Global City Travel Ltd is incorporated in England (company registration number 10205319) („Global City Travel/we/us“). We are registered with the Information Commissioner with number ZA902167.
This document has been designed using the guidance procedures and provided by the Information Commissioners Office (ICO) and in relation to the statutory requirements with regards to our obligations to the General Data Protection Regulation (GDPR).
By visiting our website, platforms or using any of our products or services, you agree and consent to your personal information being used and disclosed in the manner set out in this Privacy Statement. You do not have to provide your personal information, but if you do not provide certain information, we may be limited to provide some products and services to you. Where you refuse to provide mandatory travel information or allow us to disclose it to our suppliers as required to fulfil your request our travel partners will not be able to accommodate you or fulfil your travel booking. This Privacy Statement forms part of your contract with us for the travel and/or those products or services provided.
The Personal Information we collect
We may collect personal data directly from you when using our website, platforms, contacting us by email, by phone, mobile device or in person. The data collected will be for the purpose of processing the booking request and fulfilling the contract which has been entered into. The data will be shared with suppliers of the travel services required in order for the request to be fulfilled.
- When you register with us for email newsletters, competitions, corporate accounts, loyalty programs, marketing lists or similar services we may collect – title, first name, other names, surname, date of birth, phone number, email address, organisation name and contact details and other information relevant to the service you are signing up for.
- When you book a product or service with us we will collect personal information from you which may include – title, first name, other names, surname, date of birth, username and password (if applicable), passport details, phone number, email address, country of residence, emergency contact and details of next of kin.
- When you are making payment, we will collect different information depending on the payment method. For example, for bank transfers, we will collect the name of your financial institution, the used IBAN and BIC code
What we do with your personal information
We use the information provided in the following ways:
- To fulfil our agreement with you and/or dealing with your booking or intended booking, including processing your booking, sending you your itinerary and tickets or other details relating to your booking and contacting you in regards to your booking.
- Managing your wider travel and products or services requirements, for example liaising with and transferring your data to other travel providers, service providers and/or travel facilitators so that they can facilitate your travel arrangements.
- Personalisation of the service you receive, for example being aware of previous travel experiences or preferences, and tailoring the way we provide our products or services to you based on your preferences and profile.
- Facial recognition and other biometric technologies for identification purposes may be used by ourselves, our travel providers, immigration authorities and airports.
- Sharing data with loyalty schemes and operators, where you have those accounts.
- Interaction with you at different touch points throughout your journey
- To administer any contest, competition, prize draw or your acceptance of any other promotional offer you may enter and notify winners as set out in the applicable terms and conditions.
- To answer any queries which you may send to us by email or other forms of communication. We may keep a record of these contacts including call recordings (to the extent permitted by applicable law).
- In order to conduct customer satisfaction surveys and improve the products and services we offer or create new products and services.
- To meet our legal compliance obligations or for accounting or audit purposes, including the prevention of fraud for online payments.
- To protect our property, rights and interests as well as the property, rights and interests of other persons.
- For legal purposes, such as to respond to a valid legal subpoena or regulatory order.
- For credit checking and credit scoring purposes.
- For crime prevention and detection.
- For direct marketing purposes as set out in detail below in the section “How do we use your personal information for marketing purposes?
What sensitive personal data might we require or hold?
Sensitive personal data includes data about an individual’s health and religion and other categories of personal data which are closely protected. We do not generally collect this information from you (or those you are booking for) but where we do, we seek to minimise the collection and use of it.
You agree that you have voluntarily provided the information to us and that you consent (and those you are booking for consent) for us to use that information to provide you with these products or services and supply this information to our suppliers (for example hotels) in order to determine your fitness to avail yourself of our products or services.
Where your religion or health status could be inferred from meal preferences, we will not link this information or use it in any other way other than to fulfil your meal request.
In each case, you specifically consent (on your behalf and on behalf of those you are booking for) that we can use and transfer outside your local country to anywhere in the world where you are travelling.
Who we might share your personal information with
We may disclose information about you as follows:
- To governments, border control agencies, regulators and others as permitted or required by law, in relation to Advance Passenger Information or such other legal requirements as apply from time to time when travelling to or from a particular country
- To third parties whose products or services you are purchasing such as tour operators, hotel and car hire
- To our third party service providers and processors, as set out below
- To third party social media platforms to provide social media platforms to deliver the user’s requested functionality
- In referrals to hotel/car rental loyalty schemes as set out in their terms
- We may also disclose your personal information as permitted or required by law. For example we will disclose personal information to those governmental bodies who have authority to obtain it, in order to comply with a warrant or subpoena issued by a court of competent jurisdiction, and to comply with record production requirements
- To anyone to whom we transfer or may transfer our rights and duties under our agreement with you
- Where you have authorised someone else to manage your booking
- To customs and/or immigration departments or other regulatory authorities in your country of departure and/or destination in order to comply with the law in those countries
- If we have a duty to do so or if the law allows us to do so
- To our employees and agents to do any of the above on our behalf, now or in the future.
How do we use your personal information for marketing purposes?
By becoming a subscriber or by making a booking on our websites, booking tools or directly with a sales consultant you consent to receive from us our e-newsletters/marketing and details of special offers or products which we think may be of interest to you. Your information will be held for our internal use to allow us to improve the services and products we offer, your customer experience and to enable us to comply with our contractual obligations.
Information you provide may also be used for statistical purposes. We do not share your information with any third party marketing agencies.
How we work with other service providers
For operational reasons we transfer personal information to service providers who help us manage our systems and processes and to deliver our products or services. These may include: banks and payment card verification providers, marketing organisations (who may provide support for marketing and promotional communications). Internet service providers who administer our website and platforms and provide internet services and host our systems. Airlines, tour operator and hotels booking platforms, chauffeurs, airport ground handling and assistance teams, car services agencies. IT service providers and consumer research companies that assist us with understanding consumer interests by conducting surveys. We have implemented safeguards to ensure that our service providers treat personal information in a way that is consistent with the terms of this Privacy Statement and applicable laws, and that it is not used except to fulfil products or services to us or where we believe it is necessary for a legitimate reason connected with the products or services we offer.
How long do we retain your data for?
Withdrawing your consent
You do not have to provide us with your personal information. However, if you choose not to provide certain personal information we request and/or require or consent to its use and disclosure we may not be able to fulfil your booking.
If you no longer wish to receive promotional materials you may opt-out of receiving these by contacting us.
By unsubscribing from marketing communications you will still receive operational and service messages from us regarding your booking and responses to your enquiries made to us.
How we protect your information
If you are making a booking online from our website(s) or booking tools the system is protected by our firewalls and all customer data is stored behind these firewalls in the database servers. We never store full credit card information. We store certain credit card information (last four digits of credit card number, name on card, start date and expiry date) to help with booking management only. For reasons of security we do not store the full card number or the CVV number (the last 3 digits on the reverse of the card).
We may send your details outside the European Economic Area (EEA), e.g. if your travel is outside the EEA and the hotel needs to be advised of your details. Due to the global nature of the infrastructure of the internet please be aware that controls on data protection outside the EEA may not be as strict as in the UK.
Links to third party sites
Our quotes, confirmations, website and newsletters may contain hyperlinks to websites operated by parties other than us. Such hyperlinks are provided for your reference only. We do not control websites which we do not operate and are not responsible for their contents or your use of them. Inclusion of these links to such websites does not imply any endorsement of the material on such websites or any association with their operators.
Access to information
You have the right to ask us in writing for a copy of the information which we hold about you. This request is known as a Subject Access Request (SAR) Any request should be sent to our email address; email@example.com or by telephone +44 20708983400. If you believe that any of your personal information that is held or being processed is incorrect then please contact us immediately. This will be dealt within 30 days of receipt in a meaningful format dictated by Global City Travel.
Guidance on when and how to report a data breach are documented by the Information Commissioners Office (ICO)
The GDPR (General Data Protection Regulation) goes to extra lengths over the current Data Protection Act to protect individual’s privacy, it states individuals have the following rights:
The right to be informed
The right of access and rectification
Global City Travel Ltd is a Data Controller / Processor for the purposes of providing its services. The data is controlled by the customer. The customer is responsible for advising Global City Travel of any changes to the data held. Changes should be sent by email or via an updated client profile form. Our principal form of business is business travel management alongside meetings and events.
The right to erasure
A request for data to be erased can be made at any time and should be sent by email to Global City Travel, deletion of the data will be made with immediate effect.
The right to restrict processing
You have the right to ‘block’ or suppress the processing of your personal data. Any objection of processing data needs to be raised directly to Global City Travel. The right to restriction does need to meet the GDPR requirements and this will be assessed as part of the companies plan to comply with the regulation.
The right to data portability
This allows for personal data to be transferred, moved or copied from IT environment to another in a safe and secure way, without hindrance to usability.
The right not to be subject to automated decision making
At the time of creating this document Global City Travel does not utilize automated decision making in any of its processes.
The right to object
As the individual you have the right to object to processing based on legitimate interests or the performance of a task in the public interest/exercise of official authority (including profiling), direct marketing (including profiling), and processing for the purpose of scientific/historical research and statistics.
Our Contact details
Global City Travel Ltd
4 Maltings Place | 169 Tower Bridge Road | Southwark | London | SE1 3JB | United Kingdom
Phone: +44 (0) 207 898 3400
Policy updated 11/03/20