-300x200.jpg)
-300x200.jpg)
Last updated: 02/04/2026
Universal Hikes Limited trading as Stroll.com (“Stroll”, “we”, “us”, “our”) is committed to protecting your privacy. This Privacy Policy explains how we collect, hold, use and disclose your personal information in accordance with UK GDPR and the Data Protection Act 2018.
We are a data controller, meaning we are responsible for deciding how and why your personal data is used.
Universal Hikes Limited trading as Stroll.com | Registration number: 754215 | c/- Malone and Co Chartered Accountants, Landscape House, Baldonnell Business Park, Dublin 22, D22 P3K7, Ireland
1. What Personal Information Do We Collect?
We collect personal information that is reasonably necessary for us to carry out our business functions and activities. This may include:
- Your name
- Your contact details (including postal address, email address and phone number)
- Payment details
- Travel preferences and requirements
- Health information, where necessary for your trip (for example dietary requirements or mobility needs)
- Passport details and nationality, required for certain international bookings
- Information you provide when you make an enquiry or booking
- Information you provide when you partially complete a booking form on our website
- Information you provide when you subscribe to our mailing list
- Information you provide when you contact us with queries or feedback
- Information about your use of our website, including IP address and browsing behaviour, collected via cookies — see our Cookie Policy for full details
- Feedback you provide in post-trip surveys
2. How Do We Collect Your Personal Information?
We may collect your personal information directly from you when you:
- Enquire about our services
- Book a trip with us
- Partially complete a booking form on our website
- Subscribe to our mailing list
- Contact us via phone, email or our website
- Participate in post-trip surveys
- Use our website
We may also collect your personal information from third parties, such as travel agents or other booking intermediaries, with your consent.
3. Why Do We Collect, Hold, Use and Disclose Your Personal Information?
We collect, hold, use and disclose your personal information for the following purposes:
- To provide you with the services you have requested
- To communicate with you about your bookings and enquiries
- To follow up with you if you have partially completed a booking form on our website
- To process your payments
- To tailor your travel arrangements to your preferences and requirements
- To ensure your health and safety during your trip, where necessary
- To send you marketing materials, where you have provided your consent or as otherwise permitted by law — you can withdraw consent at any time by clicking the unsubscribe link in any email or by contacting us
- To improve our website, products and services, including through analysis of website usage and post-trip survey feedback
- For our internal administrative purposes
- To comply with our legal obligations, including those under the Package Travel and Linked Travel Arrangements Regulations 2018
We process your personal data on the following legal bases under UK GDPR:
| Purpose | Legal Basis | Notes |
|---|---|---|
| Providing services and fulfilling your booking | Contract performance | Including communicating with suppliers on your behalf |
| Following up on partial booking forms | Legitimate interests | To help you complete your enquiry |
| Responding to enquiries and customer service | Legitimate interests / Contract | Pre-sale and post-sale support |
| Processing payments | Contract performance | Via our secure payment provider |
| Health and safety during your trip | Explicit consent | Health information processed with your consent only |
| Sending marketing emails and newsletters | Consent | Withdraw at any time via the unsubscribe link |
| Improving our website and services | Legitimate interests | Analytics and post-trip survey feedback |
| Internal administration | Legitimate interests | Record-keeping and operational management |
| Complying with legal obligations | Legal obligation | Including ABTOT and Package Travel Regulations |
4. Disclosure of Your Personal Information
We may disclose your personal information to:
- Our service providers who assist us in operating our business, such as accommodation providers, transport companies, local guides, IT service providers and marketing agencies
- Our professional advisers, such as lawyers and accountants
- Travel agents or other booking intermediaries, where you have used them to make your booking
- ABTOT or our bonding authority, as required for financial protection compliance
- Analytics and advertising platforms, including Google and Meta, as described in our Cookie Policy
- Government authorities or regulatory bodies, if required or authorised by law
We do not sell your personal data to third parties.
5. International Transfers of Your Personal Information
As a walking holiday company operating internationally, we may disclose your personal information to overseas recipients in order to facilitate your travel arrangements.
Countries to which data may be transferred include, but are not limited to: Australia, New Zealand, Japan, Spain, Portugal, Italy, France, Croatia, Turkey and Switzerland.
Where we transfer personal data outside the UK, we ensure appropriate safeguards are in place. These may include Standard Contractual Clauses approved by the UK Information Commissioner's Office (ICO), reliance on an ICO adequacy decision, or other lawful transfer mechanisms. You can request details of the safeguards we rely on by contacting us.
6. Security of Your Personal Information
We take reasonable steps to protect your personal information from misuse, interference, loss, and unauthorised access, modification or disclosure. These steps include:
- Using secure servers and encryption for online transactions and data storage
- Implementing firewalls and other IT security measures
- Limiting access to personal information to authorised personnel on a need-to-know basis
- Implementing physical security measures at our premises
When your personal information is no longer needed for the purpose for which it was collected, we will take reasonable steps to delete or de-identify it. Booking records are retained for 7 years from completion of travel for legal and tax compliance. Enquiries that did not result in a booking are retained for 2 years.
7. Access to and Correction of Your Personal Information
You have the right to request access to the personal information we hold about you, and to request corrections if you believe it is inaccurate, incomplete, out of date or misleading.
To make a request, please contact us using the details in Section 10. We will respond within one month. We may require you to verify your identity before granting access. We will not charge you for making a request.
8. Your Rights Under UK GDPR
In addition to the rights of access and correction above, you have the following rights under UK GDPR:
- Right to erasure — to request deletion of your data in certain circumstances
- Right to restrict processing — to limit how we use your data
- Right to data portability — to receive your data in a structured, machine-readable format
- Right to object — to processing based on legitimate interests, or to direct marketing at any time
- Rights in relation to automated decision-making and profiling
To exercise any of these rights, please contact us using the details in Section 10.
9. How to Make a Complaint
If you have a complaint about how we have handled your personal information, please contact us in the first instance. We will investigate your complaint and aim to respond within a reasonable period.
If you are not satisfied with our response, you have the right to lodge a complaint with the UK Information Commissioner's Office (ICO):
- Website: www.ico.org.uk
- Telephone: 0303 123 1113
10. How to Contact Us
For any questions about this Privacy Policy, to exercise your rights, or to make a complaint, please contact: connect@stroll.com or +44 333 057 0018.
11. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, technology or legal requirements. Any changes will be posted on our website and the date at the top of this policy will be updated. We encourage you to review this policy periodically. We will notify you of material changes by email where we hold your address.