Privacy Policy

Quickly understand everything you need to know about your next beach getaway. Your next beach holiday is just a click away.

Last updated: October 18, 2025

Header background

It is one of our highest priorities to ensure the security and confidentiality of the personal data you provide to us. Please read this policy to learn about our privacy practices. By visiting this website, you are accepting the practices described herein.

1. Introduction

A2B Travel Tech Ltd (Company No. 17080120), registered in England and Wales, trading as AtoBeach (hereafter "we", "our", or "us"), values the trust you place in us and welcomes your interest in our services. Security, privacy of your personal data and also the protection of your privacy are a high priority for us.

We would like to thank you in advance for the time you will spend reading our policy in order to learn about the processing of your personal data. This Privacy Policy will provide you with all the necessary information you need to know about which personal information we may collect from you, why it will be used, with whom we may share it, and which security procedures we have applied for the protection of your personal data.

The processing of your personal data collected by A2B Travel Tech Ltd is confidential and in accordance with the relevant legislation.

2. Definition of Personal Data

Personal data means information that can be linked to a particular person — a natural person — and contribute to its identification such as name, surname, address, age, identity card number, telephone number, social security number, your email address, your transactions with us, your credit card details, etc.

3. Data Controller

This information is collected and controlled by A2B Travel Tech Ltd (Company No. 17080120), registered in England and Wales, trading as AtoBeach. Data processing operations are carried out through our licensed travel agency partner based at United Nations 44, 6042, Larnaca, Cyprus.

4. Data Protection Officer

A2B Travel Tech Ltd, for further security in the preservation and processing of your personal data, has appointed a Data Protection Officer to whom you can contact at any time for any matter arising out of your personal data.

The details of our Data Protection Officer are:

  • Name: Davinia Christodoulou
  • Telephone: +35724841152
  • Fax: +35724841005
  • Email: [email protected]

5. Collection, Processing, Use and Transfer of Personal Data

5.1 Legal Basis and Consent

We collect, process, use, and transmit your personal data only when there is a legal basis for it, under the relevant legislation, or we have obtained your explicit consent. We, our staff and our authorised partners, who are all under our control, process your personal data for the following purposes:

  • Execution and management of any contract and service (Legal basis: implementation of the contract — fulfilment of our contractual and legal obligations)
  • Execution and management of air and travel reservations in Cyprus or abroad, including tickets, transportation and accommodation (Legal basis: implementation of the contract — fulfilment of our contractual and legal obligations)
  • Charter airline flights and/or other related aircraft services (Legal basis: implementation of the contract — fulfilment of our contractual and legal obligations)
  • Providing benefits and/or privileges
  • Sending digital advertising messages regarding the promotion of our products and/or services (Legal basis: consent)
  • Sending email newsletters and/or offers (Legal basis: consent)
  • Sending greeting emails and/or postcards (Legal basis: consent)
  • Statistical or research purposes (Legal basis: consent)
  • Travel tips by email (Legal basis: consent)
  • Preservation and defence of our rights (Legal basis: legitimate interest on our part in claiming and defending our rights)

Note: If we use a market research institute for research, we will do this solely on our behalf and in accordance with our guidelines.

5.2 Children

For the processing of personal data of children under the age of 14, we take care to ensure the explicit consent of the person who has parental care of the child.

5.3 Further Data Transfer

A. Further data transfer to other data processors and/or controllers

i. Your personal data will be transmitted by us to other processors who will be responsible employees and/or executives of our staff and/or our associates who are under our control and adhere to the principle of confidentiality. This transmission is only to the extent necessary for the performance of the contract, in which case we or the third party has a legitimate interest in the further transfer, or your consent to that effect. Third parties may also include other companies associated with A2B Travel Tech Ltd.

ii. In addition, data may be transmitted to other controllers if we are obliged to do so because of legal provisions or executive acts or judicial decisions.

B. Service Providers (generally "Third Parties")

i. We may outsource certain services to third parties in the following categories:

  • Travel search and booking providers — to search for flights and hotels, manage bookings, and process payments on your behalf. Your search criteria and, at the booking stage, passenger details (such as name, date of birth and passport information) are shared with these providers to fulfil your booking.
  • Authentication providers — if you choose to sign in with Google, your name and email address are received from Google to create or link your account. Google's own privacy policy governs data processed on their side.
  • Security and fraud prevention — we use Cloudflare Turnstile during registration to verify that you are a real person. Cloudflare may process your IP address and browser characteristics for this purpose. No personal data is stored by us from this process.
  • Analytics providers — to help us understand how visitors use our website and to improve our services. We do not share your name, email address or other directly identifying information with analytics providers. No cookies are set for analytics purposes.
  • Email delivery providers — to send transactional emails such as account verification and booking confirmations. Only your email address is shared with these providers for the purpose of delivering messages.

We have carefully selected these service providers and regularly monitor them, especially for the careful use and safeguarding of the data stored with them. All service providers are required by us to keep confidentiality and comply with legal requirements.

5.4 Duration of Storage of Personal Data

A2B Travel Tech Ltd stores your data for a period of at least 2 years, as this is necessary to provide our services and ensure your proper service. If the law provides otherwise or we have a legitimate interest in further storage of your data after the performance of a contract, then we should continue to store them in order to fulfil our legal obligations (e.g. contracts and tariffs due to retention periods in accordance with tax and commercial law). In all other cases, we delete your personal information.

6. Privacy Policy About Data Received Electronically

A2B Travel Tech Ltd also maintains a policy of protection for personal data that we receive electronically or through the Internet and our websites. You can find this policy on our website in the "Privacy Policy" section.

7. Confidentiality and Security

A2B Travel Tech Ltd and our partners are required to respect the confidentiality of personal data information and to comply with the applicable laws on the protection of personal data. We assure you that we try, by applying all necessary technical and organisational measures, to ensure an acceptable level of protection of the personal data we manage, especially when there are risks of accidental or unlawful destruction, manipulation, loss, alteration or unauthorised disclosure and/or access to data.

We try to improve our security measures continuously depending on the evolution of technology.

8. Your Rights

To claim the rights listed below, use the information in section 10 (Contact Us).

  • Right to information: You have the right to receive information from us — free of charge — regarding the processing of your personal data.
  • Right to correction and deletion: You can ask for incorrect data to be corrected and, if the legal requirements are met, your data to be completed or deleted. This does not apply to data required for pricing and accounting purposes or subject to other legal retention requirements. Since access to such data is not necessary, their processing is limited.
  • Limitation of processing: You may ask us, if the legal requirements are met, to restrict the processing of your personal data to the extent that you wish, provided this is also possible under the relevant legislation.
  • Objection against data processing: You have the right at any time to refuse the processing of your personal data by us. Following this objection, we will stop processing your data, unless we can, in accordance with legal requirements, demonstrate compelling legitimate reasons for further processing that outweigh your rights.
  • Objection to data processing in the case of a legal basis of "legitimate interest": You have the right, at any time, to refuse the processing of your personal data by us, if it is based on a legal basis of legitimate interest. Following this objection, we will stop processing your data, unless we can — in accordance with legal requirements — demonstrate compelling legitimate reasons for further processing that outweigh your legitimate interest.
  • Withdrawal of consent: If you have given us your consent to the processing of your personal data, you can revoke it at any time (but only with effect for the future). The legality of processing your data until it is revoked is unaffected.
  • Data portability: You have the right to receive the personal data that you have provided to us in a structured, common and machine-readable form or, as far as is technically possible, to request the transfer of the data to a third party.
  • Right to appeal to the supervisory authority: You have the right, for any complaint, to submit a direct appeal to the Data Protection Authority. You can contact the Data Protection Commissioner responsible for the Member State where you have your place of residence.

9. Changes to Our Privacy Policy

We reserve the right to change security and data protection measures to the extent necessary for technological development. In these cases, we will also adjust our privacy policy accordingly. Please be aware of the current version of our privacy policy.

10. Contact Us

You can contact us at the following address:

  • Street: 44 United Nations, 6042, Larnaca
  • Telephone: +35724841000
  • Fax: +35724841005
  • Email: [email protected]

In order to claim your rights in relation to events and/or requests and/or complaints concerning the processing of your personal data, you may contact our Data Protection Officer:

  • Name: Davinia Christodoulou
  • Street: 44 United Nations, 6042, Larnaca
  • Telephone: +35724841000
  • Fax: +35724841005
  • Email: [email protected]