phone number, postal address
  • Booking information: Travel preferences, itinerary selections, dietary requirements and special requests
  • Payment information: Credit or debit card details (processed securely through our payment provider), bank transfer details
  • Communications: Records of correspondence with our team, including emails and enquiry forms.

2.2 Information Collected Automatically

When you visit our website, we may automatically collect:

  • Technical data: IP address, browser type, device type, operating system
  • Usage data: Pages visited, time spent on pages, links clicked, referring website
  • Cookie data: Information stored by cookies as described in our Cookie Policy.

2.3 Sensitive Personal Information

In some cases, we may collect sensitive personal data where it is necessary to provide our services, such as health or medical information relevant to your participation in certain tours. We will only collect sensitive data with your explicit consent and will handle it with the highest degree of care.

3. How We Use Your Information

We use your personal information for the following purposes:

  • Booking and service delivery: To process your booking, arrange your travel itinerary and provide all related services
  • Communication: To contact you about your booking, respond to enquiries and send important service-related updates
  • Payments: To process payments and issue invoices or receipts
  • Legal and regulatory compliance: To meet our obligations under applicable law, including providing passenger information to immigration authorities, airlines and other regulatory bodies as required
  • Safety and emergency management: To manage emergencies and ensure the safety of our clients and staff
  • Marketing: With your consent, to send you information about our services, promotions and travel inspiration
  • Improvement of services: To analyse usage patterns and provide feedback to improve our website, services and customer experience.

4. Legal Basis for Processing

We process your personal data on the following legal grounds:

  • Contractual necessity: Processing is necessary to fulfil our contract with you or to take steps before entering into a contract
  • Legal obligation: Processing is necessary to comply with a legal obligation
  • Legitimate interests: Processing is necessary for our legitimate business interests, provided these are not overridden by your rights
  • Consent: Where you have given explicit consent to the processing of your data for a specific purpose, such as receiving marketing communications.

5. Sharing Your Information

We do not sell or rent your personal information to third parties. We may share your information with the following categories of recipients, where necessary to deliver our services:

5.1 Service Providers and Suppliers

We share necessary personal data with trusted third-party service providers who assist us in delivering your travel experience, including:

  • Accommodation providers (hotels, guesthouses, resorts)
  • Transport operators (airlines, transfer companies, cruise lines)
  • Activity and excursion operators
  • Visa and travel document services
  • Payment processing providers

All third-party suppliers are required to handle your data in accordance with applicable privacy laws and our data sharing standards.

5.2 Legal and Regulatory Authorities

We may disclose your personal information to government authorities, immigration and border control agencies, law enforcement, or other regulatory bodies where required by law or to protect the rights, property, or safety of Arundel Holidays, our clients or the public.

5.3 Business Transfers

If Arundel Holidays is subject to a merger, acquisition or sale of assets, your personal data may be transferred to the relevant third party as part of that transaction. We will notify you of any such change.

6. Data Retention

We retain your personal data for as long as necessary to fulfil the purposes for which it was collected. In general, we retain client booking records for a minimum of seven (7) years following the completion of your tour, in accordance with our legal and tax obligations. Marketing consent records are retained until you withdraw your consent.

Once personal data is no longer required, it will be securely deleted or anonymised.

7. Data Security

Arundel Holidays takes the security of your personal information seriously. We implement appropriate technical and organisational measures to protect your data against unauthorised access, loss, alteration, disclosure, or destruction. These measures include:

  • Encryption of sensitive data in transit using SSL (Secure Sockets Layer) technology
  • Secure storage of data on protected servers with restricted access
  • Regular review and testing of our security systems and processes
  • Staff training on data protection obligations and best practices

 

While we take all reasonable precautions, no method of electronic transmission or storage is completely secure. In the event of a data breach that is likely to result in a risk to your rights and freedoms, we will notify you and any relevant authorities as required by law.

8. Cookies

Our website uses cookies and similar tracking technologies to enhance your browsing experience, analyse website traffic and serve relevant content. The types of cookies we use include:

  • Strictly necessary cookies: Required for the website to function properly;
  • Performance and analytics cookies: Help us understand how visitors interact with our website, and
  • Marketing cookies: Used to deliver relevant advertisements and track the effectiveness of marketing campaigns (only with your consent).

 

You can control cookie settings through your browser preferences. Please note that disabling certain cookies may affect the functionality of our website.

9. Your Rights

Subject to applicable law, you have the following rights in relation to your personal data:

  • Right of access: You have the right to request a copy of the personal data we hold about you
  • Right to rectification: You can request that we correct inaccurate or incomplete data
  • Right to erasure: In certain circumstances, you can request that we delete your personal data
  • Right to restrict processing: You can ask us to temporarily stop processing your data while a complaint is investigated
  • Right to data portability: You can request that we transfer your data to another organisation in a structured, machine-readable format
  • Right to object: You have the right to object to processing based on our legitimate interests or for direct marketing purposes
  • Right to withdraw consent: Where processing is based on your consent, you can withdraw it at any time.

 

To exercise any of these rights, please contact us at the details provided in Section 12. We will respond to all valid requests within 30 days and may ask you to verify your identity before processing your request.

10. International Data Transfers

Your personal data may be transferred to and processed in, countries outside of Sri Lanka in connection with the delivery of your travel arrangements. Where such transfers occur, we will take all reasonable steps to ensure your data is handled with an equivalent level of protection, including implementing appropriate contractual safeguards with our international partners and suppliers.

11. Third-Party Websites

Our website may contain links to third-party websites. This Privacy Policy does not apply to those external sites. We are not responsible for the privacy practices of third parties and encourage you to review the privacy policies of any website you visit.

12. Marketing Communications

With your consent, we may contact you by email, SMS or post with information about our travel products, special offers and news. You can opt out of marketing communications at any time by:

  • Clicking the unsubscribe link in any marketing email
  • Replying STOP to any marketing SMS
  • Contacting us directly at the details below.

 

Please note that opting out of marketing communications will not affect service-related communications regarding your booking.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. The most current version will always be posted on our website with the effective date clearly indicated. Where changes are material, we will notify you by email or through a prominent notice on our website prior to the changes taking effect.

14. Contact Us

If you have any questions, concerns or requests regarding this Privacy Policy or the way we handle your personal information, please contact us. We are committed to resolving all privacy-related concerns in a timely and transparent manner

Email: info@arundelholidays.com

Phone: +94 77 292 7012

Address: No: 532/1/A, Gonahena Rd, Ranmuthugala, Kadawatha.