Privacy Policy

Last updated: 02.02.2026

This Privacy Policy (hereinafter referred to as the “Policy”) details the critical aspects governing your personal data relationship with ‘Travel Atelier by PH LLC‘ (hereinafter referred to as ‘Travel Atelier by PH LLC‘, ‘we‘, ‘us‘, or ‘our‘) which is owned and operated by ‘Travel Atelier by PH LLC‘, having license number 2113466.01, with registered office at Sharjah Media City, Sharjah, UAE and describes how we collect, use, store, and share personal data in connection with our luxury travel concierge services, which we provide primarily offline through direct client communications (email, phone, messaging, and in-person meetings) and coordination with hotels, airlines, destination management companies (DMCs), chauffeurs, and other suppliers.

We may occasionally make changes to the Policy by publishing the changes on our website. We hold the sincere belief that you should always know what data we collect from you, and the purposes for which such data is used. We also believe that you should have the ability to make informed decisions about what data you want to share with us. Therefore, we are fully transparent about how and why we collect, store, share and use your personal data through the various capacities in which you interact with us.

Your personal data relationship with Travel Atelier by PH LLC based on the capacity in which you interact with us and/or avail our products and services (collectively referred to as the “Services”), such as when you:

1. (1) Are a visitor to https://www.travel-atelier.com or any of our websites that link to this Policy (collectively referred to as the “Website”) or any pages thereof (in such instance you are referred to as a “Visitor”);
2. (2) Engage with us in other related ways, including any sales, marketing, or events or when you engage us to plan, arrange, book, and manage travel and related concierge services for you and/or other travelers in your party.

This Policy is a part of and should be read in conjunction with our Terms of Use and will clarify the rights available to you vis-à-vis the personal data you share with us. We handle all personal data according to the laws of the UAE Federal Decree-Law No. 45 of 2021 on Personal Data Protection (as amended and its implementing regulations, where applicable) (“UAE PDPL”). Where the EU/EEA GDPR (or UK GDPR) applies to our processing (for example, if we offer goods/services to individuals in the EU/EEA/UK or monitor their behaviour), we also process Personal Data in accordance with those laws for that processing activity. If GDPR does not apply to you or our processing, references to GDPR do not create obligations beyond applicable law.

If you have any queries or concerns with this Policy, please contact “Travel Atelier by PH LLC” Sharjah Media City, Sharjah, UAE, Email: paul@travel-atelier.com. If you do not agree with this Policy, please do not provide personal data to us and do not use our Services.

1. 1. 1. WHAT INFORMATION DO WE COLLECT?
      
      The information that we collect depends on the context of your interactions with us through our Website and Services, the choices you make, and the products and features you use. All personal information that you provide to us must be true, complete, and accurate, and you must notify us of any changes to such personal information.
      
      
      1. (A) INFORMATION THAT IS AUTOMATICALLY COLLECTED
         We automatically collect certain information when you visit, use, or navigate our Website or try to connect to our Services. This information does not reveal your specific identity (like your name or contact information) but may include device and usage information, such as your IP address, browser and device characteristics, operating system, language preferences, referring URLs, device name, country, information about how and when you use our Services, and other technical information. This information is primarily needed to maintain the security and operation of our Services, and for our internal analytics and reporting purposes. We also collect information through cookies and similar technologies as described in Section 4.
         
         The information we collect includes:
         
         
         1. (1) Log and Usage Data: Log and usage data is service-related, diagnostic, usage, and performance information our servers automatically collect when you access or use our Website and which we record in log files. Depending on how you interact with us, this log data may include your IP address, device information, browser type, and settings and information about your activity on the Website (such as the date/time stamps associated with your usage, pages and files viewed, searches, and other actions you take such as which features you use), device event information (such as system activity, error reports (sometimes called ‘crash dumps’), and hardware settings).
         2. (2) Device Data: We collect device data such as information about your computer, phone, tablet, or other device you use to access our Website. Depending on the device used, this device data may include information such as your IP address (or proxy server), device and application identification numbers, browser type, hardware model, Internet service provider, operating system, and system configuration information.
         3. (3) Location Data: As a general rule, we do not collect precise geolocation data for our offline concierge model. If our Website uses standard IP-based location inference for security/analytics purposes, you can control certain aspects through your browser/device settings and cookie choices (see Section 4).
   2. (B) PERSONAL INFORMATION THAT YOU DISCLOSE TO US
      We collect personal information that you voluntarily provide to us when you, express an interest in obtaining information about us or our products and Services, when you participate in activities on the Services, or otherwise when you contact us or engage us to arrange travel and related services.
      
      
      1. (1) Your name, age, gender, phone number, e-mail address, mailing address;
      2. (2) Your travel preferences and trip-related information that you choose to share with us (for example, itinerary preferences, hotel/room preferences, seating preferences, special requests);
      3. (3) Credit card/debit card/other payment mode information to facilitate payments for our Services, and billing addresses.
      4. (4) Passport, visa, and guest/traveler details (as required for bookings and travel): We may collect and process passport copies and passport details (such as passport number, nationality, date of birth, and expiry date), visa information, residency/entry permit information (where required), and guest/traveler details (for example, full names as they appear on travel documents, rooming lists, and emergency contact details) to arrange and manage bookings and travel services.
      5. (5) Sensitive or special category data (only where necessary and you provide it): Depending on your requests, we may process information such as dietary requirements (including allergies), accessibility needs, or limited health-related information to coordinate services with suppliers.
   3. (C) PAYMENT DATA
      We may collect data necessary to process your payment if you make purchases, such as your payment instrument number, and the security code associated with your payment instrument. We do not store full card numbers and CVV ourselves unless expressly stated and lawfully permitted; payment processing is handled by our payment provider(s).
   4. 2. HOW DO WE PROCESS OR USE YOUR INFORMATION?
      
      We process your personal information for a variety of reasons, depending on how you interact with our Websites, and/or Services, including:
      
      
      1. (1) To provide concierge travel services – We may process your information to plan, arrange, book, confirm, change, and manage travel and related services for you and/or travelers in your party (including flights, hotels, transfers, excursions, dining, and other itinerary elements).
      2. (2) To deliver and facilitate delivery of services to the user – We may process your information to provide you with the requested service.
      3. (3) To respond to user inquiries/offer support to users – We may process your information to respond to your inquiries and solve any potential issues you might have with the requested service and to send booking confirmations, itineraries, invoices, and service communications.
      4. (4) To send administrative information to you – We may process your information to send you details about our products and services, changes to our terms and policies, and other similar information.
      5. (5) To coordinate with travel suppliers and partners – We may process and share relevant information with hotels, airlines, DMCs, tour operators, restaurants, venues, chauffeurs/transfer providers, and other suppliers as required to fulfill bookings, special requests, and service delivery (see Section 8).
      6. (6) To request feedback – We may process your information when necessary to request feedback and to contact you about your use of our Website and/or Services.
      7. (7) To send you marketing and promotional communications – We may process the personal information you send to us for our marketing purposes, if this is in accordance with your marketing preferences. You can opt out of our marketing emails at any time.
      8. (8) To protect our Services – We may process your information as part of our efforts to keep our Services safe and secure, including fraud monitoring and prevention.
      9. (9) To identify usage trends – We may process information about how you use our Website, and/or Services to better understand how they are being used so we can improve them.
      10. (10) To measure the effectiveness of our communications – where applicable, we may measure general engagement with our communications (for example, whether an email was delivered/opened), subject to applicable law and your choices.
      11. (11) To save or protect an individual’s vital interest – We may process your information when necessary to save or protect an individual’s vital interest, such as to prevent harm.
      12. (12) To improve our operations and service quality – we may use data in aggregated and/or de-identified form to improve our internal processes and service quality.
      13. (13) To make payments for our Services – We use this data to enable you to make payments for our Services. We use a third-party service provider to manage payment processing.
      14. (14) To comply with travel, immigration, and supplier requirements – We may process passport/visa and traveler details to meet airline/hotel requirements, immigration/border control requirements, and destination-specific rules, where applicable.
      15. (15) Cross-border travel operations – Because travel is international, we may process and transfer personal data across borders as necessary to arrange and deliver Services (see Section 8 and Section 8A).
   5. 3. LEGAL BASES TO PROCESS YOUR INFORMATION
      
      We may rely on the following legal bases to process your personal information:
      
      
      1. (1) Consent – We may process your information if you have given us permission (i.e., consent) to use your personal information for a specific purpose. You can withdraw your consent at any time.
      2. (2) Performance of a Contract – We may process your personal information when we believe it is necessary to fulfil our contractual obligations to you, including providing our Services or at your request prior to entering into a contract with you.
      3. (3) Legitimate Interests – We may process your information when we believe it is reasonably necessary to achieve our legitimate business interests and those interests do not outweigh your interests and fundamental rights and freedoms. For example, we may process your personal information for some of the purposes described in order to:
         
         
         1. (a) Send users information about special offers and discounts on our products and services;
         2. (b) Maintain and improve our service offerings and communications (without behavioural advertising tracking);
         3. (c) Analyse how our Services are used so we can improve them to engage and retain users;
         4. (d) Support our marketing activities;
         5. (e) Diagnose problems and/or prevent fraudulent activities;
         6. (f) Understand how our users use our products and services so we can improve user experience.
      4. (4) Legal Obligations – We may process your information where we believe it is necessary for compliance with our legal obligations, such as to cooperate with a law enforcement body or regulatory agency, exercise or defend our legal rights, or disclose your information as evidence in litigation in which we are involved.
      5. (5) Vital Interests – We may process your information where we believe it is necessary to protect your vital interests or the vital interests of a third party, such as situations involving potential threats to the safety of any person.
   6. 4. COOKIES AND TRACKING TECHNOLOGIES THAT WE USE
      
      We may use cookies and similar tracking technologies (like web beacons and pixels) to access or store information.
      
      Cookies are text files which are sent from our server and downloaded to your device when you visit our Website. They are useful because they allow us to recognize your device when you return. You can disable them through your browser should you so wish. They are useful because they allow us to recognize your device when you return.
      
      Web beacon (also known as Clear GIF, Web Bugs or Pixel Tag) is a tiny picture file embedded on the Website that tracks your behavior and navigation. It is similar to a cookie in what it does, but it does not get downloaded on to your device. We use web beacons to manage cookies, record visits, and to learn marketing metrics. We also use web beacons to track and monitor email opening rates as well as link clicks.
      
      Usually, browsers have default setting to accept cookies until you change your browser settings. You can choose to reject and remove cookies from our Website by changing your browser settings. If you reject or remove our cookies, it could affect how our Website works.
      
      Use of Cookies
      
      When you use our Website, we use cookies and similar technologies to provide you with a better, faster and safer user experience. Cookies are small text files that are automatically created by your browser and stored on your device when you use the Website.
      
      The cookies and similar technologies used in connection with the services which the Website is providing have different functions listed below:
      
      • They may be technically necessary for the provision of our services.
      • They help us optimize our Services technically (e.g. monitoring of error messages and loading times).
      • They help us improve your user experience (e.g. save font size and form data entered).
      • They may help us understand, at a high level, which pages are most useful so we can improve our Website content and communications.
      • They allow us to show you more relevant marketing and promotional information.
      • They help us in understanding and keep track of your preferences.
      • They also help us in analyzing the performance of our services.
      
      You are also free to disable the use of cookies and similar technologies if this is supported by your device. You can manage your cookie settings in your browser or device settings. We use cookies to see which parts of our Website are used Visitors and to record the number of visits to our Website.
   7. 5. INFORMATION WE GET FROM OTHERSWe may receive data about you from other sources i.e your authorized representatives (for example, executive assistants, family office, corporate travel arrangers), and such data may be added to our records from time to time. Such data may information necessary to arrange travel services (for example, traveller names, preferences, passport details, and booking requirements) as provided by you or your authorized representative.
   8. 6. RETENTION OF DATAWe will store any personal data we collect from you as long as it is necessary, unless a longer retention period is required or permitted by law (such as tax, accounting, or other legal requirements), in order to facilitate your use of the Services and for ancillary legitimate and essential business purposes – these include, without limitation, for improving our Services, attending to technical issues, and dealing with disputes.

      Your personal data will primarily be stored in electronic form. We may enter into agreement with third parties to collect, store, process your personal data but under full compliance with applicable laws. We may need to retain your personal data even if you seek deletion thereof, if it is needed to comply with our legal obligations, resolve disputes and enforce our agreements.

      If you stop using our Services, we may, unless legally prohibited, delete or anonymize personal data in accordance with this Section 6 and applicable law, noting that certain booking, financial, and compliance records may need to be retained.

      When we have no ongoing legitimate business need to process your personal information, we will either delete or anonymize such information, or, if this is not possible (for example, because your personal information has been stored in backup archives), then we will securely store your personal information and isolate it from any further processing until deletion is possible.

   9. 7. SHARING YOUR INFORMATION
      
      In the ordinary course of business, we may employ other companies and people to assist us in providing certain components of our Services in compliance with the provisions of this Policy. To do so, we may need to share your data with them. This includes sharing relevant personal data with travel service providers to arrange and manage bookings and travel services for you and/or other travelers in your party. Additionally, we may also need to share your data in the following situations:
      
      
      1. (1) Business Transfers – We may share or transfer your information in connection with, or during negotiations of, any merger, sale of company assets, financing, or acquisition of all or a portion of our business to another company.
      2. (2) Travel suppliers and partners (bookings and trip delivery) – We may share personal data as necessary to plan, arrange, book, confirm, change, and deliver travel and concierge services, including with hotels, airlines, rail operators, cruise operators, destination management companies (DMCs), tour/activity providers, restaurants/venues (where you request reservations), and other suppliers. This may include, where required for the booking or by law, passport details/copies, visa information, full names as shown on travel documents, nationality, date of birth, guest lists/rooming lists, itinerary details, and special requests (for example dietary or accessibility requirements).
      3. (3) Ground transportation and logistics – We may share relevant information with chauffeurs, transfer providers, and other logistics providers (for instance, traveler name, pickup/drop-off location, flight number, and timing).
      4. (4) Professional and operational service providers – We may share information with service providers supporting our operations (for payment processors, banks, IT and email service providers, professional advisors and auditors), solely as needed for them to provide services to us.
      5. (5) Authorized representatives – Where you instruct us or where reasonably necessary, we may share trip details and confirmations with your executive assistant, family office, employer, or other authorized contact. We have not disclosed, sold, or shared any personal information to third parties for a business or commercial purpose in the preceding twelve (12) months, and will not sell or share personal information in the future belonging to website visitors, users, and other consumers. For clarity, we do not “sell” personal data. We share personal data with suppliers and service providers only as necessary to provide the Services, comply with law, and operate our business.
      6. (6) CROSS-BORDER DATA TRANSFERS (INTERNATIONAL TRAVEL) – Our Services often involve international travel and international suppliers. As a result, your personal data may be transferred to, stored in, or accessed from countries outside the UAE and/or outside your country of residence (for instance, when we send guest details to a hotel, airline, DMC, or other supplier located abroad). Such countries may have different data protection laws. Where required by applicable law, we implement appropriate safeguards for cross-border transfers.

1. 8. THIRD PARTY LINKSWe may display links to third-party websites on our Website for advertising or providing you with relevant content. We will not be responsible for such third-party websites or applications if you choose to access them. If you provide any data to such website, please ensure you read their policies given that you will no longer be bound by this Policy in doing so. We may receive data whenever you visit a third-party link through our Website which includes the date and time of your visit to the third-party website, the web address or URL, technical information about the IP address, browser and the operating system you use and, where applicable, limited referral information.
2. 9. SECURITY OF YOUR INFORMATIONWe have implemented appropriate and reasonable industry-standard technical and organizational security measures designed to protect the security of any personal information we process by using a variety of security technologies and procedures to help protect your data from unauthorized access, use, loss, destruction, or disclosure. When we collect particularly sensitive data (such as a credit card or passport/visa information), it is encrypted using industry-standard cryptographic techniques where feasible and appropriate. We recommend you use secure channels when transmitting sensitive documents (for example, passport copies).

   However, despite our safeguards and efforts to secure your information, no electronic transmission over the Internet or information storage technology can be guaranteed to be 100% secure, so we cannot promise or guarantee that hackers, cybercriminals, or other unauthorized third parties will not be able to defeat our security and improperly collect, access, steal, or modify your information. Although we will do our best to protect your personal information, transmission of personal information to and from our Services is at your own risk. You should only access the Services within a secure environment. we shall not be responsible for any breach of security or the disclosure of personal data for reasons outside our control, such as hacking, social engineering, cyber terrorism, espionage by third parties, or any events by way of force majeure such as sabotage, fire, flood, explosion, acts of God, civil commotion, strikes or industrial action of any kind, riots, insurrection, war or acts of government.

3. 10. YOUR PRIVACY RIGHTSYour privacy rights under various laws are described below, however, failure to mention any such right is unintentional and shall not be considered as a breach:
   
   1. (1) Right to be Informed – You have a right to be informed about:
      
      1. (a) whether we collect and use your personal information;
      2. (b) the categories of personal information that we collect;
      3. (c) the purposes for which the collected personal information is used;
      4. (d) the manner in which any of your personal data is collected or used;
      5. (e) whether we sell or share personal information to third parties;
      6. (f) the categories of personal information that we sold, shared, or disclosed for a business purpose;
      7. (g) the categories of third parties to whom the personal information was sold, shared, or disclosed for a business purpose;
      8. (h) the business or commercial purpose for collecting, selling, or sharing personal information; and
      9. (i) the specific pieces of personal information we collected about you.
   2. (2) Right of Access – You have a right to access the personal data you have provided by requesting us to provide you with the same.
   3. (3) Right of Rectification – You have a right to request us to amend or update your personal data if it is inaccurate or incomplete.
   4. (4) Right to Erasure – You have a right to request us to delete your personal data. If you ask us to delete your personal information, we will respect your request and delete your personal information, subject to certain exceptions provided by law, such as (but not limited to) the exercise by another consumer of his or her right to free speech, our compliance requirements resulting from a legal obligation, or any processing that may be required to protect against illegal activities.
   5. (5) Right to Restrict – You have a right to request us to temporarily or permanently stop processing all or some of your personal data.
   6. (6) Right to Object – You have a right, at any time, to object to our processing of your personal data under certain circumstances. You have an absolute right to object to us processing your personal data for the purposes of direct marketing.
   7. (7) Right to Data Portability – You have a right to request us to provide you with a copy of your personal data in electronic format and you can transmit that personal data for using another third-party’s product/service.
   8. (8) Right not to be subject to Automated Decision-Making – You have a right to not be subject to a decision based solely on automated decision making, including profiling.
   9. (9) Right to Non-Discrimination for the exercise of Privacy Rights – We will not discriminate against you if you exercise your privacy rights.
   10. You can make any such request for exercising your rights by contacting us through paul@travel-atelier.com, whose details are provided in the end. We will consider and act upon any request in accordance with applicable data protection laws.
   11. Withdrawing your consent: If we are relying on your consent to process your personal information, which may be express and/or implied consent depending on the applicable law, you have the right to withdraw your consent at any time. You can withdraw your consent at any time by contacting us at paul@travel-atelier.com. However, please note that this will not affect the lawfulness of the processing before its withdrawal nor, when applicable law allows, will it affect the processing of your personal information conducted in reliance on lawful processing grounds other than consent.
   12. Opting out of marketing and promotional communications: You can unsubscribe from our marketing and promotional communications at any time by clicking on the unsubscribe link in the emails that we send, or by contacting us at paul@travel-atelier.com. You will then be removed from the marketing lists. However, we may still communicate with you — for example, to send you service-related messages that are necessary for the administration of your travel bookings and requested services, to respond to your requests, or for other non-marketing purposes.
   13. Rectification or Account termination:
       If you would at any time like to review, correct, or request deletion of your personal information, you can contact us using the contact information provided. Upon your request, we will delete or anonymize your information from our active systems where legally permissible. However, we may retain certain information where required to prevent fraud, troubleshoot problems, assist with investigations, enforce our legal terms, and comply with applicable legal, accounting, or regulatory requirements.
   14. Verification Process: Upon receiving your request, we will need to verify your identity to determine you are the same person about whom we have the information in our system. These verification efforts require us to ask you to provide information so that we can match it with information you have previously provided us. For instance, depending on the type of request you submit, we may ask you to provide certain information so that we can match the information you provide with the information we already have on file, or we may contact you through a communication method (e.g., phone or email) that you have previously provided to us. We may also use other verification methods as the circumstances dictate. We will only use personal information provided in your request to verify your identity or authority to make the request. To the extent possible, we will avoid requesting additional information from you for the purposes of verification. However, if we cannot verify your identity from the information already maintained by us, we may request that you provide additional information for the purposes of verifying your identity and for security or fraud-prevention purposes. We will delete such additionally provided information as soon as we finish verifying you.
4. 11. CONTROLS FOR DO-NOT-TRACK FEATURESMost web browsers and some mobile operating systems and mobile applications include a Do-Not-Track (‘DNT’) feature or setting you can activate to signal your privacy preference not to have data about your online browsing activities monitored and collected. At this stage no uniform technology standard for recognizing and implementing DNT signals has been finalized. As such, we do not currently respond to DNT browser signals or any other mechanism that automatically communicates your choice not to be tracked online. If a standard for online tracking is adopted that we must follow in the future, we will inform you about that practice in a revised version of this Policy.
5. 12. COMPELLED DISCLOSUREIn addition to the purposes set out in the Policy, we may disclose any data we collected or processed from you if it is required:
   
   1. (1) Under applicable law or to respond to a legal process, such as a search warrant, court order, or subpoena;
   2. (2) To protect our safety, your safety or the safety of others or in the legitimate interest of any party in the context of national security, law enforcement, litigation, criminal investigation or to prevent death or imminent bodily harm;
   3. (3) To investigate fraud, credit risk or violation of our Term of Use Policy;
   4. (4) In connection with legal proceedings brought against Travel Atelier by PH LLCs, its officers, employees, affiliates, customers or vendors;
   5. (5) To establish, exercise, protect, defend and enforce our legal rights; or
   6. (6) When we do a business deal or negotiate a business deal, or our assets are merged or acquired by the other business entity, or during restructuring of business or re-organization, we may have to share information provided by you with the other business entities.
6. 13. ACCESS, CORRECTION AND DELETIONBased on the applicable laws of your country, you may have the right to request access to the personal information we collect from you, change that information, or delete it. To request to review, update, or delete your personal information, please contact us at paul@travel-atelier.com.
7. 14. UPDATES TO PRIVACY POLICYWe may update this Policy from time to time. The updated version will be indicated by an updated ‘Revised’ date and the updated version will be effective as soon as it is accessible. If we make material changes to this Policy, we may notify you either by prominently posting a notice of such changes or by directly sending you a notification. We encourage you to review this privacy notice frequently to be informed of how we are protecting your information.