When you travel with us, we want to provide you with the experience that you have been imagining. To enable us to do this, we will need to ask you for some personal information. We know how important it is to keep your personal information safe, so rest assured that we’ll always be open with you about how we collect, share and store your data.
We will ask you for information such as your name and contact information, your email address, and, if you travel with us, your passport details, dietary requirements and any medical conditions that we need to be aware of to ensure your trip is tailored to your needs. We will retain this information once you return from your trip to enable us to assist you with future travel plans.
We primarily collect your personal data for the following reasons:
-
To give you the best possible experience when visiting our website or using our mobile/tablet apps, based upon your interests and the device you are using;
-
So we can contact you successfully including via email, mail, telephone or instant message, if you get in touch with us or ask us for information;
-
When we are planning your trip, to ensure that we make the right arrangements for you; and
-
To share potential holiday ideas with you that could be of specific interest, based upon your previous enquiries and/or bookings.
How we share your personal information
We will only ask you for personal information directly or, with your permission, gather it by tracking how you use our digital channels, such as our websites or mobile apps.
When we do need to share your personal information, it’s always so we can provide you with the best service when you’re enquiring or traveling with us. Further details on the sharing of your personal information is provided in Section 3 of the policy below.
Safeguarding your personal information
We process and store your personal information securely, and we ensure it is only retained for the period of time that is necessary.
Your rights to your personal information
You can contact us at any time by emailing dataprotection@audleytravel.com if you have questions, concerns, comments, requests or complaints regarding our privacy policy or your personal information.
If you’d like to stop receiving our email marketing, you can click the ‘unsubscribe’ link within the footer of an email at any time. Alternatively, you can email unsubscribe@audleytravel.com with your request. Such requests will generally be actioned within seven working days.
If you would like us to update or erase your personal information, please send an email to dataprotection@audleytravel.com.
If you have any comments regarding this privacy policy or the way we handle your personal information, you can also contact the following:
UK Residents: The UK Information Commissioner:
- +44(0)303 123 1113
- https://ico.org.uk/
California Residents: The Attorney General, State of California Department of Justice
Canada Residents: The Information Commissioner of Canada:
- https://www.oic-ci.gc.ca/en/make-complaint-online
- greffe-registry@oic-ci.gc.ca
- +1 (0)800 267 0441
Changes to our privacy policy
From time to time, we might review our privacy policy and make changes to it. If we do this, we’ll always highlight it on our website and, where appropriate, let you know by email.
Our privacy policy in full
1. Who are we
1.1 At Audley Travel Group Limited and Audley Travel US Inc. we are committed to protecting and respecting your privacy, whilst striving to provide you with the best possible experience when enquiring, booking and traveling with us. We have systems and processes in place to ensure the personal information we process and store about you is accurate, minimised and only accessible by those that need it. We also recognize that it is important for you to understand how we use your personal information.
1.2 This privacy policy (and any other documents referred to in it) describes the way we will process and use any personal information about our clients, potential clients, visitors to our website or users of our mobile and/or tablet apps and any other individuals whose data we process in the course of our business. Please read this privacy policy carefully to understand how and why we use your personal data.
1.3 We have a legal duty to protect personal information that we collect under the UK Data Protection Act 2018 (the “DPA”), the General Data Protection Regulation 2016/679, (the “GDPR”), the California Consumer Privacy Act 2018 (“CCPA”) and any other global privacy laws that apply to the data subjects for whom we process data. For the purpose of data privacy regulations, including the DPA, GDPR and CCPA, we (Audley Travel Group Limited and Audley Travel US Inc.) are the data controller (in other words, the organization that determines how your personal information is used) and are located at:
- UK: New Mill, New Mill Lane, Witney, Oxfordshire, OX29 9SX.
- US & Canada: 77 North Washington Street, 4th Floor, Boston, MA 02114
2. Personal information we collect, how we use it and our lawful basis for processing
2.1 We may collect and use various types of personal information about you. Details of this information, together with an overview of the way that we use it and our lawful bases for the processing in each case are set out below:
Enquiries and bookings
a) We will collect personal information from you when you make an enquiry or request a brochure from us. This includes your:
- Name;
- Contact information;
- Details about the destinations and countries that you are most interested in;
- The brochures that you request;
- Information about your geographic location; and
- Any additional details of your travel plans which you voluntarily give to us.
We may also collect details about the best time to contact you and any in-person appointments that you request as well as what prompted you to contact us and any other requests or comments that you may make.
We will use this information so that we can provide you with information that you have requested or contact you if you have indicated you want to hear from us. For example, to enable you to find the right destination, we will call you once the brochure has been sent out to you. We also collect personal information from you when you approach us via one of our partners, agencies, or affiliates. Lastly, we use your personal information to help us better understand, direct, and respond to your enquiries and requests.
-
We have a legitimate interest to use your information in this way to make sure that we are able to help you find the right destination and start to plan the best holiday for you, and to enable us to contact you in the most appropriate and business-efficient manner. Where we rely on our legitimate interests, we'll always ensure that your rights are protected.
b) If you or another member of your party book a trip with us, we will ask certain details about your travel arrangements. This is likely to include details of your passports, emergency contacts, travel insurance arrangements, preferences and special requirements, frequent flyer club membership, visa requirements, flights (if you arrange your own flights) and amounts (if any) to be contributed to offset the carbon for your flights through the ClimateCare scheme. This will include personal details about you as well as of any other passengers who are traveling on your booking.
We will use this information to help us organize your trip, make bookings on your behalf and ensure that you (and any other passengers who are traveling on your booking) receive the products and services set out in your itinerary. We may also use this information to contact you by phone and instant message if we need to resolve any problems or queries that may arise when you are travelling with us.
-
We collect and use this information so we can enter into and fulfil our contract with you and provide you with the quality of service we strive to provide.
-
If you are included on a booking made by another passenger, we have a legitimate interest in collecting and using your information in this way, including to ensure that we can enter into and fulfil our contracts with our clients, to provide you with the quality of service we strive to provide, and, where necessary, to enable us to contact you in the most appropriate and business-efficient manner.
We may also retain this personal information so that we can use it when you next book with us as we have a legitimate interest to improve our client journey, facilitate your bookings or trips and ensure we look after our regular clients and passengers.
c) If you have made an enquiry with us, or booked a trip with us, we may send you a copy of our Traveller magazine via email or through the post.
-
We send you this on the basis of our legitimate interests, but you always have a right to object to direct marketing (see further below) and if you do not want to receive Traveller magazine please let us know using the contact details in section 10.
Websites, apps, marketing, and advertising
d) We will collect certain technical information from you when you visit our website. This is likely to include: the IP address or other device identifier, the browser type and version (e.g. Chrome or Edge), the operating system and platform that you are using (e.g. Windows or MacOS), the screen resolution of your device, the dates and times when you access our website, the full URLs of the pages you visit and the websites or links that you use to access our website, your login information, the details of products or services that are viewed and the length of visits to certain pages of the website.
We use cookies to collect this information; for more information about what cookies are and how we use them, please refer to our cookie policy.
We use this information for site management and security purposes (such as troubleshooting and testing) as well as to help us improve our website.
- We collect this information so we can fulfil our legitimate interests as a business to ensure that our website is fit for purpose and promotes our services appropriately for our clients, including by displaying information that our clients are interested in. We also rely on our legitimate interest in measuring client satisfaction and troubleshooting any website issues. Where required by law, we may also seek and rely on your consent.
e) We will collect and use information about you when you use our mobile apps. This may include identity data, contact data, transaction data, device data, usage data, location data (if you wish to use this particular feature, you will be asked to consent to your data being used for this purpose and you can withdraw your consent at any time by disabling location data in your settings). It will also include any text you enter into the journal on the app and photographs which you add to the app.
-
We have a legitimate interest to collect and use this information either directly, or through our app solution provider, to fulfil our contract with you or to enhance your Audley experience. Where we rely on our legitimate interests, we will always ensure that your rights are protected.
f) We may collect and use information from various sources in connection with the marketing and advertising of our services. This may include your contact details (and your marketing preferences) to contact you by post, email, SMS or telephone with certain information about our offering that we think may be of interest to you (e.g. our latest travel news, inspiration from our experts and our latest offers). We may also use data we collect from you (either directly or via our website or advertising) to help us to measure the effectiveness of our advertising and to establish what does and doesn’t interest you.
-
Where required by applicable law, we rely on your consent to contact you directly about our offering. In other scenarios in carrying out efficient and appropriate marketing and advertising for our services, we will rely on our legitimate interests, whilst always ensuring that your rights are protected. You can withdraw your consent or opt out of our direct marketing at any time though by clicking the 'unsubscribe' option in any marketing email, by responding “STOP” to any SMS message, or by emailing dataprotection@audleytravel.com.
g) We may collect your contact details when you enter competitions or promotions, or complete surveys.
-
We will rely on your consent or on our legitimate interests (depending on whether we are marketing or carrying out market research), whilst always ensuring that your rights are protected.
h) We may collect details about you, such as your username, when you engage with us on social media (by mentioning or tagging us in a post or contacting us directly) this is so that we can respond to any comments and queries you have.
-
We rely on our legitimate interests to do this as we want to ensure our clients have the best possible experience, whilst always ensuring your rights are protected.
Administrative or other business purposes
i) We may collect and use certain other personal information when we correspond with you (whether by telephone, email, instant message or otherwise). For example, we may record and store both in-bound and out-bound telephone and video conferencing calls, or collect information when you use our LiveChat or instant message features to speak with our Specialists.
-
We collect this information so we can fulfil our legitimate interests as a business to ensure that our Specialists are trained to the highest level so that our clients receive the very best travel advice.
-
We retain this information, even in the event of a Data Erasure Request, so that we can fulfil our legitimate interest in establishing, exercising or defending legal claims, and respond to and resolve any concerns or queries which you may raise in the future.
j) We may collect certain other information that you give us, for example, when you contact us for a particular reason other than those set out above, such as to report problems with our website.
-
It is in our legitimate interests as a business to use your data in this way, for example, we have a clear interest in ensuring that our website works properly and in ensuring that we operate our business efficiently. We will always ensure that your rights are protected.
2.2 As well as collecting personal information directly from you, we also collect some from third parties including Google, Salesforce, Meta and via our app solution provider (mTrip).
2.3 We may also collect and use certain sensitive (Special Category) personal information about you. Such information may include specific details of any relevant health conditions, disabilities, mobility and access requirements, and special dietary requirements including allergies. Under some laws, including the CCPA, this information may also include identification numbers such as your driver’s license number or passport number. We collect this information directly from you to try to ensure that your trip is planned with your specific needs in mind and can be operated safely, and we do not use this information to infer characteristics about you. This information will be shared with our suppliers overseas where necessary. We may therefore need to ask for your explicit consent to process this information.
- Where required by applicable law, including the DPA and the GDPR, we will ask for your explicit consent to process this information. You are not required to provide your consent if you do not want us to process this information about you. However, if we need your consent in order to proceed with your booking or include you as a passenger on a trip with us and you do not provide your consent, we may not be able to provide you some or all of the services requested. You can withdraw your consent at any time by contacting us using the details in section 10 below. If you withdraw your consent, this will not affect the lawfulness of our processing of this information before the withdrawal.
- In exceptional circumstances, such as an emergency, we may need to process this information in order to protect your or others’ vital interests, if you are incapable of giving consent.
- In addition, we reserve the right to retain and otherwise process this information where necessary for the establishment, exercise or defence of legal claims.
2.4 To the extent you provide us with information about third parties (such as other travelers or guests on your trips) we ask you to confirm that you have obtained consent from the relevant third parties to do this. Please also tell them about this privacy policy and give them our contact details if they have any queries. Please make sure you let us know if any of these third parties would like to speak to us directly, either about the trip or about our use of their data.
3. How we share personal information
3.1 In order to make sure that we run our business efficiently, and to make sure that you get the service that you expect, we will need to share your personal information, from time to time, as necessary, with the following third parties:
(a) Members of our group, which means our subsidiaries, our ultimate holding companies and their subsidiaries, as we share operations with some members of our group.
(b) Selected trusted third-party business partners (such as the local businesses we partner with in the locations our clients travel to), providers of gifts and technology service providers to perform services related to the contracts we enter into with you.
(c) Selected advertising partners including Google and Meta, to deliver relevant advertisements relating to our services on online platforms. To enable this, we may securely share certain personal information with these providers, such as email address, in a hashed format that cannot directly identify you. This helps us present you with ads that reflect your interests while maintaining the confidentiality of your information.
(d) Prospective buyers of all or a part of our business or assets, which may include your personal information.
(e) Any other third parties if necessary to comply with legal obligations or enforce agreements, for example, we are required to provide airlines with a passenger mobile phone number and email contact details under IATA Resolution 830d for the airline to inform the passenger of any operational difficulties.
(f) Any other third parties if this is necessary to protect our or your rights, property, or safety and/or those of others.
(g) If applicable, we may share details of your enquiries and/or bookings with the partner, affiliate, or agent who referred you to us.
4. Automated decisions and profiling
4.1 In performing certain of the functions above, we rely on technology that makes automatic and instantaneous decisions based on the criteria we determine to be relevant and the personal information we collect about you when you make an enquiry or request a brochure from us. We routinely test our software to improve the accuracy of these decisions and to prevent unintended bias.
4.2 We may share your details with third party data services, who help us to segment and understand our clients by providing additional information so that we can send to you the most relevant communications possible.
5. Where we transfer and store personal information
If you are resident with the UK or EEA, from time to time we may process (or ask or permit a third party to process) your personal information outside of the UK or European Economic Area (EEA), where local laws may not provide legal protection for your information in the same way as is applicable in the EEA.
For example, when you book a trip, we will need to provide your information to local accommodation or service providers. In other cases, we may need to share your information with an overseas service provider such as our local partners who host you during your safari experience, the provider of a cruise or experience train journey.
Whenever we send (or permit a third party to send) your personal data outside of the UK or EEA, we will make sure that we take steps necessary to protect your data as required by applicable laws. For example, we may require the overseas recipient to enter into particular contract terms, or we will make sure that the information that we give to them will be limited to what is needed to perform our contract with you.
If you wish to learn more about the safeguards in place to protect your personal information when we transfer it outside of the UK or EEA, please contact us using the details in section 10 below.
The personal data that we collect from you will also be processed by staff operating outside the UK or EEA who work for us, one of our suppliers or a subcontractor of our suppliers. This includes staff involved in, among other things, providing support services.
6. Security of your personal information
6.1 We take the security of your information very seriously and have put physical, technical, operational, and administrative strategies, controls, and measures in place to help protect your personal information from unauthorised access, use or disclosure as required by law and in accordance with accepted good industry practice. We will always keep these under review to make sure that the measures we have implemented remain appropriate.
7. Retention of personal information
7.1 We will only keep your personal information for the period of time that is necessary, and the applicable retention periods will always be linked to our purposes for processing your personal information. This means that the retention periods will vary according to the type of personal information. For example, some transaction information will be kept for a number of years in order to comply with various finance and tax related obligations. If you need more information on this, please contact: dataprotection@audleytravel.com.
8. Your rights in your personal information
8.1 You have certain rights in respect of the personal information that we hold about you. Details of these rights are set out below.
8.2 Your rights:
(a) Access: We will confirm to you whether or not we are processing and using personal information about you, at your request and, if so, provide you with access to and a copy of such personal information and the other details to which you are entitled.
(b) Rectification: We will correct any inaccurate personal data and complete any incomplete personal data (including by providing a supplementary statement) that we hold about you.
(c) Prevention of processing likely to cause damage or distress: We will respect your rights to require us to cease or not to begin processing your personal information for a specific purpose, or in a specific way, that is likely to cause you or any third parties unwarranted damage or distress.
(d) Erasure: We will erase your personal information at your request without undue delay where there is no good reason for us to continue to use it.
(e) Restriction: We will restrict the processing of your personal information in certain circumstances if you ask us to do so.
(f) Data portability: We will provide you or third parties on your behalf with a copy of any personal information that we hold about you which you have provided to us in a structured, commonly used and machine-readable format.
(g) Objection (including objection to direct marketing and limiting the use of sensitive personal information): We will respect your general rights to object to the processing of your personal information in certain circumstances, including for direct marketing purposes and when we process sensitive personal information.
(h) Automated decisions and profiling: We will respect your rights to require us not to carry out decisions based solely on automated processing, including profiling, which produce legal or similarly significant effects on you.
(i) Targeted Advertising: We will honor your request to opt out of targeted advertising we conduct, including requests to opt out of the sale or sharing of personal information under the CCPA.
8.3 How to exercise your rights: If you wish to exercise any of these rights, please email dataprotection@audleytravel.com or call us at 617 223 4500. The rights described herein are not absolute and we reserve all of our rights available to us at law in this regard.
We will not discriminate against you for exercising any of these rights, for example, by charging you a different price or offering a different level of service; however, we may be unable to provide certain services, such as if you ask us to delete information required to deliver the service.
If you make a request related to personal data about you, we will need to verify your identity. To do so, we will request that you match specific pieces of information you have provided us previously. If it is necessary to collect additional information from you, we will use the information only for verification purposes and will delete it as soon as practicable after complying with the request. For requests related to particularly sensitive information, we may require additional proof of identification. If you make a request through an authorized agent, we will require written proof that the agent is authorized to act on your behalf. We will process your request within the time provided by applicable law.
9. Changes to our policy
9.1 We reserve the right to modify this privacy policy from time to time — for example, if we need to reflect changes to the way that we use your personal information. Any changes we make in the future will be posted on this privacy policy page and, where appropriate, notified to you by email. You should check back frequently to see any updates or changes to our privacy policy.
10. Contact and complaints
10.1 If you have any questions, concerns, comments, requests or complaints regarding this privacy policy, our website and/or our use of your personal information. Please contact dataprotection@audleytravel.com.
10.2 If you have any complaints regarding this privacy policy or the way that we use your personal information, you may also contact:
UK: The UK Information Commissioner:
- +44(0)303 123 1113
- https://ico.org.uk/
US, California: The Attorney General, State of California Department of Justice
Canada: The Information Commissioner of Canada:
- https://www.oic-ci.gc.ca/en/make-complaint-online
- greffe-registry@oic-ci.gc.ca
- +1 (0)800 267 0441
Last Updated: 3rd December 2024