Success!
+44 20 1234 5678 info@flightswideuk.co.uk London, United Kingdom
100% Secure Payments
Your Data Matters

Privacy Policy

We are committed to protecting your personal information. This policy explains how we collect, use, and safeguard your data.

Home Privacy Policy
On This Page

Last Updated: 1st January 2025
Version: 3.0

FlightsWide UK Ltd. ("we", "us", or "our") is committed to protecting and respecting your privacy in accordance with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, and other applicable data protection laws. This Privacy Policy applies to all information we collect through our website flightswideuk.co.uk, phone calls, emails, WhatsApp, social media, and in-person interactions.
1

Introduction

This Privacy Policy describes how FlightsWide UK Ltd. collects, uses, processes, and discloses your information, including personal information, in conjunction with your access to and use of our website, services, and communications.

By using our website or engaging our services, you acknowledge that you have read and understood this Privacy Policy. If you do not agree with the terms of this policy, please do not access our website or use our services.

Company Registration: FlightsWide UK Ltd., registered in England and Wales. Company Number: XXXXXXXX. Registered Address: 128 High Street, London, NW1 2DB, United Kingdom.
2

Information We Collect

We collect different types of information to provide and improve our services to you. This includes:

Personal Information
  • Full name (as appears on passport) and title
  • Date of birth
  • Passport number and nationality (for flight bookings)
  • Contact information: email address, phone number(s), postal address
  • Payment information: card details (processed securely via payment gateway), billing address
  • Travel preferences: dietary requirements, seat preferences, special assistance needs
Technical Information (Collected Automatically)
  • IP address, browser type and version, operating system
  • Pages visited, time spent on pages, referring URLs
  • Device type, screen resolution, and unique device identifiers
  • Location data (approximate, based on IP address)
  • Cookie and tracking pixel data (see Section 7)
Communication Data
  • Records of phone calls (with your consent) and written correspondence
  • WhatsApp messages and chat transcripts
  • Contact form submissions and email communications
  • Social media interactions and direct messages
3

How We Use Your Data

We use your personal information for the following purposes, each grounded in a lawful basis under UK GDPR:

Purpose Description
Flight Bookings To process, manage, and confirm your flight reservations with airlines and travel partners
Rescheduling & Refunds To handle flight changes, cancellations, and refund requests as per airline policies
Payment Processing To process payments securely and prevent fraudulent transactions
Communication To send booking confirmations, itineraries, updates, reminders, and respond to your inquiries
Customer Support To provide assistance, resolve issues, and improve our service quality
Legal Compliance To comply with ATOL, IATA, aviation regulations, anti-money laundering laws, and tax obligations
Marketing With your consent, to send promotional offers, newsletters, and travel deals (you can opt out at any time)
Analytics & Improvement To analyse website usage, improve user experience, and optimise our services
Important: We will never sell your personal data to third parties. We only share data as described in Section 5 of this policy.
4

Legal Basis for Processing

We process your personal data under the following lawful bases as defined by UK GDPR:

Contractual Necessity: Processing is necessary to perform our contract with you (e.g., booking your flight, issuing tickets, processing payments).
Legal Obligation: Processing is necessary to comply with legal obligations (e.g., ATOL reporting, anti-money laundering checks, tax compliance).
Legitimate Interests: Processing is necessary for our legitimate business interests (e.g., fraud prevention, service improvement, business analytics) where your rights are not overridden.
Consent: Where we rely on consent (e.g., marketing communications, call recording), you can withdraw consent at any time by contacting us.
5

Data Sharing & Third Parties

We may share your personal data with the following categories of third parties:

Third Party Purpose Security Measures
Airlines & Travel Partners To issue tickets, manage bookings, process changes Encrypted data transfer, contractual agreements
Payment Processors To process card payments securely PCI DSS compliant, tokenised payments
ATOL / CAA Regulatory reporting and consumer protection Secure government portals
IATA BSP settlement and industry compliance Encrypted channels, IATA security standards
IT Service Providers Website hosting, email services, CRM systems GDPR-compliant contracts, data processing agreements
Legal Advisors For legal disputes, compliance, and regulatory matters Legal professional privilege, confidential agreements
Law Enforcement When required by law, court order, or for fraud prevention Only minimum necessary data disclosed
Our Commitment: All third parties are bound by strict data processing agreements that require them to protect your data to the same standards we do.
6

Data Retention

We retain your personal data only for as long as necessary to fulfil the purposes for which it was collected, including:

Data Type Retention Period
Booking & Ticket Data 7 years (for tax and ATOL compliance)
Payment Records 7 years (for financial and tax compliance)
Customer Communications 3 years after last interaction
Marketing Consent Records 6 years (to demonstrate lawful consent)
Website Analytics Data 26 months (Google Analytics default)
CV / Employment Applications 12 months after decision, unless consent given for longer

After the retention period expires, your data is securely deleted or anonymised. We conduct regular data audits to ensure compliance with retention schedules.

7

Cookies Policy

Our website uses cookies and similar tracking technologies to enhance your browsing experience. Below is a breakdown of the cookies we use:

Strictly Necessary Cookies

Essential for the website to function properly. These cannot be disabled.

Required
Functional Cookies

Remember your preferences, language, and settings for a better experience.

Optional
Analytical Cookies

Help us understand how visitors interact with our website (Google Analytics).

Optional
Marketing Cookies

Used for retargeting and displaying relevant advertisements across platforms.

Optional

You can manage or disable cookies through your browser settings. Please note that disabling certain cookies may affect website functionality.

Managing Cookies: Visit aboutcookies.org for detailed instructions on how to control cookies in your browser. You can also opt out of Google Analytics tracking using the Google Analytics Opt-out Browser Add-on.
8

Your Data Rights

Under UK GDPR, you have the following rights regarding your personal data. We are committed to responding to all legitimate requests within 30 days.

Right of Access

Request a copy of all personal data we hold about you.

Right to Rectification

Request correction of inaccurate or incomplete personal data.

Right to Erasure

Request deletion of your data where no legal obligation to retain it exists.

Right to Restrict

Request limitation of processing your data in certain circumstances.

Right to Portability

Receive your data in a structured, machine-readable format.

Right to Object

Object to processing based on legitimate interests or for direct marketing.

Right to Withdraw Consent

Withdraw consent at any time where processing is based on consent.

Rights re: Automated Decisions

Not to be subject to decisions based solely on automated processing.

How to Exercise Your Rights: To make a data rights request, email us at privacy@flightswideuk.co.uk or write to us at the registered address. We may need to verify your identity before processing your request. There is no charge for making a request, though we may charge a reasonable fee for excessive or manifestly unfounded requests.

If you are unsatisfied with our response, you have the right to lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk or call 0303 123 1113.

9

Data Security

We implement robust technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction:

  • 256-bit SSL encryption on all web pages and data transmissions
  • PCI DSS compliance for all payment card processing
  • Encrypted databases with access restricted to authorised personnel only
  • Two-factor authentication for all internal systems and admin access
  • Regular security audits and vulnerability assessments
  • Staff training on data protection and cybersecurity best practices
  • Secure document disposal procedures for physical and digital records
  • Incident response plan with notification procedures for any data breaches
Breach Notification: In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, we will notify the ICO within 72 hours and inform you directly without undue delay.
10

Children's Privacy

Our services are not directed at individuals under the age of 16 years. We do not knowingly collect personal data from children without verified parental or guardian consent.

If we discover that we have collected personal data from a child under 16 without proper consent, we will take immediate steps to delete that information. If you believe a child has provided us with personal data, please contact us at privacy@flightswideuk.co.uk.

Please note that for flight bookings, all passengers (including minors) require valid travel documentation as per the airline and destination country requirements.

11

International Data Transfers

As a flight booking agency, your data may be transferred to countries outside the United Kingdom for the following reasons:

  • Airlines and travel partners based in other countries to process your booking
  • Destination country immigration authorities who require passenger information (e.g., Advance Passenger Information)
  • IT service providers located in jurisdictions with adequate data protection laws

Where data is transferred to countries not recognised by the UK as having adequate data protection, we ensure appropriate safeguards are in place, including:

  • Standard Contractual Clauses (SCCs) approved by the UK government
  • Binding Corporate Rules where applicable
  • Explicit consent where required and appropriate
12

Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make changes, we will:

  • Update the "Last Updated" date at the top of this page
  • Update the version number to track changes
  • For material changes, notify you via email or a prominent notice on our website
  • Where required by law, seek your renewed consent

We encourage you to review this Privacy Policy periodically to stay informed about how we protect your information.

13

Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or how we handle your personal data, please contact our Data Protection Officer:

FlightsWide UK Ltd. — Data Protection Officer

Email: privacy@flightswideuk.co.uk

Phone: +44 20 1234 5678

Address: 128 High Street, London, NW1 2DB, United Kingdom

ICO Registration: ZAXXXXXX

We aim to acknowledge all data protection inquiries within 3 working days and provide a substantive response within 30 calendar days.

How We Protect You

Your Data Security

Multiple layers of protection ensure your information stays safe at every step.

SSL Encryption

256-bit SSL encryption protects all data transmitted between your browser and our servers.

PCI DSS Compliant

Payment card data is processed through PCI DSS Level 1 compliant payment gateways only.

ATOL Protected

All bookings are ATOL protected, ensuring your data and money are fully safeguarded.

Access Control

Strict internal access controls with two-factor authentication and role-based permissions.

Have Privacy Concerns?

Our Data Protection Officer is here to help with any questions about your data rights, privacy concerns, or data-related requests.

Email DPO Contact Us

Designed & Developed with for flightswideuk.co.uk | All flights are ATOL protected.