Privacy policy

This website is provided solely to assist customers.

Privacy Policy

Last updated: 29 June 2026

At OrientTrips, we respect your privacy and protect your personal information with care.

This Privacy Policy explains how OrientTrips collects, uses, stores, shares, and protects personal data when you visit orienttrips.com, create an account, place a booking, make a payment, contact support, use our services, or interact with our website, communications, and partner network.

OrientTrips OÜ is an Estonian online travel services platform. We help customers book individual travel services, including flights, hotels, trains, buses, ferries, airport transfers, taxi services, visa assistance, travel insurance, tourist cards, SIM cards, and experiences.

This Privacy Policy should be read together with our Terms and Conditions, Cancellation and Refund Policy, Cookie notices, and any service-specific terms shown during booking.

1. Data Controller

OrientTrips OÜ is the data controller for personal data processed through OrientTrips services, unless a specific service states that another provider acts as the controller.

Company: OrientTrips OÜ

Registry code: 17021383

Location: Harju maakond, Tallinn, Estonia

Privacy contact: privacy@orienttrips.com

2. Information We Collect

OrientTrips collects information needed to operate the platform, process bookings, provide travel services, manage customer support, process payments, prevent fraud, comply with legal obligations, and improve the customer experience.

The information we collect depends on how you use OrientTrips and which services you request.

3. Personal Information You Provide

We may collect personal information that you provide directly to us, including:

  • Full name
  • Email address
  • Phone number
  • Nationality
  • Date of birth where required for travel services
  • Passport details where required for bookings, transport, accommodation, visa assistance, or insurance
  • Account login details
  • Billing information
  • Booking details
  • Travel dates
  • Passenger details
  • Hotel guest details
  • Pickup and drop-off details
  • Travel preferences
  • Customer support messages
  • Documents submitted for visa assistance, insurance, transport, accommodation, or travel support

We collect only the information reasonably necessary to provide the requested service, complete a booking, meet supplier requirements, comply with law, prevent fraud, or support the customer.

4. Booking and Travel Information

When you book travel services through OrientTrips, we may collect and process information related to:

This information may be required to issue tickets, confirm reservations, arrange services, communicate with suppliers, provide customer support, manage changes, process cancellations, handle refunds, and respond to disputes.

5. Documents and Sensitive Travel Information

Some services may require passport copies, identity documents, visa forms, travel documents, insurance information, or other supporting records.

We process this information only where necessary for the requested service, supplier requirements, legal obligations, fraud prevention, customer support, or travel documentation.

Where you provide information about health, accessibility needs, dietary needs, religious requirements, or other sensitive matters, we use it only to provide the requested service, support your travel, meet legal obligations, or protect vital interests where applicable.

6. Payment Information

When you make a payment through OrientTrips, payment information may be processed by trusted third-party payment providers, banks, card networks, payment gateways, fraud prevention providers, or financial service providers.

OrientTrips does not store full card numbers or sensitive card authentication data unless this is permitted, secured, and handled by the relevant payment provider in accordance with applicable law and payment security standards.

We may receive and store limited payment-related information, including payment status, transaction reference, payment method type, amount, currency, date, invoice details, refund status, chargeback status, and fraud prevention signals.

This information helps us process bookings, verify payments, issue invoices, manage refunds, prevent fraud, respond to disputes, and meet accounting or legal obligations.

7. Technical and Usage Information

We may automatically collect technical and usage information when you use OrientTrips.

This may include:

  • Browser type
  • Device type
  • Operating system
  • IP address
  • Language preference
  • Referring website
  • Pages visited
  • Date and time of visits
  • Session activity
  • Approximate location based on technical data
  • Website performance data
  • Error logs
  • Security and fraud prevention signals

We use this information to operate the website, improve performance, protect security, analyze usage, detect fraud, fix technical issues, and improve the customer experience.

8. Third-Party Authentication

If you choose to log in using Facebook, Google, Apple, or another supported third-party authentication provider, OrientTrips may receive basic account information permitted by that provider and authorized by you.

This may include your name, email address, profile picture, account identifier, and authentication status.

We use this information to create, authenticate, secure, and manage your OrientTrips account.

You can manage third-party login permissions through the relevant provider account settings.

For Facebook Login users, a data deletion endpoint is available at core.orienttrips.com/api/users/facebook-deauthorize.

9. How We Use Your Information

OrientTrips uses personal information for contractual, operational, legal, security, payment, customer support, and business purposes.

We may use your information to:

  • Create and manage user accounts
  • Process bookings and orders
  • Issue tickets, vouchers, confirmations, policies, or service documents
  • Arrange flights, hotels, trains, buses, ferries, taxis, transfers, visa assistance, insurance, tourist cards, SIM cards, and experiences
  • Verify passenger and customer information
  • Process payments and refunds
  • Provide customer support
  • Send booking confirmations and service updates
  • Manage cancellations, changes, refunds, complaints, and disputes
  • Communicate with suppliers and service providers
  • Improve website performance and user experience
  • Personalize services and recommendations where permitted
  • Prevent fraud, abuse, unauthorized access, and payment risk
  • Comply with legal, tax, accounting, regulatory, and security obligations
  • Protect the rights, property, safety, customers, suppliers, systems, and business of OrientTrips

10. Legal Basis for Processing

Where the General Data Protection Regulation or similar data protection laws apply, OrientTrips processes personal data based on one or more legal bases.

These may include:

  • Performance of a contract: to process bookings, issue documents, manage payments, provide support, and deliver requested services
  • Steps before entering into a contract: to respond to inquiries, provide quotes, check availability, and prepare booking requests
  • Legal obligation: to meet tax, accounting, consumer protection, regulatory, payment, and security requirements
  • Legitimate interests: to operate the platform, prevent fraud, improve services, protect systems, manage disputes, and support business operations
  • Consent: for certain marketing, optional cookies, or specific data uses where consent is required
  • Vital interests: where processing is necessary for urgent travel safety, emergency assistance, or protection of life

When processing is based on consent, you may withdraw consent where applicable. Withdrawal of consent does not affect processing that took place before consent was withdrawn.

11. Data Sharing and Disclosure

OrientTrips does not sell personal information.

We share personal information only where reasonably necessary to provide services, process bookings, comply with legal obligations, protect rights, prevent fraud, manage disputes, or operate our platform.

We may share relevant information with:

  • Airlines
  • Hotels
  • Rail companies
  • Bus companies
  • Ferry operators
  • Airport transfer providers
  • Taxi providers
  • Local activity operators
  • Visa service providers
  • Insurance companies
  • Tourist card providers
  • SIM card providers
  • Payment processors
  • Banks and card networks
  • Fraud prevention providers
  • Hosting and cloud service providers
  • Technology and security providers
  • Customer support tools
  • Analytics providers
  • Advertising partners where permitted
  • Legal, tax, accounting, and compliance advisors
  • Government authorities where required by law
  • Courts, regulators, card networks, banks, or dispute bodies where required to protect rights or respond to claims

Only the information reasonably necessary for the relevant purpose will be shared.

12. Suppliers as Independent Controllers

Some suppliers, including airlines, hotels, insurers, payment providers, government authorities, and transport operators, may process personal data as independent data controllers under their own privacy policies.

When this applies, their own privacy notices, legal obligations, security measures, and retention rules may apply to the data they process.

Customers should review the privacy policies of relevant suppliers and service providers where available.

13. International Data Transfers

OrientTrips provides travel services that may involve international suppliers, airlines, hotels, operators, payment providers, technology providers, and government authorities.

Your information may be transferred to, stored in, or processed in countries outside your country of residence and outside the European Economic Area.

Where required by applicable law, OrientTrips will use appropriate safeguards for international data transfers. These may include contractual protections, supplier due diligence, technical safeguards, adequacy decisions, standard contractual clauses, or other lawful transfer mechanisms.

14. Cookies and Similar Technologies

OrientTrips uses cookies and similar technologies to operate the website, improve performance, remember preferences, analyze usage, protect security, and support marketing where permitted.

Cookies may be used to:

  • Keep the website working properly
  • Remember user preferences
  • Improve speed and performance
  • Analyze visitor behavior
  • Measure marketing campaigns
  • Deliver relevant advertisements where permitted
  • Detect fraud or suspicious activity

You can disable or manage cookies through your browser settings or consent tools where available. Some website features may not work properly if cookies are disabled.

Disabling cookies may affect account login, booking forms, payment flow, saved preferences, or travel search features.

15. Analytics and Advertising

OrientTrips may use analytics and advertising tools to understand website usage, improve services, measure performance, and deliver relevant content or offers.

Analytics and advertising partners may process technical data, cookie identifiers, device data, usage patterns, or aggregated data where permitted by law.

Where required, OrientTrips will request consent before using non-essential cookies or advertising technologies.

You may control cookies through browser settings, consent tools where available, platform privacy settings, or advertising partner controls.

16. Marketing Communications

OrientTrips may send marketing communications by email, SMS, MMS, WhatsApp, push notification, or other channels where permitted by law and where you have opted in or another lawful basis applies.

Marketing communications may include travel offers, destination updates, service news, booking suggestions, promotions, and OrientTrips updates.

You may unsubscribe from marketing emails by using the unsubscribe link where available or by contacting us at privacy@orienttrips.com.

For SMS or MMS marketing, you may opt out by replying STOP, END, CANCEL, UNSUBSCRIBE, or QUIT where supported.

Opting out of marketing communications does not stop essential service messages related to bookings, payments, refunds, security, account access, legal notices, or operational travel updates.

17. Data Retention

OrientTrips keeps personal information only for as long as reasonably necessary for the purpose for which it was collected, unless a longer retention period is required or permitted by law.

Retention periods may depend on:

  • Booking status
  • Customer account activity
  • Supplier requirements
  • Payment records
  • Refund records
  • Chargeback and dispute records
  • Tax and accounting obligations
  • Legal claims
  • Fraud prevention
  • Security requirements
  • Regulatory obligations

When personal information is no longer needed, OrientTrips will delete, anonymize, archive, or restrict it where appropriate and legally permitted.

18. Data Deletion Requests

You may request deletion of your personal information where applicable law gives you this right.

You can request deletion by:

Deletion may not be possible immediately or fully when OrientTrips must keep information for legal, accounting, tax, fraud prevention, security, dispute, chargeback, supplier, regulatory, or customer support reasons.

If full deletion is not possible, OrientTrips may restrict, archive, anonymize, or minimize the use of the information where appropriate.

19. Security of Your Information

OrientTrips uses reasonable technical, organizational, and administrative safeguards to protect personal information.

These safeguards may include encryption, access controls, secure infrastructure, account protection, monitoring, fraud prevention, staff access limits, vendor review, and security procedures.

No website, online service, payment system, email system, or internet transmission is completely secure.

OrientTrips cannot guarantee absolute security of information transmitted or stored online.

The customer is responsible for keeping account credentials, email access, passwords, devices, and authentication methods secure.

20. Automated Tools and Decision Support

OrientTrips may use automated tools to support fraud prevention, payment risk checks, account security, booking workflow, service recommendations, customer support routing, analytics, and website performance.

Where automated processing has legal or similarly significant effects and applicable law gives you specific rights, you may contact OrientTrips to request information or human review where required.

21. Children's Privacy

OrientTrips services are intended for adults and authorized users who can lawfully make travel bookings.

Travel bookings for minors may be made by parents, guardians, or authorized adults where permitted by supplier rules and applicable law.

We do not knowingly collect personal information from children without appropriate authorization where such authorization is required.

If you believe that a child has provided personal information to OrientTrips without proper authorization, contact us at privacy@orienttrips.com so we can review the matter and take appropriate action.

22. Your Privacy Rights

Depending on your location and applicable law, you may have privacy rights related to your personal information.

These rights may include the right to:

  • Access your personal data
  • Receive a copy of your personal data
  • Correct inaccurate or incomplete data
  • Request deletion of personal data
  • Request restriction of processing
  • Object to certain processing
  • Withdraw consent where processing is based on consent
  • Request data portability
  • Opt out of certain marketing communications
  • File a complaint with a competent data protection authority

To exercise privacy rights, contact OrientTrips at privacy@orienttrips.com.

OrientTrips may need to verify your identity before responding to a privacy request.

Some requests may be limited by legal obligations, supplier requirements, accounting rules, fraud prevention, security needs, disputes, chargebacks, or other lawful grounds.

23. EEA and UK Privacy Rights

If you are located in the European Economic Area or the United Kingdom, you may have additional rights under applicable data protection laws, including rights of access, rectification, erasure, restriction, objection, portability, consent withdrawal, and complaint to a supervisory authority.

You may contact the Estonian Data Protection Inspectorate or another competent supervisory authority if you believe your data protection rights have been violated.

We encourage you to contact OrientTrips first so we can review and resolve your concern.

24. U.S. State Privacy Rights

If U.S. state privacy laws apply to you, you may have additional rights regarding access, deletion, correction, portability, opt-out of certain data sharing, or opt-out of targeted advertising.

OrientTrips does not sell personal information.

Where applicable law treats certain advertising or analytics activities as sharing, you may have the right to opt out through available cookie settings, browser controls, platform settings, or by contacting us.

To make a privacy request, contact privacy@orienttrips.com.

25. Disputes, Chargebacks, and Legal Claims

OrientTrips may process and retain booking records, payment records, communications, supplier confirmations, refund calculations, service documents, account data, system logs, and related information when necessary to respond to disputes, chargebacks, legal claims, fraud investigations, regulatory requests, or payment provider reviews.

This information may be shared with payment processors, acquiring banks, issuing banks, card networks, dispute resolution bodies, legal advisors, courts, regulators, suppliers, or relevant authorities where necessary and legally permitted.

This processing helps OrientTrips protect its rights, respond to claims, prove service delivery, confirm policy acceptance, prevent fraud, and comply with legal or payment obligations.

26. Third-Party Websites and Services

OrientTrips may include links to third-party websites, suppliers, payment providers, travel partners, social platforms, or external services.

OrientTrips is not responsible for the privacy practices, content, security, or policies of third-party websites or services.

Customers should review the privacy policies of any third-party service they use.

27. Changes to This Privacy Policy

OrientTrips may update this Privacy Policy from time to time.

The updated version will be published on this page with a revised Last updated date.

Changes will apply from the date they are published unless stated otherwise.

Continued use of OrientTrips services after publication of an updated Privacy Policy means you acknowledge the updated policy.

28. Contact Us

For questions about this Privacy Policy, data protection, privacy requests, or data practices, contact OrientTrips at:

Company: OrientTrips OÜ

Registry code: 17021383

Location: Harju maakond, Tallinn, Estonia

Email: privacy@orienttrips.com

Website: orienttrips.com

Join our community
Get best deals & exclusive offers in your inbox
Copyright © 2026 | OrientTrips™All rights reserved.