Our experts will understand your specific requirements & prepare the best package suiting you
Welcome to the Zamzam.com (“Zamzam”) privacy policy. “ZAMZAM E TRAVEL SERVICES DMCC” owns and operates the booking platform which can be accessed on zamzam.com (the “Platform”) and the Zamzam smartphone app for iOS and Android devices (the “App”), collectively referred to as the Zamzam “Service”.
We have developed the Zamzam Service to enable travel agents (“Travel Agents”) to book hotels, flights and travel services with our selected hotels, airlines, tour operators, car rental companies, cruise lines and private transfer providers (“Suppliers”), in real time, on behalf of their end customers (“Customers”).
We are committed to protecting and respecting the privacy of the users of the Service. This privacy policy (“Privacy Policy”) sets out the basis on which (i) your personal data, as a Travel Agent or Supplier or any representatives that you authorise to use the Service on your behalf, will be processed by us as a controller and (ii) your Customers’ personal data will be processed by us as a processor. Please read the Privacy Policy carefully to understand how we will use your personal data.
If you have any questions about your personal data, how we look after it or if there are any changes to your personal data, please email us at dpo@zamzam.com;
Controller
If you visit our register on our Platform, or download our App as a Travel Agent or Supplier, we may use your or your representatives’ personal data in connection with your request for or use of our Services. In order to use the Services, you must accept our Terms and Conditions which are available here https://zamzam.com/terms/. Where this is the case, in accordance with UK and European Economic Area (“EEA”) data protection laws, we will be the controller of the personal data that you provide to us or that we collect from you. We will be responsible for safeguarding your personal data which will be processed in accordance with this Privacy Policy.
Processor
Our Service is intended for use by Travel Agents and Suppliers. However, our Service provides the functionality for Travel Agents to input and collect information about their Customers which is then sent to our Suppliers. Where we process any Customer personal data, our role will be limited to that of an intermediary and we will be considered a processor in accordance with UK and EEA data protection laws. We will be processing Customer personal data on behalf of Travel Agents, who will be the controllers of any Customer personal data, under the terms and conditions that we have in place with the Travel Agents. The Travel Agents will be responsible for the processing of Customer personal data on our Platform or App which will be processed in accordance with their own privacy policies. For example, a Travel agent may input Customer personal data in order to search for a hotel and send an email to the Customer’s email address to provide a quotation or send a voucher for the reservation.
We may also collect, use and share aggregated data such as statistical or demographic data for any purpose. Aggregated data could be derived from your personal data but is not considered personal data in law as this data will not directly or indirectly reveal your identity. For example, we may aggregate Customer personal data from confirmed bookings for internal reporting purposes.
When you use the Service, we may collect, use, store, transfer and otherwise process the following types of data depending on your relationship with us:
TRAVEL AGENT/ SUPPLIER
| Category of data | Types of data collected |
|---|---|
| Business representative contact details |
When you register for our Service on behalf of your organisation, you may be required to provide us with your:
|
| Company Data |
|
| Billing Data |
|
| Feedback and Enquiry | Information about you from correspondence that you send to us, any conversations between us and any feedback you give to us. |
| Marketing and Communications Data | Information about your preferences in receiving marketing material from us and your communication preferences. |
| Technical Data |
We may automatically collect the following types of information when you use our Services:
|
| Usage Data | We may generate information about how you navigate and engage with our Services and download materials and online activity data such as clickstream data, page interaction information, your preferences (including country and language) and methods used to browse away from our content or Services. |
The law treats some types of personal data about you as “special” and such data requires more protection because of its sensitive nature. This includes information about your race, religion, health, sex life, sexual orientation or criminal offences. We will only collect or use this type of personal data (a) with your explicit consent or (b) if the law requires us to do so.
TRAVEL AGENT/ SUPPLIER
The Travel Agent may choose to input, collect or use some or all of the following types of the data from their Customers when using our Service:
| Category of data | Types of data collected |
|---|---|
| Identity and contact data |
|
| Payment Data |
|
| Special requirements Data |
|
We collect personal data in different ways, depending on whether you are Travel Agent or Customer, including:
TRAVEL AGENT
CUSTOMER
We collect your personal data so that we can provide you with our Services. We will only use your personal data where we have a valid lawful basis to do so. We have included a table below which lists all the ways in which we use your personal data and the lawful basis we rely on to do so.
Where we mention “legitimate interests”, this is the lawful basis we rely on when we feel that it is necessary to use your personal data for a reason which is in our and/or your interests and which does not unfairly affect your rights over your personal data.
TRAVEL AGENT / SUPPLIER
| What we use your personal data for | What personal data we use | The lawful basis that we rely on to use your personal data |
|---|---|---|
| To provide our Services to you, including registering your account on the Platform and App |
|
Performing our contract with you. |
| To send you information about our Services which you have requested by contacting us |
|
To take necessary steps at your request prior to entering into a contract with you. |
To provide our customer service to you:
|
|
|
| To use data analytics to improve our Platform, App, products and services, marketing, user and customer relationships and experiences |
|
Our legitimate interests of understanding you better to provide a better service to you for your benefit. |
| To monitor operations, user activity and networks for fraud prevention and crime detection. |
|
|
|
To send you marketing communications if you would like to receive them. We will only send you marketing communications about Zamzam products/services that we consider may be of interest to you. |
|
Your express consent (where legally required to do so) If you are:
If you change your mind about this, you can withdraw your consent at any time by clicking on the “unsubscribe” link at the bottom of each email. If you choose to withdraw your consent to receiving these marketing emails, we will still be able to send you service emails that are necessary for our relationship with you. |
| To share your information with our third-party service providers which facilitate the provision of our Services such as our Suppliers (if you are a Travel Agent) and our Travel Agents (if you are a Supplier) and the fulfilment of essential service functions, such as web hosting, cloud storage, analytics, marketing, accounting, security tools. |
|
|
| To share data with another organisation in the context of a joint venture, collaboration, financing, sale, merger, reorganisation or similar event relating to our business. |
|
|
|
We are required to comply with certain legal and regulatory requirements and may process your personal data for compliance with such legal or regulatory obligation, to which we or regulators or law enforcement agencies are subject. To establish, exercise or defend legal claims. |
|
|
CUSTOMER
| What we use your personal data for | What personal data we use | The lawful basis that we rely on to use your personal data |
|---|---|---|
| To provide our Services to Travel Agents that have registered an account with us, including enabling registered Travel Agents to input Customer personal data on the Platform/App for the purposes of fulfilling a booking for one of our travel services. |
|
Not applicable. We only use your personal data on behalf of our registered Travel Agents and in accordance with their instructions. |
| To contact you in exceptional circumstances where the Travel Agent is unable to contact you. |
|
Not applicable. We only use your personal data on behalf of our registered Travel Agents and in accordance with their instructions. |
We will only use your personal data for the reasons we have set out above. If we need to use your personal data for any other reason, we will let you know and tell you the reason along with the relevant lawful basis, unless the law prevents us from doing so.
We may share your personal data with other organisations so we can provide our Service to you and comply with our legal duties. We have set out below who these organisations are and the reasons for sharing your personal data with such organisations.
You can ask us for more information about these organisations by contacting us using the details at the top of this policy.
We may also need your share your personal data to comply with the law; to enforce our Terms and Conditions; to protect the rights, property or safety of us, other Platform or App users or other individuals/organisations; or where you have given us your consent to do so.
We will not transfer or store your personal data outside of the European Economic Area (EEA) (or the UK to the extent the UK is no longer part of the EU), except to selected third parties that we have instructed to help us provide the services to you.
If we do transfer or store your personal data outside of the EEA, we will ensure we have put adequate measures in place in order to protect your personal data to an equivalent data protection standard as in the UK and the EEA.
We will only share your personal data with countries and organisations that:
If there are any other circumstances which would require us to transfer your personal data outside of the EEA (or the UK to the extent the UK is no longer part of the EU), we will seek your consent to transfer your personal data outside of the EEA.
You can ask us for more information about where we may transfer or store your personal data and how we will take steps to ensure your personal data is protected by using the contact details in section 3 of this policy.
We will ensure we put security measures in place to protect your personal data from being destroyed, lost or shared with somebody that should not see it. However, we cannot guarantee your personal data will be free from every security risk that may be possible when your information is sent to and from the Platform or App.
The Platform or App may include links to third-party websites which may collect your personal data. We have no control over what these websites do with your personal data. Please check the policies on these websites which will tell you what they do with your personal data.
We use cookies or other similar technologies to capture certain data when you interact with the Platform or App. For further information on our use of cookies, please see our Cookie Policy.
We will only keep your personal data for as long as is necessary for us to do so for the reasons we collected it for in the first place.
TRAVEL AGENT
Generally, we will keep your personal data for as long as you are a registered for our Services and have an account with us.
After this, we may keep your personal data for up to 3 years (or longer where the law requires). This is so we can:
If you want to exercise any of the rights listed above at any time, please contact us using the details in section 3 of this policy.
CUSTOMER
We will only keep Customer personal data for a 12 month period to comply with the rules on accounting, reporting or any other law or the period determined by the relevant Travel Agent which is the controller of the Customer personal data. For details on how long the relevant Travel Agent keeps your personal data for, please contact them or read their privacy policies.
In certain circumstances, we may aggregate your personal data (so that it will no longer identify you) for research, analytical or statistical purposes, in which case we may use this information indefinitely without further notice to you.
If you want further information on how long we keep your personal data, please contact us using the details set out in section 3 of this policy.
As a result of us collecting and processing your personal data, you may have the following legal rights:
If you want to exercise any of the rights listed above at any time, please contact us using the details in section 3 of this policy.
You also have the right to make a complaint about how we have used your personal data to:
If you’re still not happy with how we have dealt with your complaint, you can contact:
We may need to change this Privacy Policy as our Service develops and offers you more exciting features or if the law changes. We will let you know if any important changes are made, otherwise, we will always display the latest version of our policy on our Platform and App.
Welcome to the Zamzam website privacy policy. (“Zamzam”) is a provider of a B2A (Business to Agent) travel portal (the “Platform”) that allows registered travel agents (“Travel Agents”) to book hotels, flights and other travel services with our selected hotels, airlines, tour operators, car rental companies, cruise lines and private transfer providers (“Suppliers”) in real time on behalf of their end customers (“Customers”). References in this privacy policy (“Privacy Policy”) to “we”, “our”, or “us” are references to Zamzam. We operate the Zamzam website available at https://zamzam.com/ (the “Website”) to promote and provide further information and content about the Zamzam Platform and to provide you with the opportunity to register to use the Platform and receive information and promotional materials about those services.
We are committed to protecting and respecting the privacy of the users of the Service. This Privacy Policy sets out the basis on which your personal data, as a visitor of our Website, will be processed by us as a controller. If you visit our Website, we may use your personal data in connection with your request for or use of our services. In accordance with UK and European Economic Area (“EEA”) data protection laws, we are the controller of the personal data that you provide to us or that we collect from you. We are responsible for safeguarding your personal data which will be processed in accordance with this Privacy Policy. Please read the Privacy Policy carefully to understand how we will use your personal data.
Once you have created an account for our Platform, any personal data that we process of our Suppliers, Travel Agents, and their Customers will be governed by our Platform Privacy Policy.
If you have any questions about your personal data, how we look after it or if there are any changes to your personal data, please email us at dpo@zamzam.com ;
When you access the Website, you may provide us with personal data, and we may collect and process such personal data in accordance with this Privacy Policy.
We will only use your personal data where we have a valid lawful basis to do so. We have included a table below which lists all the ways in which we use your personal data and the lawful basis we rely on to do so.
Where we mention “legitimate interests”, this is the lawful basis we rely on when we feel that it is necessary to use your personal data for a reason which is in our and/or your interests and which does not unfairly affect your rights over your personal data.
| What personal data do we process? | Why do we process this personal data? | What is our lawful basis for processing? |
| Information you give us | ||
|
Identity Data: this may include your full name, geographical location and other personal identifiers. Additional data may be collected about you from the correspondence that you send to us, any conversations you have with us and any feedback you give us. Admin Contact Data: this may include your professional email address, phone number(s), postal address and any other contact details you may choose to provide to us. Company Data: this may include information about the company you work for including the company name, email address, phone number and postal address. |
|
If you change your mind about this, you can withdraw your consent at any time by clicking on the “unsubscribe” link at the bottom of each email. If you choose to withdraw your consent to receiving these marketing emails, we will still be able to send you service emails that are necessary for our relationship with you. |
| Information automatically collected when you browse our Website | ||
|
Technical Data: we may automatically collect data regarding general technical use of the Website, such as your IP address, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform. We may also receive technical data about you if you visit other websites through the Website using our cookies. For more information about cookies, please see our Cookie Policy. Usage Data: we may generate information about how you navigate and engage with our Website and download materials and online activity data such as clickstream data, page interaction information, your preferences (including country and language) and methods used to browse away from our content or Website. Location: we can identify the country that you are located in based on your IP address. |
|
|
We will only use your personal data for the reasons we have set out above. If we need to use your personal data for any other reason, we will let you know and tell you the reason along with the relevant lawful basis, unless the law prevents us from doing so.
By using the Website, we may need to disclose your personal data to the following categories of third parties in limited circumstances so that we can operate our Website and comply with our legal duties.
You can ask us for more information about these organisations by contacting us using the details at the top of this policy.
We will not transfer or store your personal data outside of the European Economic Area (EEA) (or the UK to the extent the UK is no longer part of the EU), except to selected third parties that we have instructed to help us provide the services to you.
If we do transfer or store your personal data outside of the EEA, we will ensure we have put adequate measures in place in order to protect your personal data to an equivalent data protection standard as in the UK and the EEA.
We will only share your personal data with countries and organisations that:
If there are any other circumstances which would require us to transfer your personal data outside of the EEA (or the UK to the extent the UK is no longer part of the EU), we will seek your consent to transfer your personal data outside of the EEA.
You can ask us for more information about where we may transfer or store your personal data and how we will take steps to ensure your personal data is protected by using the contact details in section 3 of this policy.
We will ensure we put security measures in place to protect your personal data from being destroyed, lost or shared with somebody that should not see it. However, we cannot guarantee your personal data will be free from every security risk that may be possible when your information is sent to and from the Website.
Where we have given you (or where you have chosen) a password which enables you to access certain parts of our services, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.
The Website may include links to third-party websites which may collect your personal data. We have no control over what these websites do with your personal data. Please check the policies on these websites which will tell you what they do with your personal data.
We use cookies or other similar technologies to capture certain data when you interact with the Website. For further information on our use of cookies, please see our Cookie Policy.
We will only keep your personal data for as long as is necessary for us to do so for the reasons we collected it for in the first place as set out in this Privacy Policy or as otherwise required by applicable laws. We store your personal data in line with legal, regulatory, financial and good-practice requirements.
If you want further information on how long we keep your personal data, please contact us using the details set out in section 3 of this policy.
As a result of us collecting and processing your personal data, you may have the following legal rights:
If you want to exercise any of the rights listed above at any time, please contact us using the details in section 3 of this policy.
We will respond to all requests that we receive from users in accordance with applicable data protection laws. We may ask you to provide proof of identity before we can answer the above requests. In some cases, we may reject requests for certain reasons (for example, if the request is unlawful).
You also have the right to make a complaint about how we have used your personal data to:
If you’re still not happy with how we have dealt with your complaint, you can contact:
We may need to change this Privacy Policy as our Service develops and offers you more exciting features or if the law changes. We will let you know if any important changes are made, otherwise, we will always display the latest version of our policy on our Website.
