At VCK Travel, we attach the greatest importance to protecting the privacy of our customers and website visitors.
Click on the topics below for more information.
1. Categories of personal data processed by VCK Travel
We may collect and process the following categories of personal data and information.
Name, passport details and credit card details
For example, we collect your first and last name, gender, date of birth, nationality, passport number, passport validity, credit card number and expiry date.
Contact details (business and private)
We store your address, telephone number (landline and mobile) and email address. If you register your details yourself via Profiles, AirGo or one of our other online self-service tools, we may also store other information you fill in here. For business travellers, we also collect the name and business location of the company employing the traveller.
Information about your trip
If you book a trip with us, we process information relating to your reservation. This information may include details about flights (route, date, travel class, luggage, price), hotels (date of stay, name and place of hotel), rental car (make, type and rental period), transfers, etc.
We collect information about your meal preferences and/or dietary requirements.
If applicable, we collect special details, such as information about your health, which may be necessary, for example, to assist you during your trip or to help you meet your medical needs.
We collect loyalty programme member numbers.
If you send us an email or use WhatsApp to chat with us, we keep a record of your communications with us.
We register your current and cancelled subscriptions to one or more of our newsletters.
Information you wish to share with us
We process the information you share with us on your own initiative, for example if you share your feedback with us via our website or by email, post a comment on our social media channels, complete a customer survey, enter a competition, or participate in a promotion or event.
2. Websites, apps and digital media
3. How we collect your personal data
We collect information that you provide to us when you book a trip with us or through our AirGo online booking tool, through Profiles or any of our other online self-service tools that register your personal information.
4. Purposes of using your personal data
The main purposes for which we use your personal data are to process your reservations and to make appropriate travel offers. For these purposes, we need to process most of the information described above. For example, we need your name, passport number and other identifying information to be able to issue your travel documents, such as tickets and vouchers.
In order to be able to inform you about changes in your itinerary, we need your contact details. In addition, we need to be aware of your specific medical needs to ensure that you receive the appropriate care.
We will use your contact details to communicate with you about our services, to answer your questions or to handle your complaints.
We collect, store and use your personal data for internal business purposes, such as keeping records and complying with our legal and tax obligations.
We may be required by law to collect your identity details and booking and travel information and share these with public authorities or government agencies (via travel suppliers) in order to facilitate border control, immigration formalities, entry into a state’s territory, security and counterterrorism.
We collect, use and store your personal data in order to comply with the legal obligations we are subjected to and if necessary for our legitimate interests or the interests of a third party or on the basis of your consent.
You have the right to revoke your consent at any time by following the specific instructions regarding the processing of data for which you have given your consent. For example, you can do this by clicking on the ‘unsubscribe’ link in an e-mail message or by changing the settings on your smartphone (for mobile push messages). You can also contact us if you wish to revoke your consent. See Article 8 ‘Your rights’.
5. Sharing access to personal data with third parties
We may share access to your personal data with airlines, hotels, car rental companies, train companies, taxi companies, etc.
Facilitating your bookings and travel
In order to process your reservations and bookings and to facilitate your travel, we need to share your personal data with various suppliers, such as airlines, hotels, car rental companies, train companies, and taxi companies.
Enabling support services
To deliver our services, we make use of third parties, such as IT suppliers and credit card companies. All these third parties are obliged to adequately protect your personal data.
Within VCK Travel, business activities are carried out by processing and consolidating information (including personal data) in centralised databases and systems. These central databases and systems may be hosted or managed by VCK Travel and are located in Europe.
Statistical research and direct marketing
We do not share your personal data with third parties for statistical research and direct marketing purposes.
We may also be required by law to collect your identity details and booking and travel information and share these with public authorities or government agencies to facilitate border control, immigration formalities, entry into a state’s territory, security and counterterrorism.
6. Security and storage
VCK Travel takes the necessary technological and organisational measures to protect your personal data against loss or unlawful use.
7. International transfer of data
VCK Travel may transfer your personal data to countries other than your country of residence. This is done as part of arranging your trip. Legislation in these countries may not always provide the same level of protection for your personal data.
The transfer of personal data to countries other than your country of residence is often necessary in order to process your reservations. In other cases, VCK Travel will ensure that appropriate security measures are in place to meet the requirements for the international transfer of personal data under the applicable privacy legislation. For the transfer of personal data to countries outside the European Economic Area, VCK Travel may make use of standard contractual clauses approved by the European Commission as a security measure.
VCK Travel may be obliged to disclose your personal data to foreign governments or government agencies. Legislation in some countries allows border control authorities to access booking and travel information. As a result, information that we have collected about you and your trip may be disclosed to the customs and immigration authorities of each country in your itinerary. In addition, carriers in several countries are required by law to collect your passport and related information before you travel to or from those countries. If necessary, we will provide this information to the carriers who will in turn pass it on to the appropriate customs and immigration authorities. They will also disclose your personal data to government authorities if required by applicable law.
8. Your rights
By contacting our Data Protection Officer, you may exercise all rights under applicable privacy laws, including the right to
- access your data
- rectify your personal data
- delete your personal data
- restrict the processing of your data
- transfer your data
- object to having your data processed.
1. Right to access your data
You have the right to ask us if we process your personal data, and if we do, you have the right to inspect these data in the form of a copy. When we offer you access to your data, we will also provide you with additional information, such as the purpose of our data processing, the categories of personal data being processed and any other information you may need to properly exercise this right.
2. Right to rectify your data
You have the right to rectify your details if they are incomplete and/or contain errors. Upon request, we will correct inaccurate personal data and complete incomplete personal data, taking into account the purposes for which they are processed. This may include issuing a supplementary statement.
3. Right to delete your data
You also have the right to have your personal data deleted. This means that your data will be deleted by us and, where possible, by all data controllers to whom we have previously disclosed your data. The deletion of your personal data only takes place in certain cases. These cases are prescribed by law and are listed in Article 17 of the General Data Protection Regulation (GDPR). These include situations in which data have been unlawfully processed. Due to the way in which we organise certain services, it may take some time for backups to be deleted.
4. Right to restrict the processing of your data
You have the right to have the processing of your personal data restricted. This means that we will suspend the processing of your data for a certain period of time. Circumstances that may give rise to such a request include situations in which the accuracy of your personal data is disputed, and assessing this would take some time. This right does not prevent us from continuing to store your personal data. We will let you know when the restriction is lifted.
5. Right to transfer your data
Your right to data transfer means that you may ask us to obtain your personal data, if technically possible, in a structured, common and machine-readable form and to transfer it to another data controller. Upon request and if technically possible, we will transfer your personal data directly to the other data controller.
6. Right to object to having your data processed
You also have the right to object to the processing of your personal data. This means that you may ask us to stop processing your personal data. This only applies if ‘legitimate interests’ (including profiling) form the legal basis for processing. See Article 4 ‘Legal basis’.
You can revoke your consent at any time by following the specific instructions regarding the processing for which you have given your consent. For example, you can revoke your consent by clicking on the ‘unsubscribe’ link in an e-mail, by deleting your profile in Profiles, or by changing your smartphone settings (for mobile push messages).
You can also contact VCK Travel’s Data Protection Officer.
For more information about revoking your consent to cookies and similar technologies we use when you visit our websites or use our apps, see Article 2 ‘Websites, apps and digital media’. There may be situations which give us the right to deny or restrict your rights as described above. In that case, we will carefully assess whether such an exception applies and inform you accordingly. For example, we may refuse your request for access if we deem it necessary to protect the rights and freedoms of other individuals, or we may refuse to remove your personal data if the processing of such data is necessary to comply with legal obligations. The right to data transfer does not apply, for example, if your personal data were not provided by you or if we do not process the data on the basis of your consent or the performance of a contract.
You can exercise your rights at any time by sending your request to VCK Travel’s Data Protection Officer:
Attn. Data Protection Officer
1042 AN Amsterdam
Attn. Data Protection Officer
1042 AN Amsterdam