Last updated: 29 June 2026
At OrientTrips, we respect your privacy and protect your personal information with care.
This Privacy Policy explains how OrientTrips collects, uses, stores, shares, and protects personal data when you visit orienttrips.com, create an account, place a booking, make a payment, contact support, use our services, or interact with our website, communications, and partner network.
OrientTrips OÜ is an Estonian online travel services platform. We help customers book individual travel services, including flights, hotels, trains, buses, ferries, airport transfers, taxi services, visa assistance, travel insurance, tourist cards, SIM cards, and experiences.
This Privacy Policy should be read together with our Terms and Conditions, Cancellation and Refund Policy, Cookie notices, and any service-specific terms shown during booking.
OrientTrips OÜ is the data controller for personal data processed through OrientTrips services, unless a specific service states that another provider acts as the controller.
Company: OrientTrips OÜ
Registry code: 17021383
Location: Harju maakond, Tallinn, Estonia
Privacy contact: privacy@orienttrips.com
OrientTrips collects information needed to operate the platform, process bookings, provide travel services, manage customer support, process payments, prevent fraud, comply with legal obligations, and improve the customer experience.
The information we collect depends on how you use OrientTrips and which services you request.
We may collect personal information that you provide directly to us, including:
We collect only the information reasonably necessary to provide the requested service, complete a booking, meet supplier requirements, comply with law, prevent fraud, or support the customer.
When you book travel services through OrientTrips, we may collect and process information related to:
This information may be required to issue tickets, confirm reservations, arrange services, communicate with suppliers, provide customer support, manage changes, process cancellations, handle refunds, and respond to disputes.
Some services may require passport copies, identity documents, visa forms, travel documents, insurance information, or other supporting records.
We process this information only where necessary for the requested service, supplier requirements, legal obligations, fraud prevention, customer support, or travel documentation.
Where you provide information about health, accessibility needs, dietary needs, religious requirements, or other sensitive matters, we use it only to provide the requested service, support your travel, meet legal obligations, or protect vital interests where applicable.
When you make a payment through OrientTrips, payment information may be processed by trusted third-party payment providers, banks, card networks, payment gateways, fraud prevention providers, or financial service providers.
OrientTrips does not store full card numbers or sensitive card authentication data unless this is permitted, secured, and handled by the relevant payment provider in accordance with applicable law and payment security standards.
We may receive and store limited payment-related information, including payment status, transaction reference, payment method type, amount, currency, date, invoice details, refund status, chargeback status, and fraud prevention signals.
This information helps us process bookings, verify payments, issue invoices, manage refunds, prevent fraud, respond to disputes, and meet accounting or legal obligations.
We may automatically collect technical and usage information when you use OrientTrips.
This may include:
We use this information to operate the website, improve performance, protect security, analyze usage, detect fraud, fix technical issues, and improve the customer experience.
If you choose to log in using Facebook, Google, Apple, or another supported third-party authentication provider, OrientTrips may receive basic account information permitted by that provider and authorized by you.
This may include your name, email address, profile picture, account identifier, and authentication status.
We use this information to create, authenticate, secure, and manage your OrientTrips account.
You can manage third-party login permissions through the relevant provider account settings.
For Facebook Login users, a data deletion endpoint is available at core.orienttrips.com/api/users/facebook-deauthorize.
OrientTrips uses personal information for contractual, operational, legal, security, payment, customer support, and business purposes.
We may use your information to:
Where the General Data Protection Regulation or similar data protection laws apply, OrientTrips processes personal data based on one or more legal bases.
These may include:
When processing is based on consent, you may withdraw consent where applicable. Withdrawal of consent does not affect processing that took place before consent was withdrawn.
OrientTrips does not sell personal information.
We share personal information only where reasonably necessary to provide services, process bookings, comply with legal obligations, protect rights, prevent fraud, manage disputes, or operate our platform.
We may share relevant information with:
Only the information reasonably necessary for the relevant purpose will be shared.
Some suppliers, including airlines, hotels, insurers, payment providers, government authorities, and transport operators, may process personal data as independent data controllers under their own privacy policies.
When this applies, their own privacy notices, legal obligations, security measures, and retention rules may apply to the data they process.
Customers should review the privacy policies of relevant suppliers and service providers where available.
OrientTrips provides travel services that may involve international suppliers, airlines, hotels, operators, payment providers, technology providers, and government authorities.
Your information may be transferred to, stored in, or processed in countries outside your country of residence and outside the European Economic Area.
Where required by applicable law, OrientTrips will use appropriate safeguards for international data transfers. These may include contractual protections, supplier due diligence, technical safeguards, adequacy decisions, standard contractual clauses, or other lawful transfer mechanisms.
OrientTrips uses cookies and similar technologies to operate the website, improve performance, remember preferences, analyze usage, protect security, and support marketing where permitted.
Cookies may be used to:
You can disable or manage cookies through your browser settings or consent tools where available. Some website features may not work properly if cookies are disabled.
Disabling cookies may affect account login, booking forms, payment flow, saved preferences, or travel search features.
OrientTrips may use analytics and advertising tools to understand website usage, improve services, measure performance, and deliver relevant content or offers.
Analytics and advertising partners may process technical data, cookie identifiers, device data, usage patterns, or aggregated data where permitted by law.
Where required, OrientTrips will request consent before using non-essential cookies or advertising technologies.
You may control cookies through browser settings, consent tools where available, platform privacy settings, or advertising partner controls.
OrientTrips may send marketing communications by email, SMS, MMS, WhatsApp, push notification, or other channels where permitted by law and where you have opted in or another lawful basis applies.
Marketing communications may include travel offers, destination updates, service news, booking suggestions, promotions, and OrientTrips updates.
You may unsubscribe from marketing emails by using the unsubscribe link where available or by contacting us at privacy@orienttrips.com.
For SMS or MMS marketing, you may opt out by replying STOP, END, CANCEL, UNSUBSCRIBE, or QUIT where supported.
Opting out of marketing communications does not stop essential service messages related to bookings, payments, refunds, security, account access, legal notices, or operational travel updates.
OrientTrips keeps personal information only for as long as reasonably necessary for the purpose for which it was collected, unless a longer retention period is required or permitted by law.
Retention periods may depend on:
When personal information is no longer needed, OrientTrips will delete, anonymize, archive, or restrict it where appropriate and legally permitted.
You may request deletion of your personal information where applicable law gives you this right.
You can request deletion by:
Deletion may not be possible immediately or fully when OrientTrips must keep information for legal, accounting, tax, fraud prevention, security, dispute, chargeback, supplier, regulatory, or customer support reasons.
If full deletion is not possible, OrientTrips may restrict, archive, anonymize, or minimize the use of the information where appropriate.
OrientTrips uses reasonable technical, organizational, and administrative safeguards to protect personal information.
These safeguards may include encryption, access controls, secure infrastructure, account protection, monitoring, fraud prevention, staff access limits, vendor review, and security procedures.
No website, online service, payment system, email system, or internet transmission is completely secure.
OrientTrips cannot guarantee absolute security of information transmitted or stored online.
The customer is responsible for keeping account credentials, email access, passwords, devices, and authentication methods secure.
OrientTrips may use automated tools to support fraud prevention, payment risk checks, account security, booking workflow, service recommendations, customer support routing, analytics, and website performance.
Where automated processing has legal or similarly significant effects and applicable law gives you specific rights, you may contact OrientTrips to request information or human review where required.
OrientTrips services are intended for adults and authorized users who can lawfully make travel bookings.
Travel bookings for minors may be made by parents, guardians, or authorized adults where permitted by supplier rules and applicable law.
We do not knowingly collect personal information from children without appropriate authorization where such authorization is required.
If you believe that a child has provided personal information to OrientTrips without proper authorization, contact us at privacy@orienttrips.com so we can review the matter and take appropriate action.
Depending on your location and applicable law, you may have privacy rights related to your personal information.
These rights may include the right to:
To exercise privacy rights, contact OrientTrips at privacy@orienttrips.com.
OrientTrips may need to verify your identity before responding to a privacy request.
Some requests may be limited by legal obligations, supplier requirements, accounting rules, fraud prevention, security needs, disputes, chargebacks, or other lawful grounds.
If you are located in the European Economic Area or the United Kingdom, you may have additional rights under applicable data protection laws, including rights of access, rectification, erasure, restriction, objection, portability, consent withdrawal, and complaint to a supervisory authority.
You may contact the Estonian Data Protection Inspectorate or another competent supervisory authority if you believe your data protection rights have been violated.
We encourage you to contact OrientTrips first so we can review and resolve your concern.
If U.S. state privacy laws apply to you, you may have additional rights regarding access, deletion, correction, portability, opt-out of certain data sharing, or opt-out of targeted advertising.
OrientTrips does not sell personal information.
Where applicable law treats certain advertising or analytics activities as sharing, you may have the right to opt out through available cookie settings, browser controls, platform settings, or by contacting us.
To make a privacy request, contact privacy@orienttrips.com.
OrientTrips may process and retain booking records, payment records, communications, supplier confirmations, refund calculations, service documents, account data, system logs, and related information when necessary to respond to disputes, chargebacks, legal claims, fraud investigations, regulatory requests, or payment provider reviews.
This information may be shared with payment processors, acquiring banks, issuing banks, card networks, dispute resolution bodies, legal advisors, courts, regulators, suppliers, or relevant authorities where necessary and legally permitted.
This processing helps OrientTrips protect its rights, respond to claims, prove service delivery, confirm policy acceptance, prevent fraud, and comply with legal or payment obligations.
OrientTrips may include links to third-party websites, suppliers, payment providers, travel partners, social platforms, or external services.
OrientTrips is not responsible for the privacy practices, content, security, or policies of third-party websites or services.
Customers should review the privacy policies of any third-party service they use.
OrientTrips may update this Privacy Policy from time to time.
The updated version will be published on this page with a revised Last updated date.
Changes will apply from the date they are published unless stated otherwise.
Continued use of OrientTrips services after publication of an updated Privacy Policy means you acknowledge the updated policy.
For questions about this Privacy Policy, data protection, privacy requests, or data practices, contact OrientTrips at:
Company: OrientTrips OÜ
Registry code: 17021383
Location: Harju maakond, Tallinn, Estonia
Email: privacy@orienttrips.com
Website: orienttrips.com