Privacy Policy | We Go Round Travel

We Go Round Travel (TAT License 11/10587, wegoroundtravel.com) is committed to protecting your personal data. This policy explains how we collect, use, and protect your information when you use our website or book a trip with us. We follow the principles of the EU General Data Protection Regulation (GDPR) and Thailand's Personal Data Protection Act (PDPA).

1 Who We Are

We Go Round Travel is a licensed travel company based in Thailand, specialising in private and small-group tours for international visitors.

Company name: We Go Round Travel
TAT Tourism Licence: 11/10587
Website: wegoroundtravel.com
Data controller contact: [email protected]
General enquiries: [email protected]

For any questions about how we handle your personal data, please reach out to us directly via email — we aim to respond within 30 days.

2 Information We Collect

We only collect information that is necessary to deliver our services or that you choose to share with us.

Contact information: your name, email address, phone number, and country of origin — provided when you enquire or book.
Booking information: passport numbers, travel dates, dietary requirements, and any medical or accessibility notes — only when you provide them and only as needed to arrange your trip.
Payment information: payments are processed by secure third-party providers (such as bank transfer or payment gateway). We do not store credit or debit card numbers on our systems.
Website usage data: anonymised browsing data collected via cookies and Google Analytics, including pages visited, session duration, and device type.
Communications: messages sent through our contact form, by email, or via WhatsApp.

We never ask for more personal information than we need, and we do not collect sensitive data (such as health conditions) unless you volunteer it to help us arrange appropriate services for you.

3 How We Use Your Data

We use your personal information for the following purposes:

To confirm and manage your travel booking, including communicating with hotels, guides, and transport providers on your behalf.
To communicate with you before, during, and after your trip — answering questions, sharing updates, and providing support.
To send trip-related documents such as vouchers, detailed itineraries, and invoices.
To improve our services, using aggregated and anonymised analytics data that cannot be traced back to you personally.
With your explicit consent: to send travel inspiration, seasonal offers, or newsletter updates. You can withdraw this consent at any time.

We will never use your personal data to make automated decisions that significantly affect you, and we will never profile you for advertising purposes.

4 Legal Basis for Processing (GDPR)

If you are located in the European Economic Area (EEA), we rely on the following legal bases for processing your personal data:

Contract performance: processing is necessary to deliver the travel services you have booked with us — for example, sharing your name and travel dates with a hotel.
Consent: for optional marketing communications such as newsletters and promotional emails. You may withdraw consent at any time by contacting [email protected] or clicking unsubscribe.
Legitimate interests: for fraud prevention, security monitoring, and ensuring the smooth operation of our website — where our interests do not override your rights and freedoms.
Legal obligation: where Thai law requires us to retain financial records related to bookings.

5 Data Sharing

We share your personal data only when necessary to deliver your trip or comply with the law. We do not sell your data, ever.

Service partners: hotels, transport providers, local guides, and activity operators receive only the information they need — typically your name, travel dates, and any relevant dietary or accessibility notes.
Thai authorities: we may be required to share certain information (e.g. passport details) with Thai government bodies or border authorities as required by Thai law.
Marketing companies: we never share or sell your data to third-party marketing organisations.
WhatsApp communications: messages sent via WhatsApp are end-to-end encrypted. Meta's own privacy policy applies to data held on their platform. We encourage you to review WhatsApp's Privacy Policy for details.

All third-party partners we work with are contractually required to protect your data and use it only for the purpose for which it was shared.

6 Data Retention

We retain your personal data only for as long as necessary:

Booking and financial records: retained for 5 years to comply with Thai accounting and tax regulations.
Marketing and newsletter data: retained until you unsubscribe or ask us to remove you from our mailing list.
Enquiry data (non-bookers): retained for up to 12 months, then deleted.
Website analytics data: aggregated and anonymised data may be retained indefinitely; it cannot be used to identify you personally.

You may request deletion of your personal data at any time. We will action your request within 30 days, subject to any legal obligations that require us to retain certain records.

7 Your Rights (GDPR)

If you are located in the EEA or the UK, you have the following rights regarding your personal data. To exercise any of them, contact [email protected] — we will respond within 30 days.

Right to Access Request a copy of the personal data we hold about you.

Right to Rectification Ask us to correct any inaccurate or incomplete data.

Right to Erasure Ask us to delete your data ("right to be forgotten"), subject to legal obligations.

Right to Restrict Processing Ask us to limit how we use your data in certain circumstances.

Right to Data Portability Request your data in a structured, machine-readable format.

Right to Object Object to processing based on legitimate interests, including direct marketing.

Withdraw Consent Withdraw consent for marketing at any time, with immediate effect.

Lodge a Complaint Raise a complaint with your local data protection authority (e.g. ICO in the UK).

8 Cookies

We use a small number of cookies to make the website work and to understand how visitors use it.

Essential cookies: session cookies required for contact forms and basic site functionality. These cannot be disabled without breaking certain features.
Analytics cookies: Google Analytics sets anonymised cookies to help us understand which pages are most useful. These do not identify you personally. You can block Google Analytics using a browser extension such as the Google Analytics Opt-out Add-on.
Advertising cookies: we do not use advertising or retargeting cookies of any kind.

You can control or disable cookies in your browser settings at any time. Disabling essential cookies may affect the functionality of contact forms. Disabling analytics cookies has no effect on your browsing experience.

9 Security

We take reasonable technical and organisational measures to protect your personal data against unauthorised access, loss, or misuse:

HTTPS encryption: all pages on wegoroundtravel.com are served over HTTPS. Data transmitted between your browser and our site is encrypted in transit.
Access controls: access to personal data is restricted to team members who need it to service your booking. We do not grant broad access to customer data.
Regular security review: we periodically review our systems and practices to identify and address potential vulnerabilities.
Third-party processors: payment and email services are handled by reputable providers who maintain their own security standards.

Despite our best efforts, no method of transmission over the internet is completely secure. If you have concerns about data security, please contact us at [email protected].

10 Children's Privacy

Our travel services are designed for adults and families, but our website and data collection processes are not directed at children under the age of 16 without parental consent.

We do not knowingly collect personal data from children under 16. If you believe we have inadvertently collected such data, please contact us immediately at [email protected] and we will delete it promptly.

When families travel with us, children's details (such as ages for activity planning) are collected from the parent or guardian who makes the booking, and are used solely to arrange appropriate services.

11 Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or the services we offer.

The current version of this policy is always available at /en/privacy-policy/.
The "Last updated" date at the top of this page indicates when the policy was last revised.
If you have an active or upcoming booking with us and we make significant changes to this policy, we will notify you by email.
For minor changes (such as corrections or clarifications), we will update the date without sending individual notices.

We encourage you to review this page periodically to stay informed about how we protect your information.

12 Contact Us

For any questions, concerns, or requests relating to your personal data, please contact us:

Email (data requests): [email protected]
General enquiries: [email protected]
WhatsApp: +66 94 492 9264
LINE: @wegoroundtravel

We aim to acknowledge all data-related requests within 5 working days and to resolve them within 30 calendar days. If your request is complex or you have submitted multiple requests, we may extend this period by up to an additional 60 days, and will inform you accordingly.

If you are unsatisfied with our response, you have the right to lodge a complaint with your local data protection supervisory authority — for example, the Information Commissioner's Office (ICO) in the UK, or your national DPA within the EU.

Questions about your data?

We're happy to help — reach out via email or WhatsApp and we'll respond within 30 days.

Email Us