Go Global Travel Ltd Privacy Notice
July, 2026
Privacy Notice
Go Global Travel Ltd
Introduction
This Privacy Notice ("Notice") outlines the privacy practices that Go Global Travel Ltd ("we", "us", "our", or the "Company") implements with respect to personal information in the following contexts:
- Information collected from individuals who visit our website, available at goglobal.travel (the "Website").
- Information of individuals who subscribe to our newsletter.
- Information collected from customers who use our online platform ("Platform").
- Information collected from the representatives of our existing and prospective customers and vendors ("Representatives").
- Information collected from travel agencies and their representatives who use AGENTDESK, an AI-powered B2B platform operated on our behalf by Yanolja Next Co.,Ltd. (“Y-NEXT”), including information indirectly relating to such agencies’ own customers (“Travellers”) where necessary to process a booking (“AGENTDESK”). This Notice describes the personal information we collect from you in any of the above instances, our use of it, and the rights you have in relation to your information. We are committed to protecting your privacy and rights, and to complying with applicable data protection laws, including the Israeli Protection of Privacy Law, 5741-1981, and the European General Data Protection Regulation (GDPR), as applicable.
When we process the information described in this Notice, we are acting as a controller. As part of our services to business customers, we also process other personal information as a processor (e.g., when our customers provide us with the personal information of their consumers). We process that information only in accordance with the instructions we receive from the relevant controller, and this Notice does not apply to that processing.
You are not legally required to provide us with any of your personal information; however, if you choose not to, we may not be able to provide you with certain services. It is at your discretion whether to provide us with your personal information. Regarding our AI-powered features, we utilize AI technology to automatically extract travel information from customer messages. This process is governed by a 'Human-in-the-Loop' architecture, ensuring that all AI-extracted information is subject to manual review and approval by authorized travel agency personnel. No final booking or proposal decisions are made solely by AI without human oversight.
Contact us
The Controller of your personal information for the purpose of this Notice is Go Global Travel Ltd. Our address is 6 Metsada st. Bnei-Brak, Israel, 5126202, Israel . You can contact us either by post at the above address, by email at GDPR@goglobal.travel, or by telephone at +972 (0)3 767 8111.
For EU-related questions, you may contact us by the above email (GDPR@goglobal.travel) or by post at Soseaua Mihai Bravu, nr. 255, et. 3, sector 3 Bucharest, Romania; Phone: +40-31 224 98 28; Fax: +359-2 951 51 27.
The personal information we collect and how we use it
We collect the following types of personal information:
| Scenario | Purpose | Categories of data |
|---|---|---|
| You contact us with an inquiry through the Website | Handling your inquiry and providing you with the information you requested; Contacting you to promote our business. | Your name, phone number, email address, country, the company you work for, and the subject and content of your inquiry. |
| Our use of strictly necessary cookies on the Website | Facilitating a feature of the Website that the user specifically requested. | IP address, pages visited, Website functions used, fields completed in forms, etc. |
| Our use of other cookies (which are not strictly-necessary) on the Website | Analyzing Website use to evaluate and improve performance; tracking user preferences; improving user experience on the Website and tailoring it to the user's preferences. | IP address, pages visited, Website functions used, fields completed in forms, etc. |
| You subscribe to our newsletter | Sending you our newsletter to promote our business and market our products and services. | Email address. |
| We set up your user account on the Platform | Providing you with online access to our Platform. | Full Name, email address, Phone Number and Mobile Number. |
| Our use of analytics | Operating, improving and enhancing our Website and Platform. | Your use of the Website (if you are a Website visitor) or of the Platform (if you are a customer Representative who uses the Platform). This may include the pages you viewed, the actions you took while using the Website or Platform, etc. |
| You contact us during roadshows and exhibitions | Promoting our business and marketing our products and services. | Name and contact details. |
| We contact you through referrals (e.g., from other customers or our partners) | Promoting our business and marketing our products and services. | Name and contact details. |
| You contact us online through designated landing pages | Contacting you to promote our business and market our products and services. | Name and contact details. |
| We conduct marketing calls or email conversations with you | Promoting our business and marketing our products and services. | Name and contact details, and any information provided during conversation. |
| We engage a vendor or service provider of which you are a Representative | Administering our business relationship with vendors and service providers; facilitating our use of vendors' and service providers' products and services. | Name and contact details. |
| You (as a travel agency) enter a search request into AGENTDESK, including via WhatsApp Integration | Enabling our AI Tool to automatically extract search conditions and return search results to the travel agency. | Free-text content of the search request or WhatsApp message, which does not require, but may incidentally include, personal information relating to a Traveller. |
| You (as a travel agency) complete a booking through AGENTDESK | Transmitting the Traveller’s booking information to the relevant Provider in order to complete the booking and issue a voucher. | Traveller’s name, email address, and/or phone number, and, depending on the relevant Provider, additional information such as address, age, or passport details. |
| You (as a travel agency) uploads a Traveller’s photograph to use the optional Photo Personalization Feature | Generating a personalized visual proposal by compositing the photograph with images of the relevant destination. This feature is optional and is only enabled after the travel agency has confirmed, via a checkbox or equivalent mechanism on the Platform, that it has obtained the Traveller’s, or where applicable a minor’s parent or guardian’s, prior explicit consent. | Photograph of the Traveller and, where applicable, the Traveller’s family members (which may include minors). Depending on the manner in which such photograph is processed, this may constitute biometric data. |
| You (as a travel agency) enable the Voice Agent Feature and a Traveller calls the dedicated phone number. | Enabling our AI Tool to answer the call, ask about travel requirements, and automatically extract search conditions from the Traveller’s spoken responses. | The Traveller’s voice and the content of their spoken responses, which may constitute biometric or other sensitive personal data. |
Sources of Personal Information
We collect personal information from several sources:
- Directly from you, when you provide it to us on the Website, when you subscribe to our newsletter, when you set up a user account on our Platform, or when you communicate with us via email, phone, or in-person.
- From referrals, such as our existing customers or partners.
- From your organization, when another Representative of your organization provides us with your information.
- Through the device you use to access our Website.
Sharing Your Personal Information
We will not share your information with third parties, except in the events listed below or when you provide us with your explicit and informed consent. We do not sell your personal information to third parties.
| Scenario | Purposes | Examples of Third Parties Involved |
|---|---|---|
| We share your personal information with our service providers who assist us with the internal operations of our business, the Website, and the Platform. These companies are authorized to use your personal information in this context only as necessary to provide these services to us and not for their own promotional purposes. | Operating the Website, the Platform, and our business. | Amazon Web Services; Microsoft; Monday.com; Full Story. |
| We share your information with our group companies | Operating our business within our group of companies | Our parent company, Yanolja Co., Ltd., and any of our subsidiaries worldwide. |
| If you abuse your rights to use the Website or violate any applicable law while doing business with us | Responding to, handling, and mitigating suspected violations of law in connection with our business. | Competent authorities, legal counsel, and advisors. |
| If a judicial, governmental, or regulatory authority requires us to disclose your information | Complying with a binding request from a competent authority. | Competent authorities. |
| If the operation of the Website, the Platform, or our business is organized within a different framework, or through another legal structure or entity (such as due to a merger or acquisition) | Enabling a structural change in the operation of the Website, the Platform, and our business. | The target entity of the merger or acquisition, legal counsel, and advisors. |
| Third-party cookies | For more details, see the cookie banner on our Website. | |
| Y-NEXT, our affiliate, operates AGENTDESK on our behalf and processes your information for that purpose. | Developing and operating AGENTDESK, including its AI Tool and WhatsApp integration. | Y-NEXT |
| Y-NEXT uses third-party AI model providers to power AGENTDESK’s AI Tool | Extracting search conditions and generating itineraries and proposals. Information provided is processed solely to generate the requested output and is not used by these providers to train their underlying models. | Google; Open AI |
| You(as a travel agency) enable WhatsApp Integration | Relaying WhatsApp messages from Travellers to AGENTDESK for processing by the AI Tool. | Twilio Inc., a certified WhatsApp Business Solution Provider. |
| You(as a travel agency) complete a booking through AGENTDESK | Transmitting the Traveller’s booking information to the relevant Provider in order to complete the booking and issue a voucher. | A limited number of directly-integrated Providers (e.g. HotelBeds, Booking.com, Agoda, Expedia). |
| You(as a travel agency) elect to use the optional Photo Personalization Feature | Generating a personalized visual proposal by compositing a Traveller-provided photograph with images of the relevant destination or points of interest. This feature is only enabled after the travel agency has confirmed, via a checkbox or equivalent mechanism on the Platform, that it has obtained the Traveller’s (or, where applicable, a minor’s parent or guardian’s) prior explicit consent. | Y-NEXT; Gemini 3.1 Flash Image. |
| You(as a travel agency) enable the Voice Agent Feature | Receiving and routing calls, converting speech to text and text to speech, and generating responses, in order to extract search conditions from a Traveller’s spoken input. Voice data provided to these providers is processed solely to generate the requested output and is not used to train their underlying models. | Twilio Inc. (call routing); Eleven Labs Inc. (speech-to-text, text-to-speech, and response generation). |
Retention of Data
We retain personal information throughout your engagement with the Company and thereafter for as long as necessary to comply with our legal obligations, resolve disputes, and for bookkeeping purposes. The overall period of retention is four years following the end of your engagement with us, unless a different retention period is required by applicable law for specific data categories. In relation to AGENTDESK, Traveller information collected at the booking stage is retained for 12 months following check-out, after which it is deleted or anonymized, except to the extent retention is required for accounting, tax, or other legal purposes (in which case the applicable statutory period applies).
Data Security
We use industry-standard procedures and policies designed to enhance the safety of the information we collect and store and prevent unauthorized use of the information. We also require the third parties we work with to comply with similar security requirements, in accordance with this Notice. Although we take steps to safeguard information, we cannot guarantee that your information will be completely immune to unauthorized access and use.
International Transfer of Data
Your personal information may be stored in various locations around the globe, some of which may be outside your jurisdiction, including the United States and Israel. In such cases, we will transfer your information only in compliance with applicable law, under legal agreements ensuring an adequate level of data protection (or under other available legal mechanisms). By engaging with us, you consent to the international transfer of personal information, as may be necessary in the Company’s discretion. In relation to AGENTDESK, your information is primarily stored and processed within the European Union. Certain supporting service providers used in connection with AGENTDESK, such as error-monitoring or data-processing tools, may nonetheless be located outside the EU, including in the United States or Asia. In such cases, we ensure that transfers are conducted under appropriate safeguards, including Standard Contractual Clauses where applicable.
Your Rights as a Data Subject
You have the following rights in relation to your personal information:
- Right to review your information. You have the right to review, either by yourself or through an authorized representative, any personal information we have stored about you in our databases.
- Right to request rectification of your information. If, upon reviewing your personal information, you find your information to be incorrect, incomplete, or outdated, you have the right to ask us to rectify or delete it. We will inform you within 30 days whether we can comply with your request.
- Right to have your information deleted, under certain circumstances, such as when the information is no longer necessary for the purposes for which it was collected. If you wish to exercise any of the above rights, please contact us by email at GDPR@goglobal.travel.
Additional Information for Individuals in the EU and UK
Legal Basis for Processing Your Personal Data
| Purpose or Scenario | Legal Basis |
|---|---|
| You contact us with an inquiry through the Website | Our legitimate interest in responding to business inquiries and developing potential leads. |
| We use strictly-necessary cookies on the Website | Our legitimate interest in the proper operation of the Website. |
| We use other (non-strictly-necessary) cookies on the Website | Your explicit consent. |
| You subscribe to our newsletter | Your explicit consent. You may unsubscribe at any time through the means stipulated in the emails we send you. |
| We set up your user account on the Platform | Our legitimate interest in providing you with online access to our Platform. |
| Our use of Website and Platform analytics | Our legitimate interest in the operation, improvement, and enhancement of our Website and Platform. |
| You contact us during roadshows and exhibitions | Our legitimate interest in the development of our business. |
| We contact you through referrals (e.g., from other customers or our partners) | Our legitimate interest in the development of our business. |
| You contact us online through designated landing pages | Our legitimate interest in the development of our business. |
| We conduct marketing calls or email conversations with you | Our legitimate interest in the development of our business. |
| Responding to, handling, and mitigating suspected violations of law in connection with our business | Our legitimate interest in defending and enforcing against violations that are harmful to our business. |
| Complying with a binding request from a competent authority | Our legitimate interest in complying with mandatory legal requirements imposed on us. |
| Enabling a structural change in the operation of the Website, the Platform, and our business | Our legitimate interest in our business continuity. |
| You (as a travel agency) upload a Traveller photograph for the Photo Personalization Feature | Your, or where applicable a minor’s parent or guardian’s, explicit consent, confirmed by the travel agency via a checkbox or equivalent mechanism on the Platform prior to the upload of the photograph. Where the photograph is processed in a manner that constitutes biometric data, such consent is required under Article 9(2)(a)GDPR. |
| Our AI Tool automatically extracts search conditions from your input. | Our legitimate interest in providing the requested AI-assisted search functionality to the travel agency. |
| We transmit a Traveller’s booking information to a Provider to complete a booking made through AGENTDESK | Necessary for the performance of the booking requested by the travel agency on the Traveller’s behalf. |
| You (as a travel agency) enable WhatsApp Integration | Based on the travel agency’s own election to enable this optional feature and its corresponding legitimate interest. |
| A Traveller calls the dedicated phone number provided through the Voice Agent Feature | The travel agency’s prior notice to the Traveller, provided before any calls is made to the dedicated number, that calls are answered by an AI-powered voice assistant. Given the potentially sensitive nature of voice data, we recommended that travel agencies obtain explicit consent in accordance with Article 9(2)(a)GDPR where the voice is processed in a manner that constitutes biometric data. |
Your Rights
If you are an individual in the EU or the UK, you may have the following additional rights:
- Right to Access and receive a copy of your personal information that we process.
- Right to Rectify inaccurate personal information we have concerning you and to have incomplete personal information completed.
- Right to Data Portability, that is, to receive the personal information that you provided to us, in a structured, commonly used, and machine-readable format. You have the right to transmit this personal information to another person or entity. Where technically feasible, you have the right to have your personal information transmitted directly from us to the person or entity you designate.
- Right to Withdraw Consent to us processing your personal information, at any time, if the basis for our processing is your consent. We may continue to process personal information with respect to which your consent is not necessary. Withdrawing your consent will not affect the lawfulness of processing we carried out based on your consent before such withdrawal.
- Right to Object to our processing of your personal information on the basis of our legitimate interest. However, we may override the objection if we demonstrate compelling legitimate grounds, or if we need to process such personal information for the establishment, exercise, or defense of legal claims.
- Right to Restrict us from processing your personal information (except for storing it) if: (i) you contest the accuracy of the personal information, in which case the restriction applies only for a period enabling us to determine the accuracy of the personal information; (ii) the processing is unlawful and you prefer to restrict the processing of personal information rather than requiring the deletion of such data by us; (iii) we no longer need the personal information for the purposes outlined in this notice, but you require the personal information to establish, exercise, or defend legal claims; and (iv) you object to our processing based on our legitimate interest, in which case the restriction applies only for the period enabling us to determine whether our legitimate grounds for processing override yours.
- Right to be Forgotten. Under certain circumstances, you have the right to ask us to erase your personal information. However, notwithstanding such a request, we may still process your personal information if it is necessary to comply with our legal obligations, or for the establishment, exercise, or defense of legal claims. If you wish to exercise any of these rights, please contact us at the contact channels listed above.
When you contact us, we reserve the right to ask for reasonable evidence to verify your identity before we provide you with information. Where we are not able to provide you with the information that you asked for, we will explain the reason.
Subject to applicable law, you have the right to lodge a complaint with your local data protection authority. If you are in the EU, then according to Article 77 of the GDPR, you can lodge a complaint with the supervisory authority in the Member State of your residence, place of work, or place of alleged infringement of the GDPR. For a list of supervisory authorities in the EU, click here.
If you are in the UK, you can lodge a complaint with the Information Commissioner’s Office (ICO) pursuant to the instructions provided here.
Updates to this Notice
We regularly review and, if appropriate, update this Notice from time to time, and as our services and use of personal data evolve. We will post any changes to this notice on our Website a reasonable time in advance of the effective date of the change, and we will also make efforts to proactively notify you by email of the changes to the notice if we have your email address.