Your privacy is important to us. We value your trust and are committed to protecting and safeguarding any personal information you give us. This document, which we review and update at least annually, describes how we use and process your personal data. It also tells you how you can contact us if you have questions about your personal information.
Eventay provides online travel services through its own websites and call centre.
This Privacy Notice (“Notice”) sets out how Eventay Limited, a company incorporated in the United Kingdom and their brand, referred to in this document as “Eventay”, “we” “our” or “us”) protects the privacy of your personal information.
Eventay offers travel-related services through its own websites and call centre. We need to collect, use and disclose personal information in order to perform our business functions and activities, including making and managing travel bookings on behalf of our customers. We are firmly committed to protecting the privacy and confidentiality of personal information and to maintaining various physical, electronic and procedural safeguards to protect personal information in our care.
We will be a “data controller” for the purposes of the General Data Protection Regulation 2016/679 (“GDPR”) for any personal information you provide to us in connection with our relationship.
By providing personal information to us, you agree that this Notice will apply to how we handle your personal information and you consent to us collecting, using and disclosing your personal information as detailed in this Notice. If you do not agree with any part of this Notice, you must not provide your personal information to us. If you do not provide us with your personal information, or if you withdraw a consent that you have given under this Notice, this may affect our ability to provide services to you or negatively impact the services we can provide to you. For example, most airport transfer bookings must be made using your full name and must include contact details. We cannot make bookings for you without that information.
To make it easier to manage your reservations, you can open a user account. This allows you to save your personal settings, review previous bookings and manage future reservations. When you visit our website, even if you don't make a reservation, we may collect certain information, like your IP address, or browser, and information about your computer’s operating system and application version.
2. What personal information do we collect?
Personal information has the meaning given under your local data protection law, and, where the GDPR applies, the meaning of personal data given under the GDPR. Personal information generally means information which relates to a living individual who can be identified from that information, or from that information and other information in a person’s possession.
Generally, the type of personal information we collect about you is the information that is needed to facilitate your travel arrangement, hotel reservations and to arrange travel related services and/or products on your behalf.
We therefore typically process the following types of personal information about you:
When you visit our websites, even if you do not make a reservation, we may collect certain information, such as your IP address, which browser you’re using, and information about your computer’s operating system, application version, language settings and pages that have been shown to you. If you are using a mobile device, we might also collect data that identifies your mobile device, device-specific settings and characteristics and latitude/longitude details. When you make a reservation, our system registers through which means and from which websites you have made your reservation.
We may also receive information about you when you use certain social media services.
When you make contact with us for other purposes, we may also collect personal information about you in relation to those purposes. For example, we may collect your personal information so we can contact you to respond to an enquiry or feedback you have sent to us. We also collect information that is required for use in the business activities of Eventay Ltd., including for example, financial details necessary in order to process various transactions, telephone recordings, video surveillance footage used for security purposes, and other relevant personal information you may elect to provide to us.
In some circumstances, we may collect personal information from you which may be regarded as sensitive information under your local data protection laws. Sensitive information may include (without limitation) your racial or ethnic origin, philosophical or religious beliefs or affiliations, sexual preferences or practices, criminal record and the alleged commission of an offence, membership of political, professional or trade associations, financial information and health information. We will only collect sensitive information in compliance with your local data protection laws, with your explicit consent and where it is reasonably necessary for, or directly related to, one or more of our functions or activities (e.g. to make travel arrangements), unless we are otherwise required or authorised to do so by law. To the extent permitted or required under your local data protection laws, you consent to us using and disclosing your sensitive information for the purpose for which it was collected, unless we subsequently receive your consent to use it for another purpose. For example, if you provide health information to us in connection with a hotel reservation you would like to make, you consent to us using and disclosing that health information in connection with arranging that hotel reservation on your behalf. We will not use sensitive information for purposes other than those for which it was collected, unless we subsequently receive your consent to use it for another purpose.
4. How do we use your personal information?
We will only process your information, where:
In detail: Where you contact us in relation to a travel booking, hotel reservation or query, the purpose for which we collect your personal information is generally to provide you with travel advice and/or to assist you with booking travel and/or travel related products and services. However, the purpose for collection may differ depending on the particular circumstances as disclosed in this Notice (e.g. collection of your personal information for the purpose of provision of feedback etc).
When you book or otherwise arrange travel related products and services through us, we usually act as an agent for the relevant travel service providers (e.g. for a hotel). In this case, we process your personal information as necessary so as to provide the services you requested from us. This usually includes collecting personal information about you both for our internal purposes as described in this Notice and for the travel service provider for whom we act as agent (e.g. to provide you with the booked services). For example, if you book a hotel through us, then we use your personal information to enable your stay to be booked and disclose it to the hotel to enable the hotel to provide the service to you.
We act as agent for or on behalf of many hundreds of hotel and travel service providers, so it is not possible for us to set out in this Notice all of the travel service providers for whom we act. For more information about the disclosure of personal information to travel service providers located overseas, please refer to section 6 below.
If you have any concerns regarding the transfer of your personal information to a travel service provider, or you wish to contact us for further information, please refer to the “Feedback / Complaints / Contact” section below (section 12).
The purposes for which we collect personal information further include:
Where permitted by local data protection laws, we may use your personal information to send you targeted marketing activities relating to our products and services (and those of third parties) that we think may interest you, unless you have requested not to receive such information. These may include, but are not limited to, mail outs, electronic marketing and notifications as described below, and telephone calls). We will only use your personal information to send electronic marketing materials to you (including e-newsletters, email, SMS, MMS and iM) if you have opted-in to receive them. You can subscribe to receive e-newsletters and other electronic promotional/marketing materials by following the relevant links on our website or requesting one of our Customer Service Agents to do so for you.
Should you no longer wish to receive promotional/marketing material from us, participate in market research or receive other types of communication from us, please refer to the “Feedback / Complaints / Contact” section below (section 12). You can unsubscribe from receiving electronic marketing materials by following the unsubscribe prompt in your email, SMS, MMS, iM or other form of electronic marketing. Please also see the “Your rights” section of this Notice to learn about your ability, at any time, to opt out or limit the use of your browsing behaviour for online behavioural advertising purposes (section 8 below).
5. Is personal information disclosed to third parties?
We do not and will not sell, rent out or trade your personal information. We will only disclose your personal information to third parties in the ways set out in this Notice and, in particular, as set out below, and in accordance with your local data protection laws. Note that, in this Notice, where we say “disclose”, this includes to transfer, share (including verbally and in writing), send, or otherwise make available or accessible your personal information to another person or entity.
Your personal information may be disclosed to the following types of third parties:
Other than the above, we will not disclose your personal information without your consent unless we reasonably believe that disclosure is necessary to lessen or prevent a threat to life, health or safety of an individual or to public health or safety or for certain action to be undertaken by an enforcement body (e.g. prevention, detection, investigation, prosecution or punishment of criminal offences), or where such disclosure is authorised or required by law (including applicable privacy / data protection laws).
6. Is personal information transferred overseas?
We may disclose your personal information to certain overseas recipients, as set out below. We will ensure that any such international transfers are either necessary for the performance of a contract between you and the overseas recipient or are made subject to appropriate or suitable safeguards as required by your local data protection laws (e.g. GDPR). We will provide you with copies of the relevant safeguard documents on request (see section 12 below).
It is possible that information will be transferred to an overseas recipient (other than any of our overseas related entities) located in a jurisdiction where you will not be able to seek redress under your local data protection laws and that does not have an equivalent level of data protection as in your jurisdiction. To the extent permitted by your local data protection laws, we will not be liable for how these overseas recipients handle, store and process your personal information.
We may also disclose your personal information to third parties located overseas for the purpose of performing services for us, including the storage and processing of such information. Generally, we will only disclose your personal information to these overseas recipients in connection with facilitation of your travel booking and/or to enable the performance of administrative and technical services by them on our behalf.
7. Security of information
We are committed to safeguarding and protecting personal information and will implement and maintain appropriate technical and organisational measures to ensure a level of security appropriate to protect any personal information provided to us from accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to personal information transmitted, stored or otherwise processed. Eventay has implemented various physical, electronic and managerial security procedures in order to protect the personal information it holds from loss and misuse, and from unauthorised access, modification, disclosure and interference. Eventay regularly reviews security technologies and will strive to protect your personal information as fully as we protect our own confidential information. Eventay is not responsible for any third party’s actions or their security controls with respect to information that third parties may collect or process via their websites, services or otherwise.
We will destroy or de-identify personal information once we no longer require it for our business purposes, or as required by law.
8. Your rights in relation to the personal information we collect
If you wish to:
you can request this by emailing us at the address set out in section 12 below. You will receive acknowledgement of your request and we will advise you of the timeframe within which you will receive your information pack.
We endeavour to respond to such requests within a month or less, although we reserve the right to extend this period for complex requests.
We reserve the right to deny you access for any reason permitted under applicable laws. Such exemptions may include national security, corporate finance and confidential references. If we deny access or correction, we will provide you with written reasons for such denial unless it is unreasonable to do so and, where required by local data protection laws, will note your request and the denial of same in our records.
Further correspondence regarding your request should only be made in writing to the Data Protection Officer at the address set out in section 12 below.
Please note that, if you request that we restrict or stop using personal information we hold on you, or withdraw a consent you have previously given to the processing of such information, this may affect our ability to provide services to you or negatively impact the services we can provide to you. For example, most travel/hotels bookings must be made under the passenger’s/guest's full name and must include contact details and appropriate identification (e.g. passport details). We cannot make bookings for you without that information.
You must always provide accurate information and you agree to update it whenever necessary. You also agree that, in the absence of any update, we can assume that the information submitted to us is correct, unless we subsequently become aware that it is not correct.
You can at any time tell us not to send you marketing communications by email by clicking on the unsubscribe link within the marketing emails you receive from us or by contacting us as indicated below (section 12).
In any of the situations listed above, we may request that you prove your identity by providing us with a copy of a valid means of identification in order for us to comply with our security obligations and to prevent unauthorised disclosure of personal information.
We reserve the right to charge you a reasonable administrative fee for any manifestly unfounded or excessive requests concerning your access to your personal information, and for any additional copies of the personal information you request from us.
9. IP addresses
When you access our website, use any of our mobile applications or open electronic correspondence or communications from us, our servers may record data regarding your device and the network you are using to connect with us, including your IP address. An IP address is a series of numbers which identify your computer, and which are generally assigned when you access the internet.
We may use IP addresses for system administration, investigation of security issues and compiling anonymised data regarding usage of our website and/or mobile applications. We may also link IP addresses to other personal information we hold about you and use it for the purposes described above (e.g. to better tailor our marketing and advertising materials, provided you have opted in to receive electronic marketing).
10. Tracking technologies / cookies
We may use third-party web analytics services on our websites and mobile apps, such as those listed in our Cookies Policy. The analytics providers that administer these services use technologies such as cookies and web beacons to help us analyse how visitors use our websites and apps. In all cases in which cookies are used, the cookie will not collect personally identifiable information except with your explicit permission.
11. Linked sites
12. Feedback / complaints / contact
If you have any enquiries, comments or complaints about this Notice or our handling of your personal information, or wish to inform us of a change or correction to your personal information, would like a copy of the information we collect on you or would like to raise a complaint or comment, please contact your consultant or the Data Protection Officer using the details set out below:
Post: Data Protection Officer
c/o WeWork Aldgate Tower,
2 Leman Street
London E1 8FA
We will respond to any enquiries or complaints received as soon as practicable.
13. Changes to our Notice
We may amend this Notice from time to time. If we make a change to the Notice, the revised version will be posted on our website. We will post a prominent notice on our website to notify you of any significant changes to our Notice and indicate at the end of the Notice when it was most recently updated. It is your responsibility, and we encourage you, to check the website from time to time in order to determine whether there have been any changes. If we update our Notice, in certain circumstances, we may seek your consent.
This Privacy Notice was last updated on 24 May 2018.
All Rights Reserved © Eventay.co.uk 2020