While a large portion of the information we collect will naturally relate to information concerning your business/ organisation, we will also collect some personal information from you via our websites (“Sites”), our questionnaires/surveys, through your interaction with any of our account management team, at any events and conferences or our social media channels (collectively, our “Services”) through the Hotel Everywhere business partner process and when we discuss our partner and advertisement services with you.
Please read the following information carefully.
Which companies does this policy apply to?
The Thomas Cook Group includes a number of companies registered in the UK and overseas. This policy covers Thomas Cook Group Plc’s Hotel Everywhere service managed by the Media & Partnerships area of the business operated in Europe. Read on to find out more…
What types of personal data do we collect about you and why do we collect it?
We collect information concerning your business and certain personal data about you throughout the application process and during discussions with you regarding the Hotel Everywhere media and advertisement services we provide. The sort of personal data we collect is information that you provide to us, that we collect from you or observe about you, or that we obtain from other sources. Read on to find out more…
Personal data you give to us
- When you submit an online form registering your business/ organisation’s interest in our Hotel Everywhere services managed by the Media & Partnerships area of the business, we will ask you for your name, business e-mail address, telephone number and job title. We need to collect this information in order to discuss our relevant Hotel Everywhere media and advertisement opportunities with you.
- If you enter a competition or promotion, complete a survey, or if you report a problem with any of our Services, we will collect your name and relevant contact information and any other personal information you choose to give us.
- If you contact us online, we may keep a record of your e-mail or other correspondence, and if you call us by telephone, our account management team may record pertinent information relating to business opportunities, such as budget information and sign off processes regarding the call on our customer relationship management system for training and account management reasons.
To help us keep your information current, accurate and complete, please ensure you tell us if anything needs to be changed.
Personal data we collect and/or observe about you
Based on how you have used our Services in the past and your activity on our website, social media channels, or with a member of our team, we collect the following personal data about you:
- We collect details of your visits to our Sites (including, but not limited to, traffic data, location data and weblogs) whether this is required for our own purposes or otherwise, and of the resources that you access. We use third party technology services, such as Google Analytics to administer these services.
- We collect details of website(s) you visited before you use a link to our Sites, pages visited in our Sites, and time spent on each page.
- We may collect information about your computer (or mobile device/tablet) including, where available, your IP address, operating system, device location, browser type, cookie identification numbers, for system administration and marketing purposes.
Personal data obtained from other sources
We might also receive your personal data from third party sources who collect information about you on our behalf. This includes:
- If you complete any of our feedback questionnaires/surveys, the information you provide will be processed on our behalf using a third party service such as Survey Monkey’s tool to collect the data.
- If you provide feedback on us via social media, such as a Twitter survey, the feedback, but not your personal data, will be processed by Twitter and passed to us. A digital marketing company called Influence Digital Limited is used by us to administer these surveys and other activity on our social media channels.
Where is your data stored and who it’s shared with?
Your personal data is held on a combination of our own systems and systems of the suppliers we use to provide our services. Read more here…
When you give your personal data to us, some of the personal data you provide will need to be given to and processed and stored by relevant third parties and may also be shared with other companies within the Thomas Cook Group for the purposes of providing services to us or directly to you on our behalf, including the operation and maintenance of our Site and social media pages. These third parties can be categorised as follows:
|Recipient/ relationship to us
||Industry sector (& sub-sector)
|Advertising, PR, digital and creative agencies
||Media (advertising & PR)
|Cloud software system providers, including database,
email and document management providers
|IT (Cloud Services)
||UK, EEA & USA
|Social media platforms
||Media (Social Media)
||UK, EEA & USA
Some of these third parties may be based outside of the European Economic Area (“EEA”).
Organisations that are based outside of the EEA may not be subject to the same level of controls in regard to data protection as exist within the UK and the EEA. For example, we transfer your personal information to the USA when using our email marketing management provider and most social media platforms.
Where we transfer your information outside of the EEA in this way, we take steps to ensure that your personal information will be subject to one or more appropriate safeguards set out in data protection law. These steps include imposing contractual obligations on the recipient of your personal information or ensuring that the recipients are subscribed to ‘international frameworks’ that aim to ensure adequate protection, such as the US ‘Privacy Shield’ scheme. Due to the decision of the UK leaving the EU, the way your data is transferred from the UK to other countries may change to ensure continuing compliance with data protection regulations but it will not change the security of your data. This will depend on the data protection rules in place for the international transfers of data outside of the UK once the UK left the EU.
We can disclose your personal information to any member of our Group for business purposes including holding your data on central/ shared systems for processing your request for further information and any application made for your business to become a business partner. Our Group means our subsidiaries and our ultimate holding company and its subsidiaries. We may share your data with members of our Group who are in the UK or outside of the UK.
How do we use your information when providing our services to you?
In order to provide our Hotel Everywhere advertising services to your business, we use the information we hold in a number of different ways. We process your information either because it is necessary for us to do so as part of a contract you enter into, or because we have a legitimate business reason for doing so. Read more here…
We will use and process your personal information as set out below where it is necessary for us to carry out activities for which it is in our legitimate interests as a business to do so:
- Administering your initial enquiry for your business to become a Hotel Everywhere business partner and to enable us to provide Hotel Everywhere media and advertisement services to you;
- To communicate with you regarding your enquiry, including our team sending over further information regarding the relevant suitable media and advertisement options and opportunities.
- To improve customer experience:
- To allow you to participate in interactive features of our Sites and social channels, when you choose to do so.
- To ensure that content from our Sites is presented in the most effective manner for you and for your computer;
- To notify you about changes to our services;
- To promote our business, improve our products and services;
- To send marketing correspondence about products and services similar to those you have previously bought from us or registered an interest in. You can opt out and object to our sending you electronic marketing information and this option will be included in every marketing message we send you. See the section ‘When and how do we use your information for marketing for more information’.
- For internal research/analysis to improve the quality of our Services, the products we offer and new products we are developing by:
- Inviting businesses to take part in surveys or business discussion groups;
- To promote our business, brands and products and measure the reach and effectiveness of our campaigns;
- To contact you with targeted advertising delivered online through social media and other platforms operated by other companies. You may receive advertising based on information about you that we have provided to the platform or because, at our request, the platform has identified you as having similar attributes to the individuals whose details it has received from us. To find out more, please refer to the information provided in the help pages of the platforms on which you receive advertising from us;
- To support any potential company sale or acquisition:
- In the event that we sell or buy any business or assets, we may disclose your personal data to the prospective seller or buyer of such business or assets.
We and third parties acting on our instructions, such as external law firms and their employees, will use and process your personal information as set out below where there is a legal requirement for us to do so:
- to keep a record relating the exercise of any of your rights relating to our processing of your personal information; and
- to handle and resolve any complaints we receive relating to the services we provide.
We will use and process your personal information as set out below where it is necessary for us to carry out pre-contract steps you have requested for or for the performance of our contract:
- to run our competitions and promotions that you enter from time to time and to distribute prizes.
When and how do we use your information for marketing?
To find out more about our marketing communications, including when and how we will contact you and how you can opt out of marketing, please read more here…
If you have made an enquiry regarding your business/ organisation becoming a Hotel Everywhere business partner on one of our Sites or through one of our contact centres, your personal data may be used by us in the ways the law allows, to contact you by post, electronic means (e-mail or text message) and/or by phone with information and offers relating to products or services that you/ your business can book/purchase from Thomas Cook Group companies. We will only do this if have not opted out of marketing.
The type of products and services that can be booked/purchased through Thomas Cook Group are shown in the table below. You will only receive marketing communications about those which we think are relevant to you:
|Media and media related services from Thomas Cook’s Hotel area of the business, as well as our Media and Partnerships are of the business
||For research and insight products/services from Thomas Cook Research & Insight
||For creative and content production services from 1841
- Online advertising and social media
- In store advertising and promotions
- Trade engagement, activations and training
- Direct marketing and CRM
- On route marketing opportunities including in-flight entertainment
- In destination marketing
- External media
- Brand experience and events
- Customer surveys
- Online focus groups
- Live focus groups
- Data dashboards
- Brand tracking and analysis
- Research and insight consultancy
- Strategy and creative
- Integrated design
- Transcription and localisation
- Motion graphics
- Video production
- Digital development
- Campaign management
- Content and community
How do we personalise our marketing to you?
To try and ensure that our marketing communications and advertising are relevant to you, we work with third parties to offer a better experience to customers and potential business partners. You can find out how we do this by reading more here…
Using new technologies and with the help of our advertising agencies and marketing activation platforms, we will use your personal information in the following ways:
- to try to ensure any marketing communications we send to you are offering a particular product or source market that may be of interest to you, in line with any appropriate budget level previously discussed concerning your business
- to tailor and track our digital marketing (for example, our internet banner advertisements) and links from our marketing partners' websites to our Sites.
What you need to do if you don’t want our marketing communications?
We understand you might no longer want to hear from us and that’s ok. It is easy to opt-out or unsubscribe, please read more here…
You have the right at any time to ask us not to process your personal data for marketing purposes. You can exercise your right to prevent such processing by selecting the ‘no marketing’ option on the forms we use to collect your data. You can also exercise this right at any later time by using the unsubscribe link on any marketing e-mail you receive, by following the opt-out instructions on any direct marketing communication sent by post, or by sending an unsubscribe request to: email@example.com.
Your rights in relation to any personal data we hold about you
You have a number of rights in relation to your personal information under data protection law. To find out more, please read here…
Your Right to Access Your Personal Information
You have the right to make a Data Subject Access Request in many circumstances. That is a request for access to the personal information that we hold about you. If we agree that we have to provide personal information to you (or someone else on your behalf), we’ll provide it to you or them free of charge.
We can ask for proof of identity and sufficient information about your interactions with us that we can locate your personal information. That will include information about your previous enquiry. If someone is acting on your behalf they will need to provide written and signed confirmation from you that you have given your authority to that person/company for them to make the request. We will ask for this to be provided before we give you (or another person acting on your behalf) a copy of any of your personal information we hold. We will not provide you with a copy of your personal information if it includes the personal information of other individuals or we have another lawful reason to withhold that information.
Please see the section titled ‘How to Contact Us’ if you need to make a Data Subject Access Request.
Correcting and updating your personal information
The accuracy of your information is important to us and we are working on ways to make it easier for you to review and correct the information that we hold about you.
In the meantime, if you change your name or e-mail address, or you discover that any of the other information we hold is inaccurate or out of date, please let us know by contacting us by email at the following address: firstname.lastname@example.org.
Withdrawing your consent
While we do not currently rely on consent as a legal basis for processing, in the event that this changes in future, you will have a right to withdraw your consent where consent is used as the legal basis for processing your personal information. You can withdraw your consent at any time.
Objecting to our use of your personal information
Where we rely on our legitimate business interests as the legal basis for processing your personal information for any purpose(s), you may object to us using your personal information for these purposes by e-mailing or writing to us at the address provided at the end of this policy. Except for the purposes for which we are sure we can continue to process your personal information, we will temporarily stop processing your personal information in line with your objection until we have investigated the matter. If we agree that your objection is justified in accordance with your rights under data protection law, we will permanently stop using your data for those purposes. Otherwise we will provide you with our justification as to why we need to continue using your data.
Erasing your personal information or restricting its processing
In certain circumstances, you can ask for your personal information to be removed from our systems by e-mailing or writing to us at the address at the end of this policy. Provided we do not have any continuing lawful reason to continue processing or holding your personal information, we will make reasonable efforts to comply with your request.
You can also ask us to restrict processing your personal information where you believe it is unlawful for us to do so, you have objected to its use and our investigation is pending or you require us to keep it in connection with legal proceedings. We will only process your personal information whilst its processing is restricted if we have your consent or are legally permitted to do so, for example for storage purposes, to protect the rights of another individual or company or in connection with legal proceedings.
Transferring your personal information in a structured data file
Where we rely on your consent as the legal basis for processing your personal information or need to process it in connection with your contract, as set out in section titled ‘How do we use your information when providing our services to you’, you can ask us to provide you with a copy of that information in a structured data file.
You can ask us to send your personal information directly to another service provider, and we will do so if this is technically possible. We will not provide you with a copy of your personal information if it contains the personal information of other individuals or we have another lawful reason to withhold that information.
Automated decision making, including profiling
You may also contest a decision made about you based on automated processing where it is likely to have a legal and/ or significant effect on you.
How to contact us:
Any data subject request can be made in writing to:
UK Legal & Compliance Dept.,
Thomas Cook UK Limited,
Peterborough Business Park,
Alternatively you can make a data subject access request by e-mail to: email@example.com.
Once you have made your request and provided us with the information we need to begin a search for the data we hold on you (including proof of identity), we will have 30 days to respond.
Making a complaint
We encourage you to contact us if you have a complaint and we will seek to resolve any issues or concerns you have.
You have the right to lodge a complaint with the data protection regulator where you believe your legal rights have been infringed, or where you have reason to believe your personal information is being or has been used in a way that doesn’t comply with the law. The contact details for the Information Commissioner’s Office (ICO), the data protection regulator in the UK, are available on the ICO website. The full list of supervisory data protection authorities is available on the European’s Commission website here.
Keeping hold of your personal data
If you want to find out more about our data retention policy, please read more here…
Where you’ve made an enquiry or entered into a contract with us, your personal information will be retained to ensure we provide the best possible account management service to you. We also retain your personal data for legal and audit purposes only for as long as necessary and in accordance with any retention period required by law.
We retain your personal information for the following periods:
|Type of personal information
||When do we receive your personal information
||How long do we keep your personal information after we receive it?
|Name, Job Title, Company, Business Email, Phone
||When you complete our online form registering your business’s interest in partnering with us
||2 years to allow us to go back to you with further proposals (in consideration of the fact that often when we are first approached organisations may not initially have secured the appropriate budget and/ or may be considering the Hotel Everywhere advertisement opportunities for the following financial year) unless we enter into an agreement with your business in which case (while specifics will be provided within the agreement) we would usually retain the information for up to 7 years following the termination of the agreement to bring, establish or defend legal claims
|Any other information you send when completing our forms or liaising with our team
||During any subsequent correspondence regarding your business’s interest in partnering with us
||6 months unless we enter into an agreement with your business in which case (while specifics will be provided within the agreement) we would usually retain the information for up to 7 years following the termination of the agreement to bring, establish or defend legal claims
|Social media handles
||When you follow our social media account or page
||Until you stop following our social media account or page.
What is our approach to data security?
We take data security very seriously, to find out our approach to this please read more here…
The transmission of information via the internet is not completely secure, and although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our Sites, therefore any transmission is at your own risk. Once we have received your information, we will take all reasonable steps to keep your personal data secure and to try to prevent any unauthorised access, use or loss of your data, by putting in place appropriate security measures and limiting access to those who have a business need to know. All information you provide to us is stored on our secure servers. Where we have given you (or where you have chosen) a password which enables you to access certain parts of our Sites, you are responsible for keeping that password confidential. We ask you not to share a password with anyone.
We have a process to deal with any suspected personal data breach and will notify you and the ICO of a breach where legally required to do so.
What happens when you follow a link from our website to a third party website?
Our Sites include links to other websites which include privacy policies of their own. To learn more about this, please read here…
Our Sites contains links to and frames of websites of our principals, suppliers, advertisers and other third parties. You can tell when a third party is involved in supplying a product or service you have requested because their name will appear with ours. If you follow a link or otherwise use any of these other websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies or for these third party websites. Please check these policies before you submit any personal data to these websites.
Some cookies are essential to make our Sites work properly and to allow you to submit your business inquiry and allow us to consider any requests for further information regarding our services that you have
- Customer Experience Cookies (Analytics, Customisation & Tracking)
These types of cookies help us to provide you with a good experience when you browse our Sites and allow us to track your experience between different devices to improve our Sites or the way we provide our service to you and your business
Thomas Cook adverts on third party websites: This type of advertising is intended to provide you with a selection of related products/services that you’ve viewed on our website, which are presented to you by our agency when you visit other selected websites or social media channels. The adverts may feature different Thomas Cook products/services that might be considered relevant to your browsing history.
We use advertising solutions delivered by Google DoubleClick for Publishers (DFP) and Criteo to serve you these advertisements. Where we share data for the purposes mentioned above, it is encrypted and does not include your name.
A summary of both the essential, customer experience (non-essential), and advertising cookies used on the website you are on can be viewed in the table below:
|These cookies are used to collect information about how visitors use our site. We use the information to compile reports and to help us improve the site. The cookies collect information in an anonymous form, including the number of visitors to the site, where visitors have come to the site from and the pages they visited.
||For More Info
|Triple AAA functionality is used to increasing or decreasing of font size (as well as layout, where required). These cookies are used to preserve the font size.
|hsDisclaim1 is a cookie which allows users to verify they have viewed a disclaimer and subsequently to view additional content.
|These cookies store the user action which states if the user has enabled or disabled the product cookies. The cookies tracks the user preference to have no other cookies.
- If you choose to remove cookies parts of website you are on may not work properly or your use of the website will be impaired.
- If you choose to use this website you are on without declining any non-essential cookies, then your use will constitute implied consent to the non-essential cookies that are set.
You can accept or decline advertising, and customer experience (analytics, customisation and tracking) cookies at any time.
You can opt-out of third-party advertising networks using your information for interest-based advertising. Our Sites participate in Google DoubleClick for Publishers (DFP) partner network, you can opt-out of this here: Google Double Click Opt Out
You will need to opt-out on each device you use to access our Sites.
Alternatively you can review cookies by accessing the preference panels from your browser's main menu (usually found under ‘Edit’, ‘Tools’ or ‘Options’). Do not track (DNT) is a feature offered by some browsers, with some newer browsers offering it as default. If you enable it, it sends a signal to websites to request that your browsing isn't tracked, for example by third party advertisers or social networks, or analytic companies. No industry-wide agreed standard to determine how DNT requests should be managed has been put in place, so our Sites don’t currently support DNT requests. Until that standard is established, we'll continue to review DNT and other new technologies, but won't respond to DNT requests.
Please check this page regularly for changes to this policy. We will email you with changes if we hold a valid email address for you.
We will review this policy from time to time and any changes will be notified to you by posting an updated version on our Site and/or by contacting you by email. Any changes will take effect 7 days after we post the modified terms on our Site or after the date we notify you by email. We recommend you regularly check this page for changes and review this policy each time you visit our Site.
March 2019, Version 2