Lumarah preview You're on a staging environment — bookings made here are not real.
Lumarah

Lumarah · Privacy

Your privacy, held with care.

Last updated · May 2026

Lumarah Travel ("we", "us", "our") respects your privacy. This policy explains what data we collect, why we collect it, how we use it, and the rights you have over it.

This is a working draft. Before going live, please have a UK-qualified solicitor review against the UK GDPR and the Data Protection Act 2018.

What we collect

When you request a quote or book an Umrah journey with us, we collect:

  • Contact details — name, email, phone, marketing preferences
  • Journey details — your party composition, departure airport, travel window, package preferences, accessibility needs, budget guidance
  • Niyyah — your stated intention for the journey (only if you choose to share it)
  • Identity documents — once you accept a booking: passport scan, photograph, and any other documents required for visa application
  • Booking and payment data — what you purchased, when, how it was paid for
  • Technical data — IP address, browser type, pages visited (for security and analytics)

Why we collect it

  • To prepare your personalised Umrah quote and apply for your Saudi visa
  • To book hotels, flights, and ground transport on your behalf
  • To send you booking confirmations, updates, and concierge messages
  • To comply with legal obligations (tax records, anti-fraud, identity verification)
  • To improve our services and (with consent) send occasional marketing

How we share it

Your data is shared only when necessary to deliver your journey:

  • Visa authorities (Saudi Arabia) — passport scan, photograph, biographical data
  • Airlines and hotels — names, dates, dietary requests, accessibility needs
  • Payment processors — Stripe (or similar) for card processing; we do not store full card details
  • Hosting and infrastructure providers — UK/EU-based cloud servers under contract

We never sell your data. We never share it for advertising purposes without your consent.

How long we keep it

  • Lead enquiries that don't convert — up to 12 months
  • Booking records — 6 years (required by UK tax law)
  • Identity documents (passport scans etc.) — destroyed within 12 months of trip completion
  • Marketing preferences — until you unsubscribe

Your rights

Under UK GDPR, you can:

  • Request a copy of all personal data we hold about you
  • Correct any data that is wrong
  • Ask us to delete your data (where we have no legal duty to keep it)
  • Object to your data being used for marketing
  • Withdraw consent at any time
  • Complain to the UK Information Commissioner's Office (ico.org.uk)

Cookies

We use cookies to keep your portal session active and to remember preferences. See our cookies policy for full details.

Contact

For any privacy question, contact our data team at privacy@lumarah.co.uk or write to Lumarah Travel, [registered address to be added before launch].

Questions? Email hello@lumarah.co.uk

A small note

We use a couple of cookies to keep your portal session live and (with your permission) one privacy-respecting analytics measure to understand how the site is used. No advertising trackers. Read more.

When you're ready

Plan my Umrah