Privacy Statement

Privacy Statement

We appreciate the trust you place in us and that is the reason why we handle the personal data you provide to us with the greatest possible care.
Sunweb Group respects your right to privacy. We use this policy to inform you of how we handle your personal data.

What personal data do we process for which purposes?

Personal data are all data that say something about you or that we can relate to you. We record personal data within the context of our services, the sale of our products or when you contact Sunweb Group in any other way. Personal data that are needed for our services such as your name, address, email address and telephone number. Such data are needed to perform a booking, for example.

We have listed below several personal data we process divided by the various purposes for which we collect these data:

In order to analyse the use of our website
Data concerning your use and behaviour are collected when using our website. We use analytical cookies in order to adjust our website in line with the wishes and interests of the visitor and so that we can offer an optimum visitor experience. Consult our cookie policy for more information.

We also store the log files of the website such as error reports. For example, if the reservation system does not function while booking, we remember the data that were entered during the booking process so that you do not have to enter everything again.

For the purpose of handling complaints and requests for information or to make the exercise of your rights possible and to learn from this
We store your contact details if you contact us via a contact form, during a chat or telephone conversation and/or if you wish to influence the use we make of your personal data. We do so in part in order to provide you with an answer or to help you, but also to learn from our complaints handling.

In case of registration for a newsletter
You are asked to provide contact details during the registration for a newsletter so that the newsletter can be sent to you by email.

Quality assurance
The full IP address (Ipv4 and IPv6) is used for logging purposes and to assess problems you have reported. The IP address of a reservation is sometimes used to validate a reservation and payment. We store the IP address for at most seven days. Online payments only take place via an affiliated supplier.Telephone conversations are stored for a period of 4 weeks for training purposes in order to guarantee quality.

In order to provide our campaigns with photo and image material
We place image and sound material on our website and in our brochures in order to create an atmospheric impression for our future guests.
In order to better align our campaigns with your preferences
You provide us with your personal data at different moments. We use part of these data, such as your email address and telephone number, to purchase services from advertising platforms such as Facebook if we have obtained your consent to do so (by accepting cookies).

You may receive personal communication from us as a result of various interactions. Your personal data in our possession provide us with an impression of your interests and preferences. Combining personal data creates profiles that make it possible to serve you the customer even better by making our commercial communications personal. Not just by addressing you by name in the email, but also by showing holidays that we consider match your interests.

You receive communication from us if you have booked a trip with us or you register individually for a group trip and you do not object thereto. You receive this communication via channels for which you have not unsubscribed such as social media, email or post.

We send newsletters if you have subscribed for these. You can unsubscribe for our newsletters or other commercial communications at any time. This possibility is offered to you in the email itself or you can unsubscribe using the objection form.

You may see our commercial communications when you visit other websites, such as in the banners that are present on other websites. These banners may be personalised because you have accepted advertisement cookies.

Who receive your personal data?

We share your personal data with third parties. These are the following parties:

Employees at the offices of Sunweb Group in the relevant countries, but also locally insofar as they require the data for the performance of the travel contract and naturally to provide you with an optimal holiday experience with a suitable preparation.
Parties that will deliver to you (part) of the trip booked, such as airlines, other carriers, accommodation owners, tour leaders and other parties.
We do not transfer your personal data to countries outside the European Economic Area, unless such is necessary for the performance of the travel contract (e.g. airline companies and accommodation owners outside the EEA). We make sure in all other cases that appropriate measures are implemented in order to protect your personal data in an adequate manner. We do so inter alia by concluding agreements that have been approved by the European Commission. We ensure in relevant cases that personal data are processed only by parties in third countries with an appropriate protection level indicated by the European Commission.
If you travel abroad, you may be required (by government authorities at the points of departure and arrival) to provide personal data and these may be processed within the context of border control, immigration, security, anti-terrorism and other purposes that are considered applicable. What data must be processed may differ per destination. Examples of data that are requested include customer details, contact details and reservation details.
We may share your personal data with advertising networks or enable the latter to collect personal data concerning you. They obtain these data because consent was obtained concerning the use of cookies. Our cookie policy and the list of cookies on our website includes the names of these third parties as well as a reference to the policy that applies to the processing of your data by means of these technologies.
External parties such as marketing/development agencies, online software parties and Payment providers that support our daily activities, including marketing and data analysis.
In the event of our insolvency we, or any appointed insolvency practitioner, may disclose your personal information to the ABTA and/or SGR so that they can assess the status of your booking and advise you on the appropriate course of action under any scheme of financial protection.

A significant part of the third parties with which we share your personal data obtain these data on the basis of the use of cookies. We therefore refer you to our cookie policy and the list of cookies on our website for the names of these third parties as well as a reference to the policy that applies to the use of your data.

On the basis of which principles do we process your personal data?
We apply several principles when using your personal data. The principles we apply are:

The processing is necessary for the performance of a contract to which you are a party. This concerns for example the performance of the contract or travel contract with you;
The processing is necessary in order to comply with a statutory obligation we must satisfy;
The processing is necessary in order to look after our legitimate interests. As a travel provider, our legitimate interests also comprise for example being able to conduct marketing activities;
We only process your special personal data (such as the registration of medical luggage and comments about your health) and personal data that do not come under the above-mentioned principles, such as subscription to the newsletter and personal banner advertisements if you have consented thereto expressly or because you have clearly disclosed the data. You can withdraw this consent at all times. How and when you can do this is described in this privacy policy under the heading of ‘rights’.

Retention period

Your personal data are retained for as long as necessary for the processing purposes and are then deleted permanently within the term that applies for this purpose, while taking account of the statutory obligations. This means for example that your data concerning the travel contract are retained for at most ten years in accordance with our retention period for tax purposes. At the moment you submit an objection to processing of personal data for commercial purposes, we will register this in our systems and we will no longer use your personal data for the relevant personalised and/or commercial purposes.

Your privacy rights

Sunweb Group is transparent and strives to provide sound services to its customers, website visitors and/or if you are a user of one of our other (online) services. We process personal data as explained in this privacy statement in order to make sound services possible. We hope that you see the benefit and also gain the benefit in which connection everyone can have personal preferences. If this is not your experience and you have a different opinion, you can consult with us in order to possibly adjust matters.

You can exercise the following privacy rights in respect of the processing of your personal data described in this privacy statement:

You can object to the processing of your personal data.
If you would like to lodge an objection to the processing of your personal data for commercial purposes, you can change your preferences here.
You can adjust your cookie settings via the website cookie settings module [link to javascript:Optin.showSettingsPopup()]. You should also not forget to remove all of your cookies from all devices in all internet browsers you have used to visit our website(s). Read our cookie policy for how you can do this for each internet browser.
If you would like to object to the processing of your personal data as a whole, please contact our customer service department.
You have the right to have incorrect personal data corrected or to supplement personal data.
In some circumstances you have the right to have removed the personal data we have in respect of you from all of our systems and online services if this is possible and while taking account of the statutory obligations. In order to remove all of your cookies, you will have to delete the cookies from all devices in all internet browsers you have used to visit our website(s). Read our cookie policy how you can do this for each internet browser.
You have the right to limit the processing of your personal data if data are incorrect, you have lodged an objection or you indicate that we are not allowed to further process certain data, for example.
You have the right to request your personal data and to transfer them to another controller such as other parties that offer holiday travel if you so desire.
You have the right to inspect your personal data. For example, you can see in the My Account environment (if available) what personal data we have received from you and that we have registered with respect to a certain reservation. This is also where you can see the other relevant data belonging to a reservation.
You are entitled to human assessment of automated decisions. A decision may be made on the basis of data that was processed automatically (without human intervention), which may have consequences for you as customer/consumer. An example would be the verification we conduct of the acceptance of credit card payments in order to prevent fraud and to protect your privacy.

If you have questions about the above rights or you would actually like to exercise these rights, please contact our customer service department. Our customer service department can be reached by telephone at telephone number 02031708206.

If you would like to exercise your rights, please enclose with your request a copy of your passport in which you have screened your photo and citizen service number.

If you are not satisfied with the way in which we process your personal data, you can submit a complaint to us via the customer service department or to the Sunweb Group data protection officer dpo@sunwebgroup.com.

If we are unable to reach agreement following consultation, you can contact the The Information Commissioner’s Office which can be reached at telephone number 0044 1625 545 745.

Changes

We have the right to adjust this privacy statement and recommend that you consult this page from time to time to stay informed of the manner in which we process your personal data. This privacy statement was updated most recently on [date: May 18, 2018].

Security

We implement suitable technical and organisational measures to secure your personal data. This means among other things that we conclude agreements with service providers that process personal data on our behalf in which agreements we oblige them to implement these measures as well. This also means that if you book a holiday via the Sunweb website or if you consult My Sunweb, your data are transmitted by means of a secure (SSL) connection.

Notification data leaks

A data leak exists if personal data belonging to our clients, business relationships or employees have been exposed to loss or unlawful processing.

This is the case for example if personal data wind up in the hands of third parties that should not have access to those data.

Have you discovered a (possible) data leak? Notify us thereof as quickly as possible by email via databreachnotification@sunwebgroup.com.

Contact

Your questions and comments regarding this privacy statement are welcome and can be submitted to info@sunwebgroup.com

If you have a different question and you would like to contact our customer service department directly be telephone 02031708206 and/or by email, please visit our customer service page where you can find our contact details.