Official Document

Privacy Policy – How We Protect Your Data

Last Updated: Last Updated: March 30, 2026

Table of Contents

1. Introduction

OnwardTicket.us (“we,” “our,” or “us”) is committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, store, and protect your data when you use our services, including flight itineraries (onward tickets/dummy tickets).

This policy complies with the General Data Protection Regulation (GDPR) and other applicable data protection laws.

2. Data Controller Information

Company Name:OnwardTicket.us
Contact Email:contact@onwardticket.us
Website:https://www.onwardticket.us

3. Information We Collect

3.1 Personal Information

When you use our services, we collect the following personal data:

Identity Information: Full name, date of birth, nationality, passport number, passport expiry date
Contact Information: Email address, phone number, postal address
Travel Information: Travel dates, destination countries, departure/arrival cities
Payment Information: Billing address, payment details (processed securely)
Visa Application Data: Employment details, travel purpose, history, supporting documents
Identity Documents: Copies of passport, photographs (as required)

3.2 Technical Information

Device Information: IP address, browser type/version, OS

Usage Data: Pages visited, time spent, click patterns

Cookies & Tracking: Info collected through cookies and pixels

3.3 Marketing Information

With your explicit consent, we collect:

  • Communication preferences
  • Marketing consent status
  • Response to campaigns
  • Newsletter subscription status

4. How We Use Your Information

4.1 Service Delivery

  • Process and fulfill orders for travel/visa documents
  • Generate booking confirmations
  • Communicate about orders and provide support
  • Verify identity and prevent fraud
Legal Basis (GDPR): Performance of contract, legitimate interests

4.2 Payment Processing

  • Complete transactions securely
  • Detect/prevent fraud
  • Comply with financial regulations
Legal Basis: Contract, Legal Obligation

4.3 Marketing

  • Send promotional offers (with consent)
  • Share travel tips & guidance
  • Personalize marketing content
Legal Basis: Explicit Consent

4.4 Website Improvement

  • Analyze performance & behavior
  • Improve functionality & UX
  • Conduct A/B testing
Legal Basis: Legitimate Interests

4.5 Legal Compliance

  • Comply with regulatory constraints
  • Respond to legal requests
  • Enforce our Terms and Conditions
Legal Basis: Legal Obligation

5. Data Sharing and Disclosure

5.1 Third-Party Service Providers

We share your data with trusted service providers who assist us in operating our business:

Payment ProcessorsTo process payments securely (e.g., Stripe, PayPal)
Email ProvidersTo send transactional and marketing emails
Cloud HostingTo store and secure data
Analytics ProvidersTo analyze website traffic & behavior
Booking PartnersAirlines and booking providers needed to fulfill reservations

5.2 Legal Requirements & 5.3 Business Transfers

We may disclose your information to comply with legal processes, protect rights, or investigate fraud. Asset transfers during a merger or acquisition will involve database transfers with continued protection notices.

5.4 No Sale of Personal Data

We DO NOT sell, rent, or trade your personal information to third parties for their marketing purposes.

6. Data Retention

We retain your data only as long as necessary. After the period, we securely delete or anonymize it.

7 YrsTransactional
ActiveMarketing
24 MoTechnical
30 DayIdentity Docs

7. Your Rights Under GDPR

If you are located in the EEA, UK, or other GDPR-applicable regions, you have the following rights:

Access: Request a copy of your personal data.
Rectification: Correct inaccurate data.
Erasure: The right to be forgotten.
Restriction: Limit how we use your data.
Portability: Obtain data in a machine-readable format.
Object/Withdraw: Object to processing or withdraw consent.
Contact: contact@onwardticket.us (Responds within 30 days)

8. Data Security

8.1 Technical Measures

  • SSL/TLS Data is encrypted in transit
  • Secure Storage Encrypted, secure servers
  • Access Control Restricted personnel access

8.2 & 8.3 Organizational/Payment

  • Staff training on data protection
  • Strict confidentiality agreements
  • Complete PCI-DSS card compliance

9. International Transfers

We use Standard Contractual Clauses (SCCs) to ensure equivalent GDPR protection if data leaves your region.

10. Cookies & Tracking

We use Strictly Necessary, Performance, Functional, and Marketing cookies. You can control these via your browser settings.

11. Marketing Communications

We only send marketing emails if explicitly opted-in. Unsubscribe anytime via footer links.

12. Children's Privacy

Services are NOT intended for under 18s. We do not knowingly collect children's data.

13. Third-Party Links

We are not responsible for privacy practices or content on external websites.

14. Data Breach Notification

In event of risk, we'll notify affected users within 72 hours and alert regulatory authorities per GDPR.

15. Updates to Policy

We update this policy occasionally. Material changes will be noted via email or prominent website notices.

16. Contact Us

contact@onwardticket.us

We aim to respond within 48 hours.

17. Supervisory Authority

EEA/UK users have the right to lodge a complaint with local data protection authorities.

By using OnwardTicket.us, you acknowledge that you have read and understood this Privacy Policy and consent to the collection, use, and disclosure of your personal information.

Related Legal Documents

Terms & Conditions

Usage rules and agreement

Refund Policy

Cancellation and resolution