Privacy Policy

flyEurope DMC ("flyEurope," "we," "our," or "us") is a business-to-business destination management company operated by FLYORA LLC (Shams Free Zone, Sharjah, UAE). We provide turnkey European ground handling services exclusively to travel agents, tour operators, and travel trade professionals.

This Privacy Policy explains how we collect, use, store, and protect personal data when you interact with our website at flyeuropedmc.com, submit enquiries, or engage with our services.

For the purposes of data protection law, flyEurope DMC is the data controller responsible for your personal data.

We may collect the following categories of personal data:

Information you provide directly

• Full name and job title
• Business email address and phone number
• Company name, address, and trade credentials (e.g. IATA, ABTA, ATOL numbers)
• Enquiry details: destinations, travel dates, group sizes, programme preferences
• Any additional information you include in messages or forms

Information collected automatically

• IP address and approximate location
• Browser type, operating system, and device information
• Pages visited, time spent, and navigation patterns
• Referring website or campaign source
• Cookie identifiers and similar tracking data (see Section 9)

We do not collect sensitive personal data such as payment card details, passport numbers, or health information through this website. Any such data required for bookings is collected through secure, separate channels.

• Contact and quote request forms on our website
• Email correspondence and phone calls
• Partner application and registration processes
• Automated technologies such as cookies and analytics tools
• Trade events, exhibitions, and networking where you share your contact details

We process your personal data for the following purposes:

• Responding to trade enquiries and providing programme quotes
• Managing partner accounts and onboarding new agents
• Coordinating bookings with our supplier network (hotels, transport, guides)
• Sending operational communications: booking confirmations, itinerary updates, and on-trip support information
• Sending marketing communications about new programmes, destinations, or trade offers (only with your consent, and you can opt out at any time)
• Analysing website usage to improve our content and user experience
• Ensuring website security and preventing fraud
• Meeting our legal and regulatory obligations

Under the General Data Protection Regulation (GDPR), we rely on the following legal bases:

• Legitimate interest — to respond to trade enquiries, manage our B2B relationships, and improve our services. We always balance our interests against your rights.
• Contract performance — to fulfil bookings and service agreements with your agency
• Consent — for marketing communications and non-essential cookies. You can withdraw consent at any time.
• Legal obligation — to comply with tax, financial, and regulatory requirements

We share personal data only where necessary to deliver our services or comply with legal obligations. We never sell or rent your personal data.

• Supplier partners — hotels, vehicle providers, transfer operators, and local guides who need relevant details to fulfil bookings
• Technology providers — hosting, email delivery, CRM, and analytics services that process data on our behalf under strict data processing agreements
• Professional advisors — accountants, legal counsel, and insurers as required
• Regulatory authorities — where required by law or to protect our legal rights

All third-party service providers are contractually required to protect your data and may only process it for the specific purposes we instruct.

As a European DMC working with a global network of travel agents, your data may be transferred outside the European Economic Area (EEA). When this occurs, we ensure appropriate safeguards are in place:

• EU Standard Contractual Clauses (SCCs) with data recipients
• Transfers to countries with an EU adequacy decision
• Other recognised mechanisms under applicable data protection law

We retain personal data only as long as necessary for the purposes described in this policy:

• Active partner accounts — for the duration of the business relationship, plus 2 years
• Enquiry data (non-converted) — 24 months from last contact
• Booking records — 7 years, as required by applicable tax and accounting law
• Website analytics data — 26 months (anonymised after this period)
• Marketing consent records — retained until consent is withdrawn, plus a record of the withdrawal

When data is no longer needed, it is securely deleted or anonymised.

Our website uses cookies and similar technologies. A cookie is a small text file placed on your device that helps us understand how you use our site.

Essential cookies

Required for the website to function correctly — e.g. session management, security tokens, and cookie consent preferences. These cannot be disabled.

Analytics cookies

Help us understand how visitors navigate the site, which pages are most visited, and where users drop off. We use privacy-focused analytics and do not create individual user profiles. These cookies are only set with your consent.

Marketing cookies

Used to deliver relevant trade marketing content and measure the effectiveness of our outreach. Only set with your explicit consent.

You can manage your cookie preferences at any time through your browser settings or the cookie consent banner on our site. Note that disabling essential cookies may affect website functionality.

Under the GDPR and applicable data protection laws, you have the following rights:

• Access — request a copy of the personal data we hold about you
• Rectification — ask us to correct inaccurate or incomplete data
• Erasure — request deletion of your data where there is no compelling reason for continued processing
• Restriction — ask us to temporarily stop processing your data in certain circumstances
• Data portability — receive your data in a structured, machine-readable format
• Objection — object to processing based on legitimate interests or for direct marketing
• Withdraw consent — where processing is based on consent, you may withdraw it at any time without affecting prior processing

To exercise any of these rights, contact us at privacy@flyeuropedmc.com. We will respond within 30 days.

If you are unsatisfied with our response, you have the right to lodge a complaint with the relevant data protection authority in your jurisdiction or contact us directly at contact@flyeuropedmc.com) or your local supervisory authority.

We implement appropriate technical and organisational measures to protect your personal data, including:

• HTTPS encryption across all pages
• Access controls and role-based permissions for internal systems
• Regular security reviews and software updates
• Data processing agreements with all third-party service providers
• Staff awareness of data protection obligations

While no method of electronic transmission or storage is completely secure, we take commercially reasonable steps to safeguard your data against unauthorised access, alteration, or disclosure.

Our website and services are directed exclusively at travel trade professionals. We do not knowingly collect personal data from individuals under 16 years of age. If we discover that we have inadvertently collected such data, we will delete it promptly.

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or industry standards. When we make material changes, we will update the "Last updated" date at the top of this page and, where appropriate, notify you by email.

We encourage you to review this page periodically. Your continued use of our website after any changes constitutes acceptance of the updated policy.

If you have questions about this Privacy Policy or how we handle your data, please contact us:

We aim to respond to all privacy-related enquiries within 30 days.