This privacy notice covers all platforms through which we offer travel-related services, this includes our website and where you interact with us on social media such as Facebook (in which case you should also refer to those social media sites' privacy notices).
The data controller of the personal data referred to in this Privacy Notice is Edwin Holidays Limited, a limited liability company registered at 55 Stoke Newington High Street N16 8EL and with registered company number 12282722.
All references in this Privacy Notice: to our "Website" refer to the website at www.edwinholidays.com, to "we", "us" and "our" refer to Edwin Holidays Limited; and to "you" and "your" are to you, the user.
When you book a holiday with us, you will be required to provide us with certain information, including your name, address, e-mail address and phone number and payment information.
If you fill in a booking form but don’t actually complete the booking, we will use your information (which we will have collected using cookies) to check in with you as to whether you need any assistance and whether you would like to complete your booking. For more information about how we do this (and how to prevent this if you wish to do so), please see our cookie statement.
There are also other instances when you’ll provide us with information, for example if you sign up for alerts and/or updates, register to use our Website enter one of our competitions or complete a survey.
If you are travelling with others or booking a holiday for someone else, you will need to give us personal data about them when making the booking, for example their name and age. It is your responsibility to ensure that anyone who you have provided personal data about is aware and happy that you have done so and is aware of how we use and process their information.
When you visit our Website, even if you don’t make a booking, we will automatically collect certain information such as your IP address, the date and time you accessed the Website, the hardware, software or internet browser you use and information about your visit, including pages you viewed and interaction information.
If you are using a mobile device, we may collect data that identifies your mobile device, location details and any specific settings.
For more information, please see our cookie statement.
We may also receive information about you from your travel agent for the purpose of carrying out a booking you have made with that agent. In that circumstance, we will only use your personal data to carry out that booking unless we have your permission to do otherwise.
Once we have collected the information about you, it will be used for the following purposes:
• Bookings: Put simply, we will use your personal data to provide to you the services that we sell, which may include flights, hotels, transport, insurance and other ancillary products. We need certain information about you, so we can fulfil our obligations contained in the contract that you enter into with us when you make a booking.
• User Accounts: The information that you provide when you set up an account on our website allows us to provide you with services including the ability to manage your bookings, personal settings and access to special offers.
• To communicate with you in relation to your holiday: We will use the contact information you have previously shared with us to communicate with you in relation to your holiday and to provide you with information relevant to your holiday. For example, helpful information about the destination to which you are travelling, security alerts, administrative messages about your holiday and emails to remind you to fill in your Holiday Checklist.
• Customer Services: You are free to contact us about our services at any time, whether this is a general query, a question about your booking or to report a problem on our website. This can be done through the Manage Your Booking system on our Website , by telephone or via social media. We will use the information that you have provided to help us answer any questions and respond to your query (along with any future queries that you may have). If you contact us by telephone, your call may be recorded for quality control and training purposes but we will always ask for your consent before recording communications for these purposes.
• Personalisation: We will use information we hold about you, such as the products and services you have purchased from us in the past, to enable us to show you the products and services we think you will like on our website and communicate these with you, such as the recommended deals and special offers we put to you. For example, we will save your searches in order to tailor future searches you make to your needs. If you would like to turn off this functionality you can do so via your account.
• Marketing: Where you place an order with us and you have not opted out (or in any other case, if you have opted in to receive marketing by e-mail or text message), we may contact you by e-mail or text message with information about other goods and services that we offer that are similar to those that you have already purchased or enquired about and we think may interest you based on the information we hold about you. We may also use your contact details to contact you by phone or post with details of products and services that we think may be of interest to you (unless you have told us you don't want to receive these communications or you are registered with the Telephone Preference Service).
• Corporate transaction: We may use your data in connection with a corporate transaction such as the sale of a subsidiary or a division, merger, consolidation or asset sale.
• Promotional Activities: If you participate in our promotions (such as surveys or competitions) we will use the information you provide to administer these activities.
• Improving our services: Sometimes we will use your data to help us improve the quality and functionality of the services that we offer. This includes:
Our legal basis for collecting and using the personal data described above will depend on the personal data concerned and the specific context in which we collect it.
However, we will normally collect personal data from you under the following legal bases:
Any information that we hold about you is stored on our secure servers and all payment transactions are encrypted. Only authorised personnel are permitted to access personal data in the course of their work. Whilst we do our best to protect your personal data, no information transferred over the internet can be guaranteed to be completely secure and you provide your information at your own risk.
When your credit card details are required as part of the booking process we store the last 4 digits and an authorisation token. In the case of some low cost airlines, we will use the payment details you provide to purchase the flight seats on your behalf and will use the payment details you provide to do so.
The data that we collect from you may be transferred to, and stored at, a destination outside the European Economic Area ("EEA"), including (in some instances) where we transfer your data to our suppliers so that they can assist us with providing our services to you. Where your information is transferred outside of the EEA, we will take steps to ensure that the information receives the same level of protection as if it remained within the EEA, including by entering into data transfer agreements, using the EU Commission approved Standard Contractual Clauses, or by relying on certification schemes such as the EU-US Privacy Shield. You have the right to details of the mechanism under which your data is transferred outside of the EEA – for this information, please contact us using the details set out under "How can you contact us?" below.
In certain circumstances we do share your personal data with parties outside of Edwin Holidays. The third parties who we share your personal data with include:
Our suppliers: If you make a booking with us, it is necessary for us to share your reservation data with relevant third parties, such as hoteliers, airlines, insurers and ground-handling agents, to complete your booking. This may include your name, contact details, payment details, the names and ages of any guests travelling with you, along with any preferences or special circumstances you told us about when you made your booking. If you contact us with a query about your booking we may pass this on to our suppliers if they are better placed to help you.
• Third party service providers: This includes anyone who provides services or functions on our behalf, including credit card processing, business analytics, advertising, administration of competitions and promotions, collection of customer feedback and customer service. We use these service providers to process your data on our behalf, this may be to send our marketing material or to collate information that can be analysed to improve our service. They have access to and may collect information only as needed to perform their functions and are not permitted to share or use information for any other purpose. Where we provide data to third party service providers for them to provide data analysis or statistical services for us, we will only ever send them aggregated, anonymised or pseudonymised data.
• Payment Providers and other financial institutions: If you request a chargeback for your booking, it may be necessary for us to share certain reservation details with the payment service provider and the relevant financial institution so they can handle the chargeback. This may include a copy of your booking confirmation or the IP address that was used to make your reservation.
• Any competent law enforcement body, regulator, government agency, court or other third party where we believe disclosure is necessary (i) as a matter of applicable law or regulation, (ii) to exercise, establish or defend our legal rights (including to investigate any suspected fraudulent or other criminal activity), or (iii) to protect your vital interests or those of any other person.
• Potential Buyer (and its agents and advisers) in connection with any proposed purchase, merger or acquisition of any part of our business, provided that we inform the buyer it must use your personal data only for the purposes disclosed in this Privacy Notice.
• Any other person (with your consent to the disclosure. Any information that is collected from you directly by hotels or other suppliers or which you share through social media platforms such as Facebook is not covered under this Privacy Notice and we would urge to check their own privacy policies before handing over any of your personal data.
In the event of our insolvency we, or any appointed insolvency practitioner, may disclose your personal information to the CAA, and/or ABTA so that they can assess the status of your booking and advise you on the appropriate course of action under any scheme of financial protection. The CAA’s General Privacy Notice is at https://www.caa.co.uk/Our-work/About-us/General-privacy-notice/ and ABTA’s Privacy Notice is at https://www.abta.com/privacy-notice.
When we have no ongoing legitimate business need to process your personal data (for example, to provide products or services to you or to retain records to manage any claims which you or we may have in respect of the products and services we provide to you), we will either delete or anonymise it or, if this is not possible (for example, because your personal data has been stored in backup archives), then we will securely store your personal data and isolate it from any further processing until deletion is possible.
You have the following rights in relation to the personal data that we hold about you:
• If you wish to access, correct, update or request deletion of your personal data, you can do so at any time.
• You can object to processing of your personal data, ask us to restrict processing of your personal data or request portability of your personal data.
• You have the right to opt-out of marketing communications we send you at any time. You can exercise this right by clicking on the “unsubscribe” or “opt-out” link in the marketing e-mails we send you. To opt-out of other forms of marketing (such as postal marketing or telemarketing), then please contact us.
• Similarly, if we have collected and process your personal data with your consent, then you can withdraw your consent at any time. Withdrawing your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal, nor will it affect processing of your personal data conducted in reliance on lawful processing grounds other than consent.
• You have the right to complain to a data protection authority about our collection and use of your personal data. For more information, please contact your local data protection authority. The Information Commissioner's Office is the data protection authority for the UK.
If you would like to exercise any of your above rights please contact us using the contact details provided under the “How can you contact us”heading below [link]personal data. We respond to all requests we receive from individuals wishing to exercise their data protection rights in accordance with applicable data protection laws.
Our Website is not intended to be used by children under 18 years of age. We only process information about children with the consent of the parents or legal guardians.
We may update this Privacy Notice from time to time in response to changing legal, technical or business developments. When we update our Privacy Notice, we will take appropriate measures to inform you, consistent with the significance of the changes we make. We will obtain your consent to any material Privacy Notice changes if and where this is required by applicable data protection laws.
You can see when this Privacy Notice was last updated by checking the “last updated” date displayed at the top of this Privacy Notice.
If you have any questions about this Privacy Notice or wish to exercise any of your data protection rights, please contact with us