Skip to main content Scroll Top

Privacy Policy

Privacy Policy
Palbina Travel Limited Privacy Policy
 
Last Updated: October 13, 2025
 
Palbina Travel Limited (“Palbina Travel,” “we,” “us,” or “our”) is a Kenyan-based travel agency specializing in tailored travel solutions, corporate travel management, leisure travel, tours, and related services. We are committed to protecting your privacy and handling your personal data responsibly. This Privacy Policy explains how we collect, use, disclose, and protect your personal information in connection with our services, website (palbinatravel.com) and other interactions.
 
This Policy applies to all individuals who interact with us, including clients, travelers, website visitors, and users of our services. It complies with the Kenyan Data Protection Act, 2019, and other applicable data protection laws. Palbina Travel is registered and certified by the Office of the Data Protection Commissioner (ODPC) in Kenya, ensuring our data processing practices meet high standards of compliance and accountability.
 
For EU/UK residents, we adhere to GDPR principles where relevant to our operations.
 
By using our services or providing your personal data, you agree to the practices described in this Policy. If you do not agree, please do not provide your information or use our services.

1. Personal Data We Collect

We collect personal data necessary to provide our travel services and improve your experience. The types of data may include:
  • Identifiers and Contact Information:
 Name, address, phone numbers (work, home, mobile), email addresses, date of birth, gender, and nationality.
  • Travel and Booking Details: 
Passport or national ID details, visa information, travel preferences (e.g., seat, meal, hotel type), loyalty program memberships, itinerary details, and special requests (e.g., accessibility needs).
  • Payment Information:
 Bank account information, billing address, and payment history.
  • Professional/Employment Information: 
Employer details, job title, department, cost center (for corporate travel), and employee ID.
  • Health and Sensitive Data: 
Dietary requirements, medical conditions, or other health-related information only when necessary for travel arrangements (e.g., special assistance), collected with your explicit consent. 
  • Biometric and Geolocation Data: 
Where relevant for services like mobile check-ins or tracking, with your consent.
  • Audio/Visual Information: 
Voice recordings from customer service calls (for quality assurance), photos or videos from events or surveillance at our premises.
  • Technical and Usage Data: 
IP address, browser type, device information, login credentials, and interaction data from our website.
  • Other Information:
 Emergency contact details, feedback from surveys, or data from competitions/promotions.
 
We do not knowingly collect personal data from children under 16 without parental consent. If we become aware of such data, we will delete it.

2. How We Collect Your Personal Data

We collect data through various methods to ensure efficient service delivery:

  • Directly from You: 

When you make bookings, inquiries, or registrations via our website, email, phone or in-person at our offices.

  • From Third Parties: 

From your employer (for corporate travel), family members (if booking on your behalf), travel partners (e.g., airlines, hotels), or public sources, with your consent or as authorized.

  • Automatically: 

Through cookies, web beacons, and similar technologies on our website to track usage, preferences, and improve functionality. See our Cookie Policy for details.

  • From Service Interactions: 

During customer service, feedback surveys, or marketing activities.

If you provide data about others (e.g., fellow travelers), you must have their consent and inform them of this Policy.

3. Purposes for Processing Your Personal Data

We process your data for legitimate business purposes, always in compliance with applicable laws. Key purposes include:

  • Service Provision: 

To book and manage travel (flights, hotels, cars, tours), process payments, provide itineraries, handle changes/refunds, and offer customer support.

  • Contract Fulfillment: 

To perform our agreements with you or your employer, including corporate travel management and consulting.

  • Customization and Improvement: 

To personalize services, analyze travel patterns, enhance products, and conduct market research.

  • Marketing and Communications: 

To send newsletters or updates about our services, with your consent where required. You can opt out at any time.

  • Compliance and Legal Obligations: 

To meet regulatory requirements (e.g., customs, immigration, anti-fraud), respond to authorities, or enforce our terms.

  • Security and Fraud Prevention: 

To detect and prevent fraud, monitor systems, and ensure safety.

  • Business Operations: 

For reporting, auditing, benchmarking (using anonymized data), and internal analytics.

We process sensitive data only with explicit consent or when necessary for vital interests (e.g., medical emergencies during travel).

4. Legal Bases for Processing

Our processing is based on:

  • Consent: 

For sensitive data.

  • Contract Performance: 

To deliver services you’ve requested.

  • Legitimate Interests: 

For service improvement, fraud prevention, and business efficiency (balanced against your rights).

  • Legal Obligation: 

For compliance with laws like the Kenyan Data Protection Act or international travel regulations.

As certified by the ODPC, we ensure all processing is lawful, fair, and transparent.

5. Sharing and Disclosure of Your Personal Data

We do not sell, rent, or trade your data. We may share it with trusted parties for service delivery:

  • Affiliates and Partners: 

Related entities or subcontractors for operations.

  • Travel Providers: 

Airlines, hotels, car rentals, tour operators, visa services, and Global Distribution Systems (GDS).

  • Service Providers: 

IT vendors, payment processors and analytics platforms (bound by confidentiality).

  • Your Employer:

 For corporate travel reporting, audits, or reimbursements.

  • Third Parties:

 For emergency assistance, insurance, or as required by law (e.g., government authorities, courts).

  • In Business Transactions: 

If we merge, acquire, or sell assets, data may be transferred to the new entity.

All recipients are required to protect your data and comply with applicable laws.

6. International Data Transfers

As a travel agency serving global clients, we may transfer data outside Kenya (e.g., to travel providers in Europe, USA, Asia or Africa). We ensure transfers comply with the Kenyan Data Protection Act and use safeguards like Data Protection Agreements, Standard Contractual Clauses, or adequacy decisions. We are not responsible for recipients in jurisdictions with lower protection standards, but we select partners carefully.

7. Data Security

We implement robust technical and organizational measures to protect your data from unauthorized access, loss, alteration, or disclosure. These include encryption, access controls, regular audits, and employee training. While we strive to maintain the highest standards of security, we acknowledge that no system is entirely immune to risk particularly in the context of internet-based communications.

8. Data Retention

We retain data only as long as necessary for the purposes outlined, or as required by law (e.g., tax or audit requirements). Typically, travel data is kept for 5 years post-service. After that, we delete or anonymize it securely.

9. Your Rights

Under the Kenyan Data Protection Act and other laws, you have rights including:

  •  Access: Request a copy of your data.
  •  Rectification: Correct inaccurate data.
  •  Erasure: Delete data in certain cases.
  •  Restriction: Limit processing.
  •  Objection: Oppose processing for marketing or legitimate interests.
  •  Portability: Receive data in a structured format.
  • Withdraw Consent: At any time, without affecting prior processing.

To exercise rights, contact us on Email:palbina@palbinatravel.com  . We respond within 30 days (extendable if complex). You can complain to the ODPC if unsatisfied.

For marketing, unsubscribe via links in emails or contact us.

10. Cookies and Similar Technologies

Our website uses cookies and similar technologies to enhance functionality, analyze site usage, and personalize content. These cookies may collect information about your device, browsing behavior, and preferences. By continuing to use our site, you implicitly consent to our use of cookies.

We do not currently display a cookie consent banner. However, you can manage or disable cookies through your browser settings at any time. Please note that disabling cookies may affect site performance and user experience.

11. Third-Party Links

Our site may link to third-party sites (e.g., airlines). Their privacy practices differ, review their policies. We are not responsible for their content or data handling.

12. Changes to This Policy

We may update this Policy to reflect changes in practices or laws. Updates will be posted here with the new date. For significant changes, we’ll notify you via email or prominent notice. Continued use constitutes acceptance.

13. Contact Us

For questions, requests, or complaints:

Palbina Travel Limited  

Address: Green house, 2nd Floor, Suite 9, Ngong Rd 

Email: palbina@palbinatravel.com  

Pilot Line: |+254 709 863 000 | +254 723 603 980

Emergency Line: |+254 719 125 577

We value your privacy and welcome feedback.