PRIVACY POLICY - Uniglobe Preferred Travel
UNIGLOBE Preferred Travel is a member of the worldwide UNIGLOBE network, founded in 1980 and based in Vancouver
16685
page-template-default,page,page-id-16685,ajax_fade,page_not_loaded,,qode-title-hidden,qode-child-theme-ver-1.0.0,qode-theme-ver-16.7,qode-theme-bridge,wpb-js-composer js-comp-ver-5.5.2,vc_responsive

PRIVACY POLICY

Ickenham Travel Group (ITG) is committed to protecting and respecting your privacy.  This Privacy Policy sets out the basis on which we process Personal Data that we collect from you or is provided to us about you.

 

Organisational Structure:

 

Ickenham Travel Group was formed in 1970. At the time, it was a single company. However, it now brings together several entities under that title:

  • Business Travel Direct
  • Letsgo2
  • UNIGLOBE Preferred Travel
  • Amity Travel Tailor Made

 

 

1. YOUR PERSONAL DATA

The Data Subject, Controller and Processor for Personal Data

For the purposes of the General Data Protection Regulation (GDPR), Ickenham Travel Group will process your personal data on behalf of your employer.  Where travel or associated services are delivered to you as part of an arrangement between your employer and ITG then, then due our status as an agent, the relevant service provider will be responsible for the security of personal data it received and for compliance with applicable law. ITG is not responsible for the acts or omissions of such service providers.

The Data Subject’s employer is the Data Controller for these purposes. The Data Controller is the Client Company of Ickenham Travel Group, and Ickenham Travel Group in turn acts as the Processor of the Data Subject’s Personal Data. Pursuant to a written contract with the Data Controller, ITG as Processor, will use the Personal Data of the Data Subject, provided by the Client Company, to facilitate travel arrangements for the Data Subject. It is this contract of service which forms the ‘Legal Basis’ for the processing of Personal Data carried out by ITG.  (Further information on ‘Legal Basis’ is set out in the appendix to this document.)

There are circumstances where ITG may also become a Data Controller.   If Ickenham Travel Group collects additional Personal Data directly from a Data Subject, ITG will be acting under a ‘Legitimate Interest’ to legally process the data to facilitate travel arrangements for the Data Subject and to fulfil the contractual requirements for its Client Company. In circumstances where ITG collects Personal Data from the Data Subject, ITG will obtain that Data Subject’s express consent. ITG also acts as a Data Controller for any Personal Data held regarding its own employees, and legally processes this data under its Contract of Employment with those Data Subjects.

When we talk about Data Subjects and Personal Data in this Privacy Policy, we mean Personal Data which may identify you or which could be used to identify you such as your name and contact details, your travel arrangements and booking reference for example. In this Privacy Policy, references to the Data Subject as ‘you’ or ‘your’ means the Client Company (including its affiliates), its employees as well as Ickenham Travel Group’s employees.  Reference in this notice to ‘our’, ‘us’ or ‘we’ means Ickenham Travel Group.

 

2. PERSONAL DATA WE COLLECT ABOUT YOU

The Personal Data we collect about you will only be the data specifically required to fulfil travel, accommodation, or other travel-related arrangements.  Such data may be collected directly from you or provided to Ickenham Travel Group via your employer.  Such data will only be processed for that purpose.  Certain kinds of Personal Data collected, such as data about your racial or ethnic origin, physical or mental health, or religious beliefs requires additional protection.  By providing any sensitive data of this kind you agree that we may collect it and use it to provide our services.

 

3. HOW WE USE YOUR PERSONAL DATA

ITG has adopted the following principles to govern its processing and use of your Personal Data.  ITG is committed to ensuring that the Personal Data collected:

  • Shall be processed lawfully, fairly, and in a transparent manner;
  • Is retained for as long as it is required to fulfil our contractual requirements, or to provide statistics to our Client Company;
  • Is adequate, relevant, and limited to what is necessary in relation to the purposes for which it is collected and/or processed;
  • Is accurate and, where necessary, kept up to date; and
  • Will not be used by ITG for any monitoring or profiling activity or process, and will not adopt any automated decision making processes.

 

 

4.HOW WE PROTECT YOUR PERSONAL DATA

Ickenham Travel Group protects your Personal Data against unauthorised access, unlawful use, accidental loss, corruption or destruction.  We use technical measures such as encryption and password protection to protect your data. We also use operational measures to protect the data, for example by restricting access to only those in personnel who need to access your data.

Mindful of technological development, we keep these security measures under review and ITG may therefore need to implement adequate alternative technical and organisational measures.

 

5.YOUR RIGHTS

As a Data Subject you have the rights set out in chapter 3 GDPR.  ITG will always fully respect your rights regarding the processing of your Personal Data, and has provided below at section 10 the details of the person to contact if you have any concerns or questions regarding how we process your data, or if you wish to exercise any rights you have under the GDPR.

In summary, you are entitled to know who has your Personal Data, what they are using it for, to see copies of all Personal Data held by Ickenham Travel Group and to amend, correct or delete such data. You may also limit, restrict or object to the processing of your data.  In each case, the request must be in writing to Ickenham Travel Group using the details set out at section 10 below.

By providing personal data to us, you agree that this Privacy Policy will apply to how we handle your Personal Data.  Under certain circumstances, you have the right to withdraw your consent to our use of your Personal Data at any time.  However, please note that if you do not provide us with your Personal Data, or if you withdraw your consent this may result on an inability by ITG to fulfil its contractual requirements to provide your travel arrangements or the level of service we are able to provide may be negatively impacted.

For example, most travel bookings must be made under the traveller’s full name and must include contact details and appropriate identification (e.g. passport details).  ITG cannot make bookings for you without this information.

6.SHARING YOUR DATA

Transfers to Third Parties

To fulfil your travel arrangements it will in most cases be necessary for Ickenham Travel Group to process Personal Data via a third party (these include but are not limited to airlines, hotels, car hire companies, and Visa or Passport companies). Personal Data shall only be transferred to, or processed by, third party companies where such companies are necessary for the fulfilment of the travel arrangements.

Sending data outside of the European Union

ITG will not transfer Personal Data to a country or territory outside the European Economic Area (EEA) unless the transfer is made to a country or territory recognised by the EU as having an adequate level of Data Security, or is made with your consent, or is made to satisfy the legitimate interest of Ickenham Travel Group in regard to its contractual arrangements with its clients.

All internal group transfers of Personal Data shall be subject to written agreements under ITG’s Intra Group Data Transfer Agreement (IGDTA) for internal Data transfers which are based on Standard Contractual Clauses recognised by the European Data Protection Authority.

 

 

7. CHANGES TO OUR PRIVACY POLICY

We reserve the right to modify this Privacy Policy at any time.  Any changes we may make to our Privacy Policy in the future will be notified and made available to you using our Website.

 

8. COOKIES

Protecting our customers is at the heart of everything we do at Ickenham Travel Group and protecting your information is no exception. We use cookies on our Website to help make your visits more effective so we explain more about how and why we use them.  By continuing to browse our Websites without adjusting your browser settings to block cookies (see more about this in our Cookie Policy) you are agreeing to our use of cookies.

A Cookie is a small text file that can be stored by your browser on the device you use to access internet and allows the browser to pass small amounts of information to help you efficiently browse our website and how you interact with our webpages to improve your experience.

We will never share any personal information about you with any third parties and the cookies used maintain your anonymity.

 

 

9. COMPLAINTS

You have the right to make a complaint directly to our supervisory authority, the Information Commissioner’s Office at the following address:

Wycliffe House,
Water Lane,
Wilmslow Cheshire,
England SK9 5AF

 

 

10. CONTACT US

To exercise any of your rights, you can send an email to us at gdpr@businesstraveldirect.co.uk or you can write to us:

Data Protection
Business Travel Direct
4 Waterside Drive
Langley
SL3 6EZ

 

 

Appendix – Definitions of certain terms referred to above:

Personal Data:

(Article 4 of the GDPR): means any information relating to an identified or identifiable natural person (‘Data Subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

 

Processing:

(Article 4 of the GDPR): means any operation or set of operations which is performed upon Personal Data or sets of Personal Data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, erasure or destruction.

 

Data Controller:

(Article 4 of the GDPR): this means the person or company that determines the purposes and the means of processing Personal Data.

 

Data Processor:

(Article 4 of the GDPR): means a natural or legal person, public authority, agency or any other body which processes Personal Data on behalf of the controller.

 

Legal Basis for Processing:

(Article 6 of the GDPR): At least one of these must apply whenever Personal Data is processed:

  1. Consent: the individual has given clear consent for the processing of their Personal Data for a specific purpose.
  2. Contract: the processing is necessary for compliance with a contract.
  3. Legal obligation: the processing is necessary to comply with the law (not including contractual obligations).
  4. Vital interests: the processing is necessary to protect someone’s life.
  5. Public task: the processing is necessary to perform a task in the public interest, and the task or function has a clear basis in law.
  6. Legitimate interests: the processing is necessary for the legitimate interests of the Data Controller unless there is a good reason to protect the individual’s Personal Data which overrides those legitimate interests.