Our head office address is Level 7, New England House, New England Street, Brighton, BN1 4GH.
For enquiries concerning Data Protection at Travel Nation, please write to the Commercial Director in using the above address or email [email protected].co.uk
Your personal data and that of your party is important to us. We will always treat it with the respect it deserves and will never pass it to any third parties, except those that need this information in the course of providing the holiday services that you have booked.
Specifically, to support travel booking arrangements we process the following data:
Travel Nation will keep the remaining information for 7 years from the fulfilment of the services we provide to you to both comply with our legal tax obligations and as a legitimate interest of the company to retain a record of the transaction for contractual purposes.
Travel Nation ensures Payment Card Industry (PCI) compliance by adhering to the Payment Card Industry Data Security Standard (PCI-DSS). This safeguards the security of card transactions and protects cardholder data.
To support the specific holiday services that we book for you, we also require some or all of the following information from each traveller within the travel party:
Generally, this collection occurs when you deal with us either in person, by telephone, letter or email, or when you visit any of our websites or connect with us via social media.
Telephone calls are recorded for quality and training purposes. The legal basis for the recording of calls is as a legitimate business interest (to improve the service we provide, to assist with dispute resolution, fraud prevention and threats to public security).
Where data processing is subject to the Special Data category under UK Data Protection legislation, e.g. information relating to children under the age of 13, health or religion, then the explicit consent of the data subject or their legal guardian, if under the age of 13, will be required by Travel Nation to allow us to process that information.
Note that if you do not give consent or later withdraw your consent, this may affect our ability to provide services to you or negatively impact the services we can offer to you.
Where you make a booking on behalf of other people, the group travel organiser accepts full responsibility for informing all individuals within the group about this Privacy Notice.
Travel Nation’s legal basis for processing this data is that it is necessary for both the performance of a contract and legitimate business interest.
This data is retained for 7 years after the fulfilment of the services to support any subsequent reviews of the services provided under contract with our customers by section 5 of the Limitation Act 1980.
Travel Nation also processes customer names and email addresses to make our customers aware of similar holiday products and services.
Travel Nation’s legal basis for processing this data is that it is considered a legitimate business interest as the customer has purchased a similar service or product previously and that they have not opted-out of receiving the marketing communications using the simple unsubscribe feature on all of our marketing communications.
If you apply for a job with Travel Nation, we will process the following data in support of your application:
If your job application is unsuccessful, we will retain your information for 12 months following the conclusion of the job selection process.
Our legal basis for retaining this information is that we consider it a legitimate business interest to keep a record of your job application data as it relates to any management decision taken about your application. We retain it for 12 months to support any subsequent legal reviews under employment-related legislation in the UK.
If your application is successful and you commence employment with Travel Nation, your application information will form a part of your personnel file with the company and be retained for the duration of your employment and 7 years after you leave.
Our legal basis for retaining this information is that we consider it a legitimate business interest to keep a record of your job application data as it relates to any management decision taken about it. We retain it for 7 years after employment to support any subsequent legal reviews under section 5 of the Limitation Act 1980 and all other employment-related legislation in the UK.
Travel Nation is committed to safeguarding and protecting customer personal data and has therefore implemented and will maintain appropriate technical and organisational measures to ensure a level of security to protect against accidental or unlawful destruction, loss, alteration, unauthorised disclosure or access to personal data transmitted, stored or otherwise processed. We regularly review security technologies and will strive to protect our customers' data as fully as we protect our own confidential data.
All payment data taken by Travel Nation is processed in accordance with Payment Card Industry Data Security Standards (PCI DSS). The PCI DSS is a set of security standards that all companies that accept, store, process or transmit credit and debit card information must conform with. Our payment systems are regularly tested to ensure continuing compliance with PCI DSS.
We will destroy or de-identify personal data once we no longer require it for business purposes or as required by law.
Customer data is frequently shared with third party suppliers including, without limitation, to airlines, tour companies, mailing houses, couriers and payment processors but only where necessary to support the fulfilment of the travel services that you have booked through Travel Nation, i.e. to support the performance of the contract we have with you.
To the extent permitted by current data protection laws in the United Kingdom and countries within the European Economic Area, we will not be liable for how overseas recipients handle, store and process your personal data.
Under UK law (The Immigration Act 1971, the Immigration and Police (Passenger, Crew and Service Information) Order 2008 and the Security and Travel Bans Authority to Carry Scheme 2012) Travel Nation are legally required to collect Advance Passenger Information (API) for passengers prior to travel for many destinations and share that information with carriers (e.g. airlines) that are supporting our customers journeys. This information is required to aid aviation safety and security.
Travel Nation’s legal basis for processing this data is to support our legal obligations under UK law.
Advance Passenger Information is no different in content from data collected for travel services above, so by default, it would be retained for 7 years. The carrier’s duty to share this information will be in accordance with local legislation, e.g. in the UK, carriers are required to share Advanced Passenger Information with the UK government border systems programme.
Travel Nation fully recognises your right to:
If you wish to exercise any of these rights, you can request this by emailing or writing to us at the addresses provided in the Who We Are and How To Contact Us About Data Protection sections above. You will receive acknowledgement of your request, and we will advise you of the timeframe within which you will receive your information pack.
We endeavour to respond to such requests within a month or less, although we reserve the right to extend this period for complex requests.
We reserve the right to deny you access for any reason permitted under applicable laws. Such exemptions may include national security, corporate finance and confidential references. If we deny access or correction, we will provide you with written reasons for such denial unless it is unreasonable to do so and, where required by local data protection laws, will note your request and the denial of same in our records.
Please note that, if you request that we restrict or stop using personal data we hold on you, or withdraw a consent you have previously given to the processing of such information, this may affect our ability to provide services to you or negatively impact the services we can offer to you. For example, most holiday or travel bookings must be made under the traveller's full name and must include contact details and appropriate identification (e.g. passport details). We cannot make bookings for you without that information.
You must always provide accurate information, and you agree to update it whenever necessary. You also agree that, in the absence of any update, we can assume that the information submitted to us is correct unless we subsequently become aware that it is not correct.
You can at any time tell us not to send you marketing communications by email by clicking on the unsubscribe link within the marketing emails you receive from us.
In any of the situations listed above, we may request that you prove your identity by providing us with a copy of a valid means of identification for us to comply with our security obligations and to prevent unauthorised disclosure of personal data.
You will not have to pay a fee to access your personal data, but we reserve the right to charge you a reasonable administrative fee for any manifestly unfounded or excessive requests concerning your access to your personal data, and for any additional copies of the personal data you request from us.
If you have any reason for complaint concerning your personal data, then please do not hesitate to contact us by emailing or writing to us at the addresses provided in the Who We Are and How To Contact Us About Data Protection sections above.