Privacy Policy

Last updated: May 10, 2026

1. Introduction

This Privacy Policy explains how goldenfrost-travel ("we", "us", "our") collects, uses, shares, and protects personal information when you use our website and services.

We are committed to protecting your privacy and handling your personal data in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

2. Information We Collect

2.1 Information You Provide

When you use our services, we collect:

  • Personal identification information (name, email address, postal address)
  • Benefits-related information (types of benefits sought, circumstances affecting eligibility)
  • Medical information (where relevant to disability benefit applications)
  • Financial information (income, savings, relevant to means-tested benefits)
  • Employment history (where relevant to benefit eligibility)

2.2 Automatically Collected Information

When you visit our website, we automatically collect:

  • Device information (browser type, operating system)
  • Usage data (pages visited, time spent on site, navigation patterns)
  • IP address and approximate geographic location
  • Referral source (how you found our website)

3. How We Use Your Information

We use your personal information to:

  • Provide benefits advisory services you've requested
  • Assess your eligibility for various benefit programs
  • Prepare application materials and guidance
  • Communicate with you about your service requests
  • Improve our website and services
  • Comply with legal obligations
  • Detect and prevent fraud or misuse of services

4. Legal Basis for Processing

We process your personal data under the following legal bases:

  • Contract performance: Processing necessary to fulfill our service agreement with you
  • Legitimate interests: Improving our services, preventing fraud, and business operations
  • Legal obligation: Complying with legal and regulatory requirements
  • Consent: Where you've specifically consented to processing (e.g., marketing communications)

5. Sharing Your Information

We do not sell your personal information. We may share your data with:

  • Service providers: Third-party vendors who assist with email delivery, website hosting, and data storage
  • Legal authorities: When required by law or to protect rights and safety
  • Medical professionals: Only with your explicit consent when gathering supporting evidence

We never share your information with DWP or other benefit agencies. You control all direct communication with government authorities.

6. Data Retention

We retain your personal information for as long as necessary to provide services and comply with legal obligations:

  • Active client data: Duration of service engagement plus 12 months
  • Completed case files: 7 years (in line with financial record requirements)
  • Marketing consent records: Until consent is withdrawn
  • Website analytics: 26 months

7. Your Rights

Under UK GDPR, you have the right to:

  • Access: Request copies of your personal data
  • Rectification: Correct inaccurate or incomplete data
  • Erasure: Request deletion of your data (right to be forgotten)
  • Restriction: Limit how we process your data
  • Data portability: Receive your data in a structured, machine-readable format
  • Object: Object to processing based on legitimate interests
  • Withdraw consent: Where processing relies on consent

To exercise these rights, contact us at [email protected].

8. Data Security

We implement appropriate technical and organizational measures to protect your personal information:

  • Encryption of data in transit and at rest
  • Access controls limiting staff access to personal data
  • Regular security assessments and updates
  • Secure disposal of physical and electronic records

While we strive to protect your data, no internet transmission is completely secure. You share information at your own risk.

9. Cookies and Tracking

Our website uses cookies to enhance functionality and analyze usage. See our Cookies Policy for detailed information about the cookies we use and how to manage them.

10. Third-Party Links

Our website may contain links to external sites. We are not responsible for the privacy practices of third-party websites. Review their privacy policies before providing personal information.

11. Children's Privacy

Our services are not directed at individuals under 16. We do not knowingly collect personal information from children. If you believe we've collected data from a child, contact us immediately for removal.

12. International Transfers

Your personal data is processed within the United Kingdom. If we transfer data internationally, we ensure appropriate safeguards are in place as required by UK GDPR.

13. Changes to This Policy

We may update this Privacy Policy to reflect changes in our practices or legal requirements. Significant changes will be communicated via email or prominent website notice. Continued use of our services after changes constitutes acceptance.

14. Contact Us

For privacy-related questions, concerns, or to exercise your rights:

Email: [email protected]
Address: 142 Cromwell Road, Kensington, London SW7 4EF, United Kingdom

15. Complaints

If you're unhappy with how we handle your personal data, you have the right to lodge a complaint with the Information Commissioner's Office (ICO):

ICO Website: goldenfrost-travel.com
ICO Helpline: 0303 123 1113