Privacy Policy

Privacy Policy

Please note that the practices of Planit Travel Services Ltd. (“Planit Travel”) with respect to personal information, are now governed by this Privacy Policy.

Planit Travel is committed to protecting your personal data, in accordance with Applicable Law, in particular Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, or as it is more commonly known, the General Data Protection Regulation (GDPR).

One of your rights under the GDPR is that you must be informed when your Personal Data is processed by any organisation. You also have the right to know the details and purposes of that processing. This Privacy Notice therefore describes our practices to the personal data of visitors of and make use of our online facilities.

For all our services, Planit Travel, as the Data Controller, having its address at  187, Nazju Ellut Street, Gzira GZR, 1629, Malta, is responsible for the processing of Personal Data it receives from you.

What this Privacy Policy covers                                  

We are committed to doing the right thing when it comes to how we collect, use and protect your Personal Data. Your privacy matters to us, so please do take the time to read this privacy policy which explains:

  • What types of Personal Data we collect and why we collect it.
  • When and how we may share Personal Data with other organisations.
  • The choices you have, including how to access and update your Personal Data.

 Personal data we collect

Most of the Personal Data which we may collect about you through this website and our related online facilities and services is given to us only if you choose to give it to us. Such information may be requested from you when you fill in a field (e.g. book a flight, manage your booking, sign up for our newsletter or fill in any other form with your questions and comments) or any other form or application downloaded through or from PlanIt Travel’s Website.  If you send us emails, then the personal data we process will depend on what you send us in the email. The below sections provide further information as to which data is collected through specific means:

  1. When you register for any of our services, you may provide us with:
  • Your personal details, including your address, email address, phone number and date of birth.
  • Your account login details, such as your username and the password you chose.
  1. When you browse our website, we may collect:
  • Travel preferences.
  • Information about your browsing behaviour on our website.
  • Information about the way you access our digital services, including operating system, IP address, online identifiers and browser details.
  1. When you buy our travel services, we may collect:
  • Passenger information, passport details, other ID document details.
  • Insurance details.
  • Any specific dietary or meal requests.
  • Information about your browsing behaviour on our website.
  • Information about when you click on one of our adverts, including those shown on other organisations’ websites.
  • Information about the way you access our digital services, including operating system, IP address, online identifiers and browser details.
  1. When you contact us, we may collect:
  • Personal data you provide when you connect with us, including by email, post and phone or through social media, such as your name, username and contact details.
  • Details of emails and other digital communications we send to you
  • Your feedback and contributions to customer surveys and questionnaires.
  1. Personal data you provide about other individuals:
  • We use personal data about other individuals provided by you, such as those people on your booking.
  • By providing other people’s personal data, you must be sure that they agree to this and you are allowed to provide it. You should also ensure that, where appropriate, they understand how their personal data may be used by us.

Using your personal data

We use your personal data in a variety of ways; what we do with it then depends on the information and the purpose for which we collected, as explained below.

  • To provide the services you request
    We need to process your personal data (name, surname, contact details) so that we can provide you with the services you want to buy, manage your booking and help you with any refunds you may ask for.
  • To manage and improve our services and day-to-day operations
    We use personal data to manage and improve our websites, and other services.
    We monitor how our services are used to help protect your personal data, detect and prevent fraud, other crimes and the misuse of services. This helps us to make sure that you can safely use our services.
    We may use personal data to respond to and to manage security operations, accidents or other similar incidents.
    We use personal data to carry out market research and internal research and development, and to develop and improve our product range, services, IT systems, security, know-how and the way we communicate with you. We use CCTV images to help maintain the safety of anyone working in or visiting our offices and for the prevention, detection and prosecution of criminal offences. We may also rely on the images to establish, exercise or defend our legal rights
  • To personalise your experience
    We want to ensure that marketing communications relating to our services, and those of our suppliers, including online advertising, are relevant to your interests. To do this, we may use your personal data to better understand your interests so that we can try to predict what other services and information you might be most interested in. This enables us to tailor our communications to make them more relevant and interesting for you. We may also measure your responses to marketing communications relating to services we offer, which enables us to offer you services that better meet your needs as a customer.
  • To make contact and interact with you
    We want to serve you better as a customer so if you contact us, we may use personal data to provide clarification or assistance to you.
    We may invite you to take part in customer surveys, questionnaires and other market research activities carried out by Planit Travel.
    We do not sell your personal data to third parties.

You don’t have to give us any of this personal information but if you don’t, you may not be able to use our site or all of the services we offer on the site, and you are unlikely to receive an optimal customer experience.

If you under the age of 18 years old, please get your parent/guardian’s permission before you provide any personal information to us.  We will need to process personal data relating to parents or guardians in that case – and we may also need to request for verification documentation to ensure that consent is given or authorised by the holder of parental responsibility.

Marketing communications

From time to time we may send you relevant offers and news about our services by email. When you book or register with us we will ask if you would like to receive marketing communications. You can change your marketing preferences online, using the ‘unsubscribe’ link in our marketing emails, or by emailing us at

Even if you unsubscribe, you may still receive service-related communications from us. For example, confirming bookings you make with us and providing important information about the use of our services.

Sharing personal data

We do not, and will not, sell any of your personal data to any third party – including your name, address, email address or credit card information. It is not our business to do so – and we want to earn your trust and confidence.

However, we share your data with the following categories of entities as an essential part of being able to provide our services to you:

  1. Credit reference agencies, law enforcement and fraud prevention agencies, so we can help tackle fraud;
  2. Companies that are involved in the process of the provision of services to you, such as payment service providers,, transport companies, etc.
  3. Professional service providers, such as marketing agencies, advertising partners and website hosts who service us in turn to operate our business;

In most circumstances, we will not disclose personal data without authorisation. However, there may be occasions where we might have to – e.g. with a court order, to comply with legal requirements, and specifically in relation to our services, to satisfy a legal request to state authorities at the point(s) of departure and/or destination for immigration, border control, security and anti-terrorism purposes, or any other purposes which they determine appropriate. We may also be obliged to provide your data for the proper administration of justice, to protect your vital interests, to fulfil your requests, to safeguard the integrity of the relevant websites operated by us or by such related entities or in the event of a corporate sale, merger, reorganisation, dissolution or similar event involving us and/or our subsidiaries and related entities.

When we do share data, we do so on an understanding with the other entities that the data is to be used only for the purposes for which we originally intended.

Protecting your personal data

We know how important it is to protect and manage your personal data. We take appropriate security measures to help protect your personal data from accidental loss and from unauthorised access, use, alteration and disclosure, which measures include: firewalls, physical access restrictions, back-up and secure servers.

Specifically in relation to our website, we use HTTPS to help keep information about you secure. However, no data transmission over the internet can be guaranteed to be totally secure.

We do our best to keep information you disclose to us secure. However we can’t guarantee or warrant the security of any information which you send to us. Please understand however, that no system is perfect or can guarantee that unauthorised access or theft will not occur.

The security of your data also depends on you. Where we have given you or where you have created  a password, a username and/or other identification information for access to certain services, you are responsible for keeping these details confidential and should not be disclosed to or shared with anyone. When you do disclose any of these details, you are solely responsible for all activities undertaken where they are used.

Whenever you create a password, then to protect your account you should choose a strong password, meaning it should be lengthy and include a mixture of letters and numbers with mix of CAPS.

Data retention

We will retain your personal data for only as long as it is necessary for the purposes set out in this Privacy Notice. We may also keep hold of some of your information if it becomes necessary or required to meet legal and regulatory requirements, resolve disputes, prevent fraud and abuse, or enforce our terms and conditions. After this period, we will securely erase personal data. If data is needed after this period for analytical, historical or other legitimate business purposes, we will take appropriate measures to anonymise this data.

About cookies and similar technologies

  1. Cookies

Cookies are small data files that allow a website to collect and store a range of data on your desktop computer, laptop or mobile device. Cookies are then sent back to originating website on each subsequent visit – and they are useful because they allow a website to recognise a user’s device and store some information about your preferences or past actions. Cookies help us to provide important features and functionality on our websites and mobile apps, and we use them to improve your customer experience.

  1. Social media features

Our websites may contain social media features such as Facebook that have their own privacy notices. Please make sure you read their terms and conditions and privacy notice carefully before providing any personal data as we do not accept any responsibility or liability for these features.

Your Rights

You enjoy several rights relating to your personal information.

  • You have a right to ask for a copy of the personal data we hold about you. You can write to us asking for a copy of the personal data we hold about you. We will carry out our best efforts to process your request within one month or, if the request is particularly complex, two months. We can provide you with a copy of your personal data in electronic format or hard copy. If we consider the frequency of your requests as being unreasonable, we may refuse to comply with your request. In those circumstances, if you disagree, you can complain to the data protection authority – in Malta, the Information and Data Protection Commissioner.

We want to make sure that the personal data we hold about you is accurate and up to date. If any of the details we hold are incorrect, please let us know.

You can also ask for your personal data to be rectified or erased, to object to the processing of your personal data and, where technically feasible, to ask for personal data you provided to be transmitted to another organisation.

Please appreciate that the rights must be exercised within some limitation – for example, if you ask us for information we can only give you what relates to you and not what relates to other persons. When we receive requests, we may also request that you identify yourself and provide documentation or information for verification (we would not want to disclose information to the wrong person). Unreasonable requests may be subjected to a reasonable fee or refusal to respond.

You can also contact us if you have a complaint about how we collect, store or use your personal data. We aim to resolve complaints but if you may also complain to the Information and Data Protection Commissioner’s Office in Malta.

Legal basis for processing personal data

We will only collect and use your personal data if at least one of the following conditions applies:

  • You have given your consent;
  • The processing is necessary for the performance of a contract with you or to take steps at your request prior to entering into a contract;
  • The processing is necessary for us to comply with a legal obligation;
  • The processing is necessary to protect your vital interests or those of another individual;
  • The processing is in the public interest;
  • The processing is necessary for the purposes of the legitimate interests pursued by Us or by a third party.