Information for Travellers During COVID-19

Privacy Policy

ZAMZAM- PLATFORM USAGE POLICY

Who are we?

Welcome to the Zamzam.com (“Zamzam”) privacy policy. “ZAMZAM E TRAVEL SERVICES DMCC” owns and operates the booking platform which can be accessed on zamzam.com (the “Platform”) and the Zamzam smartphone app for iOS and Android devices (the “App”), collectively referred to as the Zamzam “Service”.

How does Zamzam work?

We have developed the Zamzam Service to enable travel agents (“Travel Agents”) to book hotels, flights and travel services with our selected hotels, airlines, tour operators, car rental companies, cruise lines and private transfer providers (“Suppliers”), in real time, on behalf of their end customers (“Customers”).

We are committed to protecting and respecting the privacy of the users of the Service. This privacy policy (“Privacy Policy”) sets out the basis on which (i) your personal data, as a Travel Agent or Supplier or any representatives that you authorise to use the Service on your behalf, will be processed by us as a controller and (ii) your Customers’ personal data will be processed by us as a processor. Please read the Privacy Policy carefully to understand how we will use your personal data.

How can you contact us?

If you have any questions about your personal data, how we look after it or if there are any changes to your personal data, please email us at dpo@zamzam.com;

Zamzam as controller and processor

Controller

If you visit our register on our Platform, or download our App as a Travel Agent or Supplier, we may use your or your representatives’ personal data in connection with your request for or use of our Services. In order to use the Services, you must accept our Terms and Conditions which are available here https://zamzam.com/terms/. Where this is the case, in accordance with UK and European Economic Area (“EEA”) data protection laws, we will be the controller of the personal data that you provide to us or that we collect from you. We will be responsible for safeguarding your personal data which will be processed in accordance with this Privacy Policy.

Processor

Our Service is intended for use by Travel Agents and Suppliers. However, our Service provides the functionality for Travel Agents to input and collect information about their Customers which is then sent to our Suppliers. Where we process any Customer personal data, our role will be limited to that of an intermediary and we will be considered a processor in accordance with UK and EEA data protection laws. We will be processing Customer personal data on behalf of Travel Agents, who will be the controllers of any Customer personal data, under the terms and conditions that we have in place with the Travel Agents. The Travel Agents will be responsible for the processing of Customer personal data on our Platform or App which will be processed in accordance with their own privacy policies. For example, a Travel agent may input Customer personal data in order to search for a hotel and send an email to the Customer’s email address to provide a quotation or send a voucher for the reservation.

We may also collect, use and share aggregated data such as statistical or demographic data for any purpose. Aggregated data could be derived from your personal data but is not considered personal data in law as this data will not directly or indirectly reveal your identity. For example, we may aggregate Customer personal data from confirmed bookings for internal reporting purposes.

What data do we collect about you?

When you use the Service, we may collect, use, store, transfer and otherwise process the following types of data depending on your relationship with us:

TRAVEL AGENT/ SUPPLIER

Category of data Types of data collected
Business representative contact details When you register for our Service on behalf of your organisation, you may be required to provide us with your:
  • Full name;
  • Job title;
  • Work email address; and
  • Work telephone number.
Company Data
  • Company name;
  • Company identification number;
  • Company location or country of registration;
  • Company telephone number;
  • Company postal address; and
  • Company VAT registration number or equivalent tax ID.
Billing Data
  • Company debit/credit card details;
  • Company bank account number;
  • Invoicing currency; and
  • Billing address.
Feedback and Enquiry Information about you from correspondence that you send to us, any conversations between us and any feedback you give to us.
Marketing and Communications Data Information about your preferences in receiving marketing material from us and your communication preferences.
Technical Data We may automatically collect the following types of information when you use our Services:
  • Internet Protocol (IP) address;
  • Browser type and version;
  • Time zone setting;
  • Browser plug-in types and versions; and
  • Operating system and platform.
Usage Data We may generate information about how you navigate and engage with our Services and download materials and online activity data such as clickstream data, page interaction information, your preferences (including country and language) and methods used to browse away from our content or Services.

The law treats some types of personal data about you as “special” and such data requires more protection because of its sensitive nature. This includes information about your race, religion, health, sex life, sexual orientation or criminal offences. We will only collect or use this type of personal data (a) with your explicit consent or (b) if the law requires us to do so.

TRAVEL AGENT/ SUPPLIER

CUSTOMER

The Travel Agent may choose to input, collect or use some or all of the following types of the data from their Customers when using our Service:

Category of data Types of data collected
Identity and contact data
  • Full name;
  • Phone number(s);
  • Email address;
  • Postal and/or billing address;
  • Country of residence;
  • Country of travel;
  • Passport details;
  • Date of birth;
  • Nationality; and
  • Photo (as included on passport).
Payment Data
  • Name of card holder;
  • Account number;
  • Debit/credit card details.
Special requirements Data
  • Special needs/requirements such as dietary information and medical information, where provided.

How do we collect personal data about you?

We collect personal data in different ways, depending on whether you are Travel Agent or Customer, including:

TRAVEL AGENT

  • Directly from you via the Platform/App
    We will collect your personal data directly from the Platform or App when you choose to register an account with us. When you provide us with personal data about your Customers, you must ensure that you are authorised to disclose that information to Zamzam and Zamzam may collect, use and share such data for the purposes described in this Privacy Policy.
  • Automated technologies When you interact with the Platform or App, we may automatically collect technical data about your mobile device, browsing actions and patterns. We collect this personal data using cookies and other similar tracking technologies. We may also receive technical data about you if you visit other websites through the Platform, or App using our cookies. For more information about cookies, please see our Cookie Policy.

CUSTOMER

  • From our registered Travel agents
    Travel Agents registered for our Services, may input, use and share personal data about Customers for the purpose of making a booking for one of our travel services with our Suppliers. Any Customer personal data processed and used in connection with our Services, will be done so in accordance with the relevant Travel Agent’s privacy policy.

How do we use your personal data?

We collect your personal data so that we can provide you with our Services. We will only use your personal data where we have a valid lawful basis to do so. We have included a table below which lists all the ways in which we use your personal data and the lawful basis we rely on to do so.

Where we mention “legitimate interests”, this is the lawful basis we rely on when we feel that it is necessary to use your personal data for a reason which is in our and/or your interests and which does not unfairly affect your rights over your personal data.

TRAVEL AGENT / SUPPLIER

What we use your personal data for What personal data we use The lawful basis that we rely on to use your personal data
To provide our Services to you, including registering your account on the Platform and App
  • Business representative contact data;
  • Company data; and
  • Billing data.
Performing our contract with you.
To send you information about our Services which you have requested by contacting us
  • Business representative contact data;
  • Company data; and
  • Enquiry data.
To take necessary steps at your request prior to entering into a contract with you.
To provide our customer service to you:
  • to manage our relationship with you;
  • to send you service communications about matters relevant to your use of our Services such as changes to our terms and conditions; to
  • to communicate with you if you have asked us a question or made a complaint with us; and
  • to provide our chat support function within the Platform and App.
  • Business representative contact data;
  • Company data;
  • Feedback and enquiry data.
  • Performing our contract with you;
  • To comply with our legal duties; and/or
  • Our legitimate interests of understanding you better to provide a better service to you for your benefit.
To use data analytics to improve our Platform, App, products and services, marketing, user and customer relationships and experiences
  • Usage data; and
  • Technical data
Our legitimate interests of understanding you better to provide a better service to you for your benefit.
To monitor operations, user activity and networks for fraud prevention and crime detection.
  • Business contact representative data;
  • Usage data; and
  • Technical data.
  • Our legitimate interests in detecting and preventing fraud and illegal conduct; or
  • Necessary for compliance with a legal obligation to which we are subject.
To send you marketing communications if you would like to receive them.

We will only send you marketing communications about Zamzam products/services that we consider may be of interest to you.
  • Business contact representative data;
  • Usage data; and
  • Technical data.
Your express consent (where legally required to do so)

If you are:
  • a business customer (including, a director, officer or employee of the organisation); or
  • have previously purchased products and/or services from us;
we will assume you are happy to receive relevant marketing communications unless you have previously opted out of such communications. This is based on our legitimate interests in promoting our business and to provide you with offers for relevant products/services.

If you change your mind about this, you can withdraw your consent at any time by clicking on the “unsubscribe” link at the bottom of each email.

If you choose to withdraw your consent to receiving these marketing emails, we will still be able to send you service emails that are necessary for our relationship with you.
To share your information with our third-party service providers which facilitate the provision of our Services such as our Suppliers (if you are a Travel Agent) and our Travel Agents (if you are a Supplier) and the fulfilment of essential service functions, such as web hosting, cloud storage, analytics, marketing, accounting, security tools.
  • Any data that is necessary and proportionate to enable our Services.
  • Performing our contract with you; and
  • Our legitimate interests in ensuring the proper operation of our Services.
To share data with another organisation in the context of a joint venture, collaboration, financing, sale, merger, reorganisation or similar event relating to our business.
  • Any data that is necessary and proportionate in connection with the event.
  • Our legitimate interests in acting in the best interests or our shareholders and/or investors; and
  • Complying with our legal obligations.
We are required to comply with certain legal and regulatory requirements and may process your personal data for compliance with such legal or regulatory obligation, to which we or regulators or law enforcement agencies are subject.

To establish, exercise or defend legal claims.
  • Business representative contact details;
  • Company data; and
  • Any other data as required by the regulators and/or law enforcement agencies.
  • To comply with our legal duties
  • Where appropriate and proportionate, in order to satisfy our legitimate interests in complying with best practice or applicable laws.

CUSTOMER

What we use your personal data for What personal data we use The lawful basis that we rely on to use your personal data
To provide our Services to Travel Agents that have registered an account with us, including enabling registered Travel Agents to input Customer personal data on the Platform/App for the purposes of fulfilling a booking for one of our travel services.
  • Identity and contact details;
  • Payment data; and
  • Special requirements data.
Not applicable.

We only use your personal data on behalf of our registered Travel Agents and in accordance with their instructions.
To contact you in exceptional circumstances where the Travel Agent is unable to contact you.
  • Name
  • Email address
  • Phone number
Not applicable.

We only use your personal data on behalf of our registered Travel Agents and in accordance with their instructions.

We will only use your personal data for the reasons we have set out above. If we need to use your personal data for any other reason, we will let you know and tell you the reason along with the relevant lawful basis, unless the law prevents us from doing so.

Who do we share your personal data with?

We may share your personal data with other organisations so we can provide our Service to you and comply with our legal duties. We have set out below who these organisations are and the reasons for sharing your personal data with such organisations.

  • Our Suppliers (if you are a Travel Agent) – in order to fulfil a booking on behalf of your Customer and to provide our Service, including:
    • hotels;
    • airlines;
    • tour operators;
    • car rental companies;
    • cruise lines;
    • private transfer providers; and
    • any intermediary booking platforms such as Expedia.
  • Our Travel Agents (if you are a Supplier) – in order to fulfil a booking on behalf of our Travel Agent’s Customers to provide our Service.
  • Our service providers – who help us operate and improve our services by assisting with various tasks including:
    • payment service providers;
    • marketing;
    • personal information hosting and maintenance;
    • analytics;
    • security operations; and
    • other third-party service providers that we may use from time to time.
  • Third party purchaser – in the event that we sell or buy any business or assets, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets.

You can ask us for more information about these organisations by contacting us using the details at the top of this policy.

We may also need your share your personal data to comply with the law; to enforce our Terms and Conditions; to protect the rights, property or safety of us, other Platform or App users or other individuals/organisations; or where you have given us your consent to do so.

Where do we store your information?

We will not transfer or store your personal data outside of the European Economic Area (EEA) (or the UK to the extent the UK is no longer part of the EU), except to selected third parties that we have instructed to help us provide the services to you.

If we do transfer or store your personal data outside of the EEA, we will ensure we have put adequate measures in place in order to protect your personal data to an equivalent data protection standard as in the UK and the EEA.

We will only share your personal data with countries and organisations that:

  • The European Commission has deemed as having equivalent data protection laws as in the EEA; or
  • We have entered into a contract with which include certain requirements to make sure your personal data is protected to equivalent standards as in the EEA and the UK.

If there are any other circumstances which would require us to transfer your personal data outside of the EEA (or the UK to the extent the UK is no longer part of the EU), we will seek your consent to transfer your personal data outside of the EEA.

You can ask us for more information about where we may transfer or store your personal data and how we will take steps to ensure your personal data is protected by using the contact details in section 3 of this policy.

How do we keep your personal data secure?

We will ensure we put security measures in place to protect your personal data from being destroyed, lost or shared with somebody that should not see it. However, we cannot guarantee your personal data will be free from every security risk that may be possible when your information is sent to and from the Platform or App.

The Platform or App may include links to third-party websites which may collect your personal data. We have no control over what these websites do with your personal data. Please check the policies on these websites which will tell you what they do with your personal data.

How do we use cookies?

We use cookies or other similar technologies to capture certain data when you interact with the Platform or App. For further information on our use of cookies, please see our Cookie Policy.

How long do we keep your information for?

We will only keep your personal data for as long as is necessary for us to do so for the reasons we collected it for in the first place.

TRAVEL AGENT

Generally, we will keep your personal data for as long as you are a registered for our Services and have an account with us.

After this, we may keep your personal data for up to 3 years (or longer where the law requires). This is so we can:

  • Communicate with you about any questions or complaints you may have after you have stopped being a user of our Services; or
  • To comply with the rules on accounting, reporting or any other law.

If you want to exercise any of the rights listed above at any time, please contact us using the details in section 3 of this policy.

CUSTOMER

We will only keep Customer personal data for a 12 month period to comply with the rules on accounting, reporting or any other law or the period determined by the relevant Travel Agent which is the controller of the Customer personal data. For details on how long the relevant Travel Agent keeps your personal data for, please contact them or read their privacy policies.

In certain circumstances, we may aggregate your personal data (so that it will no longer identify you) for research, analytical or statistical purposes, in which case we may use this information indefinitely without further notice to you.

If you want further information on how long we keep your personal data, please contact us using the details set out in section 3 of this policy.

What are your rights in relation to your personal data?

As a result of us collecting and processing your personal data, you may have the following legal rights:

  • To access the personal data we hold about you and request a copy of it;
  • To ask us to correct your personal data if it is inaccurate or incomplete;
  • To ask us to delete your personal data where we do not have a compelling reason to continue to process your personal data in such circumstances;
  • To ask us to stop using your personal data in certain circumstances where there is no need for us to continue processing it in certain circumstances;
  • To ask us to only use your personal data for certain things if: it is not accurate; it has been used unlawfully; or it is not relevant for the purposes it was initially collected for; and/or
  • To ask us to stop using your personal data to send you marketing emails.

If you want to exercise any of the rights listed above at any time, please contact us using the details in section 3 of this policy.

How can you make a complaint?

You also have the right to make a complaint about how we have used your personal data to:

  • Us - by contacting us by email or post using the details in section 3 of this policy and we will always try to help you with your problem in the first instance.

If you’re still not happy with how we have dealt with your complaint, you can contact:

  • A data protection regulator; or
  • The national courts – to seek a remedy if you think that your rights in relation to your personal data have been breached.

Changes to this Privacy Policy

We may need to change this Privacy Policy as our Service develops and offers you more exciting features or if the law changes. We will let you know if any important changes are made, otherwise, we will always display the latest version of our policy on our Platform and App.

ZAMZAM WEBSITE PRIVACY POLICY

Who are we?

Welcome to the Zamzam website privacy policy. (“Zamzam”) is a provider of a B2A (Business to Agent) travel portal (the “Platform”) that allows registered travel agents (“Travel Agents”) to book hotels, flights and other travel services with our selected hotels, airlines, tour operators, car rental companies, cruise lines and private transfer providers (“Suppliers”) in real time on behalf of their end customers (“Customers”). References in this privacy policy (“Privacy Policy”) to “we”, “our”, or “us” are references to Zamzam. We operate the Zamzam website available at https://zamzam.com/ (the “Website”) to promote and provide further information and content about the Zamzam Platform and to provide you with the opportunity to register to use the Platform and receive information and promotional materials about those services.

About this Policy

We are committed to protecting and respecting the privacy of the users of the Service. This Privacy Policy sets out the basis on which your personal data, as a visitor of our Website, will be processed by us as a controller. If you visit our Website, we may use your personal data in connection with your request for or use of our services. In accordance with UK and European Economic Area (“EEA”) data protection laws, we are the controller of the personal data that you provide to us or that we collect from you. We are responsible for safeguarding your personal data which will be processed in accordance with this Privacy Policy. Please read the Privacy Policy carefully to understand how we will use your personal data.

Once you have created an account for our Platform, any personal data that we process of our Suppliers, Travel Agents, and their Customers will be governed by our Platform Privacy Policy.

How can you contact us?

If you have any questions about your personal data, how we look after it or if there are any changes to your personal data, please email us at dpo@zamzam.com ;

What personal data do we collect and process, and how do we use it?

When you access the Website, you may provide us with personal data, and we may collect and process such personal data in accordance with this Privacy Policy.

We will only use your personal data where we have a valid lawful basis to do so. We have included a table below which lists all the ways in which we use your personal data and the lawful basis we rely on to do so.

Where we mention “legitimate interests”, this is the lawful basis we rely on when we feel that it is necessary to use your personal data for a reason which is in our and/or your interests and which does not unfairly affect your rights over your personal data.

What personal data do we process? Why do we process this personal data? What is our lawful basis for processing?
Information you give us
Identity Data: this may include your full name, geographical location and other personal identifiers. Additional data may be collected about you from the correspondence that you send to us, any conversations you have with us and any feedback you give us.

Admin Contact Data: this may include your professional email address, phone number(s), postal address and any other contact details you may choose to provide to us.

Company Data: this may include information about the company you work for including the company name, email address, phone number and postal address.
  • To register your account on the Platform on behalf of your company (whether as a Travel Agent or Supplier)
  • To respond to your enquiry if you contact our customer service team
  • To provide you with a demo of the Platform if you request it
  • To contact you with details of our Platform if you request them
  • To send you marketing and promotional material if you sign up to receive it
  • To perform our contract with you or to take steps prior to entering into a contract with you
  • To satisfy our legitimate interests (to run and operate the Website, run our business and maintain our records)
  • Your express consent (where legally required to do so).
If you are:

  • a business customer (including, a director, officer or employee of the organisation); or
  • have previously purchased products and/or services from us;
we will assume you are happy to receive relevant marketing communications unless you have previously opted out of such communications. This is based on our legitimate interests in promoting our business and to provide you with offers for relevant products/services.

If you change your mind about this, you can withdraw your consent at any time by clicking on the “unsubscribe” link at the bottom of each email.

If you choose to withdraw your consent to receiving these marketing emails, we will still be able to send you service emails that are necessary for our relationship with you.
Information automatically collected when you browse our Website
Technical Data: we may automatically collect data regarding general technical use of the Website, such as your IP address, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform. We may also receive technical data about you if you visit other websites through the Website using our cookies. For more information about cookies, please see our Cookie Policy.

Usage Data: we may generate information about how you navigate and engage with our Website and download materials and online activity data such as clickstream data, page interaction information, your preferences (including country and language) and methods used to browse away from our content or Website.

Location: we can identify the country that you are located in based on your IP address.
  • To identify any problems, defects or issues with the Website
  • To optimise the performance of the Website
  • To improve future versions of the Website
  • To monitor operations, user activity and networks for fraud prevention and crime detection
  • To satisfy our legitimate interest (to enable you to use the Website most effectively, improve the usability of the Website and make any necessary modifications and updates to the Website).
  • Necessary for compliance with a legal obligation to which we are subject.

We will only use your personal data for the reasons we have set out above. If we need to use your personal data for any other reason, we will let you know and tell you the reason along with the relevant lawful basis, unless the law prevents us from doing so.

Who do we share your personal data with?

By using the Website, we may need to disclose your personal data to the following categories of third parties in limited circumstances so that we can operate our Website and comply with our legal duties.

  • With our third party service providers: your personal data may be held and processed securely by us on the dedicated systems supplied, monitored and maintained by our third party infrastructure providers, and by any other third party service providers we may use, such as our Website hosting provider, customer relationship management provider, analytics, security operations and other third-party service providers.
  • In corporate transactions – we may transfer your personal information if we are involved, whether in whole or in part, in a merger, sale, acquisition, divestiture, restructuring, reorganization, dissolution, bankruptcy or other change of ownership or control.
  • Regulators or law enforcement agencies: we may disclose your personal information if reasonably necessary with regulators, law enforcement agencies or where mandatory under a court order: (i) to comply with a legal process, such as a court order, subpoena or search warrant, government / law enforcement investigation or other legal requirements; (ii) to assist in the prevention or detection of crime (subject in each case to applicable law); or (iii) to protect the safety of any person.
  • To enforce our legal rights: we may also share your personal data: (i) if disclosure would mitigate our liability in an actual or threatened lawsuit; (ii) as necessary to protect our legal rights and legal rights of our users, business partners or other interested parties; (iii) to enforce our agreements with you; and (iv) to investigate, prevent, or take other action regarding illegal activity, suspected fraud or other wrongdoing.
  • With other entities within the Group: when it is necessary for operational reasons such as the use of a group-wide logistics and IT infrastructure and for any administrative purposes to organise, develop and deliver our services, run our organisation and decide on future strategies.

You can ask us for more information about these organisations by contacting us using the details at the top of this policy.

Where do we store your information?

We will not transfer or store your personal data outside of the European Economic Area (EEA) (or the UK to the extent the UK is no longer part of the EU), except to selected third parties that we have instructed to help us provide the services to you.

If we do transfer or store your personal data outside of the EEA, we will ensure we have put adequate measures in place in order to protect your personal data to an equivalent data protection standard as in the UK and the EEA.

We will only share your personal data with countries and organisations that:

  • The European Commission has deemed as having equivalent data protection laws as in the EEA; or
  • We have entered into a contract with which include certain requirements to make sure your personal data is protected to equivalent standards as in the EEA and the UK.

If there are any other circumstances which would require us to transfer your personal data outside of the EEA (or the UK to the extent the UK is no longer part of the EU), we will seek your consent to transfer your personal data outside of the EEA.

You can ask us for more information about where we may transfer or store your personal data and how we will take steps to ensure your personal data is protected by using the contact details in section 3 of this policy.

How do we keep your personal data secure?

We will ensure we put security measures in place to protect your personal data from being destroyed, lost or shared with somebody that should not see it. However, we cannot guarantee your personal data will be free from every security risk that may be possible when your information is sent to and from the Website.

Where we have given you (or where you have chosen) a password which enables you to access certain parts of our services, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.

The Website may include links to third-party websites which may collect your personal data. We have no control over what these websites do with your personal data. Please check the policies on these websites which will tell you what they do with your personal data.

How do we use cookies?

We use cookies or other similar technologies to capture certain data when you interact with the Website. For further information on our use of cookies, please see our Cookie Policy.

How long do we keep your information for?

We will only keep your personal data for as long as is necessary for us to do so for the reasons we collected it for in the first place as set out in this Privacy Policy or as otherwise required by applicable laws. We store your personal data in line with legal, regulatory, financial and good-practice requirements.

If you want further information on how long we keep your personal data, please contact us using the details set out in section 3 of this policy.

What are your rights in relation to your personal data?

As a result of us collecting and processing your personal data, you may have the following legal rights:

  • To access the personal data we hold about you and request a copy of it;
  • To ask us to correct your personal data if it inaccurate or incomplete;
  • To ask us to delete your personal data where we do not have a compelling reason to continue to process your personal data in such circumstances;
  • To ask us to stop using your personal data in certain circumstances where there is no need for us to continue processing it in certain circumstances;
  • To ask us to only use your personal data for certain things if: it is not accurate; it has been used unlawfully; or it is not relevant for the purposes it was initially collected for; and/or
  • To ask us to stop using your personal data to send you marketing emails.

If you want to exercise any of the rights listed above at any time, please contact us using the details in section 3 of this policy.

We will respond to all requests that we receive from users in accordance with applicable data protection laws. We may ask you to provide proof of identity before we can answer the above requests. In some cases, we may reject requests for certain reasons (for example, if the request is unlawful).

How can you make a complaint?

You also have the right to make a complaint about how we have used your personal data to:

  • Us - by contacting us by email or post using the details in section 3 of this policy and we will always try to help you with your problem in the first instance.

If you’re still not happy with how we have dealt with your complaint, you can contact:

  • A data protection regulator; or
  • The national courts – to seek a remedy if you think that your rights in relation to your personal data have been breached.

Changes to this Privacy Policy

We may need to change this Privacy Policy as our Service develops and offers you more exciting features or if the law changes. We will let you know if any important changes are made, otherwise, we will always display the latest version of our policy on our Website.

Certified by Ministry of Hajj & Umrah