One Trip

Menu
Book a demo

One Trip

Menu
Book a demo

Privacy Policy

Privacy Policy – OneTrip Technologies

Effective date: 08/ 09/ 2025

 

OneTrip Technologies (“we,” “our,” “us”) respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, store, and share information when you use:

  • Our website [onetriptechnologies.com] (the “Website”), and
  • The Adventure Hub SaaS platform (the “Platform”), which we provide to B2B customers who serve their own end-users (travellers).

Who We Are

Controller (Website): We act as the data controller when processing information about Website visitors, prospects, and B2B customers. Processor (Platform): When processing traveller data on behalf of our B2B customers, we act as a data processor. Our customers are responsible for ensuring a lawful basis for processing their travellers’ data.

Legal Bases for Processing

We process data under GDPR based on:

  • Consent (e.g., newsletter sign-up, cookies).
  • Performance of a contract (e.g., enabling bookings, fulfilling orders).
  • Legitimate interests (e.g., platform improvements, fraud prevention).
  • Legal obligations (e.g., accounting, regulatory requirements).

Information We Collect

a) Website Visitors:

  • Name, email, phone number, and company (when provided in contact forms).
  • Newsletter subscriptions.
  • Cookies and analytics data (IP address, browser type, pages visited).

b) B2B Customers:

  • Company name, billing and payment information, account details.
  • User accounts for the Platform (name, email, login credentials).

c) Travellers (via the Platform):

  • Booking details: name, email, phone, itinerary, payment details, preferences.
  • Data provided through integrated booking/reservation systems.

Cookies & Similar Technologies

We use cookies on our Website to:

  • Ensure functionality (necessary cookies).
  • Analyze traffic and usage (analytics cookies).
  • Provide marketing and retargeting (marketing cookies).

You may manage your cookie preferences via our cookie banner or browser settings.

How We Use Data

We use personal data to:

  • Provide and improve the Platform.
  • Process bookings, payments, and confirmations.
  • Manage customer relationships.
  • Send relevant communications (with consent).
  • Monitor system performance and security.

We do not sell personal data to third parties.

Third-Party Services & Sub-Processors

To provide our services, we may share data with trusted partners, including:

  • Hosting & infrastructure: Microsoft Azure (EU/EEA hosting).
  • Payment providers: To process secure transactions.
  • CRM & support tools: For sales and customer service.
  • Analytics providers: To improve Website performance.

All partners are bound by GDPR-compliant data processing agreements.

International Data Transfers

Where personal data is transferred outside the EU/EEA, we ensure adequate safeguards are in place (e.g., Standard Contractual Clauses).

Data Retention

  • Website visitor data: Retained as long as necessary for the purpose collected (e.g., newsletter subscription until withdrawn).
  • B2B customer data: Retained for the duration of the business relationship plus statutory periods.
  • Traveller data: Retained as required for bookings and legal obligations, then securely deleted or anonymized.

Security Measures

We implement technical and organizational measures to protect data, including:

  • Encryption and secure hosting.
  • Access control and authentication.
  • Regular security audits and monitoring.
  • Partner and sub-processor compliance checks.

Your Rights

Under GDPR, you may have the following rights:

  • Access to your personal data.
  • Correction of inaccurate data.
  • Deletion (“right to be forgotten”).
  • Restriction or objection to processing.
  • Data portability.
  • Withdrawal of consent (for consent-based processing).

For Website data, contact us directly (see Section 13).

For Platform/Traveller data, please direct requests to the relevant B2B customer (the travel operator you booked with).

Children’s Privacy

Our services are not directed at children under 16. We do not knowingly collect data from children without parental consent.

Data Processing Agreement (DPA)

For B2B customers, we offer a GDPR-compliant DPA that governs how we process traveller data, including:

  • Roles and responsibilities.
  • Sub-processors used.
  • Security and breach notification processes.
  • Data transfer safeguards.

Changes to This Policy

We may update this Privacy Policy from time to time. The latest version will always be available on our Website, with the “Effective date” updated.

Contact Us

If you have questions or wish to exercise your rights, contact:

OneTrip Technologies

[Insert company address]

Email: [Insert privacy-specific email]

Phone: [Insert phone number]