JourneysOur ApproachJournalEnquireSign in
The fine print

Privacy policy

Last updated 9 June 2026

Discretion is one of our values, and it begins with your data. This policy explains what we collect, why, and the care we take with it.

1. Who we are

JMJ Experiences LLC (“JMJ”, “we”, “us”, “our”) is a private travel atelier that designs bespoke trips for couples and families. We are the controller of the personal information described in this policy. You can reach us any time at care@jmjexperiences.com.

2. The information we collect

We collect only what we need to plan, deliver, and look after your travel.

Information you give us

  • Enquiries — your name, email, phone number, and the details you share about who you are travelling with and what you are after.
  • Your account — name, email, phone number, and the credentials you use to sign in (including via Google or Apple if you choose).
  • Your traveller profile and trip — passport details, dates, ages, dietary and accessibility needs, interests, and emergency contacts.
  • Special-category data — for some trips we ask, with your consent, about health or medical matters relevant to your safety. We treat this with particular care (see retention, below).
  • Payments — billing details processed by our payment provider. We do not store full card numbers ourselves.
  • Documents — files you upload to your portal, such as passport pages or insurance certificates.
  • Messages — the correspondence between you and your planner.
  • Newsletter — your name and email, if you choose to subscribe.

Information we collect automatically

  • Basic technical and usage data — device, browser, IP address, and how you use our site — to keep it secure and working well.
  • When you sign or agree to something, we record a timestamp, the version of the terms, and limited technical details to evidence your consent.

3. How we use your information

  • To respond to your enquiry and prepare a proposal.
  • To plan, book, and deliver your trip, and to coordinate with the suppliers and guides who host you.
  • To manage your account, payments, agreements, and documents.
  • To message you about your journey and provide concierge support.
  • To send you our seasonal letter, where you have asked us to.
  • To keep our service secure, meet our legal obligations, and improve how we work.

4. Our legal bases

Depending on where you are, we rely on one or more of the following: the performance of our contract with you; your consent (which you may withdraw at any time, for example for marketing or health data); our legitimate interests in running and improving the atelier; and compliance with the law.

5. Who we share it with

We never sell your information. We share it only as needed to deliver your trip and run our business:

  • Travel suppliers — the hotels, guides, transport, and partners arranging your journey.
  • Service providers — payment processing (Stripe), email delivery (Resend), text messages (Twilio), our newsletter platform (MailerLite), secure hosting, and sign-in (Google, Apple). Each acts on our instructions.
  • Professional advisers and authorities — where required by law, or to establish, exercise, or defend legal claims.

6. International transfers

We serve clients based in the UAE and around the world, and travel is global by nature. Your information may be processed in countries with different data-protection laws. Where it is transferred, we put appropriate safeguards in place.

7. How long we keep it

  • We keep your account and trip records for as long as you are a client, and afterwards only as long as we need to for legal, tax, and operational reasons.
  • Health and special-category data is access-restricted, encrypted, and deleted within twelve months of your return.
  • Signed agreements are kept as a locked record for the period required by law.
  • Newsletter data is kept until you unsubscribe.

8. How we protect it

We use encryption in transit, access controls, and a least-privilege approach — only the people who need your information can see it. Sensitive data is restricted further still. No system is perfectly secure, but we take the protection of your information seriously.

9. Cookies and local storage

We use a small amount of cookies and browser storage to keep you signed in, remember your preferences, and understand how the site is used. You can control cookies through your browser settings.

10. Your rights

Subject to local law — including the UK and EU GDPR and the UAE Personal Data Protection Law — you may have the right to access, correct, delete, or port your information, to object to or restrict certain processing, and to withdraw consent. To exercise any of these, write to care@jmjexperiences.com. You also have the right to complain to your local data-protection authority.

11. Children

Our service is intended for adults arranging travel. Where a trip includes children, the booking adult provides their details and consents on their behalf. We do not knowingly collect data directly from children.

12. Changes to this policy

We may update this policy from time to time. When we do, we will revise the date above and, where the change is significant, let you know.

13. Contact

Questions about your privacy, or this policy, are always welcome — care@jmjexperiences.com. See also our terms of service.