Privacy Policy

TravelFare.PK Pvt Ltd ("TravelFare.PK", "we", "us") is committed to protecting the personal data of every customer who interacts with our website, CMS, or on-ground services. This policy explains what we collect, why, how we store it, and the rights you have over it. By using TravelFare.PK you consent to the practices described here.

1. Information we collect

We collect only what we need to deliver Umrah, Hajj, study, visa, tour, and ticketing services. Specifically:

• Identity & contact: full name, CNIC/passport number, date of birth, phone, email, mailing address.
• Inquiry data: the message body, preferred destinations, travel dates, group size, and any module-specific fields you submit through our forms.
• Booking data: ticket details, hotel preferences, dietary or accessibility needs, emergency contacts.
• Payment data: we never store full card numbers. Card payments are routed through PCI-compliant gateways; we retain only the last-4, transaction reference, and status.
• Technical data: IP address, browser/user-agent, referrer URL, UTM parameters, and analytics events. Used for fraud prevention and product improvement.

2. How we use your data

• To respond to inquiries and deliver the services you booked.
• To process visa applications with the relevant embassies and consulates.
• To meet legal obligations (BoEOEC manpower export records, MOFA/IATA reporting, tax retention).
• To send transactional notifications (booking confirmations, visa decisions, etc.).
• To send marketing emails — only if you opt in via the newsletter form. Each email includes a one-click unsubscribe.
• To improve our website and prevent abuse (rate-limiting, bot detection).

3. Sharing

We share data only with parties involved in fulfilling your booking:

• Airlines, hotels, ground operators, and visa-issuing authorities.
• Payment processors, accounting providers, and email-delivery services bound by their own data-protection commitments.
• Government bodies when required by law (subpoena, audit, fraud investigation).

We never sell your personal information to advertisers or unrelated third parties.

4. Storage & retention

Personal data is stored on secured Nhost (hosted Postgres) and Vercel infrastructure with encryption in transit (TLS 1.2+) and at rest. Backups are retained for 30 days. Inquiry records are kept for 24 months; booking and tax records are retained per Pakistani statutory requirements (typically 6 years).

5. Your rights

You can ask us at any time to:

• Access a copy of the personal data we hold about you.
• Correct inaccurate data.
• Delete your data (subject to statutory retention obligations).
• Withdraw consent for marketing communications.
• Receive a portable export of your data in machine-readable format.

Email privacy@travelfare.pkwith the subject "Data request" and we'll respond within 30 days.

6. Children

Our services are intended for adults aged 18+. Where a minor travels with a guardian we hold the minor's data only with the guardian's explicit consent and only for the duration of the booking.

7. Cookies

See our Cookie Policy for the full breakdown of what cookies we set and how you can control them.

8. Updates

We may update this policy as our services evolve. Material changes will be announced on this page; the "Last updated" date at the top reflects the most recent revision.

9. Contact

TravelFare.PK Pvt Ltd, 12 Davis Road, Lahore, Pakistan · privacy@travelfare.pk