Privacy



Privacy Statement

We appreciate the trust you place in us and that is the reason why we handle the personal data you provide to us with the greatest possible care.
Sunweb.co.uk respects your right to privacy. We use this policy to inform you of how we handle your personal data.

Who are we? 

Sunweb is a trade name of Sunweb Group UK ltd., a private company with limited liability with its registered office at 83 Victoria Street , SW1H 0HW in London, in the Untited Kingdom, and registered with the Chamber of Commerce under number 07306909. Sunweb Group UK ltd.. is active in the United Kingdom on behalf of Sunweb Group GmbH, with its registered office in Switzerland at Schützengasse 4 CH-8001 in Zurich, Switzerland. Sunweb Group GmbH also operates in Belgium, the Netherlands , France, Germany, Denmark, Sweden and Norway.

Sunweb Group UK ltd. owns several brands. These are:

This means that you may not know Sunweb Group UK ltd., but that you do know our brands and websites. This privacy statement applies to all processing of personal data that we, Sunweb Group UK ltd., as controller, obtain from or about you at one of the moments or in one of the ways described below via one of our websites or via one of our brands.

Who are you?

You are the person who visits our website and/or books a trip via our website, who registers for a newsletter or the person who has received an account from us after a reservation and uses it. It may also be the case that you only ask a question via our contact form, you chat with us or call us or that you use one of our apps, request an offer for a group trip or use one of our other services.

What personal data do we process for which purposes?

Personal data are all data that say something about you or that we can relate to you. We record personal data within the context of our services, the sale of our products or when you contact Sunweb.co.uk in any other way. Personal data that are needed for our services such as your name, address, email address and telephone number. Such data are needed to perform a booking, for example.

 **

We have listed below several personal data we process divided by the various purposes for which we collect these data:

  • In order to be able to book, perform, invoice your trip and/or implement your indicated preferences

This concerns customer details, contact details, booking details, payment details provided by you concerning yourself while booking as main booker (person 1[1]) or that are provided by the main booker on behalf of the fellow travellers (person 2[2]) including the preferences such as yes/no to insurance, skiing lessons and ski rental that are requested further on in the booking process. The data above are used to book, reserve, invoice and confirm the trip to you. We send you the related travel documents/travel contract and useful information by email before your trip commences. We also make the travel documents, invoice and other useful information available in the My Account environment (if available). We use the reservation details and the preferences you have indicated in order to ensure that the parties that implement your trip and preferences (e.g. for your flight, transfer to the hotel and stay at the destination/hotel) are able to provide these services.

While booking the trip, you can provide us with special personal data such as the registration of medical luggage and comments about your health. We process your special personal data only for the purposes for which you have provided them to us, if you have consented expressly to this process or if you have clearly disclosed these data.

Additional information may be requested specifically for relevant situations such as when reserving bicycle rental and parking.

If you follow a link from our website to external suppliers for reserving additional services such as taxi and airport parking, the relevant supplier will be responsible for the protection of your personal data.

  • In order to be able to maintain your account that was generated (if available)

After a trip has been booked, we use your reservation details to create an account for you where after you will have the possibility of activating or not activating the account. You can find all relevant information about your trip, your customer details, your payments and your invoice in this account. We store all reservation details that belong to your account so that each time you log in we are able to show you the correct customer details and booking history.

You can use your account details of social networks such as Facebook to log in to our website, apps, special online campaigns we conduct or other services you can use. You have the option of sharing personal data about yourself with us so that you do not have to enter these again when logging in.

  • In order to be able to reach you and the person staying home in case of emergencies during the trip

Unfortunately, emergencies sometimes occur while travelling. At your destination or at home. We would therefore like to keep you informed of developments that are important to you. We use the contact details such as your telephone number and email address or those of the indicated person who stays at home for this purpose. 

  • In order to analyse the use of our website

Data concerning your use and behaviour are collected when using our website. We use analytical cookies in order to adjust our website in line with the wishes and interests of the visitor and so that we can offer an optimum visitor experience. Consult our cookie policy for more information.

We also store the log files of the website such as error reports. For example, if the reservation system does not function while booking, we remember the data that were entered during the booking process so that you do not have to enter everything again.

  • For the purpose of handling complaints and requests for information or to make the exercise of your rights possible and to learn from this

We store your contact details if you contact us via a contact form, during a chat or telephone conversation and/or if you wish to influence the use we make of your personal data. We do so in part in order to provide you with an answer or to help you, but also to learn from our complaints handling.

  • In case of registration for a newsletter

You are asked to provide contact details during the registration for a newsletter so that the newsletter can be sent to you by email.

  • If you place a response on the blog of Sunweb.co.uk

We request personal data when you place a response on our blog in order to prevent spam.

  • Quality assurance

The full IP address (Ipv4 and IPv6) is used for logging purposes and to assess problems you have reported. The IP address of a reservation is sometimes used to validate a reservation and payment. We store the IP address for at most seven days. Online payments only take place via an affiliated supplier.

Telephone conversations are stored for a period of 4 weeks for training purposes in order to guarantee quality.

·         In order to provide our campaigns with photo and image material

We place image and sound material on our website and in our brochures in order to create an atmospheric impression for our future guests.

  • In order to better align our campaigns with your preferences

You provide us with your personal data at different moments. We use part of these data, such as your email address and telephone number, to purchase services from advertising platforms such as Facebook if we have obtained your consent to do so (by accepting cookies).                                                                                                                                                       

You may receive personal communication from us as a result of various interactions. Your personal data in our possession provide us with an impression of your interests and preferences. Combining personal data creates profiles that make it possible to serve you the customer even better by making our commercial communications personal. Not just by addressing you by name in the email, but also by showing holidays that we consider match your interests.

You receive communication from us if you have booked a trip with us or you register individually for a group trip and you do not object thereto. You receive this communication via channels for which you have not unsubscribed such as social media, email or post.

We send newsletters if you have subscribed for these. You can unsubscribe for our newsletters or other commercial communications at any time. This possibility is offered to you in the email itself or you can unsubscribe using the objection form.

You may see our commercial communications when you visit other websites, such as in the banners that are present on other websites. These banners may be personalised because you have accepted advertisement cookies.

Our other brands: we explained to you at the start of this privacy statement that we have several websites and brands within Sunweb.co.uk. If relevant, we therefore share your personal data, surf and click behaviour with the brands of our other websites so that these can also send you interesting offers. The reason is that not every brand has the same offer or provides the same possibilities. We therefore hope to let you benefit from all possibilities that could be interesting to you.

Who receive your personal data?

We share your personal data with third parties. These are the following parties:

  • Employees at the offices of Sunweb.co.uk in the relevant countries (as mentioned at the start of this privacy statement), but also locally insofar as they require the data for the performance of the travel contract and naturally to provide you with an optimal holiday experience with a suitable preparation.
  • Parties that will deliver to you (part) of the trip booked, such as airlines, other carriers, accommodation owners, tour leaders and other parties.
  • We do not transfer your personal data to countries outside the European Economic Area, unless such is necessary for the performance of the travel contract (e.g. airline companies and accommodation owners outside the EEA). We make sure in all other cases that appropriate measures are implemented in order to protect your personal data in an adequate manner. We do so inter alia by concluding agreements that have been approved by the European Commission. We ensure in relevant cases that personal data are processed only by parties in third countries with an appropriate protection level indicated by the

European Commission.

  • If you travel abroad, you may be required (by government authorities at the points of departure and arrival) to provide personal data and these may be processed within the context of border control, immigration, security, anti-terrorism and other purposes that are considered applicable. What data must be processed may differ per destination. Examples of data that are requested include customer details, contact details and reservation details.
  • We may share your personal data with advertising networks or enable the latter to collect personal data concerning you. They obtain these data because consent was obtained concerning the use of cookies. Our cookie policy and the list of cookies on our website includes the names of these third parties as well as a reference to the policy that applies to the processing of your data by means of these technologies.
    • External parties such as marketing/development agencies, online software parties and Payment providers that support our daily activities, including marketing and data analysis.
A significant part of the third parties with which we share your personal data obtain these data on the basis of the use of cookies. We therefore refer you to our cookie policy and the list of cookies on our website for the names of these third parties as well as a reference to the policy that applies to the use of your data.

On the basis of which principles do we process your personal data?

We apply several principles when using your personal data. The principles we apply are:

  1. The processing is necessary for the performance of a contract to which you are a party. This concerns for example the performance of the contract or travel contract with you;
  2. The processing is necessary in order to comply with a statutory obligation we must satisfy;
  3. The processing is necessary in order to look after our legitimate interests. As a travel provider, our legitimate interests also comprise for example being able to conduct marketing activities;
  4. We only process your special personal data (such as the registration of medical luggage and comments about your health) and personal data that do not come under the above-mentioned principles, such as subscription to the newsletter and personal banner advertisements if you have consented thereto expressly or because you have clearly disclosed the data. You can withdraw this consent at all times. How and when you can do this is described in this privacy policy under the heading of ‘rights’.

Retention period

Your personal data are retained for as long as necessary for the processing purposes and are then deleted permanently within the term that applies for this purpose, while taking account of the statutory obligations. This means for example that your data concerning the travel contract are retained for at most ten years in accordance with our retention period for tax purposes. At the moment you submit an objection to processing of personal data for commercial purposes, we will register this in our systems and we will no longer use your personal data for the relevant personalised and/or commercial purposes.

Your privacy rights

Sunweb.co.uk is transparent and strives to provide sound services to its customers, website visitors and/or if you are a user of one of our other (online) services. We process personal data as explained in this privacy statement in order to make sound services possible. We hope that you see the benefit and also gain the benefit in which connection everyone can have personal preferences. If this is not your experience and you have a different opinion, you can consult with us in order to possibly adjust matters.

You can exercise the following privacy rights in respect of the processing of your personal data described in this privacy statement:

  • You can object to the processing of your personal data.
    • If you would like to lodge an objection to the processing of your personal data for commercial purposes, you can change your preferences here.
    • You can adjust your cookie settings via the website cookie settings module [link to javascript:Optin.showSettingsPopup()]. You should also not forget to remove all of your cookies from all devices in all internet browsers you have used to visit our website(s). Read our cookie policy for how you can do this for each internet browser.
    • If you would like to object to the processing of your personal data as a whole, please contact our customer service department.
  • You have the right to have incorrect personal data corrected or to supplement personal data.
  • In some circumstances you have the right to have removed the personal data we have in respect of you from all of our systems and online services if this is possible and while taking account of the statutory obligations. In order to remove all of your cookies, you will have to delete the cookies from all devices in all internet browsers you have used to visit our website(s). Read our cookie policy how you can do this for each internet browser.
  • You have the right to limit the processing of your personal data if data are incorrect, you have lodged an objection or you indicate that we are not allowed to further process certain data, for example.
  • You have the right to request your personal data and to transfer them to another controller such as other parties that offer holiday travel if you so desire.
  • You have the right to inspect your personal data. For example, you can see in the My Account environment (if available) what personal data we have received from you and that we have registered with respect to a certain reservation. This is also where you can see the other relevant data belonging to a reservation.
  • You are entitled to human assessment of automated decisions. A decision may be made on the basis of data that was processed automatically (without human intervention), which may have consequences for you as customer/consumer. An example would be the verification we conduct of the acceptance of credit card payments in order to prevent fraud and to protect your privacy.

 

If you have questions about the above rights or you would actually like to exercise these rights, please contact our customer service department. Our customer service department can be reached by telephone at telephone number 02031708206.

If you would like to exercise your rights, please enclose with your request a copy of your passport in which you have screened your photo and citizen service number.

If you are not satisfied with the way in which we process your personal data, you can submit a complaint to us via the customer service department or to the Sunweb Group data protection officer dpo@sunwebgroup.com.

If we are unable to reach agreement following consultation, you can contact the The Information Commissioner’s Office which can be reached at telephone number 044 1625 545 745.

Changes

We have the right to adjust this privacy statement and recommend that you consult this page from time to time to stay informed of the manner in which we process your personal data. This privacy statement was updated most recently on [date: May 18, 2018].

Security

We implement suitable technical and organisational measures to secure your personal data. This means among other things that we conclude agreements with service providers that process personal data on our behalf in which agreements we oblige them to implement these measures as well. This also means that if you book a holiday via the Sunweb website or if you consult My Sunweb, your data are transmitted by means of a secure (SSL) connection.

Notification data leaks

A data leak exists if personal data belonging to our clients, business relationships or employees have been exposed to loss or unlawful processing.

This is the case for example if personal data wind up in the hands of third parties that should not have access to those data.

Have you discovered a (possible) data leak? Notify us thereof as quickly as possible by email via databreachnotification@sunwebgroup.com.

Contact

Your questions and comments regarding this privacy statement are welcome and can be submitted to  info@sunweb.co.uk.

If you have a different question and you would like to contact our customer service department directly be telephone 02031708206 and/or by email, please visit our customer service page where you can find our contact details.



[1] Person1; the main booker, the person who books the trip and/or the person who personally registers directly to travel along

[2] Person2; The fellow travellers who do not register individually, but who are entered by the main booker as joining the trip.