- Collection and processing of your personal data
We only collect and process your personal data if:
- - You have agreed to it; or
- - It is necessary in order for us to be able to provide our service or product, which you have agreed to; or
- - It is necessary for compliance with our legal obligations as providers of travel experiences; or
- - We have legitimate reason to do so, such as for fraud prevention or debt collection.
- What types of personal data we handle
We collect and process the personal data that you provide when interacting with us, either online or via email, phone or post.
Such personal data may include the following:
- - First name and surname;
- - Postal and/or email address;
- - Gender, date of birth;
- - Country of residence and/or nationality;
- - Unique identifier information (e.g. your customer username or number and password);
- - Financial information (e.g. payment card or bank account information);
- - Some details provided by your device such as IP address, device ID, device type, and location data.
- How we use your personal data
We may use the personal data we collect and process about you in order to:
- - Provide you with access to our website;
- - Provide access to travel experiences within the “LoungeKey” program;
- - Process any payment required for the products and services you have requested;
- - Provide you with information you have requested, including without limitation, quotations, service documentation, brochures, newsletters and responses to applications;
- - Respond to any enquiries from you regarding our products and services;
- - Where you have agreed, provide you with information about certain other goods and services which we believe may be of interest to you;
- - Meet our legal and regulatory obligations;
- - Detect and prevent fraud.
- Personal data sharing and transferring
We will not share your personal data with anyone else unless you agree to this, or such sharing is necessary to fulfil our contract with you, or we are legally allowed or required to do so. Moreover, your personal data will only be shared with selected organisations which comply with our security procedures and policies.
Organisations we may share your personal data with include:
- - Another member of our group of companies where they help provide our services to you;
- - Our service providers and subcontractors, where they us help provide our services to you;
- - To a regulating body or other authority where we need to comply with a regulatory or legal obligation;
- - Fraud prevention or debt collection organisations when required to protect our legitimate interests.
Some of those organisations may be based in a country outside the European Economic Area or where different data privacy laws apply. We will only transfer your personal data to that country if they ensure an adequate level of protection of your rights and freedoms, or you have given us your consent, or that organisation is contractually bound to meet European Economic Area data protection law.
We will not sell your personal data to anyone.
- Personal data protection and storage
We handle your personal data in accordance with adequate and reasonable procedures and technologies in order to maintain and protect its security, availability, confidentiality and integrity, and prevent its unlawful or unauthorised processing, accidental loss or damage, from its collection until its destruction.
Where personal data is transmitted across the internet, it will be encrypted.
Where we have given you (or where you have chosen) a password which enables you to access certain parts of your personal data, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.
- Personal data disposal and retention
We will only keep your personal data for as long as it is needed for the purposes for which it was collected and we will remove from our systems all personal data which is no longer required.
We will only retain your personal data after this time where we are required to do so, in order to meet a regulatory or legal obligation.
- Your rights
You have the right at any time and free of charge to access your personal data in the following ways:
- - Request a copy of the personal data we hold about you. We may charge a reasonable fee to provide further copies, and can refuse to give you this information if your requests are clearly unjustified or excessive;
- - Have your personal data corrected if it is inaccurate or incomplete;
- - Request the deletion of your personal data where it is no longer necessary for us to keep it for the purpose for which it was originally collected or processed, unless we have a legal or regulatory obligation to retain the personal data;
- - Restrict further processing of your personal data. Where you have previously entered into a contracted service or product with us, this may imply cancelling the contracted service or product;
- - Withdraw your agreement to direct marketing, including profiling;
- - Obtain and reuse your personal data for your own purposes subject to certain conditions of portability.
- How to contact us
For the purposes of data protection legislation, LOUNGE KEY LTD, a Collinson Group Ltd company, registered in England and Wales with company number 08792537 and offices in Cutlers Exchange, 123 Houndsditch, London, EC3A 7BU, United Kingdom is the data controller.
Data Protection Officer
LOUNGE KEY LTD
If you are unsatisfied with our response, you can contact the Information Commissioner’s Office (ICO). Further information can be found at https://ico.org.uk/.
- Other websites
- Changes to our policy