Important Notice
Atlas Atelier is a trading name operated as a franchisee of Not Just Travel (Agency) Ltd and trades as Wander Atelier Travel Co Ltd. When you share your personal data with us, it may be processed by both Atlas Atelier and Not Just Travel (Agency) Ltd. Please read this policy carefully to understand how your information is handled across both entities.
Section 01
Who We Are
Atlas Atelier ("we", "us", "our") is a bespoke luxury travel design service operating as an independent franchisee of Not Just Travel (Agency) Ltd, trading as Wander Atelier Travel Co Ltd. We are registered in England and Wales, United Kingdom.
We specialise in crafting exceptional safari experiences, luxury cruising, and curated private journeys for discerning clients across the United Kingdom and internationally. In doing so, we act as a travel agent, arranging bookings through safari operators, airlines, cruise lines, luxury lodges, accommodation providers, and other specialist suppliers.
Our financial protection is provided through our franchise arrangement:
- ABTA: Not Just Travel (Agency) Ltd — Membership No. K9413
- ATOL: Protected through Hays Travel Limited
Section 02
Data Controllers
Because Atlas Atelier operates as a franchisee of Not Just Travel (Agency) Ltd, there are two data controllers relevant to the processing of your personal information:
Atlas Atelier
Franchisee — Primary point of contact
Trading as Wander Atelier Travel Co Ltd
Registered in England & Wales
Not Just Travel (Agency) Ltd
Franchisor — Parent company
Registered in England & Wales
ABTA No. K9413
Both parties may process your data as part of delivering your travel booking and associated services. Not Just Travel (Agency) Ltd's own privacy policy is available on their website and applies in addition to this policy where relevant.
Section 03
Information We Collect
We collect personal information when you enquire about or book travel services through us. The types of data we may collect include:
Information you provide directly
- Full name, date of birth, nationality and passport details
- Contact details including email address, telephone number and postal address
- Travel preferences, destination interests, and budget information
- Dietary requirements, accessibility needs or medical information where relevant to your travel
- Next-of-kin or emergency contact information
- Payment information (processed securely — we do not store full card details)
- Details of any co-travellers whose bookings you manage on their behalf
Information collected automatically
- Website usage data including pages visited, time on site and browser type
- IP address and approximate location data
- Cookie and tracking data (see Section 10)
- Email engagement data such as opens and clicks, where you have consented to marketing communications
Special category data
Sensitive Information
Certain travel bookings may require us to process special category data under UK GDPR — for example, health or dietary information for medical or religious requirements. We will only collect and use this data where strictly necessary for your booking, with your explicit consent, and in line with UK GDPR Article 9.
Section 04
How We Use Your Data
We use your personal data for the following purposes:
| Purpose | Detail |
|---|---|
| Booking & administration | Processing your enquiry, creating and managing your booking, communicating itinerary details, and handling amendments or cancellations. |
| Supplier fulfilment | Passing necessary details to airlines, safari lodges, hotels, cruise lines, transfer companies and tour operators to deliver your travel. |
| Financial & legal obligations | Processing payments, issuing invoices, maintaining accounting records, and complying with ABTA, ATOL and other regulatory requirements. |
| Communication | Responding to enquiries, sending booking confirmations, pre-travel information and post-trip follow-ups. |
| Marketing | Sending newsletters, destination inspiration and curated travel ideas — only where you have given explicit consent or where a legitimate interest applies. |
| Service improvement | Analysing how our website and services are used to improve the client experience. |
| Franchise operations | Sharing data with Not Just Travel (Agency) Ltd as required under our franchise agreement to manage bookings, compliance and financial reconciliation. |
Section 05
Legal Basis for Processing
Under the UK General Data Protection Regulation (UK GDPR), we are required to have a lawful basis for processing your personal data. We rely on the following:
- Contract: Processing is necessary to fulfil the travel booking contract you have entered into with us, or to take steps at your request prior to entering into a contract.
- Legal obligation: Processing is required to comply with our legal and regulatory obligations, including ABTA and ATOL requirements, financial record-keeping and anti-money laundering rules.
- Legitimate interests: We may process data where it is in our legitimate business interests and does not unduly impact your rights — for example, to improve our services, prevent fraud, or send relevant communications to existing clients.
- Consent: For marketing communications to new contacts, and for processing special category data such as health or dietary information, we rely on your explicit consent. You may withdraw this at any time.
Section 07
International Data Transfers
The nature of our business means your personal data may be transferred to, and processed in, countries outside the United Kingdom — particularly across the safari and luxury travel destinations we serve in Africa and beyond.
Where we transfer data internationally, we ensure appropriate safeguards are in place, which may include:
- Transfers to countries with UK adequacy decisions
- Standard contractual clauses approved by the ICO
- Supplier contracts that require equivalent data protection standards
Some countries to which data may be transferred — including Zimbabwe, South Africa, Kenya, Tanzania, Zambia, Botswana and others — may not have data protection laws equivalent to those in the UK. In these cases, we ensure contractual safeguards are in place wherever possible, and we limit the data shared to only what is strictly necessary for your travel.
Section 08
Data Retention
We retain your personal data for as long as is necessary to fulfil the purposes set out in this policy, and to comply with our legal, regulatory and contractual obligations. In practice, this means:
- Booking records: Retained for a minimum of 7 years from the date of your travel, in line with HMRC and ABTA requirements.
- Enquiry records (no booking made): Retained for up to 2 years from the date of your last contact.
- Marketing data: Retained until you withdraw consent or opt out, or until we determine the data is no longer relevant.
- Financial records: Retained for 6 years from the end of the relevant financial year, as required by law.
After these periods, your data will be securely deleted or anonymised.
Section 09
Your Rights
Under UK GDPR, you have the following rights in relation to your personal data:
| Right | What this means |
|---|---|
| Access | You can request a copy of the personal data we hold about you (a Subject Access Request). |
| Rectification | You can ask us to correct any inaccurate or incomplete data we hold about you. |
| Erasure | You can request that we delete your personal data, subject to our legal obligations to retain certain records. |
| Restriction | You can ask us to restrict how we use your data in certain circumstances. |
| Data portability | Where processing is based on consent or contract, you can request your data in a structured, machine-readable format. |
| Object | You can object to processing based on legitimate interests, including direct marketing. |
| Withdraw consent | Where we rely on your consent, you may withdraw it at any time without affecting prior processing. |
| Complain | You have the right to lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk. |
To exercise any of these rights, please contact us at enquiries@atlasatelier.co.uk. We will respond within one calendar month. There is no charge for exercising your rights unless requests are manifestly unfounded or excessive.
Section 11
Data Security
We take the security of your personal data seriously and have implemented appropriate technical and organisational measures to protect it against unauthorised access, loss, destruction or disclosure. These include:
- Secure, encrypted connections (HTTPS) across our website
- Access controls limiting who within our business can view your data
- Use of reputable, security-certified third-party platforms and processors
- Regular review of our data handling procedures
Whilst we take every reasonable precaution, no method of electronic transmission or storage is entirely secure. If you have concerns about the security of your data, please contact us directly.
Section 12
Third-Party Links
Our website may contain links to third-party websites, including supplier sites, social media platforms and the Not Just Travel website. We are not responsible for the privacy practices of these external sites and encourage you to read their privacy policies before providing any personal information.
Section 13
Children's Privacy
Our services are not directed to individuals under the age of 18. We do not knowingly collect personal data from children directly. Where a booking involves minors, we collect only the information necessary for travel purposes — such as names and passport details — provided by a parent or guardian who takes responsibility for ensuring the child's data is shared appropriately.
Section 14
Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or legal requirements. When we make material changes, we will update the "Last Updated" date at the top of this page and, where appropriate, notify you by email.
We encourage you to review this policy periodically to stay informed about how we protect your information.
Section 15
Contact Us
If you have any questions about this Privacy Policy, wish to exercise your rights, or have a concern about how your data is being used, please get in touch:
Atlas Atelier
Dalene — Founder & Director
Trading as Wander Atelier Travel Co Ltd
Registered in England & Wales
Email: enquiries@atlasatelier.co.uk
Hours: Tuesday–Friday, 11:30am–6:00pm
Not Just Travel (Agency) Ltd
Franchisor — Data Controller
ABTA No. K9413
ATOL via Hays Travel Limited
If you are not satisfied with our response, you have the right to complain to the Information Commissioner's Office (ICO):
- Website: ico.org.uk
- Helpline: 0303 123 1113
Governing Law
This Privacy Policy is governed by the laws of England and Wales. By using our services, you agree to the jurisdiction of the English courts in relation to any dispute arising from this policy.
