Last Updated: October 2025
Company: LegsJet Ltd (Registered in England and Wales No. 16446867)
Registered Office: 2A Connaught Avenue, London, E4 7AA, United Kingdom
Email: info@legsjet.com
Website: www.legsjet.com
LegsJet Ltd is fully committed to complying with the United Kingdom General Data Protection Regulation (UK GDPR), the EU GDPR, and all applicable data protection laws.
We ensure that all personal data collected, stored, or processed through our website and booking systems is handled lawfully, transparently, and securely.
LegsJet Ltd acts as a Data Controller for customer and website user information, and as a Data Processor in certain cases where data is processed on behalf of partner operators or service providers.
We determine the purpose and method of processing personal data in accordance with the principles of GDPR.
We collect only the personal data necessary to operate our services, including:
– Basic identification data (name, surname, contact details)
– Booking and flight-related information
– Communication records (emails, messages, or support tickets)
– Technical data (IP address, browser type, cookies)
We do not collect or store any unnecessary or sensitive personal data beyond what is required for the booking and operation of our services.
LegsJet Ltd processes personal data based on one or more of the following legal bases:
We only share personal data with:
– Verified charter operators to process confirmed bookings.
– Payment service providers (for secure transactions).
– IT and hosting partners who support our website and database systems.
– Government or regulatory authorities if legally required.
All third parties are subject to data processing agreements (DPAs) and are required to maintain equivalent GDPR compliance standards.
Personal data is retained only for as long as necessary for the purpose for which it was collected:
– Booking and payment records: up to 5 years (for legal and accounting compliance).
– Inquiry or contact form submissions: up to 12 months.
– Marketing consent data: until withdrawal of consent.
After this period, data is securely deleted or anonymized.
As a data subject, you have the right to:
– Access your personal data we hold.
– Rectify inaccurate or incomplete information.
– Erase your data (“Right to be Forgotten”).
– Restrict or object to certain processing activities.
– Withdraw consent for marketing or communications at any time.
– Data portability, to receive your data in a structured format.
To exercise your rights, contact us at info@legsjet.com.
We will respond to verified requests within 30 days.
We use technical and organizational measures to ensure the security and integrity of personal data, including:
– Encrypted communications (SSL/TLS)
– Secure data storage and limited staff access
– Regular monitoring and security audits
In the unlikely event of a data breach, affected individuals and relevant authorities will be notified in compliance with GDPR Article 33.
Some of our partners or servers may be located outside the UK or European Economic Area (EEA).
In such cases, we implement adequate safeguards such as:
– Standard Contractual Clauses (SCCs)
– Data processing addenda ensuring GDPR equivalence
– Transfers only to countries recognized as having adequate protection levels
For GDPR compliance matters, you can contact our Data Protection Officer:
Data Protection Officer (DPO)
LegsJet Ltd
The DPO oversees compliance with GDPR and acts as the main point of contact for data-related issues.
We may update this statement from time to time to reflect changes in our operations or applicable laws.
The updated version will be published on this page with the date of the latest revision.
For any GDPR-related inquiries, requests, or complaints, please contact:
LegsJet Ltd
2A Connaught Avenue, London, E4 7AA
United Kingdom
