Your browser is out of date!

Update your browser to view this website correctly. Update my browser now

×

Welcome to HolidayIQ

We want to provide you with the best possible experience and we use cookies to do this. Find out more about how we use cookies or how to change your configuration.

Privacy Policy

Last updated June 2021

We recognise the importance of protecting your privacy and User rights in terms of data protection. The Internet is an extremely effective means of transmitting personal information, and the lastminute.com group ("lm group") and all the companies in it are seriously committed to complying with the applicable legislation governing the protection and security of personal data, in order to ensure safe, controlled and confidential browsing for users who visit and/or use our website and/or use our comparison service (hereafter "Users").

This privacy policy describes how we collect, use, process and communicate your personal data when you access our website and use the website and our services, specifically:

1. Who is the data controller?

2. What categories of data do we collect and use?

3. Why and how do we collect data?

4. Who sees, receives and uses the data and where does this take place?

5. For how long do we store your data?

6. What are your data protection rights and how can you exercise them?

7. Contact details for the data controller

8. Contact details for our data protection officer

9. Information about Cookies

10. Privacy notice for Facebook

11. Update and previous versions of this privacy policy

 

This document also provides Users with information on how to exercise their rights (including the right to object to some of the data management we carry out). More information about your rights and how you can exercise them is set out in the sections below.

Where any term used in this privacy policy is not specifically defined (such as "Service" or "Website"), the definition is understood as being the same as that used in the Company's Terms and Conditions of service.

 

1. Who is the data controller for personal data processing?

As indicated in the General Terms and Conditions relating to use of the website, the services offered via the website are provided by Blue SAS, which owns the website. Therefore, where the terms "Company", "we", "our" and "data controller" appear in this privacy policy, they refer in particular to:

Blue SAS, a company incorporated under French law with registration number 490 641 354 and registered office at 14, Rue d'Uzès – 75002 Paris, France, the data controller for processing the personal data of Users in accordance with this privacy policy (hereafter "Company", "we", "our", "data controller").

2. What categories of data do we collect and use?

When you visit the website and use the comparison service (as a "User"), we collect the following categories of personal data:

2.1. Personal data provided by Users 

The above personal data, where requested, is required for the proper execution of the contract between us and the User and to enable us to fulfil our legal obligations, except where we require the consent of the data subject as the lawful basis for processing and for our legitimate interest. Without it, we may not be able to provide all the services you request.

It is important that all the personal data you provide is correct and accurate. This includes, for example, ensuring that the contact details we hold (including email address) are correct at all times.

 

2.2. Personal data collected automatically from our website, over the telephone and/or from third parties

For more information on the purposes for which we collect and use this information, see the section on Cookies in this privacy policy (9. Information about Cookies). Note that your personal details may also be linked to Cookies, e.g. to enable the storage of travel searches made on your personal account when you are logged onto the service and/or to collect information on how you use our products and services.

 

3. Why do we collect personal data?

Generally, we use your personal data to provide the services you request, provide customer service, notify you about important changes to our website and suggest content and advertising that we think may be of interest to you. More specifically:

Why?

A. To create and maintain the contractual relationship established for provision of the requested service in all its phases and via any possible integration and modification, and to take action with regard to pre-contractual issues at the request of the User (e.g. to respond to User enquiries and concerns). Information relating to service provision and/or to providing Users with clarification or assistance may be sent by email, telephone or similar technologies.

On what lawful basis?

To fulfil a contract or implement measures related to a contract (i.e. to provide services requested and/or provide Users with clarification or assistance)

Why?

B. N/A 

Why?

C. To comply with legal, regulatory and compliance requirements and to respond to requests from government authorities and law enforcement agencies conducting investigations.

On what lawful basis?

To comply with the law (i.e. to share personal data with regulatory authorities)

Why?

D. To carry out aggregate statistical analyses on anonymous groups to see how our website and services are used and to check on the performance of our business. 

On what lawful basis?

To pursue our legitimate interests (i.e. to improve our website and its functionality and our services)

Why?

E. N/A 

Why?

F. N/A

Why?

G. N/A 

Why?

H. To keep our website and our systems secure and to prevent and detect security incidents and other offences.

On what lawful basis?

To pursue our legitimate interest (i.e. to ensure the security of our website)

Why?

I. To check compliance with our terms and conditions and to ascertain, exercise or defend a legal right.

On what lawful basis?

To pursue our legitimate interest (i.e. to protect our rights in the event of a dispute or claim, in accordance with our terms and conditions.

Why?

J. To tailor and personalise advertising and online marketing communications based on information collected through Cookies and related to how Users make use of the website, of the services and of other websites (for more information see the section on Cookies in this privacy policy).

On what lawful basis?

Where a User gives his/her consent (i.e. through the Cookie banner or browser settings)

Why?

K. Where permitted by applicable law, we may monitor calls to and from our Support Services for the purposes of quality control, analysis and staff training.

On what lawful basis?

To pursue our legitimate interest (i.e. to improve our Support Service)

 

Where personal data processing is based on legitimate interest, we carry out an assessment to ensure that our interest in the use of the data is legitimate and that the User's fundamental right to privacy is not compromised by our legitimate interest ("comparative assessment"). For more information on comparative assessment please email our data protection officer at dpo@jetcost.com.

 

4. Who sees, receives and uses the data and where does this take place?

Categories of data recipients

We share your personal data, for the purposes set out in this privacy policy, with the following categories of recipient:

 

A complete list of subjects to whom personal data may be communicated is available from our registered office and can be requested by email to privacy@jetcost.com.

4.2. International data transfer

The processing of Users' personal data will take place at the data controller's registered office (see section 1), on the lastminute.com group servers and at the offices of any other subjects to whom the data may be transmitted for the purpose of providing the requested services to the data controller.

Since we are an international travel company, we also transfer your personal data to:

Any Users requiring further details regarding the safeguards put in place should email us at privacy@jetcost.com

 

5. For how long do we store your data?

We store your personal data for as long as it is required to achieve the purposes and to carry out the activities described in this privacy policy, or as otherwise communicated to Users, or for as long as we are permitted by the applicable legislation. More information on the retention period is available here:

 

Document

Email from the Support Service, including User requests and complaints

Retention period

10 years

Start date

The date the email was sent

 

Document

Reports and complaints

Retention period

10 years

 

DATA COLLECTED VIA TAGS

Document

Technical cookies

Retention period

Max. 3 years

Start date

The date our website was accessed

 

Document

Non-technical cookies

Retention period

Max. 1 year

Start date

Date the data subject's consent is received

 

6. What are your data protection rights and how can you exercise them?

You can exercise your rights guaranteed under EU Regulation 2016/679 (articles 15-22), including rights to:

Name of right

Right of access

Content

To receive confirmation of the existence of personal data, access the content of the data and obtain a copy.

 

Name of right

Right to rectification

Content

To update, rectify and/or correct personal data.

 

Name of right

Right to erasure/right to have data forgotten and right to restrict

Content

To request the erasure of data or the limitation of data that has been processed in violation of the law, including data that does not require to be stored for the purposes for which the data was collected or processed; where we have made personal data public, the User also has the right to request the erasure of the personal data and for reasonable measures to be taken, including technical measures, to inform other data controllers who are processing the personal data of the request to delete any link, copy or reproduction of such personal data.

 

Name of right

Right to data portability

Content

To receive in a structured, commonly used and machine-readable format a copy of the personal data provided to the Company for the purposes of a contract or with the consent of the User, and to request such personal data to be transferred to another data controller.

 

Name of right

Right to withdraw consent

Content

In the event that we require the consent of the User, the latter will always have the ability to revoke this consent, although we may have other lawful bases for processing the aforementioned data for other purposes.

 

Name of right

Right to object at any time

Content

The right to object at any time to the processing of personal data in certain circumstances (in particular in cases where it is not necessary to process the data to meet contractual or legal requirements or where the Company uses such data for direct marketing activities).

 

Name of right

Right not to be subject to a decision based solely on automated processing, including profiling

Content

You can request a manual decision-making process, express your opinion or contest a decision based solely on automated processing, including profiling, at any time, if such a decision would have legal repercussions or similar effects. 

 

You can exercise these rights at any time in the following ways:

 

Where the above rights are exercised under the GDPR, we will comply with User requests involving the personal data held by all companies in the lastminute.com group.

 

Rights relating to personal data can be limited in some situations. For example, if complying with your request would reveal personal data relating to another subject, or if there are binding legal requirements or compelling legitimate grounds, we may continue to process the personal data you have asked us to delete.

You also have the right to complain if you think your personal information has been mismanaged. Users are requested to contact us in the first instance, but it is your right, if this right applies in your case, to lodge a complaint directly with the supervisory authority responsible for data protection.

 

7. Contact details of the data controller

The contact details of the data controller referred to above are:

Blue SAS, a company incorporated under French law with registered office at 14, Rue d 'Uzès – 75002 Paris France (Commercial Registration no. 490 641 354)

 

8. Contact details for our data protection officer

Our data protection officer can be contacted at the following addresses:

dpo@jetcost.com 

 14, Rue d’Uzès – 75002 Paris, France 

 

9. Information about Cookies

For more information, see our Cookie Policy..

 

10. Privacy notice for Facebook

10.1. Custom Facebook audience - Facebook pixels

We use the "Custom Audiences" remarketing function of Facebook Inc. (1601 Willow Road, Menlo Park, California 94025 or, for users residing in the EU, Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland). This function allows us to show interest-based advertisements ("Facebook Ads") to Users who visit our website when they are on Facebook, and to analyse these Facebook ads for statistical and market-research purposes, which helps us optimise future advertising. This allows us to offer more relevant advertisements.

For this purpose, we use the "Facebook pixel" on our website.

When a User visits our website and carries out an action, the Facebook pixel is activated and reports the action. We then know when a User has taken action after seeing our Facebook Ad. We can also reach the same User again using the custom audience. The pixel then allows us to track the behaviour of Users when they are redirected to our Website by clicking on a Facebook ad. We then know when a User has taken action after seeing our Facebook Ad. We can also reach the same User again using the custom audience. 

This enables us to measure the effectiveness of Facebook Ads for statistical and market-research purposes. The data we collect in this way is anonymous, i.e. we do not see the personal of individual Users. However, the data is stored and processed by Facebook and this is why we inform our Users, based on our understanding of the situation. Facebook may link the data to the User's Facebook account and use it for its own promotional purposes, in accordance with Facebook's Data Usage Policy  https://it-it.facebook.com/policy.php. Such data may allow Facebook and its partners to show ads on or off Facebook. A Cookie may also be stored on the User's computer for these purposes.

10.2. Facebook SDK

We use the Facebook Software Development Kit (SDK) in our app. The Facebook SDK is distributed and managed by Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA or, for Users residing in the EU, Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland. This integration allows us to link various Facebook services to our app (i.e. Facebook Analytics, Facebook Ads, Login with Facebook via the SDK, Facebook Account Kit, sharing on Facebook, Facebook Graph APIs and Facebook App Events).

Specifically, we have linked the following Facebook SDK services to our app:

Login with Facebook: allows Users to register with Facebook or log in through their own Facebook account.

Facebook App Events: to understand the actions of people when they are using our app and gauge the effectiveness of app advertisements on a User's mobile device. We use this service to evaluate the reach of our publicity campaigns and use of the Facebook SDK. Facebook supplies us with only an aggregate analysis of the behaviour of our app users. 

In addition, since our app is linked to the Facebook SDK services, we must follow Facebook's policies, which require us to share the following User data with Facebook when downloading the app, even when Users have not logged on to the social media platform:

By downloading our application, Users give their consent to the communication of data to Facebook in the above manner.

Further information about Facebook SDK for iOS is available at:https://developers.facebook.com/docs/ios For Android, go to: https://developers.facebook.com/docs/android.

You can check and change the status of your Facebook link and the related access privileges of our apps at any time in your Facebook profile settings (https://www.facebook.com/settings?tab=applications). If you wish to delete the link between Facebook and our app, you must log in to Facebook and make the appropriate changes in your profile settings.

 

11. Update and previous versions of this privacy policy

We reserve the right to change this privacy policy at any time in accordance with this section. If we make changes to this privacy policy, we will post the revised privacy policy on our website and update the "last updated" date at the top of this privacy policy.

Previous versions of this privacy policy are available here.

Subscribe for free to get the latest travel updates.
Click on Allow when prompted about Notifications.