Call Now : 0208 044 9308

    GDPR Compliance Statement

    • Home
    • GDPR Compliance Statement

    GDPR Compliance Statement

    BookMyVacay is committed to protecting the personal data of our users in compliance with the General Data Protection Regulation (GDPR). This statement outlines how we collect, use, store, and protect personal data for residents of the European Union (EU).

    1. Data Collection and Processing

    We collect personal data to provide our services, including booking confirmations, travel arrangements, and customer support. The types of data we collect include:

    • Contact Information: Name, email address, phone number
    • Payment Information: Credit card details and billing addresses (processed securely)
    • Travel Preferences: Passport information and travel preferences

    All personal data is collected with a legal basis, such as for fulfilling a booking contract, complying with legal obligations, or based on the consent provided by you.

    1. Legal Basis for Processing

    Under GDPR, we process your data based on the following lawful grounds:

    • Contractual Necessity: Data processing necessary to fulfill your bookings.
    • Legitimate Interests: For service improvement, marketing, and fraud prevention.
    • Consent: When you opt in to receive marketing communications.
    • Legal Compliance: When processing is required for compliance with applicable laws.
    1. Your Rights under GDPR

    As an EU resident, you have specific rights regarding your personal data:

    • Right to Access: You may request access to your personal data and details of how it is used.
    • Right to Rectification: You may correct or update any inaccurate or incomplete data.
    • Right to Erasure: You can request the deletion of your personal data under certain conditions.
    • Right to Restrict Processing: You may request to limit the processing of your data in certain cases.
    • Right to Data Portability: You may request a copy of your data in a structured, machine-readable format.
    • Right to Object: You have the right to object to certain types of data processing, such as direct marketing.

    To exercise any of these rights, please contact us at gdpr@bookmyvacay.co.uk

    1. Consent and Withdrawal

    When processing data based on consent, you have the right to withdraw your consent at any time. To withdraw consent for marketing communications or other purposes, contact us at gdpr@bookmyvacay.co.uk, support@bookmyvacay.co.uk or follow the unsubscribe link in our emails.

    1. Data Security and Storage

    We implement strict security measures to safeguard your data. Personal data is stored securely and retained only as long as necessary for the purpose collected, or as required by law. Access to personal data is limited to authorized personnel only.

    1. Data Transfers Outside the EU

    When necessary, we may transfer personal data to third-party service providers outside the EU, such as to hotel and airline partners. We ensure that these transfers comply with GDPR through standard contractual clauses or other approved transfer mechanisms.

    1. Data Breach Notification

    In the event of a data breach that poses a risk to your rights and freedoms, BookMyVacay will notify affected individuals and the relevant authorities within 72 hours of becoming aware of the breach, as required by GDPR.

    1. Complaints and Supervisory Authority

    If you believe that your rights under GDPR have been violated, you have the right to file a complaint with a supervisory authority within your EU member state or where the alleged infringement occurred.

    1. Contact Us

    For GDPR-related inquiries or to exercise your rights, please contact our Data Protection Officer (DPO) at gdpr@bookmyvacay.co.uk or support@bookmyvacay.co.uk