Privacy Policy | Royal Bay Tourism LLC – UAE PDPL Compliant
🔒 UAE PDPL Compliant | Data Protection Office Active

Privacy Policy

Royal Bay Tourism LLC – Your Data, Your Rights

Last Updated: [01/05/2026]

📌 Introduction
Royal Bay Tourism LLC respects your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal data in compliance with UAE Federal Decree-Law No. 45 of 2021 on the Protection of Personal Data (PDPL).

1. Definitions (Under UAE PDPL)

  • Personal Data: Any information relating to an identified or identifiable natural person (name, passport number, contact details, payment info).
  • Sensitive Personal Data: Racial origin, health data, biometric data, religious beliefs.
  • Controller: Royal Bay Tourism LLC – determines purposes of processing.

2. What Personal Data We Collect

Identity & Contact Data

Full name (as per passport), passport information, email, phone number, address.

Travel & Booking Data

Flight numbers, hotel names, tour dates, dietary restrictions, medical conditions (if voluntarily disclosed).

Financial Data

Credit/debit card details, billing records (processed via secure third-party gateways).

Technical & Usage Data

IP address, browser type, pages visited, cookies.

⚖️ Legal Bases for Processing (UAE PDPL Article 5)
We process your data based on: Consent (marketing, cookies), Contractual necessity (booking fulfillment), Legal obligation (UAE law compliance), Legitimate interest (fraud prevention, website improvement).

3. Your Rights Under UAE PDPL

✅ Right to Access

Obtain confirmation and a copy of your personal data. Response within 30 days.

✏️ Right to Rectification

Correct inaccurate or incomplete data. Response within 15 days.

🗑️ Right to Erasure

Request deletion where no legal basis remains. Response within 30 days.

📤 Right to Data Portability

Receive your data in a machine-readable format. Response within 30 days.

🚫 Right to Object

Object to processing for direct marketing. Response within 7 days.

🔐 Right to Withdraw Consent

Withdraw previously given consent at any time.

4. How to Exercise Your Rights

Submit a written request to: Data Protection Officer, Royal Bay Tourism LLC at [Insert DPO Email] with subject line "PDPL Request". Provide proof of identity (Emirates ID or passport copy).

5. Data Retention

We retain your personal data only as long as necessary: Booking records + 5 years (UAE Commercial Transactions Law), marketing data for 2 years, website logs for 1 year.

6. Data Security

We implement TLS 1.3 encryption, role-based access controls, firewalls, and regular vulnerability scanning. In case of a data breach, we notify the UAE Data Office within 72 hours.

7. International Data Transfers

Some Suppliers are outside the UAE. We comply with PDPL Chapter 4 by using Standard Contractual Clauses or ensuring adequate protection levels.

8. Cookies and Tracking

We use essential cookies (no consent needed), functional cookies (consent required), analytics cookies (consent required), and marketing cookies (consent required). Manage preferences via our cookie banner.

9. Direct Marketing

With your explicit opt-in consent, we may send marketing communications. Unsubscribe anytime via the "Unsubscribe" link in emails or by contacting us.

10. Complaints

If you believe your privacy rights have been violated, contact our DPO first. You may also lodge a complaint with the UAE Data Office (Ministry of Economy – Consumer Protection Department).

11. Contact Our Data Protection Officer

Email: [Info@royalbaytourism.com]

By using our website or services, you consent to the data practices described in this Privacy Policy.

© 2026 Royal Bay Tourism LLC | UAE PDPL Compliant

Copyright © 2026 Royal Bay Tourism LLC