Below we outline what data we use, how is used and what choices and rights you have in respect to the data that is held.
Enquiring about a holiday
If enquiring for information or a quote – you are able to contact us via the telephone or by completing a form online. In doing so we will ask for some simple contact details (phone number, email and name) as well as record details of your general or specific requirements.
Our team will then use this information to help find you a holiday and communicate options to you. You may ask for our team to stop providing details of holidays or offers tailored to your requirements at any point.
Booking a holiday
In proceeding to book a holiday, the information that we will require may vary depending on a number of factors. These are:
- Whether we are acting as your travel agent or holiday operator.
- Who is providing individual travel services.
We must pass on the information required by those fulfilling your travel services. We will only pass on information relevant to the service. We will work with any suppliers to ensure that any data passed to them is adequately protected and adheres to the levels of privacy and data security practised by us. In all such cases, the supplier of travel services is a Joint Controller of your data and such data is processed in accordance with their individual privacy policies and notices. These are available to view on their own websites or are available on request by contacting Iglu.com Ltd’s Data Protection Officer using the details below.
In all cases we will record and securely store:
- Names of passengers
- Dates of birth
- Contact details such as email address, phone number, and address
- Along with details of the holiday booked, any information that we may need to note for the fulfilment of your holiday as well as details of any communication that we may have with you or your travel service providers.
In some instances we will also need:
- Passenger information, such as passport details, details of insurance policies held and next of kin contacts.
- Any details that you require us to record to ensure that your needs are met. These can include dietary requirements (which we understand, in some cases, may give indication of your religion or ethnic origin) and medical needs (which provide indication of matters of your health). It is essential that your requirements in respect to these special categories of data are passed to travel providers only where appropriate and essential to do so, therefore ensuring the fulfilment of your holiday in accordance with your requirements. Such details will only be collected on the basis of your consent but could be essential for the smooth running of your holiday.
Card data storage
In all instances, we must store the lliast four digits of a payment card number and an authorisation token. This allows us to offer our customers certain services, primarily the ability to book a holiday with a low deposit. We maintain physical, electronic and procedural safeguards in connection with the collection, storage and disclosure of personal customer information and card data. We also follow the Payment Card Industry Data Security Standard (PCI DSS).
When you register for a customer account, you will be asked to provide the following details:
- Your email address
- First and last name
Bookings or enquiries may be linked to your account. Furthermore, you will be able to build a ‘shortlist’ of holidays. Any details provided in the enquiry or booking process, (see above) may be saved to your customer account so that you are easily able to access, correct and use this data when making further bookings or enquiries. This may include the details of people in your travelling party, who will have provided you with such details with their permission.
In addition, we may personalise your website experience based on:
- How you interact with our website when logged in to your account
- Your shortlisted holidays
- Your previous enquiries
- Your previously booked holidays
You may deactivate your customer account at any time. This will result in the deletion of some, but not all, personal information. Data required to fulfil an upcoming holiday or relating to previous travel will be retained, though will no longer be linked to an associated account.
Third Party Review sites.
We work with both TrustPilot and Feefo.
Once a booking has been completed, we will provide your name, email address and the name of the holiday booked to one of the above companies.
Your information is used solely to send a survey on our behalf. This allows us to measure the effectiveness of our services as well as provide you with an opportunity to quickly and easily provide feedback which we can then act upon as necessary. Your feedback is published on the appropriate third party site. In each instance, we will be provided with details of who has left feedback, though you will have the option to publish your feedback anonymously so that you cannot be publically identified. We reserve the right to reply to reviews publically, taking care not to communicate any personal information from which you could be personally identified.
Should you not prefer to be contacted by TrustPilot or Feefo or any other third party site that operates similarly, let us know. In asking not to be contacted by such parties will not prejudice the service provided to you in any way. Upon booking, you will be provided with alternative methods of contacting our business directly to provide feedback and get any immediate concerns or queries addressed.
Communication about your holiday
It is important that we are able to contact you by email, telephone or letter using the contact details obtained at the time of booking to keep you updated about your holiday. This could be to:
- Pass on any important information from your tour operator or travel provider such as enforced changes to your holiday.
- To obtain any further information required
- Make you aware of services to complement your specific upcoming holiday.
- To provide all appropriate documentation for your travel.
We do record most, but not necessarily all, inbound and outbound calls into our business. This allows us to:
- Carry out assessments of our communications with customers and third parties as part of a programme of continual improvement
- Refer back to the content of a call in the case of dispute
We will only contact you with offers, promotions or details of available products and services under the following circumstances.
- You have provided us with explicit consent to do so.
- You have an active enquiry with us (see ‘Enquiring about a holiday’).
- You have booked a holiday with us in recent times and we wish to share with you offers for holidays that may similarly interest you.
Digitally collected information
Information collected digitally can include your IP address, data from your browser, cookies (see below) and how our website is used and from what kind of device. This can be used for a number of purposes, such as provide aggregate information as to how users may access our site to providing a more individualised service, such as displaying our pages in the right language or personalisation of ads.
How to control and delete cookies
The most effective way to do this is to disable cookies in your browser. We suggest consulting the Help section of your browser or taking a look at the About Cookies website which offers guidance for all modern browsers
Types of Cookie
Session cookies allow websites to link the actions of a user during a browser session. They may be used for a variety of purposes such as remembering what a user has put in their shopping basket as they browse around a site. These session cookies expire after a browser session so will not be stored longer term. For this reason session cookies may sometimes be considered less privacy intrusive than persistent cookies.
Persistent cookies are stored on a visitors computer in between browser sessions which allows the preferences or actions of the visitor across a website site to be remembered. Persistent cookies may be used for a variety of purposes including remembering visitors preferences and choices when using a website or to target advertising.
First and third party cookies
Whether a cookie is 'first' or 'third' party refers to the website or domain placing the cookie. First party cookies are cookies set the particular website that the user has chosen to visit. Third party cookies are cookies that are set by a domain other than the one being visited by the user.
- For Google: https://support.google.com/ads/answer/2662922?hl=en
- For Facebook: https://www.facebook.com/ads/website_custom_audiences/
- For Criteo: https://www.criteo.com/privacy/
Your rights to see, delete or amend data held about you
You are entitled to access your personal data held by us at any time. Please email email@example.com to make such a request. We will be obliged to offer any appropriate details within 30 days of the request. Please do advise us if you are seeking a specific piece or pieces of data.
We will only process your data for as long as it is deemed necessary after which time it will be securely deleted. Any concerns about the ongoing processing of data, including any corrections that may need to be made to any information held, should also be directed to firstname.lastname@example.org.
You can also complain to the ICO if you are unhappy with how we have used your data.
The ICO’s address:
Information Commissioner’s Office
Helpline number: 0303 123 1113
ICO website: https://www.ico.org.uk
Contact Information: Iglu.com Ltd., 165 The Broadway, London, SW19 1NE