Any personal information processed by Interopa in connection with this Privacy Policy is controlled by Interopa, which is considered the “data controller” of your personal information under European Union and UK data protection law.

If you have made a booking with us including one or more services to be provided by other company(ies) then that other company will also separately be considered a “data controller” under European Union and UK data protection law.

Any provider of services such as a hotel or entry fee or restaurant or theatre or car rental company, etc. will also separately be a “data controller”. You can access the privacy policies of those providers from them directly.

What do we mean by Personal Information?

Personal information means details which identify you or could be used to identify you, such as your name and contact details, your booking arrangements and purchase history. It may also include information about how you use our websites and mobile applications.

When does this policy apply?

This Privacy Policy applies to personal information about you that we collect, use and otherwise process regarding your relationship with us as a customer or potential customer, including when you book with us or use our other services, use our websites or mobile applications, to make a reservation with us. Where we reference that others are data controllers in the sections ’Controller of Personal Information’ and ’Who do we share your personal information with?’ you should consult their privacy policies for further information.

How can you keep your personal information secure?

We take great care to protect the personal information you provide to us. We implement the necessary measures to protect our system database and online resources. Here are some things you can do to keep your information secure.

Keep your booking reference confidential

When you make a booking, you will be given a booking reference. This will appear on the email confirmation in your booking. You should keep your booking reference confidential always.

Keep log-in details confidential

To make sure your access to our websites, and mobile applications is secure, you should not share your log in details with anyone else. When you finish using the website, online services or mobile app you should log out if others may be able to access your computer or device. This is especially important if you are using a publicly accessible computer.

Be aware of and protect yourself against Internet fraud and ‘phishing’

There is an Internet fraud practice known as ‘phishing’ which is the illegal gathering of personal information by deception. Unsolicited emails are sent to individuals from lists illegally gathered by a third party, and recipients are asked to enter or reconfirm bank or password details into a 'cloned' or illegal copy website.

When do we collect personal information about you?

We collect personal information about you whenever you use our services (whether these services are provided by us or by other companies acting on our behalf), including when you book with us, when you use our website or mobile applications, or interact with us via email. For additional details see ’What types of personal information do we collect and retain?’ below. In addition, we may receive personal information about you from third parties, such as:

• Companies contracted by us to provide services to you.
• Companies involved in your reservation plans.
• Companies who provide details to us under privacy polices providing information to Interopa

What types of personal information do we collect and retain?

When you use our services, you will need to provide us with the details of those individual(s) who will be booked by us. We collect the following categories of personal information:

• Information you provide for Interopa to complete and manage a booking you have made with us or a service you have requested from us.
• Information about your travel arrangements.
• Information about the services we have provided to you in the past.
• Information about online registration and other interactions.
• Information about your use of our websites.

'How we use cookies and other methods for the collection of website usage data', below.

• Information about your location from your device if you have been browsing on interopa.co.uk or using our mobile application. (This is your IP address. An IP address (i.e. Internet Protocol address) is a numeric code that can act as a unique identifier for your computer or other device – this can be turned off from your device).

When and why do we collect ‘sensitive personal data’?

Certain categories of personal information, such as that about race, ethnicity, religion, health, sexuality or biometric information are special categories of data requiring additional protection under European Union and UK data protection law and is referred to here as “sensitive personal data”. Generally, we try to limit the circumstances where we collect and process sensitive personal data. Examples of where we may collect and process ’sensitive personal data’ includes the following:

• You have requested specific medical assistance from us and/or an airport operator, such as the provision of wheelchair assistance or oxygen.
• You have otherwise chosen to provide such information to us or it has been passed onto us by a third party such as the travel agent through which you made your booking.

In addition, you may have requested services (such as a meal) which is not ’sensitive data’ but may imply or suggest your religion, health or other information.

What do we use your personal information for?

The main purposes for which we use your personal information are:

• To fulfil your booking arrangements and deliver the services you have asked for.
• To send status updates and service communications to you.
• To provide services tailored to your requirements and to treat you in a more personal way.
• To carry out analysis and market research.
• To carry out marketing and keep you informed of Interopa‘s products and services.
• To improve our websites, products and services.
• For management and administrative purposes.

When will we send you marketing?

When we collect information directly from you we may ask you if you do not want to receive our marketing communications. Please be aware that we do sometimes send marketing communications that promote a third party’s products and services (for example, those of our business partners as well as our own. We may ask if you consent to receiving marketing communications from other members of our group or from third parties. We will respect your choice as to what communications you wish to receive and the methods by which you are sent them.

How can you change what marketing communications you receive and how you receive them?

If you decide you would no longer like to be sent marketing communications, you can change your mind at any time. You can change your marketing preferences at any time by using our web site link (work in progress) In addition, each marketing communication we send by email will also have an unsubscribe option which will allow you to stop you receiving further marketing emails. We aim to action requests to stop being sent marketing communications within 10 working days of receiving those requests, but it is possible you will receive some marketing in the period prior to that change being made. Please note that if you tell us that you do not wish to be sent further marketing communications, you will still receive service communications (as described above) which are necessary, for example, to confirm your booking or to provide you with an update on its status. If you ask us to stop sending marketing communications, please note we will retain your personal information for the purposes of indicating that you do not want to receive marketing communications.

What is our legal basis for using your personal information?

Interopa will only process your personal information where we have a legal basis to do so. The legal basis will depend on the reason or reasons Interopa collected and needs to use your information. Under EU and UK data protection laws in almost all cases the legal basis will be:

• Because we need to use your information so that we can process your booking, fulfil your request arrangements and otherwise perform the contract we have with you.
• Because it is in Interopa’s legitimate interests as a Tour Operator to use your personal information to operate and improve our business as Tour Operator provider.
• Because Interopa needs to use your personal information to comply with a legal obligation.
• To protect the vital interests of you or another person.
• Because you have consented to Interopa using your information for a particular purpose.

More information on each legal basis is provided below. If processing of your data is subject to any other laws then the basis of processing your data may be different to that set out above and may in those circumstances be based on your consent in all cases.

How long do we keep personal information?

We will keep your information for as long as we need it for the purpose it is being processed for. For example, where you book with us we will keep the information related to your booking, so we can fulfil the specific travel arrangements you have made and after that, we will keep the information for a period which enables us to handle or respond to any complaints, queries or concerns relating to the booking. The information may also be retained so that we can continue to improve your experience with us and to ensure that you receive any loyalty rewards which are due to you. We will actively review the information we hold and delete it securely, or in some cases anonymise it, when there is no longer a legal, business or customer need for it to be retained.

Performance of a contract with you

It will be necessary for Interopa to use your personal information to complete a booking you have made with us. For example, we will need to use information such as your contact details and payment information to provide you with services you have requested and paid for.

Legitimate Interests

As a commercial Tour Operator Interopa has a legitimate business interest to use the personal information we collect to offer an effective service and carry out our business.

To protect the vital interest of you or another person

There are situations where we may need to use your personal information to protect the vital interests of you or another person. If we collect and process medical information in the event of a medical emergency and you are incapable of giving your consent.

Consent

Alternatively, we may collect and use your personal information where you have given your specific consent to us doing so. If the basis of our processing your data is consent, you can withdraw your consent to such processing at any time, by using our web site page (work in progress), emailing us, calling us on +44207258009, writing to our address: Interopa – 21-23 Chilworth Street, London W2 3HA, UK However, if you withdraw this consent, in some circumstances, it may mean we will not be able to provide all or parts of the services you have requested from us and you will not be able to cancel your booking or obtain a refund of any charges you have paid.

Who do we share your personal information with?

Your personal information may be shared with the third party companies we use to provide the services you have requested and booked with us. We do not sell personal information to third parties.

Requesting a copy of your personal information

Under the UK Data Protection Act 1998, you may request a copy of any personal data about you held by Interopa. There is no fee for this request. The request must be in writing and must contain the following: Your name and postal address. Details of your request. Any details which may help us locate the information which is the subject of your request, for example: Booking reference and dates. Telephone recording details (identifier number, the number you call from, the number and option you dialled, the date and time of your call(s)). You must also provide: A photocopy of your passport or driving licence, so that we can verify your identity. Your signature and the date of the request. If you are applying on behalf of another person then signed authority from the individual is required.

Please send your request to: Interopa Data Protection Management 21-23 Chilworth Street London W2 3HA