Privacy Policy – Version 1.4
Effective Date: 19 June 2026
Last Reviewed: 17 June 2026
Data Controller
The Wanderlust Edit Ltd
Registered in England and Wales No. 16288214
Registered Office:
167–169 Great Portland Street
5th Floor
London
W1W 5PF
United Kingdom
Business Address:
The Wanderlust Edit
c/o 101 St. Martins Lane
First Floor
London
WC2N 4AZ
Privacy Email: privacy@thewanderlustedit.co.uk
Telephone: +44 (0)20 7434 7407
At The Wanderlust Edit, we treat every itinerary — and every item of personal data — with the utmost discretion and care. This Privacy Policy explains how we collect, use, share and safeguard your information when you visit thewanderlustedit.co.uk (“Site”) or use our travel-curation services (“Services”).
We comply with the UK General Data Protection Regulation (“UK GDPR”), the Data Protection Act 2018, the Privacy and Electronic Communications Regulations (“PECR”) and applicable updates introduced by the Data Use and Access Act 2025.
At The Wanderlust Edit, all bookings are made through Colletts Travel Limited and are arranged under their licence, with Colletts Travel Limited acting as the licence holder. Supplier, airline, hotel, cruise, tour operator and booking terms may also apply to your travel arrangements. For full details, please refer to our Terms & Conditions.
1. Glossary of Key Terms
| Term | Meaning |
|---|---|
| Personal Data | Information that identifies or can identify you. |
| Processing | Any action performed on Personal Data, including collection, storage, use, transfer, deletion or sharing. |
| Data Subject | You — the individual who can be identified from Personal Data. |
| Data Controller | The Wanderlust Edit Ltd, which decides why and how personal data is processed. |
| Data Processor | Third parties who process data only on our instructions, such as booking systems, website providers or email platforms. |
| Special Category Data | More sensitive personal data, such as health, accessibility, dietary or religious requirements, where these are relevant to your travel arrangements. |
2. What We Collect
| Category | Examples | Source |
|---|---|---|
| Personal Identification Data | Name, address, email address, phone number, date of birth, passport details and travel preferences | Provided by you via forms, calls, email, WhatsApp or consultation |
| Transactional & Travel Data | Itineraries, booking references, loyalty numbers, payment details, invoices and travel history | Generated during planning, booking and fulfilment |
| Special Category Data | Dietary requirements, health or accessibility needs, mobility assistance, religious requirements or other sensitive travel-related information | Provided by you where relevant to your travel arrangements |
| Technical & Usage Data | IP address, browser type, device ID, pages visited, session information and website interaction data | Collected automatically via analytics, cookies and server logs |
| Marketing Preferences | Newsletter opt-in, event RSVP history, content preferences and communication preferences | Provided by you or generated through your interaction with our communications |
| Communication Data | Emails, WhatsApp messages, telephone notes, consultation notes and enquiry information | Provided by you when you contact us |
We collect only the information we reasonably need to provide our services, respond to enquiries, arrange travel, comply with legal requirements and improve the experience we offer.
3. How We Use Your Data and Legal Bases
| Purpose | Typical Data Used | Legal Basis |
|---|---|---|
| Respond to enquiries and arrange consultations | Name, contact details, enquiry information | Legitimate interests / steps before entering into a contract |
| Prepare quotes, proposals, reservations and itineraries | Name, contact details, passport details, travel preferences, dates, destination preferences | Contract |
| Manage bookings and travel fulfilment | Booking data, contact details, travel documents, supplier information | Contract |
| Process payments, invoices and accounting records | Billing details, transaction details, invoice records | Legal obligation / legitimate interests |
| Prevent fraud and protect our business | Transactional data, identification information, technical data | Legitimate interests / legal obligation |
| Provide travel alerts, disruption support and essential communications | Booking details, contact details, itinerary information | Legitimate interests / contract |
| Personalise travel arrangements and requested travel perks | Dietary, accessibility, celebration, room and travel preferences | Consent / explicit consent where special category data is involved |
| Send marketing communications by email or WhatsApp | Contact details and marketing preferences | Consent |
| Improve website performance and understand visitor use | IP address, browser data, device information, website interaction data | Legitimate interests or consent where required |
| Manage data protection rights and complaints | Contact details, correspondence and identity-verification information | Legal obligation |
Where we rely on consent, you may withdraw that consent at any time by contacting privacy@thewanderlustedit.co.ukor using the unsubscribe option in our marketing communications.
4. Special Category Data
Some travel arrangements may require us to process sensitive information, such as dietary requirements, allergies, health information, accessibility needs, mobility assistance or religious requirements.
We will only collect this information where it is relevant to your travel arrangements and, where required, with your explicit consent. This information will be shared only with relevant suppliers where necessary to deliver your travel arrangements or requested support.
Examples may include sharing dietary requirements with a hotel, mobility assistance requirements with an airline, or accessibility needs with a cruise line, transfer provider or destination management company.
5. Who We Share Your Data With
To deliver our services, we may need to share relevant personal data with trusted third parties, including:
- Colletts Travel Limited and associated booking infrastructure;
- Global Travel Collection and relevant travel booking systems;
- airlines, hotels, resorts, villas, cruise lines and tour operators;
- destination management companies, transfer providers and ground handlers;
- travel insurance providers, where you ask us to support this;
- payment, accounting, invoicing and CRM providers;
- website hosting, analytics, email marketing and IT service providers;
- professional advisers, including accountants, insurers and legal advisers;
- regulators, law enforcement or public authorities where legally required.
We only share the information necessary for the relevant purpose and expect third parties to handle personal data securely and lawfully.
6. Retention and Deletion Schedule
| Data Category | Retention Period | Deletion Method |
|---|---|---|
| Booking files, invoices and accounting records | 7 years | Secure deletion and encrypted backup deletion where practicable |
| Passport and visa scans | 30 days post-travel unless legally required for longer | Secure deletion |
| General enquiry records | Up to 3 years after last contact | Secure deletion or anonymisation |
| Marketing contacts | Until unsubscribed, consent withdrawn or inactive for 3 years | Database suppression, deletion or anonymisation |
| Health, accessibility and special category travel notes | Trip end + 6 months unless required for a dispute, legal claim or ongoing client relationship | Secure deletion |
| Website analytics data | In accordance with analytics platform settings and cookie consent preferences | Deletion or anonymisation |
| Complaints and data rights correspondence | Up to 6 years from closure of the matter | Secure deletion |
We may retain limited information for longer where necessary to establish, exercise or defend legal claims, comply with legal obligations, resolve disputes or maintain suppression lists so that we do not contact you again where you have opted out.
7. Cookies and Similar Technologies
We use cookies and similar technologies to support website functionality, understand how visitors use our Site and improve the experience we provide.
Our cookies may include:
| Cookie Type | Purpose |
|---|---|
| Strictly Necessary Cookies | Required for the Site to operate securely and correctly. |
| Analytics Cookies | Help us understand website performance and visitor behaviour, such as through Google Analytics 4 where enabled. |
| Functionality Cookies | Remember preferences such as language, region or display settings. |
| Advertising or Marketing Cookies | May support personalised marketing or advertising, such as Meta Pixel, only where consent is required and has been provided. |
Some technologies are essential and do not require consent. Other cookies and similar technologies will only be used where legally permitted and, where required, with your consent.
You can update your preferences at any time via the Cookie Settings link in our website footer, where available, or through your browser settings.
We may update our use of cookies and similar technologies from time to time to reflect changes in law, guidance from the Information Commissioner’s Office, or changes to the technology used on our Site.
Please refer to our Cookie Policy for further details.
8. International Transfers
Some data may be transferred outside the UK or European Economic Area, for example to global hotel chains, airlines, cruise lines, destination management companies, booking platforms or cloud service providers.
Where international transfers take place, we rely on appropriate safeguards, which may include:
- UK adequacy regulations;
- standard contractual clauses with the UK International Data Transfer Addendum;
- international data transfer agreements;
- supplier contractual protections;
- or other lawful safeguards recognised under UK data protection law.
9. Security Measures
We take appropriate technical and organisational measures to protect your personal data from unauthorised access, loss, misuse, alteration or disclosure.
These measures may include:
- secure systems and password protection;
- multi-factor authentication where available;
- encryption in transit and at rest where supported by our systems and providers;
- restricted access to client information;
- supplier due diligence where appropriate;
- secure deletion procedures;
- cyber-risk reviews;
- breach response procedures;
- and staff awareness of confidentiality and data protection responsibilities.
Where a personal data breach is likely to result in a risk to your rights and freedoms, we will notify the Information Commissioner’s Office within 72 hours where legally required. Where the risk is high, we will also notify affected individuals where required.
10. Your Rights
You have the right to:
- request access to your personal data;
- correct or update inaccurate data;
- request erasure of your data, sometimes known as the “right to be forgotten”;
- restrict or object to processing;
- receive your data in a portable format;
- withdraw consent at any time where processing is based on consent;
- object to direct marketing at any time;
- complain to us about how we handle your personal data;
- and lodge a complaint with the Information Commissioner’s Office.
To exercise any of these rights, please contact:
privacy@thewanderlustedit.co.uk
We may need to verify your identity before actioning your request. We will respond to valid data rights requests within one calendar month, unless an extension is permitted by law.
11. Data Protection Complaints
We take your privacy seriously and want to make it easy for you to raise any concern about how we collect, use, store or share your personal data.
If you have a concern or complaint about how The Wanderlust Edit has handled your personal data, please contact us in the first instance:
Privacy Email: privacy@thewanderlustedit.co.uk
Telephone: +44 (0)20 7434 7407
Postal Address: The Wanderlust Edit, c/o 101 St. Martins Lane, First Floor, London, WC2N 4AZ
When contacting us, please include your name, contact details and a brief description of your concern so that we can review the matter properly.
We will acknowledge your complaint within 30 days of receiving it. We will consider your complaint carefully, take appropriate steps to investigate the matter and respond without undue delay.
Where we need more information from you, we will let you know. Where appropriate, we will explain what action we have taken or intend to take.
You also have the right to raise a complaint with the Information Commissioner’s Office, the UK supervisory authority for data protection matters:
Information Commissioner’s Office
Website: ico.org.uk
Telephone: 0303 123 1113
We would, however, welcome the opportunity to resolve your concern directly first.
12. Marketing Communications
We may send you marketing communications where you have opted in or where we are otherwise legally permitted to do so.
Marketing may include curated travel inspiration, destination updates, offers, event invitations, travel insights and news from The Wanderlust Edit.
You can unsubscribe at any time by:
- clicking the unsubscribe link in our emails;
- replying STOP or requesting removal from WhatsApp marketing where applicable;
- or contacting privacy@thewanderlustedit.co.uk.
We will not sell your personal data to third parties.
13. WhatsApp, Email and Social Media
You may choose to communicate with us by WhatsApp, email, telephone or social media. Please be aware that these platforms may process your personal data in accordance with their own privacy policies and terms.
We recommend that sensitive travel documents, passport details or payment information are shared only through secure channels where available.
Where you contact us through Instagram, Facebook, LinkedIn or another social media platform, your interaction with that platform will also be governed by the privacy policy of the relevant provider.
14. Children
Our services are not directed at anyone under 18.
We may process children’s personal data where it is necessary to arrange family travel and where the information is provided by a parent, guardian or authorised adult. This may include names, ages, passport details, dietary requirements or travel preferences required for booking and fulfilment.
If we become aware that we have collected children’s data in error and without appropriate authority, we will delete it unless there is a lawful reason to retain it.
15. Third-Party Links
Our Site may link to Instagram, Facebook, LinkedIn, booking engines, supplier websites, payment platforms or other trusted third-party websites.
We are not responsible for the privacy practices, content or security of third-party websites. Please review their privacy policies before sharing personal data with them.
16. Automated Decision-Making
We do not use personal data for automated decisions or profiling that produce legal or similarly significant effects.
17. Changes to This Policy
This policy is reviewed annually or when laws, guidance, business practices or technology change.
Updates will be published on this page. Where changes materially affect your rights or how we use your personal data, we may also notify you by email or another appropriate method.
18. Contact
For privacy questions, data rights requests or data protection complaints, please contact:
Privacy Officer
The Wanderlust Edit Ltd
c/o 101 St. Martins Lane
First Floor
London
WC2N 4AZ
Email: privacy@thewanderlustedit.co.uk
Telephone: +44 (0)20 7434 7407
Registered Office:
167–169 Great Portland Street
5th Floor
London
W1W 5PF
United Kingdom
Registered in England and Wales No. 16288214