Privacy Policy

1. Who We Are

Trippat is the data controller responsible for handling your personal data in accordance with the Saudi Personal Data Protection Law (PDPL) and the General Data Protection Regulation (GDPR), where applicable.

Contact Information:
📍 Riyadh, Saudi Arabia
📧 [email protected]
🌐 www.trippat.com

If you have questions about how we handle your data, please contact us at the email above.


2. What Data We Collect

We collect personal data directly from you and, in some cases, from third parties to provide you with our travel services.

Data you provide directly:

  • Identity Data: Name, nationality, date of birth, gender, passport number.

  • Contact Data: Email address, phone number, mailing address.

  • Payment Data: Credit/debit card details, bank information (for transfers).

  • Travel Details: Destination, flight, accommodation, preferences, companions.

  • Health & Document Data (when required): Visa, insurance, or medical documents for travel processing.

Data collected automatically:

  • Device type, IP address, browser type, language settings, pages visited, and cookies.

Data received from third parties:

  • Airlines, hotels, payment partners (e.g., Tabby, Moyasar), or travel insurance companies.


3. How We Use Your Data

We process your data under the following legal bases:

  • Contractual necessity: To process bookings, payments, and service confirmations.

  • Legal obligation: To comply with Saudi regulations and international travel requirements.

  • Legitimate interests: To improve services, analyze usage, and prevent fraud.

  • Consent: For marketing, newsletters, or promotional offers (optional).

Main Purposes:

  • Managing flight, hotel, and tour bookings.

  • Providing customer support and after-sales service.

  • Sending confirmations, invoices, or service updates.

  • Personalizing offers and recommendations.

  • Complying with legal, tax, and security requirements.


4. Sharing Your Data

We may share your data with:

  • Travel partners: Airlines, hotels, and tour operators.

  • Payment gateways: Tabby, Moyasar, and banking partners.

  • Government authorities: When required for visa or travel documentation.

  • Service providers: IT, marketing, and analytics vendors under strict confidentiality.

  • Legal entities: If required by law or to protect our rights.

We never sell or rent your personal information to third parties.


5. International Transfers

Your data may be transferred and stored outside Saudi Arabia when necessary for travel bookings or global service providers.
All transfers comply with PDPL and GDPR, and we ensure that proper safeguards (contractual clauses or equivalent) are in place.


6. Data Retention

We keep your data only as long as necessary to:

  • Fulfill bookings and transactions.

  • Comply with legal obligations.

  • Resolve disputes and enforce agreements.

After that, your data will be securely deleted or anonymized.


7. Your Rights

You have the right to:

  • Access your personal data.

  • Correct inaccurate or incomplete data.

  • Request deletion ("Right to be Forgotten").

  • Restrict or object to certain processing.

  • Withdraw consent for marketing communications.

  • Request a copy of your data (data portability).

You can exercise your rights by contacting:
📧 [email protected]


8. Security of Your Data

Trippat uses advanced technical and organizational measures to protect your data from unauthorized access, loss, or misuse. This includes encryption, firewalls, and restricted employee access.


9. Cookies

Our website uses cookies to improve your browsing experience, personalize content, and analyze website traffic. You can manage or disable cookies through your browser settings.


10. Changes to This Policy

We may update this Privacy Policy periodically to reflect new legal requirements or service changes. The latest version will always be published on Trippat.com.