Privacy Policy
Last Updated: March 2024
At Trip Etc, we are committed to doing everything we can to protect any personal data that you give us. Please continue reading this Privacy Notice to understand how we use and protect your personal data. If you have any questions about what we do with your personal data after reading this notice, feel free to contact us using the contact details provided below.
This Privacy Notice covers all platforms through which we offer travel-related services, this includes our website, and where you interact with us on social media such as Facebook (in which case you should also refer to those social media sites' privacy notices).
The data controller of the personal data referred to in this Privacy Notice is Trip Etc Ltd, a limited liability company with registered company number 15366216.
All references in this Privacy Notice: to our "website" refer to www.tripetc.co.uk, to "we", "us" and "our" refer to Trip Etc Ltd; and to "you" and "your" are to you, the user.
What kind of personal data do we collect?
When you book a holiday with us, you will be required to provide us with certain information. There are also other instances when you’ll provide us with information, for example if you sign up for our newsletter alerts or complete a survey.
The personal data we collect may include:
• Your name
• Your address
• Your phone number(s)
• Your email
• Your date of birth
• Your passport number
• Payment details (we do not keep full card details)
• Special assistance
• Information about products such as travel insurance and transfers.
Personal data you give to us about others
If you are travelling with others or booking a holiday for someone else, you will need to give us personal data about them when making the booking, for example their name and age. It is your responsibility to ensure that anyone who you have provided personal data about is aware and happy that you have done so and is aware of how we use and process their information.
What do we do with your personal data?
Once we have collected the information about you, it will be used for the following purposes:
Bookings: We will use your personal data to provide you the services that we sell, which may include flights, hotels, transport, insurance and other ancillary products. We need certain information about you, so we can fulfil our obligations contained in the contract that you enter into with us when you make a booking.
To communicate with you in relation to your holiday: We will use the contact information you have previously shared with us to communicate with you in relation to your holiday and to provide you with information relevant to your holiday. For example, helpful information about the destination to which you are travelling, security alerts, administrative messages about your holiday etc.
Customer Service: You are free to contact us about our service at any time, whether this is a general query, a question about your booking or to report a problem on our website. This can be done by email, telephone or via social media. We will use the information that you have provided to help us answer any questions and respond to your query (along with any future queries that you may have).
Personalisation: We will use information we hold about you, such as the products and services you have purchased from us in the past, to enable us to show you the products and services we think you will like and communicate these with you, such as the recommended deals and special offers we put to you.
Marketing: Where you place an order with us and you have not opted out (or in any other case, if you have opted in to receive marketing by e-mail or text message), we may contact you by e-mail or text message with information about other goods and services that we offer that are similar to those that you have already purchased or enquired about and we think may interest you based on the information we hold about you. We may also use your contact details to contact you by phone or email with details of products and services that we think may be of interest to you (unless you have told us you don't want to receive these communications).
When do we share your data with third parties?
In certain circumstances we do share your personal data with parties outside of Trip Etc. The third parties who we share your personal data with include:
Our suppliers: If you make a booking with us, it is necessary for us to share your reservation data with relevant third parties, such as hoteliers, airlines, insurers and ground-handling agents, to complete your booking. This may include your name, contact details, payment details, the names and ages of any guests travelling with you, along with any preferences or special circumstances you told us about when you made your booking. If you contact us with a query about your booking, we may pass this on to our suppliers if they are better placed to help you.
Third party service providers: This includes anyone who provides services or functions on our behalf, including credit card processing, business analytics, advertising, collection of customer feedback and customer service. We use these service providers to process your data on our behalf, this may be to send our marketing material or to collate information that can be analysed to improve our service. They have access to and may collect information only as needed to perform their functions and are not permitted to share or use information for any other purpose. Where we provide data to third party service providers for them to provide data analysis or statistical services for us, we will only ever send them aggregated or anonymised data.
Payment Providers and other financial institutions:
If you request a chargeback for your booking, it may be necessary for us to share certain reservation details with the payment service provider and the relevant financial institution so they can handle the chargeback. This may include a copy of your booking confirmation or the IP address that was used to make your reservation.
Any competent law enforcement body, regulator, government agency, court or other third party:
Where we believe disclosure is necessary (i) as a matter of applicable law or regulation, (ii) to exercise, establish or defend our legal rights (including to investigate any suspected fraudulent or other criminal activity), or (iii) to protect your vital interests or those of any other person.
Any information that is collected from you directly by hotels or other suppliers or which you share through social media platforms such as Facebook/Instagram is not covered under this Privacy Notice and we would urge you to check their own privacy notices before handing over any of your personal data.
Categories of business we share your personal data with
Your personal data is only shared where there is a lawful purpose to do so. Categories of organisations with which we share personal data include
Hotel suppliers – hotels may be directly paid by us, on your behalf or via an agent dealing in beds. In such cases only basic details are provided so that suitable rooms may be allocated.
Airlines – Airlines need to know who is flying and we provide the minimum information they require in order to secure your chosen flights.
Holiday Partners (additions) – We may share your personal details with companies that provide your holiday extras such as car hire and travel insurance. In most instances you will have selected to purchase these and provide your details directly to them but in some instances we may do this for you.
Payment providers – we use payment providers to manage payments we take from you for your holiday. Only very basic details are required for this. We also have payment providers who make payments to, for example, airlines on our behalf and your contact details may be used to facilitate this payment. We do this to remove any financial risk to you as your own payment information is not used and the processing may involve a check to verify your details in line with standard financial checks which do not affect your credit history.
We do not share your personal information for marketing purposes and will send you marketing information only if you have consented to receive it.
Legal basis for processing personal data
Under the UK General Data Protection Regulation (UK GDPR), the lawful bases we rely on for processing this information are:
Consent: You can withdraw your consent at any time. You can do this by emailing our data protection officer at privacy@tripetc.co.uk
Performance of a contract: If we have obligations under a contract with you, we will use your information to perform our obligations to you. For example, if you make a booking, we will use the information that you provide us with when making the booking to complete and administer the reservations with the relevant third-party suppliers.
Legitimate interests: We will use your information for our own legitimate interests, for example, to provide you with the best suitable content on our website, to improve and promote our services and for our own administrative purposes, including creating and maintaining business records of our relationship with you.
Legal obligation/vital interests: In some cases, we will have a legal obligation to collect personal data from you (for example, for us to comply with tax laws which require us to collect and retain records of products and services that we sell) or where we need the personal data to protect your vital interests or those of another person (for example, if you are involved in an emergency and we need to provide the details which we hold to responsible authorities).
How and where will your data be processed?
Any information that we hold about you is stored on our secure servers and all payment transactions are encrypted. We do not keep your card details and we are PCI-DSS compliant, the standard required of businesses to enable them to take card payments. Only authorised personnel are permitted to access personal data in the course of their work. Whilst we do our best to protect your personal data, no information transferred over the internet can be guaranteed to be completely secure and you provide your information at your own risk.
When your credit card details are required as part of the booking process, we store the last 4 digits and an authorisation token.
The data that we collect from you may be transferred to, and stored at, a destination outside the UK, including where we may transfer your data to our suppliers so that they can assist us with providing our services to you. Where your information is transferred to another country, we will take steps to ensure that the information receives the same level of protection as if it remained within the UK, including by entering into data transfer agreements, using approved Standard Contractual Clauses, or by relying on certification schemes and supplementary measures. You have the right to request details of the mechanism under which your data is transferred outside of the UK – for this information, please contact us using the details set out under "How you can contact us?" at the top of this document.
Retention of your personal data
When we have no ongoing legitimate business need to process your personal data (for example, to provide products or services to you or to retain records to manage any claims which you or we may have in respect of the products and services we provide to you), we will either delete or anonymise it or, if this is not possible (for example, because your personal data has been stored in backup archives), then we will securely store your personal data and isolate it from any further processing until deletion is possible.
Changes to our Privacy Notice
We may update this Privacy Notice from time to time in response to changing legal, technical or business developments. When we update our Privacy Notice, we will take appropriate measures to inform you, consistent with the significance of the changes we make. We will obtain your consent to any material Privacy Notice changes if and where this is required by applicable data protection laws. You can see when this Privacy Notice was last updated by checking the “last updated” date displayed at the top of this Privacy Notice.
Your data protection rights
Under data protection law, you have rights including:
Your right of access - You have the right to ask us for copies of your personal information.
Your right to rectification - You have the right to ask us to rectify personal information you think is inaccurate. You also have the right to ask us to complete information you think is incomplete.
Your right to erasure - You have the right to ask us to erase your personal information in certain circumstances.
Your right to restriction of processing - You have the right to ask us to restrict the processing of your personal information in certain circumstances.
Your right to object to processing - You have the the right to object to the processing of your personal information in certain circumstances.
Your right to data portability - You have the right to ask that we transfer the personal information you gave us to another organisation, or to you, in certain circumstances.
You are not required to pay any charge for exercising your rights. If you make a request, we have one month to respond to you.
How you can contact us
Trip Etc Ltd
128 City Road, London, EC1V 2NX
E-mail: privacy@tripetc.co.uk
How to complain
If you have any concerns about our use of your personal information, you can make a complaint to us by emailing privacy@tripetc.co.uk
You can also complain to the ICO if you are unhappy with how we have used your data.
The ICO’s address:
Information Commissioner’s Office
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF
Helpline number: 0303 123 1113
ICO website: https://www.ico.org.uk