Privacy & Policy

Summary of the privacy policy

This is a summary of our privacy policy

What does this privacy policy cover?

This privacy policy aims to describe the following:

• What type of personal information we collect and use and how we collect it
• When and with whom we share your personal information
• What choices can you make about how we collect, use and share your personal information?

What personal data do we collect and use and how do we collect it?

We collect personal information when:

• You give us the information
• We collect it automatically
• We receive it from others

When you create an account on one of our websites, sign up to receive offers or information, or make a booking through our platform, you provide us with your personal information. We also collect such information through automated technology such as cookies, which are placed on your browser, possibly with your consent, when you visit our websites or download and use our apps. We also receive information from affiliates within the Expedia group, as well as from business partners and other third parties that help us improve our platform and related tools and services, update and maintain accurate records, and potentially detect and investigate fraud and to market our services more effectively.

How is your personal information shared?

Your personal information may be shared to help you book your travel and/or holiday, to assist you with your travel and/or holiday, to communicate with you (including when we send you information about products and services or allow you to communicate with travel providers) and (or property owners) and comply with the law. The full privacy policy describes in detail how personal data is shared.

What rights and options do you have?

You can exercise your data protection rights in various ways. For example, you can opt out of marketing by clicking the “unsubscribe” link in the emails, if applicable in your account, or by contacting our customer service. In our privacy policy we inform you about the options and data protection rights available to you.

Categories of personal information we collect

When you use our platform, apps, or related tools or services, we may collect the following types of personal information from you as necessary:

• Name, email address, telephone number, home, business and billing addresses
• Official ID is required for booking or identity verification, e.g. B. Passport, driver's license and government redress numbers. For owners of vacation properties, the tax identification number is required
• Payment information such as payment card number, expiration date and billing address
• Travel-related preferences and requests such as preferred destinations and accommodation types, as well as special dietary and accessibility needs, if available
• Loyalty program and membership information
• Date of birth and gender
• Geolocation
• Images, videos and other recordings
• Social media account ID and other publicly available information
• Communicating with us (e.g. recording calls to customer service representatives for quality assurance and training purposes)
• Searches you make, transactions and other interactions with you on our online services and apps
• Other communications that take place via the platform between partners and vacationers, as well as intra-group chat and collaboration tools for vacationers
• The searches and transactions conducted through the Platform
• Information you provide to us about other people, such as your travel companions or others for whom you make a booking
• Information we receive about you from other Expedia group companies and third parties, such as: B. our business and affiliate partners and authorized service providers, which may include updated contact information, demographic information, interests and purchase history, which we may add to your account or profiling and use for market research and analysis

When you install one of our apps or use our platform, we automatically collect the following types of information from your device

• IP address
• Device type
• Unique device identification numbers
• Internet browser type (e.g. Firefox, Safari, Chrome and Internet Explorer)
• Internet provider
• operating system
• Mobile network
• How your device has interacted with our online services, including the pages viewed, links clicked, trips viewed and features used, as well as associated dates and times
• Details of any referring websites or exit pages, as well as general geographic location (e.g. state or city level)

 

Mobile apps

When you download and use one of our mobile apps, we collect certain technical information from your device to enable the app to function properly and as otherwise described in this Privacy Policy. This technical information includes:

• Device and phone connectivity information, such as: B. Your mobile operator, network type, network operator, SIM (Subscriber Identity Module) operator and SIM country
• Operating system and version
• Device model
• Performance and data usage
• Usage data, such as the date and time the app accesses our servers, the features and links clicked in the app, search queries, transactions, and the data and files downloaded into the app
• Device settings selected or enabled, such as Wi-Fi, Global Positioning System (“GPS”) and Bluetooth (which may be used for location services, subject to your consent as explained below)
• Mobile device settings
• Other technical information such as app name, type and version as necessary to provide services to you

Location-based services permissions:

Depending on your device's settings and permissions and your choice to participate in certain programs, we may collect your device's location using GPS signals, cell towers, Wi-Fi signals, Bluetooth or other technologies. We collect this information if you choose, through the App or another program (either when you first log in or later), to enable certain location-based services available in the App (such as finding the nearest available one Accommodation). . To disable the app's location features, you can log out or change your mobile device settings.

 

Use of personal data

We use your personal data for various purposes described below, which depend on the website you visit or the app you use.

Your use of online sites, apps and services:

• Book the trip you want or enable the booking of a holiday property
• Providing services related to the booking and/or account
• Create, maintain and update user accounts on our platform and authenticate yourself as a user
• Maintain your search and travel history, accommodation and travel preferences and similar information about your use of the Expedia Group Platform and Services and as otherwise described in this Privacy Policy
• Enable and facilitate the acceptance and processing of payments, coupons and other transactions
• Manage loyalty and rewards programs
• Collect and activate booking-related reviews
• Features make it quicker and easier for you to use our services, such as: B. the ability to log in with your account to the online services and websites of some Expedia group companies

Communication and Marketing:

• Answer your questions and requests for information and process information decisions
• Enable communication between you and the travel provider, e.g. B. Hotels and owners of holiday accommodation
• Contacting you (e.g. via SMS, email, phone call, postal mail, push notifications or messages on other communication platforms) to provide information such as travel booking confirmations and updates, for marketing purposes or for other purposes described in this Privacy Policy
• Market our products and services, optimize that marketing to make it more relevant to you, and measure and analyze the effectiveness of our marketing and promotions
• Manage promotions such as contests, sweepstakes and similar giveaways

Other business purposes and compliance

• Conduct surveys, market research and data analysis
• Maintain, improve, research and measure the effectiveness of our websites and apps, activities, tools and services
• Monitor or record calls, chats and other communications with our customer service team and other representatives, as well as platform communications between or between partners and vacationers for quality control, training, dispute resolution and as described in this Privacy Policy
• Create aggregated or otherwise anonymized or deidentified data that we may use and disclose without restrictions, where permitted
• Promote security, verify the identity of our customers, prevent and investigate fraud and unauthorized activities, defend against claims and other liabilities, and manage other risks
• Comply with applicable laws, protect our rights and interests and those of our users, defend us, and respond to law enforcement, other legal authorities, and requests that are part of legal proceedings
• Comply with applicable security, anti-terrorism, anti-bribery, customs, immigration and other due diligence laws and requirements
• Operate our business for legitimate business purposes and to the extent permitted by law

Legal basis for processing:

We will only collect personal data from you (i) where the personal data is necessary to fulfill a contract with you (e.g. to manage your booking, process payments or create an account at your request), (ii) where the processing is within our lawful interests and not overridden by your rights (as explained below) or (iii) where we have your consent to do so (for example, sending you marketing communications where consent is required). In some cases we are required by law to collect personal information from you, for example where it is necessary to use your transaction history to comply with our legal financial and tax obligations.

If we ask you to provide personal data to comply with a legal obligation or to perform a contract with you, we will make this clear at the time and inform you whether or not the provision of your personal data is mandatory (as well as). the possible consequences if you do not provide your personal data).

Certain countries and regions allow us to process personal data based on legitimate interests. Where we collect and use your personal data in reliance on our legitimate interests (or the legitimate interests of a third party), those interests will typically be to operate or improve our Platform and to communicate with you as necessary to provide our Services to you for the purpose of security checks when you contact us, to respond to your inquiries, to carry out marketing activities or for the purpose of potentially detecting or preventing illegal activities.

In some cases we may use automated decision-making, for example in connection with assessing fraudulent transactions or suspicious activity on our website. As part of this processing, automated decisions may be made by entering your personal data into a system and calculating the decision using automatic processes. If you are at risk of fraud, this may affect your ability to book on our website. You may have rights regarding automated decision-making, including the ability to request a manual decision-making process instead or to challenge a decision based solely on automated processing. If you would like to learn more about your privacy rights, please read the section below.

Disclosure of personal data

We share your personal information as described below and in this Privacy Policy and to the extent permitted by applicable law.

• Third Party Service Providers.  We share personal information with third parties in connection with providing services to you and operating our business (e.g., to provide credit card processing, customer service, business analytics, and fraud prevention and compliance services and to deliver advertising to you). tailored to your interests). These third parties are required to protect the personal information we share with them and are prohibited from using directly identifying personal information for any purpose other than to provide the services for which we have engaged them. They are not permitted to use the personal information we disclose to them for the purposes of their own direct marketing (unless you have given specific consent to the third party in accordance with the terms provided by the third party).
• Travel provider.  We share personal information with travel-related providers such as hotels, airlines, car rental companies, insurance companies, vacation rental owners and managers and, where available, activity providers, rail companies or cruise lines that process your booking. Please note that travel providers may contact you to obtain additional information to facilitate your booking or to otherwise provide the trip or related services.
• Business partners and offers.  If we work with a third party to promote a program or provide a service or product, we will share your information with that partner to help them market or provide the related product or service. In most of these cases, the program or offering will include the name of the third-party business partner, either alone or with ours, or you will be directed to that company's website with a notification. An example of such a business partner relationship would be a third-party loyalty program for which you could earn points by completing a booking on our Platform.
• Legal Rights and Responsibilities.  We may disclose your personal information to enforce our policies or when we are permitted to do so by applicable law (or have a good faith belief that we are required to do so), such as in response to a law enforcement or government agency request related to actual or proposed legal disputes or to protect and defend our property, people and other rights or interests. We may also disclose your personal information in response to a subpoena or other legal request, or as necessary to remit certain taxes in the course of payment processing, if required by law or court order.
• Corporate transactions.   We may share your personal information in connection with a corporate transaction, such as an divestiture, merger, consolidation, assignment or sale of assets, or in the unlikely event of bankruptcy. In the event of an acquisition, we will inform the buyer that they may only use your personal data for the purposes set out in this privacy policy.

 

Your rights and options

You have certain rights and choices regarding your personal information, as described below:

• You can access, change, request deletion or update the accuracy of your information at any time by either logging into your account or contacting us
• If you no longer wish to receive marketing and promotional emails, you can unsubscribe by clicking on the “unsubscribe” link in the email. You can also log in to your account to change communication preferences (not available for all Expedia Group companies) or contact us here. Please note that if you unsubscribe or unsubscribe from marketing emails, we may continue to send you important transactional and account-related messages from which you will not be able to opt-out
• For our mobile apps, you can view and manage notifications and preferences in the settings menus of the app and your operating system
• If we process your personal data based on consent, you can withdraw that consent at any time by contacting us. Withdrawing your consent will not affect the lawfulness of any processing that occurred before your withdrawal and will not affect our processing of your personal data on a legal basis other than consent

Certain countries and regions provide their residents with additional rights regarding personal information. These additional rights vary by country and region and may include:

• Request a copy of your personal information
• Request information about the purpose of the processing activities
• Delete your personal information
• Object to our use or disclosure of your personal information
• Restrict the processing of your personal data
• Opt out of the sale of your personal information
• Port your personal information
• Request information about the logic of our automated decision-making used in our fraud prevention practices and the outcome of such decisions

If you have questions about privacy, your rights and choices, and would like to make a request to change or update your information or delete it, please contact us

In addition to the rights set out above, you may have the right to complain to a data protection authority about our collection and use of your personal data. However, we recommend that you contact us first so that we can do our best to resolve your concern. You can submit your request to us using the information in the section. We respond to all requests we receive from individuals who wish to exercise their personal data protection rights in accordance with applicable data protection laws.

 

International data transfer

The personal data we process may be transferred or transferred to countries other than the country in which you reside. These countries may have data protection laws that differ from the laws in your country.

Our Platform's servers are located in the United States, and Expedia Group companies and third-party providers operate in many countries around the world. If we collect your personal data, we may process it in any of these countries.

We have taken appropriate steps and safeguards to ensure that your personal information remains protected in accordance with this privacy policy. For example, all data transfers between our group companies are subject to our intra-group agreements, which contain strict data transfer conditions (including the European Commission's Standard Contractual Clauses for transfers from the EEA) and require all group companies to protect the personal data they process in accordance with applicable data protection law. In addition, certain U.S. subsidiaries of Expedia Group have certified with the EU-US and Swiss-US Privacy Shield, as discussed in the “Privacy Shield” section below.

We also require that third parties to whom data transfers are made have appropriate safeguards in place to protect your personal data in accordance with applicable data protection laws. Which specific measures are used depends on the respective service provider. Our agreements with them may include standard contractual clauses approved by the European Commission, certification of the service provider under the EU-US and/or Swiss-US Privacy Shield, or reliance on the service provider's binding corporate rules as established by the European Commission.

Privacy Policy Updates

We may update this privacy policy in response to changing laws or technical or business developments. You can see when this privacy policy was last updated by checking the last updated date at the top of this policy.