1. Who We Are
Lenereglobe Travel & Tours (Pty) Ltd (“Lenereglobe”, “we”, “our”, “us”) is a South-African-registered travel company headquartered in Johannesburg and operating globally. We act as Responsible Party/Data Controller under:
- POPIA (South Africa)IAPPITLawCo
- EU GDPR (EEA)GDPR.euBitsight
- UK GDPR and the Data Protection Act 2018 (United Kingdom)HomeHome
- Applicable privacy statutes in other regions, including emerging 2025 state laws in the United StatesHome | White & Case LLP
Our dedicated Data Protection Officer (DPO) can be reached at privacy@lenereglobe.co.za or +27 87 210 0600.
2. Scope
This notice explains how we collect, use, disclose, transfer, and store your personal information when you:
- visit lenereglobe.co.za or any sub-domain
- request quotes, book travel, or engage our concierge service
- receive marketing communications or interact with us on social media
- attend events or webinars we organise
3. What We Collect
| Category | Examples | Typical Source |
|---|---|---|
| Identity & Contact | name, ID/passport, email, phone | you, group organiser, employer |
| Booking Details | flight numbers, loyalty IDs, visa docs, special requests | you, suppliers |
| Payment Data | masked card tokens, billing address | secure payment gateway |
| Usage Data | IP address, device, cookies, clickstream | website / app |
| Marketing Preferences | newsletter opt-ins, survey answers | you |
Sensitive data (e.g., health or dietary requirements) is processed only with explicit consent or when vital to your travel safety.
4. Legal Bases for Processing
We rely on one or more of the following lawful grounds, as required by POPIA §11 and Article 6 GDPR:
- Consent – e.g., sending promotional newsletters.
- Contractual Necessity – to issue tickets and fulfil your booking.
- Legal Obligation – retaining invoices for tax.
- Legitimate Interests – fraud prevention, service analytics (balanced against your rights).
You may withdraw consent at any time without affecting prior processing.
5. How We Use Your Information
- Travel fulfilment – arrange flights, accommodation, insurance, visas, events.
- Customer support – 24/7 assistance via phone, email, WhatsApp.
- Personalisation – recommend destinations and specials based on past trips.
- Marketing – send offers only where permitted; you can opt out anytime.
- Compliance & security – verify identity, perform AML checks, maintain system integrity.
6. Sharing & International Transfers
We share the minimum necessary data with:
- Airlines, hotels, insurers, visa agencies, event venues
- Global Distribution Systems and payment providers
- Affiliate travel partners inside and outside South Africa, the EEA, and UK
Whenever data leaves your home jurisdiction, we ensure adequate protection through:
- Standard Contractual Clauses (EU/UK) or approved addenda
- Binding Corporate Rules where applicable
- Supplier due-diligence under POPIA s21
7. Cookies & Similar Tracking
Our site uses essential cookies for security and functionality, plus analytics cookies (Google Analytics 4) to understand aggregate usage. Non-essential cookies load only with your consent via our cookie banner.
8. Data Retention
Booking records, invoices, and related correspondence are retained 7 years to meet statutory accounting duties; marketing preferences are kept until you unsubscribe; CCTV footage (if you visit our offices) is kept for a maximum of 30 days unless required for investigation.
9. Your Privacy Rights
| Jurisdiction | Key Rights (summary) | How to Exercise |
|---|---|---|
| POPIA | Access, correction, deletion, objection, complain to Information Regulator | info@lenereglobe.co.za |
| EU GDPR | Same + data portability, restriction, automated-decision challenge | info@lenereglobe.co.za |
| UK GDPR | Same as EU; complain to ICO | info@lenereglobe.co.za |
| Other Regions | Rights available under local law | info@lenereglobe.co.za |
We respond within one calendar month (extendable where complex).
10. Security
We employ ISO 27001-aligned controls, end-to-end TLS, encrypted backups, least-privilege access, and annual penetration testing to safeguard data. Suppliers are contractually required to implement equivalent measures.
11. Children
Our services are not directed to persons under 18. If we learn we have inadvertently collected a child’s data without parental consent, we will delete it promptly.
12. Third-Party Links
Our site may link to airline portals, tourism boards, or social media. We are not responsible for their privacy practices—please review their notices.
13. Changes to This Policy
We may update this notice to reflect legal or operational changes. Significant amendments will be announced on our homepage 14 days before taking effect. The version date appears at the top.
14. Contact & Complaints
Email: info@lenereglobe.co.za
Post: Lenereglobe Travel & Tours, 4th Floor, Rosebank Towers, Johannesburg, 2196, South Africa
If unresolved, you may complain to:
- Information Regulator (SA) – complaints.IR@justice.gov.za
- European Data Protection Authorities – see edpb.europa.eu
- UK ICO – ico.org.uk/make-a-complaint