Privacy Policy

Here at On the Beach, your privacy is important and we are committed to doing everything we can to protect any personal data that you give to us when booking a holiday or visiting our Website. Please continue reading this privacy policy to understand how we use and protect this information. Please also read our separate Cookie Statement, which explains how we use cookies and other similar technologies. If you have any questions about what we do with your personal data after reading this policy, feel free to contact using the contact details provided below.

This privacy policy covers all platforms through which we offer travel-related services, this includes our Website, our app and our social media sites. By submitting your personal data to us you agree to the transfer, storing or processing of your data in accordance with this policy.

By making a booking with us or submitting any personal data via our Website, you are agreeing to us handling your personal data as set out below. If you do not agree to us using your personal data in these ways, unfortunately we cannot accept your booking and you should not use our Website. We may change this privacy policy at some point the future. Please re-visit this page if you want to keep up to date with any changes.

All references in this privacy policy: to our "Website" refer to the website at www.onthebeach.co.uk, to "we", "us" and "our" refer to On The Beach Limited; and to "you" and "your" are to you, the user.

What kind of personal information do we collect?

When you book a holiday with us, you will be required to provide us with certain information, including your name, address, e-mail address and phone number and payment information. If you fill in a booking form but don’t actually complete the booking, you will still be providing us with this information.

If you get in touch with our customer service team, whether by phone, e-mail or otherwise, you will be asked to provide us with information. This is likely to include your name, address, e-mail address and phone number.

There are also other instances when you’ll provide us with information, for example if you register to use our website, enter one of our competitions or complete a survey.

Personal Information you give to us about others

If you are travelling with others or booking a holiday for someone else, you will need to give us personal information about them when making the booking, for example their name and age. It is your responsibility to ensure that anyone who you have provided personal information about is aware that you have done so and accept how we use and process their information.

Personal Information we collect automatically

When you visit our Website, even if you don’t make a booking, we will automatically collect certain information such as your IP address, the date and time you accessed the Website, the hardware, software or internet browser you use and information about your visit, including pages you viewed and interaction information.

If you are using a mobile device, we may collect data that identifies your mobile device, location details and any specific settings.

Personal Information that we receive from others

We may also receive information about you from other sources, such as business partners, affiliates and other independent third parties such as search engines or social media sites. We may combine this data with other information provided by you. We work closely with these parties and we will notify you when we receive information about you from them and the purposes for which we intend to use that information.

What do we do with your personal data?

Once we have collected the information about you, it will be used for varying purposes. Your personal data could be used in the following ways:

  • Bookings: Put simply, we will use your personal data to provide to you the services that we sell, which may include flights, hotels, transport, insurance and other ancillary products. We need certain information about you, so we can fulfil our obligations contained in the contract that you enter into with us when you make a booking.
  • User Accounts: The information that you provide when you set up an account on our website allows us to provide you with services including the ability to manage your bookings, personal settings and access to special offers.
  • To communicate with you in relation to your holiday: We may get in touch with you using the contact information you have previously shared with us, to communicate with you in relation to your holiday and to provide you with information relevant to your holiday. For example, helpful information about the destination to which you are travelling, security alerts, administrative messages about your holiday and emails to remind you to fill in your Holiday Checklist.
  • Customer Services: You are free to contact us about our services at any time, whether this is a general query, a question about your booking or to report a problem on our website. This can be done through the Manage Your Booking system on our Website, by telephone or via social media. We will use the information that you have provided to help us answer any questions and respond to your query (along with any future queries that you may have). If you contact us by telephone, your call may be recorded for quality control and training purposes. Recordings are kept for a limited amount of time and automatically deleted, unless we have a legitimate interest to keep such recording for a longer period.
  • Personalisation: We may use the data you provide us with to enable us to show you the products and services we think you will like on our website and communicate these with you, such as the recommended deals and special offers we put to you.
  • Marketing: Where you place an order with us and you have not opted out (or in any other case, if you have opted in), we may contact you with information about other goods and services that we offer that are similar to those that you have already purchased or enquired about and we think may interest you based on your personal information.
  • Corporate transaction: We may use your data in connection with a corporate transaction such as the sale of a subsidiary or a division, merger, consolidation or asset sale.
  • Promotional Activities: If you participate in our promotions (such as surveys or competitions) we will use the information you provide to administer these activities.
  • Improving our services: Sometimes we may use your data to help us improve the quality and functionality of the services that we offer. This includes troubleshooting, data analysis, testing, research and for statistical and survey purposes, all of which helps us to provide the best service that we can.
  • Security: We may use your data as part of our efforts to keep our site (and the information you provide to us) safe and secure, such as to help with fraud investigations or data protection regulation.
  • Fraudulent Claims: We may use your personal data in order to detect or defend any claims we believe to be potentially fraudulent.
  • Legal and regulatory compliance: We may need to use your information in relation to legal disputes, regulatory, compliance or police investigations or if necessary to enforce our terms of use.

When we process your information in one (or more) of these ways, we will be relying on one of the following legal bases:

  • Performance of a contract: We may need to use your information to fulfil our obligations in a contract that you have with us. If you make an online booking on our Website, we will use the information that you provide us with when making the booking to complete and administer the reservations with the relevant third party suppliers.
  • Consent: You will be asked to consent to us providing you with marketing information and if you give us this consent, we will rely on this when contacting you. You may withdraw this consent at anytime by contacting us using the details at the end of this policy.
  • Legitimate interests: We may use your information for our own legitimate interests, so to provide you with the best suitable content on our Website, to improve and promote our services and for certain administrative and legal purposes.

How do we store your data?

Any information that you provide to us in the above ways is stored on our secure servers and all payment transactions are encrypted. Only authorised personnel are permitted to access personal data in the course of their work. Whilst we do our best to protect your personal data, no information transferred over the internet can be guaranteed to be completely secure and you provide your information at your own risk.
We will only retain your information for a reasonable period of time or for so long as either you or legislation permits.
When your credit card details are required as part of the booking process we store the last 4 digits and an authorisation token. In the case of some low cost airlines, we will use the payment details you provide to purchase the flight seats on your behalf and you agree that we can use the payment details you provide to do so.

When do we share your data with third parties?

In certain circumstances we do share the information you provide to us with parties outside of On the Beach. The third parties who we might share your data with include:

  • Our suppliers: If you make a booking with us, it is necessary for us to share your reservation data with relevant third parties, such as hoteliers, airlines, insurers and ground-handling agents, to complete your booking. The data shared may include your name, contact details, payment details, the names and ages of any guests travelling with you, along with any preferences or special circumstances you told us about when you made your booking. If you contact us with a query about your booking we may pass this on to our suppliers if they are better placed to help you. Due to the nature of our business, it may be necessary for data that we collect to be transferred to, and stored at, a destination outside the European Economic Area ("EEA") and may not be subject to the same level of data protection controls as in the EEA. We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Privacy Policy.
  • Referring websites: If you were referred to our Website via another webpage, we may share some information about you with that referring website so that they can contact you directly about their products and services, this includes Google Analytics.
  • Our group companies: Your details may be shared with other companies in our corporate group. This could be for analytical purposes or to support the services that we provide to you. To find out more about our corporate group please visit http://www.onthebeachgroupplc.com/.
  • Third party service providers: This includes anyone who provides services or functions on our behalf, including credit card processing, business analytics, advertising and customer service. We use these service providers to process your data on our behalf, this may be to send our marketing material or to collate information that can be analysed to improve our service. They have access to and may collect information only as needed to perform their functions and are not permitted to share or use information for any other purpose.
  • Payment Providers and other financial institutions: If you request a chargeback for your booking, it may be necessary for us to share certain reservation details with the payment service provider and the relevant financial institution so they can handle the chargeback. This may include a copy of your booking confirmation or the IP address that was used to make your reservation.
  • Law enforcement authorities: We will disclose personal data insofar as it is required by law or when we believe it is necessary for the prevention, detection or prosecution of criminal acts, including for fraud, immigration, customs, security or anti-terrorism purposes.
  • Business Partners: We may share your data with our business partners with whom we offer joint products and services, this may include other travel agents, credit brokers and lenders, and advertising networks.We do this in order to maximise the services that we provide to you and so they may contact you directly about their products and services that may interest you.
    Please note that whilst we employ strict procedures and security features to protect your information from access by unauthorised persons and against unlawful processing, accidental loss, destruction and damage, we do not control the privacy practices of these third parties and we would encourage you to review their own privacy policies where appropriate.
    Further, any information that is collected from you directly by hotels or other suppliers is not covered under this privacy policy and we would urge to check their own privacy policies before handing over any personal data.

What rights do you have in relation to your personal data?

You have the following rights in relation to the personal data that we hold about you:

  • You may request a copy of the information we are keeping about you by submitting a Data Subject Access Request to us at the below address
  • You may ask that we correct any inaccuracies in the data, ask us to transfer it to another party or transfer it to another party yourself.
  • You can ask us not to process your personal data for marketing purposes at any time by sending a request to the below address or clicking ‘unsubscribe’ on any of the emails that we send to you. We will inform you (before collecting your data) if we intend to use your data for marketing purposes or if we intend to disclose your information to any third party for such purposes and you will have to opt-in by checking a box in order for us to do this.
  • You have the right to request that we delete all personal data that we hold about you. If there is no other reason beside you providing your consent for us to hold your data, we will delete it upon receiving your request.
    If you would like to exercise any of your above rights please contact us at privacy@onthebeach.co.uk , writing ‘Request regarding personal information’ in the subject line. We will handle any requests we receive in accordance with UK Data Protection Legislation.

What about data that is collected through a mobile device?

We offer a free app for a variety of mobile devices which can be used to access our services as well as versions of our regular website that have been optimised for mobile and tablet browsing. These mobile sites work in a similar way to our website. Sometimes we make use of something known as cross-device tracking, which allows us to track user behaviour across multiple devices. We use this to optimize marketing activities and the service that we provide to you, so advertisements shown to you on other websites may be offered based on your activities on linked devices (please see our cookie policy for further information on this).

How do we treat personal data of children?

You are only allowed to book through our Website if you are over 18 years of age. We only process information about children with the consent of the parents or legal guardians.

Who exactly is responsible for processing personal data that is collected under the policy?

On the Beach Limited controls the processing of data over its websites and app – in legal terms, this means that On the Beach Limited is the Data Controller for the purposes of UK Data Protection legislation. Dave Walters is our appointed Data Protection Officer, and he makes sure that the business is complying with UK Data Protection legislation.

How can you contact us?

If you have any questions about this Privacy Policy or wish to exercise any of your rights under it, please contact us at:

Email: privacy@onthebeach.co.uk

Post: Should be sent for the attention of the Data Protection Officer to:

On the Beach,
Park Square,
Bird Hall Lane,
Cheadle,
Stockport,
SK3 0XN