Privacy Policy

Last updated: 25/01/2026

Version 1

This Privacy Policy describes how SCI-LAB LTD (Company No. 16123418), legal address Dept 6524a 126 East Ferry Road, Canary Wharf, London, United Kingdom, E14 9FP (“we”, “us”, “our”) collects, uses, shares, and protects personal data when you access or use letsinourjet.com (the “Platform”). It also explains your rights under the UK General Data Protection Regulation (“UK GDPR”) and the Data Protection Act 2018.

1) Key points (plain English)

  • We process personal data to run the Platform, create accounts, generate travel-planning outputs, deliver them (including by email and via your dashboard), provide support, and keep the Platform secure.
  • We do not sell your personal data.
  • Payments are handled by third-party payment providers; we do not store full payment card details.
  • Some outputs are generated using automated processing (including AI) based on your trip inputs.
  • You have legal rights regarding your personal data (access, deletion, objection, etc.).

2) Controller and contact details

Controller (UK GDPR Article 4(7)):
SCI-LAB LTD (Company No. 16123418), legal address: 6524a 126 East Ferry Road, Canary Wharf, London, United Kingdom, E14 9FP

Privacy contact: info@letsinourjet.com

If you contact us, we may ask for information to verify your identity before fulfilling certain requests (for example, access or deletion requests).

3) What “personal data” means

“Personal data” means any information relating to an identified or identifiable person (UK GDPR Article 4(1)). This can include obvious identifiers (name, email address) and also technical identifiers (IP address, device identifiers), and information you submit while using the Platform.

4) The personal data we collect

We collect personal data in several categories:

4.1 Data you provide directly

Account and profile data

  • email address
  • name (if you provide it)
  • password or login credentials (stored in protected form)
  • account settings and preferences

Trip planning inputs (user-submitted content)

  • destination, preferences, interests
  • budget ranges, travel style, language
  • travel dates (if you choose to provide them)
  • any other information you type into forms to generate a Travel Plan/Report

Support and communications

  • messages you send us (email/support requests)
  • information you include in those messages (which may contain personal data)

4.2 Data created during your use of the Platform

Order and service data

  • purchases of digital outputs/features
  • delivery records (e.g., output created, available in dashboard, sent by email)
  • account activity relevant to providing the service

Wallet and payment-related data (transaction metadata)

  • Wallet top-ups (minimum top-up may be EUR 20)
  • transaction status, amount, currency
  • payment identifiers/transaction references
  • limited fraud-prevention signals where relevant

Important: We do not store full payment card details. Payment processing is performed by third-party payment providers.

4.3 Technical and usage data (collected automatically)

When you visit the Platform, your device/browser may send technical data such as:

  • IP address
  • date and time of access
  • pages viewed and actions taken (basic logs)
  • browser type/version, device/OS information
  • referral page (where available)
  • error logs and security logs

We use this data mainly to operate the Platform, protect it, and troubleshoot problems. We do not use server/security logs for direct marketing.

5) Why we process your data (purposes)

We process personal data for the following purposes:

A. Platform operation and account management

  • create and maintain user accounts
  • authenticate users and manage sessions
  • store account preferences and settings

B. Provide the core service (travel planning)

  • process your trip inputs
  • generate Travel Plans/Reports and other outputs
  • deliver outputs via dashboard and/or email
  • store outputs and order history in your account

C. Wallet and payments

  • process Wallet top-ups and paid feature purchases
  • maintain transaction records
  • handle fraud prevention and dispute handling

D. Support and communications

  • respond to enquiries and support requests
  • send service-related messages (delivery notices, security notices, essential account messages)

E. Security, integrity, and legal compliance

  • prevent misuse, spam, and fraud
  • protect user accounts and the Platform
  • comply with legal obligations and enforce agreements
  • maintain records necessary for disputes and audits

F. Optional improvements and measurement (where used)

  • understand general usage patterns
  • improve Platform performance and user experience
    If we use non-essential analytics cookies/technologies, we do so only where a lawful basis applies (and consent where required).

6) Legal bases (UK GDPR Article 6)

We process personal data only where we have a lawful basis:

6.1 Contract necessity (Article 6(1)(b))
Processing is necessary to provide the Platform and services you request, including:

  • account creation and login
  • generating and delivering Travel Plans/Reports
  • storing outputs in your dashboard
  • processing Wallet top-ups and purchases (to the extent necessary to provide the purchased service)
  • customer support related to your service

6.2 Legitimate interests (Article 6(1)(f))
Processing is necessary for our legitimate interests, such as:

  • operating and securing the Platform
  • preventing fraud and abuse
  • troubleshooting, error logging, and service continuity
  • improving reliability and performance
    When we rely on legitimate interests, we consider your rights and interests and apply safeguards where appropriate.

6.3 Legal obligation (Article 6(1)(c))
Processing is necessary to comply with legal obligations (for example, financial/accounting record keeping where applicable, responding to lawful requests by authorities).

6.4 Consent (Article 6(1)(a))
Where required, we rely on consent for:

  • optional cookies/technologies (e.g., analytics/marketing cookies)
  • marketing communications (if and when offered)
    You can withdraw consent at any time (see Section 10).

7) AI processing and “trained by our team”

Some outputs are produced using automated processing, including artificial intelligence, based on the trip inputs you submit.

To support generation, our team maintains a curated library of travel information, templates, and planning logic built using publicly available and appropriately licensed sources, combined with internal structuring and quality checks. This is intended to improve usefulness and relevance of generated outputs. Outputs may vary depending on your inputs and may change over time as the Platform evolves.

Model improvement / training: We do not use your trip inputs to train AI models in a way that identifies you unless we have a lawful basis and, where required, obtain your consent, or we use anonymised/aggregated data.

8) Cookies and similar technologies

We may use cookies and similar technologies for:

  • security and session management (strictly necessary)
  • core functionality (e.g., remembering preferences)
  • optional measurement/analytics or marketing (only where used and lawful)

Your control: You can control cookies through your browser settings. Where a cookie banner/preferences tool is available on the Platform, you can use it to manage optional cookies. Disabling cookies may reduce functionality.

If we use optional cookies requiring consent, you can change your choices later via the same mechanism (where available) or browser settings.

9) Who we share data with

We may share personal data with third parties only as needed to provide and operate the Platform, for example:

Service providers (processors)

  • hosting and infrastructure providers
  • email/communications providers (to send service emails)
  • payment providers (to process transactions)
  • security/fraud prevention tools (where needed)
  • analytics providers (where used and where lawful)

Professional advisers

  • legal, accounting, or auditing advisers where necessary

Authorities and legal requests

  • where required by law or necessary to protect rights, prevent fraud, or ensure safety

We require processors to handle personal data under appropriate contractual protections and only for specified purposes.

We do not sell your personal data.

10) International transfers

Some providers may process data outside the UK and/or the EEA. Where this happens, we use appropriate safeguards in line with UK GDPR requirements (for example, adequacy regulations and/or contractual safeguards such as the UK IDTA or relevant addenda, where applicable).

11) Data retention

We retain personal data only for as long as necessary for the purposes described in this Policy, including:

  • while your account is active and you use the Platform
  • to provide support and maintain service records
  • for security, fraud prevention, and dispute resolution
  • to comply with legal obligations (e.g., accounting/tax retention where applicable)

Retention periods vary depending on the type of data and legal requirements. We may delete or anonymise data when it is no longer needed.

12) Security

We use reasonable technical and organisational measures designed to protect personal data against unauthorised access, loss, misuse, or alteration. However, no internet-based service can be guaranteed 100% secure. You are responsible for keeping your login credentials confidential and using appropriate device security.

13) Your rights

Subject to applicable law, you have rights including:

  • Access (UK GDPR Article 15)
  • Rectification (Article 16)
  • Erasure (Article 17)
  • Restriction (Article 18)
  • Objection (Article 21)
  • Data portability (Article 20)

To exercise these rights, contact info@letsinourjet.com.

Complaints: You may lodge a complaint with the UK supervisory authority: the Information Commissioner’s Office (ICO) (UK GDPR Article 77).

14) Withdrawing consent and objecting

  • If we rely on your consent, you may withdraw it at any time. Withdrawal does not affect processing that occurred before withdrawal.
  • If we rely on legitimate interests, you may object. We will review your request and either stop/adjust processing or explain our compelling legitimate grounds where applicable.
  • You can object to direct marketing at any time (if marketing is offered).

15) Children

The Platform is not intended for persons under 18, and we do not knowingly collect personal data from children.

16) Changes to this Privacy Policy

We may update this Privacy Policy from time to time. The updated version will be published on the Platform and will apply from the “Last updated” date shown above.