“Cactus Apartments” is committed to respecting your privacy and protecting your personal information.

This notice describes what personal data we collect, how we will use that data and how we keep your data safe.

Information & Consent

This Privacy Notice describes how we collect, use, process, and disclose your information, including personal information about you (hereinafter, the “User”), in conjunction with your access to and use of our booking system.

By reading this Privacy Notice, the user is hereby informed on how we collect, process and protect personal data furnished through the booking engine.

The User must carefully read this Privacy Notice, which has been written clearly and simply, to facilitate its understanding, and to freely and voluntarily determine whether they wish to provide their personal data, or those of third parties, to Cactus Apartments.

By accessing the platform or providing information, you agree to our privacy practices as set out in this privacy statement. We may change this notice from time to time. You should check this notice frequently to ensure you are aware of the most recent version.

Cactus Apartments operates this booking system through booking.com.

Please hereby find more detailed information:

Why does Booking.com collect and use your personal data?

The main reason we ask you for personal details is to help you organize your online Trip Reservations and ensure you get the best service possible.

We also use your personal data to contact you about the latest deals, special offers and other products or services we think you might be interested in. There are other uses, too. If you’d like to find out what they are, read on for a more detailed explanation.

Read more about why Booking.com collects your data

How does Booking.com share your data with third parties?

There are different parties integrated into Booking.com’s services, in various ways and for various reasons. The primary reason we share your data is to supply the Trip Provider with the relevant information to complete your Trip Reservation.

We also involve other parties to provide you with the Booking.com services. This includes, for example, financial institutions, advertisers, subsidiaries of the Booking.com corporate group and the other companies that form the Booking Holdings Inc. corporate group. Or, in some cases, if we’re required to by law, we might share your data with governmental or other authorities

Below, we go into more detail about how the information you share with us is used and exchanged with these parties.

Read more about how data is shared with third parties

How is your personal data shared within the Booking Holdings Inc. corporate group?

Booking.com is part of the Booking Holdings Inc. corporate group. Read on to find out more about how your data may be shared within the Booking Holdings Inc. corporate group.

Read more about data within Booking Holdings Inc.

How is your personal data shared and further processed for ground transport services?

Booking.com and Rentalcars.com – also part of the Booking Holdings Inc. group of companies – jointly use your data to offer you ground transport services via the Booking.com websites and apps (such as cars.booking.com or taxi.booking.com). Read more to understand the scope and limited nature of our joint responsibility.

Read more about data and our ground transport services

How is your personal data shared and further processed for insurance services?

We work with different parties when offering insurance services. Follow the link below to understand how your data is used and shared for insurance purposes and learn about the responsibilities of the parties involved.

Read more about data and insurance products and services

How does Booking.com process communications that you and your Trip Provider may send via Booking.com?

Booking.com can help you and Trip Providers exchange information or requests about services and existing Trip Reservations, through the Booking.com platform. If you want to find out more about how Booking.com receives and handles these communications, read on here.

Read more about how these communications are processed

How does Booking.com make use of mobile devices?

We offer free apps, through which we also collect and process personal data. This works in much the same way as our website, but they also allow you to benefit from the location services available on your mobile device(s).

Read more about how we use data from mobile devices

How does Booking.com make use of social media?

The use of social media may be integrated into Booking.com services in various ways. These will involve us collecting some of your personal data or the social media provider receiving some of your information. If you’d like to learn more about how this information is used and exchanged, read on.

Read more about how we use social media data

What security and retention procedures does Booking.com put in place to safeguard your personal data?

We have implemented a range of procedures to prevent unauthorised access to, and the misuse of, personal data that we process.

Read more about security and retention procedures

How does Booking.com treat personal data belonging to children?

Unless indicated otherwise, Booking.com is a service you are only allowed to use if you are over 16 years of age. We only process information about children with the consent of their parents or legal guardians, or when the information is shared with us by the parents or legal guardians themselves.

Read more about the personal data of under 16s

How can you control the personal data you’ve given to Booking.com?

You have the right to review the personal data we keep about you at any time. You can request access to or deletion of your personal data by submitting this form. If you want to find out more about your rights to control your personal data, read on.

Read more about how you can control your personal data

Who is responsible for the processing of personal data on the Booking.com website and apps?

Booking.com B.V., located in Amsterdam, The Netherlands, controls the processing of personal data for the provision of its services. That includes its websites and mobile apps, except for some exceptions that are clarified in this privacy statement.

Read more about Booking.com B.V.’s responsibility for personal data

Country-specific provisions

Depending on the law that applies to you, we might be required to provide some additional information. If you’d like to know more, please read on.

Read more about country-specific provisions

What kind of personal data does Booking.com collect?

OK, so you’re looking for some more in-depth information. Here’s a closer look at what we collect.

Personal data you give to us.

Booking.com collects and uses information you provide to us. When you make a Trip Reservation, you are (at a minimum) asked for your name and email address.

Depending on the Trip Reservation, we may also ask for your home address, telephone number, payment information, date of birth, current location (in the case of on-demand services), the names of the people travelling with you and any preferences you might have for your Trip (such as dietary or accessibility requirements). In some cases you may also be able to check-in online with the Trip Provider, for which we will ask you to share passport information or a driving licence and signatures.

If you need to get in touch with our customer service team, contact your Trip Provider through us, or reach out to us in a different way (such as social media or via a chatbot) we’ll collect information from you there, too. This applies whether you are contacting us with feedback or asking for help using our services.

You might also be invited to write reviews to help inform others about the experiences you had on your Trip. When you write a review on the Booking.com platform, we’ll collect any information you’ve included, along with your display name and avatar (if you choose one).

There are other instances where you’ll provide us with information, as well. For example, if you’re browsing with your mobile device, you can decide to allow Booking.com to see your current location or grant us access to some contact details. This helps us to give you the best possible service and experience by, for example, showing you our city guides, suggesting the nearest restaurants or attractions to your location or making other recommendations.

If you create a user account, we’ll also store your personal settings, uploaded photos, and reviews of previous bookings. This saved data can be used to help you plan and manage future Trip Reservations or benefit from other features only available to account holders (such as incentives or other benefits).

We may offer you referral programs or sweepstakes and participating in these will mean providing us with relevant personal data.

Personal data you give us about others.

Of course, you might not simply be making a Trip Reservation for yourself. You might be taking a Trip with other people or making a reservation on someone else’s behalf. In both those scenarios, you will provide their details as part of the Trip Reservation.

If you have a Booking.com for Business account, you can keep an address book there to make it easier to plan and manage business travel arrangements for others.

In some cases, you might use Booking.com to share information with others. This can take the form of sharing a wishlist, taking part in a travel community or participating in a referral programme, as described when you use the relevant feature.

At this point, we have to make it clear that it’s your responsibility to ensure that the person or people you have provided personal data about are aware that you’ve done so, and that they have understood and accepted how Booking.com uses their information (as described in this Privacy Statement).

Personal data we collect automatically.

Whether or not you end up making a Trip Reservation, when you visit our websites or apps we automatically collect certain information. This includes your IP address, the date and time you accessed our services, and information about your computer’s hardware and software (such as the operating system, the internet browser used, software/application version data and your language settings). We also collect information about clicks and which pages have been shown to you.

If you’re using a mobile device, we collect data that identifies the device, as well as data about your device-specific settings and characteristics, app crashes and other system activity. When you make a Trip Reservation using this kind of device, our system registers how you made your reservation (on which website), and/or which site you came from when you entered the Booking.com website or app.

Personal data we receive from other sources.

It’s not just the things you tell us, though – we may also receive information about you from other sources. These include business partners, such as affiliate partners, subsidiaries of the Booking.com corporate group, other companies in the Booking Holdings Inc. corporate group and other independent third parties.

Anything we receive from these partners may be combined with information provided by you. For example, Booking.com Trip Reservation services are not only made available via Booking.com and the Booking.com apps, but are also integrated into services of affiliate partners you can find online. When you use any of these services, you provide the reservation details to our business partners who then forward your details to us.

We also integrate with third party service providers to facilitate payments between you and Trip Providers. These service providers share payment information so we can administer and handle your Trip Reservation, making sure everything goes as smoothly as possible for you.

Additionally, we collect information in the regrettable case that we receive a complaint about you from a Trip Provider, for example in the case of misconduct.

Another way we might receive data about you, is through the communication services integrated into our platforms. These communication services offer you a way to contact theTrip Provider you’ve booked with to discuss your stay. In some cases, we receive metadata about these communication activities (such as who you are, where you called from, and the date and length of the call).

We may also receive information about you in order to show you more relevant ads, such as the additional cookie data Booking.com social media partners make available to us. Please read the section Why does Booking.com collect and use your personal data? for more information.

When you link your Booking.com user account to your social media account, you might trigger exchanges of data between Booking.com and that social media provider. You can always choose not to share that data.

Trip Providers may share information about you with Booking.com, too. This could happen if you have support questions about a pending Trip Reservation, or if disputes or other issues arise about a Trip Reservation.

Why does Booking.com collect and use your personal data?

We use the information collected about you for a variety of purposes. Your personal data may be used in the following ways:

Trip Reservations: First and foremost, we use your personal data to complete and administer your online Trip Reservation – which is essential for us to provide this service for you. This includes sending you communications that relate to your Trip Reservation, such as confirmations, modifications and reminders. In some cases, this may also include processing your personal data to enable online check-in with the Trip Provider or processing personal data in relation to possible damage deposits.

Customer service: We provide international customer service from our local offices in more than 20 languages, and we’re here to help 24 hours a day, 7 days a week. Sharing relevant details, such as reservation information or information about your user account with our global customer service staff allows us to respond when you need us. This includes helping you to contact the right Trip Provider and responding to any questions you might have about your Trip Reservation (or any other queries, for that matter).

Account facilities: Booking.com users can create an account on our website or apps. We use the information you give us to administer this account, allowing you to do a number of useful things. You can manage your Trip Reservations, take advantage of special offers, make future Trip Reservations easily and manage your personal settings.

Managing personal settings gives you the ability to keep and share lists, share photos, easily see Trip Services you’ve searched for and check travel-related information you’ve provided. You can also see any reviews you’ve written.

If you want to, you can share certain information as part of your user account, by creating a public profile under your own first name or a screen name you choose.

If you’re a Booking.com for Business account holder, you can also save contact details under that account, manage business reservations and link other account holders to the same Booking.com for Business account.

Online groups: We give account holders the chance to connect and interact with each other through online groups or forums, such as travel communities.

Marketing activities: We use your information for marketing activities. These activities include:

Using your contact information to send you regular news about travel-related products and services. You can unsubscribe from email marketing communications quickly, easily and at any time. All you need to do is click on the ‘Unsubscribe’ link included in each newsletter or other communication.

Based on your information, individualised offers might be shown to you on the Booking.com website, in mobile apps or on third-party websites/apps (including social media sites) and the content of the site displayed to you might be personalised. These could be offers that you can book directly on the Booking.com website, on co-branded sites, or other third-party offers or products we think you might find interesting.

When you participate in other promotional activities (such as sweepstakes, referral programmes or competitions), only relevant information will be used to administer these promotions.

Communicating with you: There might be other times when we get in touch, including by email, by chatbot, by post, by phone or by texting you. Which method we choose depends on the contact information you’ve previously shared.

We process the communications you send to us. There could be a number of reasons for this, including:

Responding to and handling any requests you or your booked Trip Provider have made. Booking.com also offers customers and Trip Providers various ways to exchange information, requests and comments about Trip Providers and existing Trip Reservations via Booking.com. For more information, read the section titled ‘How does Booking.com process communications that you and your Trip Provider send through Booking.com?’.

If you have started but not finished a Trip Reservation online, we might contact you to invite you to continue with your reservation. We believe that this additional service benefits you as it allows you to pick up the process where you left off without having to search for a Trip Provider or fill in your reservation details again.

When you use our services, we might send you a questionnaire or invite you to provide a review about your experience with Booking.com or the Trip Provider.

We also send you other material related to your Trip Reservations, such as how to contact Booking.com if you need assistance while you’re away, and information that we feel might be useful to you in planning or getting the best out of your Trip. We might also send you material related to upcoming Trip Reservations or a summary of previous Trip Reservations you made through Booking.com.

Even if you don’t have an upcoming Trip Reservation, we may still need to send you other administrative messages, which could include security alerts.

In case of misconduct, we may send you a notice and/or warning.

Market research: We sometimes invite our customers to take part in market research. Please see the information that accompanies this kind of invitation to understand what personal data will be collected and how that data is used.

Improving our services: We also use personal data for analytical purposes and product improvement. This is part of our commitment to making our services better and enhancing the user experience.

In this case, we use data for testing and troubleshooting purposes, as well as to generate statistics about our business. The main goal here is to get insights into how our services perform, how they are used, and ultimately to optimise and customise our website and apps, making them easier and more meaningful to use. As much as possible, we strive to use anonymised and de-identified personal data for this analytical work.

Providing the best price applicable to you, depending on where you are based: When you search our apps or website, for example to find an accommodation, a rental car or a flight, we process your IP address to confirm whether you are in the European Economic Area (EEA) or in another country. We do this to offer you the best price for the region (EEA) or country (non-EEA) where you are based.

Customer reviews and other destination-related information: During and after your Trip, we might invite you to submit a review. We can also make it possible for the people you’re travelling with or whom you’ve booked a reservation for to do this instead. This invite asks for information about the Trip Provider or the destination.

If you have a Booking.com account, you can choose to display a screen name next to your review, instead of your real name. If you’d like to set a screen name, you can do that in your account settings. Adding an avatar is also possible.

By completing a review, you’re agreeing that it can be displayed (as described in detail in our Terms and Conditions) on, for example, the relevant Trip Provider information page on our websites, on our mobile apps, on our social media accounts and social media apps, or on the online platform of the relevant Trip Provider or business partner’s website. This is to inform other travellers about the quality of the Trip Service you used, the destination you have chosen or any other experiences you choose to share.

Call monitoring: When you make calls to our customer service team, Booking.com uses an automated telephone number detection system to match your telephone number to your existing reservations. This can help save time for both you and our customer service staff. However, our customer service staff may still ask for authentication, which helps to keep your reservation details confidential.

During calls with our customer service team, live listening might be carried out or calls might be recorded for quality control and training purposes. This includes the usage of the recordings for the handling of complaints, legal claims and for fraud detection.

We do not record all calls. In the case that a call is recorded, each recording is kept for a limited amount of time before being automatically deleted. This is unless we have determined that it’s necessary to keep the recording for fraud investigation or legal purposes. You can read more about this below.

Promotion of a safe and trustworthy service: To create a trustworthy environment for you, the people you bring with you on your Trip, Booking.com’s business partners and our Trip Providers, we continuously analyse and use certain personal data to detect and prevent fraud and other illegal or unwanted activities.

Similarly, we use personal data for risk assessment and security purposes, including when you report a safety concern, or for the authentication of users and reservations. When we do this we may have to stop or put certain Trip Reservations on hold until we’ve finished our assessment.

Legal purposes: Finally, in certain cases, we may need to use your information to handle and resolve legal claims and disputes, for regulatory investigations and compliance, to enforce the Booking.com online reservation service terms of use or to comply with lawful requests from law enforcement.

Providing your personal data to Booking.com is voluntary. However, we may only be able to provide you with certain services if we can collect some personal data. For instance, we can’t process your Trip Reservation if we don’t collect your name and contact details.

If we use automation to process personal data which produces legal effects or similarly significantly affects you, we’ll always implement the necessary measures to safeguard your rights and freedoms. This includes the right to obtain human intervention.

To process your personal data as described above, we rely on the following legal bases:

As applicable, for purpose A and B, Booking.com relies on the legal basis that the processing of personal data is necessary for the performance of a contract, specifically to finalise and administer your Trip Reservation.

If the required personal data is not provided, Booking.com cannot finalise the Trip Reservation, nor can we provide customer service. In view of purposes C to L, Booking.com relies on its (or third parties’) legitimate interest, to provide and improve services and to prevent fraud and other illegal acts (as set out more specifically under C to L).

When using personal data to serve Booking.com’s or a third party’s legitimate interest, Booking.com will always balance your rights and interests in the protection of your personal data against Booking.com’s rights and interests or those of the third party. For purposes M, Booking.com also relies, where applicable, on compliance with legal obligations (such as lawful law enforcement requests).

Finally, where needed under applicable law, Booking.com will obtain your consent prior to processing your personal data, including for email marketing purposes or as otherwise required by law.

If you wish to object to the processing set out under C to L and no opt-out mechanism is available to you directly (for example, in your account settings), please contact us at dataprotectionoffice@booking.com.

How does Booking.com share your data with third parties?

In certain circumstances, we’ll share your personal data with third parties. These third parties include:

The Trip Provider you booked: In order to complete your Trip Reservation, we transfer relevant reservation details to the Trip Provider you have booked. This is one of the most essential things we do for you.

Depending on the Trip Reservation and the Trip Provider, the details we share can include your name, contact and payment details, the names of the people accompanying you and any other information or preferences you specified when you made your Trip Reservation.

In certain cases, we also provide some additional historical information about you to the Trip Provider. This includes whether you’ve already booked with them in the past, the number of completed bookings you’ve made with Booking.com, a confirmation that no misconduct has been reported about you, the percentage of bookings you’ve cancelled in the past or whether you’ve given reviews about past bookings.

If you have a query about your Trip, we may contact the Trip Provider to handle your request. Unless payment is made during the booking process, via the Booking.com website, we will forward your credit card details to the booked Trip Provider for further handling (assuming you’ve provided us with those details).

In cases of Trip Reservation-related claims or disputes, we may provide the Trip Provider with your contact details and other information about the booking process, as needed to resolve the situation. This can include, but might not be limited to, your email address and a copy of your reservation confirmation as proof that a Trip Reservation was made or to confirm reasons for cancellation.

For completeness, Trip Providers will further process your personal data outside of the control of Booking.com. Trip Providers may also ask for additional personal data, for instance to provide additional services, or to comply with local restrictions. If available, please read the Privacy Statement of the Trip Provider to understand how they process your personal data.

Connectivity Providers: Please note that certain Trip Providers may need us to share your personal data with a contracted Connectivity Provider in order to be able to finalise and administer your reservation. Connectivity providers act on behalf of Trip Providers and help them to manage their reservations.

Your local Booking.com office: To support the use of Booking.com services, your details may be shared with subsidiaries of the Booking.com corporate group, including for customer service. To find out more about the Booking.com corporate group, visit About Booking.com.

Third-party service providers: We use service providers from outside of the Booking.com corporate group to support us in providing our services. These include:

Customer support

Market research

Fraud detection and prevention (including anti-fraud screening)

Insurance claims

Payment

We use third parties to process payments, handle chargebacks or provide billing collection services. When a chargeback is requested for your Trip Reservation, either by you or by the holder of the credit card used to make your reservation, we need to share certain reservation details with the payment service provider and the relevant financial institution so they can handle the chargeback. This may also include a copy of your reservation confirmation or the IP address used to make your reservation. We may share information with relevant financial institutions, if we consider it strictly necessary for fraud detection and prevention purposes.

Marketing services

We share personal data with advertising partners, including your email address, as part of marketing Booking.com services via third parties (to ensure that relevant advertisements are shown to the right audience). We use techniques such as hashing to enable the matching of your email address with an existing customer database, so that your email address cannot be used for other purposes. For information on other personalised advertisements and your choices, please read our Cookie Statement.

Advertising partners

We use advertising partners, such as metasearch providers, to allow you to compare our offers with offers from other Online Travel Agencies (OTAs). When you make a reservation on Booking.com after using an advertising partner, we will send the details of the reservation that you made on Booking.com to that partner.

Competent authorities: We disclose personal data to law enforcement to the extent that it is required by law or is strictly necessary for the prevention, detection or prosecution of criminal acts and fraud, or if we are otherwise legally obliged to do so. We may need to further disclose personal data to competent authorities to protect and defend our rights or properties, or the rights and properties of our business partners.

Business partners: We work with many business partners around the world. These business partners distribute and advertise Booking.com services, including the services and products of our Trip Providers.

When you make a reservation on one of our business partners’ websites or apps, certain personal data that you give them, such as your name and email address, your address, payment details and other relevant information, will be forwarded to us to finalise and manage your Trip Reservation.

If customer service is provided by the business partner, Booking.com will share relevant reservation details with them (as and when needed) in order to provide you with appropriate and efficient support.

When you make a reservation through one of our business partners’ websites, the business partners can receive certain parts of your personal data related to the specific reservation and your interactions on these partner websites. This is for their commercial purposes.

When you make a reservation on a business partners’ website, please also take the time to read their privacy notice if you’d like to understand how they process your personal data.

For fraud detection and prevention purposes, we may also exchange information about our users with business partners – but only when strictly necessary

If an insurance claim is made, concerning you and a Trip Provider, we may provide the necessary data (including personal data) to the insurance company for further processing.

Partner Offer: We may present you with a ‘Partner Offer’. When you book a stay marked ‘Partner Offer’, your reservation will be facilitated by a Trip Provider who is separate from the accommodation you’re booking. As part of the reservation process, we’ll need to share some relevant personal data with this business partner.

If you book a Partner Offer, please review the information provided in the booking process or check your reservation confirmation for more information about the Trip Provider and how your personal data will be further processed by them.

The Booking Holdings Inc. corporate group: Read about how we share your personal data with the Booking Holdings Inc. corporate group.

Booking.com is a global business. The data that we collect from you, as described in this Privacy Statement, could be made accessible from, transferred to or stored in countries which may not have the same data protection laws as the country in which you initially provided the information. In such cases, we will protect your data as described in this Privacy Statement.

This may also be applicable if you are in the European Economic Area (EEA). Countries your data may be transferred to may not have laws that provide the same level of protection for your personal data as laws within the EEA. Where this is the case, we will put appropriate safeguards in place to make sure that these transfers comply with European privacy law.

In particular, when your data is transferred to third-party service providers, we establish and implement appropriate contractual, organisational and technical measures with them. This is done by putting in place Standard Contractual Clauses as approved by the European Commission, by examining the countries to which the data may be transferred, and by imposing specific technical and organisational security measures.

In certain specific cases, we transfer your data outside the EEA because it is in your interest or is necessary to conclude or perform the contract we have with you. For instance, when you make a reservation on Booking.com or through a business partner, we might need to transfer your data to a Trip Provider or business partner who is located outside the EEA.

You can ask us to see a copy of our implemented safeguards (where possible) by contacting us at dataprotectionoffice@booking.com.

How is your personal data shared within the Booking Holdings Inc. corporate group?

Booking.com is part of the Booking Holdings Inc. corporate group. More information is available at Bookingholdings.com.

We may receive personal data about you from other companies in the Booking Holdings Inc. corporate group, or share your personal data with them, for the following purposes:

To provide services (including to make, administer and manage reservations or handle payments)

To provide customer service

To detect, prevent and investigate fraudulent, other illegal activities and data breaches

For analytical and product improvement purposes

To provide personalised offers or send you marketing with your consent or as otherwise permitted by applicable law

For hosting, technical support, overall maintenance and maintaining security of such shared data

To ensure compliance with applicable laws

As applicable and unless indicated otherwise, for purposes A to F, Booking.com relies on its legitimate interests to share and receive personal data. For purpose G, Booking.com relies, where applicable, on compliance with legal obligations (such as lawful law enforcement requests).

For example, Booking.com works closely with Rentalcars.com to offer ground transport services to customers. Please read How is your personal data shared and further processed for ground transport services? for more information.

All companies within the Booking Holdings Inc. group of companies may need to exchange personal customer data to ensure all users are protected from fraudulent activities on its online platforms.

How is your personal data shared and further processed for ground transport services?

Booking.com Transport Limited, trading as Rentalcars.com, is a private limited liability company, incorporated under the laws of the United Kingdom with offices at 100 New Bridge Street, London, EC4V 6JA.

Booking.com and Rentalcars.com (both part of the Booking Holdings Inc. group of companies) work together closely to offer you ground transport services via Booking.com websites and apps, such as cars.booking.com or taxi.booking.com.

The ground transportation services offered by Booking.com websites and apps are operated by Rentalcars.com, under the Booking.com brand. This means that when you’re booking or browsing for ground transport services via the app or website, Booking.com and Rentalcars.com are collectively responsible for the collection and use of your personal data.

In addition to the data we process to allow you to search for ground transport services and make your booking, Booking.com and Rentalcars.com can also use your personal data independently. This is in line with the purposes set out in this Privacy Statement and the Rentalcars.com Privacy Notice.

For further information about the relationship between Booking.com and Rentalcars.com, and to exercise your rights regarding your personal data that is collected via the Booking.com websites and apps, please feel free to contact Booking.com at any time. You can do this via the email address under ‘Who is responsible for the processing of personal data via Booking.com and how to contact us?’.

How is your personal data shared and further processed for insurance services?

Booking.com Distribution B.V. is a sister company of Booking.com with registered offices at 597 Herengracht, 1017 CE Amsterdam, The Netherlands. Booking.com and Booking.com Distribution B.V. work closely together to offer customers different insurance products and services for Trip Reservations, for example room cancellation insurance.

The offering of insurance can involve multiple parties, such as intermediaries, underwriters, and other agents. Where Booking.com Distribution B.V. is involved, it will act as the intermediary and authorised agent or appointed representative (depending on the jurisdiction) on behalf of the insurer, by offering insurance products and services to Booking.com customers.

Please review the information provided during the booking process for more information about Booking.com Distribution B.V and the parties who work together with Booking.com to offer you these products and services. The details of the insurer will be visible in the insurance policy and related documentation provided to you.

When offering insurance, Booking.com and Booking.com Distribution B.V. may have to use and share personal data that is relevant to the insurance product. This data relates to you as a potential or actual policyholder, the beneficiaries under a policy, family members, claimants and other parties involved in a claim:

To provide offers, arrange insurance cover and handle insurance claims, some personal data, provided to us during the booking process, (‘General Order Data’) may have to be shared with Booking.com Distribution B.V.. You may also be asked to provide additional information, such as names of family members or other beneficiaries or details about a claim (‘Insurance-Specific Data’).

If you make a claim under an insurance policy, this claim may be directly handled by the insurer. This means that you may be asked to provide personal data in order to submit the claim directly to them. The insurer will inform you accordingly at the point of collection of your information. When your claim is handled by the insurer, Booking.com may receive information about the status of your claim in order to provide you with customer support services.

When Booking.com Distribution B.V. acts as an intermediary for insurance products and services via Booking.com, the two companies are jointly responsible for the collection of Insurance-Specific Data and its transmission from Booking.com to Booking.com Distribution B.V. However, Booking.com Distribution B.V. acts as the sole controller for any processing outside of the Booking.com B.V. systems. Any personal data collected by Booking.com for insurance purposes will be processed as set out in this Privacy Statement.

For further information about the relationship between Booking.com and Booking.com Distribution B.V., and to exercise your rights regarding personal data that is collected via the Booking.com website and apps, please contact us.

How does Booking.com process communications that you and your booked Trip Provider may send via Booking.com?

Booking.com can offer you and Trip Providers various ways to communicate about the Trip Services and existing Trip Reservations, directing the communications via Booking.com. This also allows you and your Trip Provider to contact Booking.com with questions about your Trip Reservation through the website, our apps and the other channels that we make available.

Booking.com accesses communications and may use automated systems to review, scan, and analyse communications for the following reasons:

Security purposes

Fraud prevention

Compliance with legal and regulatory requirements

Investigations of potential misconduct

Product development and improvement

Research

Customer engagement (including to provide you with information and offers that we believe may be of interest to you)

Customer or technical support

We reserve the right to review or block the delivery of communications that we, in our sole discretion, believe might contain malicious content or spam, or pose a risk to you, Trip Providers, Booking.com or others.

All communications sent or received using Booking.com communication tools will be received and stored by Booking.com. Trip Providers and Business partners you’ve booked a Trip Reservation through might also choose to communicate with you directly by email or through other channels that Booking.com does not control.

How does Booking.com make use of mobile devices?

We offer free apps for a range of different mobile devices, as well as versions of our regular website that have been optimised for browsing on a mobile and tablet.

These apps and mobile websites process the personal details you give us in much the same way as our website does. They also allow you to use location services to find Trip Services nearby, if you want to.

With your consent, we may send you push notifications with information about your Trip Reservation. You can also choose to grant us access to your location data or contact details in order to provide services you’ve requested. If you upload pictures to our platform, these pictures may include location information (known as metadata) as well. Please read your mobile device’s instructions to understand how to change your settings and control the sharing of this category of data.

When you choose to use our ‘Voice Assistant’ to search our services or manage your bookings, your speech will be anonymously translated into text by a third-party service provider. You will need to give us access to your device’s microphone to use this feature.

In order to optimise our services and marketing activities, and to make sure we give you a consistent user experience, we use something known as ‘cross-device tracking’. This can be done with or without the use of cookies. For more general information about cookies and other similar technologies, please see our Cookie statement.

With cross-device tracking, Booking.com is able to track user activity across multiple devices. As part of cross-device tracking, we may combine data collected from a particular browser or mobile device with data from another computer or device used by the same customer.

In order to optimise the content of the Booking.com newsletter, we combine searches and reservations made from different computers and devices. You can unsubscribe from the Booking.com newsletter at any time.

Personalised ads shown to you on other websites or in apps, can be offered based on your activities on linked computers and devices. By changing the cookie settings on your device (see our Cookie statement under ‘What are your choices?’), you can change your cross-device tracking settings for advertisement purposes. You should know that logging out of your Booking.com account doesn’t mean that you will no longer receive personalised ads.

How does Booking.com make use of social media?

At Booking.com, we use social media in different ways. We use it to facilitate the use of online reservation services, but also to promote our Trip Providers’ travel-related products and services and to advertise, improve and facilitate our own services.

Note that the use of social media features can result in the exchange of personal data between Booking.com and the social media service provider, as we describe below. You are free not to use any of the social media features available to you.

Sign in with your social media account. We offer you the opportunity to sign in to a Booking.com user account with one of your social media accounts. We do this to reduce the need for you to remember different usernames and passwords for different online services.

After you’ve signed in once, you’ll be able to use your social media account to sign into your Booking.com account. You can decouple your Booking.com user account from your chosen social media account any time you want to.

Integration of social media plugins. We have also integrated social media plugins into the Booking.com website and apps. This means that when you click or tap on one of the buttons (such as Facebook’s ‘Like’ button), certain information is shared with these social media providers.

If you’re logged into your social media account when you click or tap one of these buttons, your social media provider may relate this information to your social media account. Depending on your settings, they might also display these actions on your social media profile, to be seen by others in your network.

Other social media services and features. We may integrate other social media services (like social media messaging) for you to interact with Booking.com or with your contacts about our services.

We may maintain social media accounts and offer apps on several social media sites. Whenever you connect with Booking.com through social media, your social media service provider may allow you to share information with us.

If you choose to share, your social media provider will generally inform you about which information will be shared. For example, when you sign into a Booking.com user account using your social media account, certain information from that account may be shared with Booking.com. This includes your email address, your age and the profile pictures you’ve saved – depending on what you authorise in your social media account.

When you register with a Booking.com social media app or connect to a social media messaging service without a Booking.com user account, the information you choose to share with us may include the basic information available in your social media profile (including your email address, status updates and a list of your contacts).

We’ll use this information to help provide you with the service you requested – for example, to forward a message you want to send to your contacts, or to create a personalised user experience in the app or on our websites. It means that if you want us to, we can tailor our services to suit your needs, connecting you and your friends with the best travel destinations and analysing and improving our travel-related services.

Your social media provider will be able to tell you more about how they use and process your data when you connect to Booking.com through them. This can include combining the personal data they collect when you use Booking.com through them with information they collect when you use other online platforms you have also linked to your social media account.

If you decide to connect using your Facebook or Google account, please review the following links for information about how these parties use data they receive: Facebook and Google.

What security and retention procedures does Booking.com put in place to safeguard your personal data?

We have procedures in place to prevent unauthorised access to, and the misuse of, personal data.

We use appropriate business systems and procedures to protect and safeguard the personal data you give us. We also use security procedures and technical and physical restrictions for accessing and using the personal data on our servers. Only authorised personnel are permitted to access personal data in the course of their work.

We’ll keep your personal data for as long as is necessary to enable you to use our services or to provide our services to you (including maintaining any Booking.com user accounts you may have), to comply with applicable laws, resolve any disputes and otherwise to allow us to conduct our business, including to detect and prevent fraud and/or other illegal activities. All personal data we keep about you as a Booking.com customer is covered by this Privacy Statement.

For added protection, we strongly recommend that you set up two-factor authentication for your Booking.com user account. This adds an extra authentication step, to make sure that anyone who gets hold of your username and password (e.g. through phishing or social engineering) won’t be able to get into your account. You can set this up in the Security section of your account settings.

How does Booking.com treat personal data belonging to children?

Our services aren’t intended for children under 16 years old, and we’ll never collect their data unless it’s provided by (and with the consent of) a parent or guardian. The limited circumstances we might need to collect the personal data of children under 16 years old include: as part of a reservation, the purchase of other travel-related services, or in other exceptional circumstances (such as features addressed to families). Again, this will only be used and collected as provided by a parent or guardian and with their consent.

If we become aware that we’ve processed the information of a child under 16 years old without the valid consent of a parent or guardian, we will delete it.

How can you control the personal data you’ve given to Booking.com?

We want you to be in control of how your personal data is used by us. You can do this in the following ways:

We want you to be in control of how your personal data is used by us. You can do this in the following ways:

You can ask us for a copy of the personal data we hold about you,

You can inform us of any changes to your personal data, or you can ask us to correct any of the personal data we hold about you. As explained below, you can make some of these changes yourself, online, when you have a user account,

In certain situations, you can ask us to erase, block, or restrict the processing of the personal data we hold about you, or object to particular ways in which we are using your personal data,

In certain situations, you can also ask us to send the personal data you have given us to a third party,

Where we are using your personal data on the basis of your consent, you are entitled to withdraw that consent at any time subject to applicable law, and

Where we process your personal data based on legitimate interest or the public interest, you have the right to object to that use of your personal data at any time, subject to applicable law.

We rely on you to make sure that your personal information is complete, accurate and current. Please do let us know about any changes to, or inaccuracies in, your personal information as soon as possible.

If you have a Booking.com user account, you can access a lot of your personal data through our website or apps. You’ll generally find the option to add, update or remove information we have about you in your account settings.

If any of the personal data we have about you isn’t accessible through our website or apps, you can send us a request.

If you want to exercise your right of access or erasure, all you need to do is complete and submit the Data Subject Request for Booking.com Customers form. For any requests relating to this Privacy Statement, to exercise any of your other rights, or if you have a complaint, please contact our Data Protection Officer at dataprotectionoffice@booking.com. You can also contact your local data protection authority.

If you’d like to object to your personal data being processed on the basis of legitimate interest and there’s no way to opt out directly, please contact us at dataprotectionoffice@booking.com.

If you’d like to contact us by post, please address it to the Data Protection Officer and use the following postal address: Herengracht 597, 1017 CE, Amsterdam, the Netherlands.

Who is responsible for the processing of personal data via Booking.com and how to contact us?

Booking.com B.V. controls the processing of personal data, as described in this Privacy Statement, except where explicitly stated otherwise. Booking.com B.V. is a private limited liability company, incorporated under the laws of the Netherlands and has its offices at Herengracht 597, 1017 CE Amsterdam, the Netherlands.

If you have any questions about this Privacy Statement, or about our processing of your personal data, please contact our Data Protection Officer at dataprotectionoffice@booking.com and we’ll get back to you as soon as possible.

For questions about a reservation, please contact our customer service team through the customer service contact page.

Requests from law enforcement should be submitted using the Law Enforcement process.

Country-specific provisions

Depending on the law that applies to you, we may be required to provide some additional information. Please review the list below to find any additional information relevant to your situation.

Brazil

As a customer in Brazil, you have certain rights under the Lei Geral de Proteção de Dados Pessoais (‘LGPD’). These rights include:

The right to confirmation of the existence of processing,

The right to access to your data,

The right to the correction of incomplete, inaccurate or outdated data,

The right to the blocking or deletion of unnecessary personal data,

The right to obtain a copy of personal data,

The right to the deletion of data when processed with consent,

The right to information about public or private entities with which Booking.com shared your data,

And, the right to information on the possibility of not providing consent and the consequences of denial, as well as the right to revoke consent.

In order to exercise any of these rights, please use the webform and/or contact details as set out under ‘How can you control the personal data you’ve given to Booking.com?’.

Booking.com B.V. is located in the European Economic Area (EEA). As a globally operating company, when making use of our services your personal data can be transferred to locations outside of the EEA. When transferring your personal data outside of the EEA, we will apply appropriate safeguards to protect your personal data as required by the LGPD.

Please read the section How does Booking.com treat personal data belonging to children? to learn about how Booking.com processes the personal data of children. As required under the LGPD, Booking.com will at all times consider the child’s best interest when knowingly processing the personal data of anyone under the age of 18 years old.

For California Residents – California Law

This section supplements our Privacy Statement and only applies if you reside in the state of California. Where applicable, it describes how we use and process your personal information (the term used under the law) and explains your particular rights under California law.

Below, we describe the categories of personal information we collect about you:

Identifiers (e.g. your name, account number, email address, IP address)

Financial, medical, or health insurance information (e.g. your bank account number, payment card number or medical information – if provided by you or on your behalf)

Characteristics of protected classifications under California or federal law (e.g. your gender, religion or sexual orientation)

Commercial information (e.g. your purchase information)

Internet or other electronic network activity information (e.g. information about your website or app usage)

Geolocation data (e.g. your physical location)

Visual information (e.g. any photographs you upload on your account)

Inferences (e.g. analytics and preferences)

Professional or employment-related information (e.g. employer and business travel details)

If you would like more information about the categories of sources from which we obtain personal information, the specific types of personal information we collect, or the purposes for which we collect them, please read the sections of our Privacy Statement titled ‘What kind of personal data does Booking.com collect?’ and ‘Why does Booking.com collect and use your personal data?’.

To learn more about the receipt of personal information from and the sharing of personal information with business partners, please read the sections ‘What kind of personal data does Booking.com collect?’ and ‘How does Booking.com share your data with third parties?’

We may share certain pieces of your personal information with third parties, which under California law can be treated as a ‘sale’ of information. This may include information related to Identifiers, Commercial information, Geolocation data, Internet activity, and Inferences, as described above. We may also share your personal information, listed above under A-I for ‘business purposes’, such as to service providers who assist us with securing our services, for payment purposes, customer support services, delivering marketing messages, or advertisements. For more details, including the recipients of your personal information, you can check out the ‘What kind of personal data does Booking.com collect?’ and ‘How does Booking.com share your data with third parties?’ sections of our Privacy Statement.

California law provides you with certain rights, including the right to access specific pieces of personal information, learn about how we process personal information, including disclose or sell personal information, request deletion of personal information, opt out of “sales” and not to be denied goods or services for exercising these rights.

You may exercise your right to opt out of ‘sales’ by clicking on this link and following the instructions: https://www.booking.com/content/ccpa.html

To exercise your right to request access to or the deletion of your personal information under California law, please fill out our Data Subject Request for Booking.com Customers form. To otherwise exercise these or any of your other rights under California law, or to contact us with questions and concerns about this privacy notice and our practices, you can also contact us at dataprotectionoffice@booking.com with the subject line: ‘California Resident Privacy Rights – Request’.

If you are an authorized agent wishing to exercise rights on behalf of a California consumer, please contact us at the email above, attaching a copy of the consumer’s written authorization, designating you as their agent. We may need to verify your identity before completing your rights request by, for example, requesting information about your previous Trip Reservations with us.

Booking.com’s services are not directed at children under the age of 16 years. Therefore, Booking.com does not knowingly sell the personal information of minors under the age of 16 years without appropriate consent, as required under the California Consumer Privacy Act (CCPA).

Booking.com has compiled the following statistics about the receipt and handling of requests identified as being submitted under the CCPA by consumers from California, for the period between 1 January 2020 and 31 December 2020:

Number of ‘requests to know’ that Booking.com received, complied with (wholly or in part) or denied: 27

Number of ‘requests to delete’ that Booking.com received, complied with (wholly or in part) or denied: 136

Number of ‘requests to opt out of sales’ that Booking.com complied with (wholly or in part) or denied: 13,866

Average number of days taken by Booking.com to substantially respond to requests to know, delete or opt out: 8.514

China

Mandatory personal information

To use Booking.com (through our website or through our app) we need to collect certain types of personal information about you for a number of specific purposes. Some of this personal information is collected when you make a Trip Reservation and some of it is collected automatically when you visit Booking.com or use the app.

When you make a Trip Reservation, you are (at minimum) asked for your name and email address. Depending on the Trip Reservation, we may also ask for your home address, telephone number, payment information, date of birth, and the names of the people travelling with you.

We also use functional cookies that automatically collect personal information. These cookies are required for our websites and apps to function and they must be enabled in order for you to use our services. You can find out more about these functional cookies by reviewing the consent management page.

All the information described above, including the information collected through functional cookies, constitutes personal information which we need in order to provide you with our services, for the purposes described in the section titled ‘Why does Booking.com collect and use your personal data?’, specifically under the following paragraphs:

A – Trip reservation, B – Customer service, C – Account facilities, F – Communicating with you, H – Improving our services, I – Providing the best prices for you, K – Call monitoring, L – Promotion of a safe and trustworthy service, M – Legal purposes

We will ask for your consent before collecting mandatory personal information from you. If you don’t grant consent for these necessary data processing activities, you will not be able to access or use our services.

Optional personal information

There are other instances where we collect optional personal information, which isn’t required for us to be able to provide our services. This includes information we collect through analytical and marketing cookies.

We use optional personal information to provide you with our services described under the section ‘Why does Booking.com collect and use your personal data?’, specifically in paragraphs:

D – Online groups,

E – Marketing activities,

G – Market research,

J – Customer reviews

We will ask for your consent before we collect any optional personal information. Even if you don’t consent to the collection of this type of information, you will still be able to access and use our services.

Read more about the personal data we collect.

List of SDKs

When using Booking.com services, you agree to the collection and/or processing of data by the following third party vendors, for the following purposes:

Vendor and  purpose of use and data collected

Appsflyer

Purpose of use: Advertising

Data collected: Device information (may include device model, sensor information), location information

Huawei

Purpose of use: Push notifications

Data collected: BSSID, IMEI, wireless network list, network type, network status, device model, SSID, AAID, mobile phone ID, application ID, application package name, server public network IP address

Android permissions: READ_PHONE_STATE, WRITE_EXTERNAL_STORAGE, ACCESS_NETWORK_STATE, ACCESS_WIFI_STATE

Alipay

Purpose of use: Third-party payments

Data collected: Device model, brand, manufacturer, device MAC address, IMSI, BSSID, wireless network, sensor information, IMEI, Android ID, hardware serial number, SIM card serial number

Android permissions: ACCESS_NETWORK_STATE, ACCESS_WIFI_STATE, READ_PHONE_STATE, READ_EXTERNAL_STORAGE, READ_PHONE_STATE

Google

Purpose of use: Anonymous device tracking

Data collected: Advertising ID (a unique, user-resettable ID for advertising – provided by Google Play services)

Android permissions: AD_ID

Sensitive personal information

‘Sensitive personal information’ is any information that, if leaked or illegally used, could easily lead to the infringement of human dignity or cause harm to an individual or their property. When using Booking.com services, the following sensitive personal information may be collected by Booking.com or a third party vendor:

Information necessary to process your payment (such as your bank account and payment card number, provided by you or in your name),

Information about minors, provided with the authorisation of the parent or guardian (see below for further information),

Location information, in order to show you city guides, to recommend the accommodation and attractions closest to your current location or to give other recommendations.

Please note that, when using our services, the type of accommodation you search for might reveal sensitive information about your sexual orientation. Similarly, the food preferences you indicate when booking a flight might also reveal sensitive information about your religion and health.

We will ask for your consent before we collect sensitive personal information. However, where you voluntarily provide sensitive personal information, we will assume that you have given us consent to process that information within the context it was submitted.

For more information, please read the section of this Privacy Statement titled ‘Why does Booking.com collect and use your personal data?’

Children’s personal information

In China, people under 16 years of age are not permitted to use Booking.com. We only process personal information about children with the consent of their parents or legal guardians, or when the information is shared with us by the parents or legal guardians themselves.

If we become aware that we’ve processed the information of a child under 16 years old without the valid consent of a parent or guardian, we will delete it.

International transfer and recipients of personal information

To be able to provide our services, we will share your personal information with third parties. In many cases, your personal information may be transferred and stored outside of China in order to send the data to these third parties. We will ask for your consent before making such a transfer. The reasons for the transfer, as well as the recipient categories for this personal information, are stated below.

In order to complete your Trip Reservation, we transfer relevant reservation details to the Trip Provider you have booked. This is one of the most essential things we do for you. Depending on the Trip Reservation and the Trip Provider, the personal information we transfer can include your name, contact and payment details, the names of the people accompanying you and any other information or preferences you’ve specified when you made your Trip Reservation. Other recipients include Booking.com B.V., Booking Holdings Inc. corporate group, and our service providers.

In addition, we may transfer your data to third parties for purposes not required to provide our services. In that case, you can indicate whether or not you consent to such uses by managing your consent.

Read more about how data is shared with third parties and how we share your personal data with the Booking Holdings Inc. corporate group.

Automated decision-making

Automated decision-making refers to the activity of using computer programmes to automatically analyse, assess or make decisions on the following: personal behaviours, habits, interests, hobbies, finance-, health-, credit- or other status.

We rely on personal information to make automated decisions, such as providing the best price for you, depending on where you are based. When you search our apps or website, for example to find an accommodation, a rental car or a flight, we process your IP address to confirm whether you are in the European Economic Area (EEA) or in another country. We do this to offer you the best price for the region (EEA) or country (non-EEA). This processing does not result in differential treatment of individuals in China.

Personalised recommendations

To improve your Booking.com experience, we provide personalised recommendation services, which make your search results more relevant to you. These results are ranked, by default, according to what we believe you will find most relevant. We do this based on your past bookings, dates and the length of your stay, the composition of the group you’re travelling with, where you are from and the actions you take during your search.

You can turn off personalised recommendations at any time. This can be done in the following places:

If you are using the app, go to your ‘Profile’, followed by ‘Settings’ and then ‘Personalisation’

If you are on the web, go to ‘Manage account’, followed by ‘Preferences’

If you are not logged in, go to ‘Manage your privacy settings’ on the main page

How to exercise your rights

If you have a Booking.com account, you can find the personal information we store about you in your account settings. This includes your name, email address, phone number, address and payment information. You can exercise your right to access, rectification or erasure, by viewing, changing or deleting this data at any time.

If you want to delete your account, you can also do this by going to account settings on the Booking.com website, clicking into the ‘Security’ section and selecting ‘Delete account’.

In addition to the above, if you’d like to exercise your rights to access your data or for that data to be erased, to unsubscribe from email marketing or to withdraw the consent you have given us to process your personal information, please fill out our form: Data Subject Request for Booking.com customers.

To protect your personal information, we may need to verify your identity before completing your request. We will do this by asking you questions about your previous reservations with us. We will respond to your request within 15 working days, unless another time-frame is required by applicable laws.

To otherwise exercise these or any of your other rights under Personal Information Protection Law (PIPL), or to contact us about this Privacy Statement and our practices, you can email us at privacyrequests@booking.com. Please use the subject line: ‘China PIPL Privacy Rights – Request’.

Russia

This section supplements our Privacy Statement and only applies to customers from the Russian Federation.

This section describes how we use and process your personal data and explains your particular rights under Russian law. In the case of a conflict between the provisions of this section and other provisions of the Privacy Statement, the provisions of this section will apply to the personal data processing of citizens of the Russian Federation.

We may use your information for direct marketing activities if, where needed under applicable law, you provide us with prior consent.

The transfer of personal data, as described in this Privacy Statement, may include overseas transfers of personal data. Overseas transfers of personal data from Russia to jurisdictions which do not provide adequate protection of personal data subjects’ rights may be conducted only in cases provided for by Russian law, in particular:

Receipt of your prior appropriate consent or

For performance of an agreement with you or to provide services to you.

Booking.com relies on different legal bases to process (including transfer) your personal data, namely:

Your consent (including for direct marketing purposes and dissemination of the personal data you make available on our online platforms),

Performance of an agreement with you or to provide services to you.

If the required personal data is not provided, Booking.com cannot provide you with the requested service, including finalising a Trip Reservation or providing customer service.

Booking.com’s and third parties’ rights and legitimate interests (such as to detect and prevent fraud).

When using personal data to serve Booking.com’s or a third party’s legitimate interest, Booking.com will always balance your rights and interests in the protection of your personal data against Booking.com’s rights and interests or those of the third party.

Booking.com’s legal obligations (such as to respond to lawful requests from state authorities).

If you want to object to any processing of your personal data, you can use the available opt-out functions (for example, in your account settings) or contact us as set out above under ‘How can you control the personal data you’ve given to Booking.com?’. We note that, if you withdraw your consent, Booking.com can still be entitled to continue the processing of your personal data if it has another legal basis to do so.

We will stop the processing of your personal data and delete it when:

The purposes of the data processing have been achieved, including if the term of storage of personal data has expired,

You withdraw your consent to personal data processing, unless we have another legal basis to process your personal data,

If you have a complaint about our processing of your personal data, please reach out to us as explained under ‘How can you control the personal data you’ve given to Booking.com?’. You can also reach out to your local data protection authority (Roskomnadzor).

South Korea

This section supplements our Privacy Statement and only applies if you reside in South Korea.

Items of personal information collected

For information about the items of personal information that we collect, please read the section of our Privacy Statement titled ‘What kind of personal data does Booking.com collect?’

Purposes of collection and use of personal information

For information about the purpose and use of the personal information that we collect, please read the section of our Privacy Statement titled ‘Why does Booking.com collect and use your personal data?’

Third party recipients and trustees of personal information

Trustees & Purpose/Entrusted duties

Personal information is used by the Trip Provider to arrange the accommodation you have booked. The information is retained and deleted as stated in this Privacy Statement.

Payment processing trustees

Personal information is shared with third party payment providers who process payments, handle chargebacks or provide billing collection services on our behalf. The information is retained as stated in this Privacy Statement.

Customer support trustees

Personal information is shared with these trustees so that we can provide customer support services to you when you need us.

Market research trustees

Personal information is shared with these trustees to help us to carry out market research.

Security trustees

Personal information is shared with these trustees in order to provide fraud detection and prevention services (including anti-fraud screening).

Advertising trustees

When you make a reservation through Booking.com, after using an advertising partner, we send the details of the reservation to the advertising partner.

Booking Holdings Inc.

Personal information is shared with companies in the Booking Holdings Inc. corporate group for the following purposes:

To provide services (including to make, administer and manage reservations or handle payments),

To provide customer service,

To detect, prevent and investigate data breaches, fraud and other illegal activities

For analytical and product improvement purposes,

To provide personalised offers or send you marketing with your consent or as otherwise permitted by applicable law,

For hosting, technical support, overall maintenance and maintaining security of such shared personal information,

To ensure compliance with applicable laws.

Connectivity Providers

We provide details of your booking to connectivity providers on behalf of Trip Providers.

Destruction of personal information

When destroying personal information, Booking.com takes commercially reasonable and technically feasible measures to make the information irrecoverable or irreproducible.

Electronic documents or files containing personal information are permanently deleted using a technical method that makes recovery or retrieval impossible. Non-electronic documents or files containing personal information are shredded or incinerated.

Personal information is sometimes required to be kept beyond the period of retention and used as prescribed by applicable law. In these cases, this information will be stored or maintained separately from other items of personal information, to the extent technically possible.

Department for protection of personal information

If you have a request related to this Privacy Statement or your data subject rights, please contact our Data Protection Office. This is the department responsible for the protection of personal information and related complaints:

Data Protection Office
+82 2 6323 8008
dataprotectionoffice@booking.com

You may also use any of the addresses below to contact or consult your local authorities about personal-information-related matters:

Privacy Infringement Report Center privacy.kisa.or.kr / 118

Cyber ​​Investigation Division, Supreme Prosecutors’ Office www.spo.go.kr / 1301

National Police Agency Cyber ​​Security Bureau ecrm.police.go.kr

Representative in Korea

Pursuant to the Act on the Promotion of the Use of the Information Network and Information Protection, the information regarding the domestic agent is as follows:

Name and representative: Booking.com Korea Limited (Representative: Su Yeon Kim)

Address, telephone number and e-mail address: 17F Gran Seoul, 33 Jongro, Jongro-Gu, Seoul, South Korea, +82 2 6323 8008, privacy.kr@booking.com.

Turkey

Cookie statement

Whenever you use our online services or apps, we use cookies and other online tracking technologies (which we’ll also refer to as ‘cookies’ for the purpose of this Cookie Statement).

Cookies can be used in various ways, including to make the Booking.com website work, to analyse traffic, or for advertising purposes.

Read on below to learn more about what a ‘cookie’ is, how they’re used and what your choices are.

What are cookies and other online tracking technologies?

How are cookies used?

What are your choices?

What are cookies and online tracking technologies?

A web browser cookie is a small text file that websites place on your computer’s or mobile device’s web browser.

These cookies store information about the content you view and interact with, in order to remember your preferences and settings or analyse how you use online services.

Cookies are divided into ‘first party’ and ‘third party’:

First party cookies are the cookies served by the owner of the domain – in our case that’s Booking.com. Any cookie we place ourselves is a ‘first party cookie’.

Third party cookies are cookies placed on our domains by trusted partners that we’ve chosen to allow to do so. These can be social media partners, advertising partners, security providers and more.

And they can be either ‘session cookies’ or ‘permanent cookies’:

Session cookies only exist until you close your browser, ending what is called your ‘session’. They are then deleted.

Permanent cookies have a range of different lifespans and stay on your device after the browser is closed. On the Booking.com platform, we try to only serve permanent cookies (or allow permanent cookies to be served by third parties) that have a limited lifespan. However, for security reasons, or in other exceptional circumstances, we might sometimes need to give a cookie a longer lifespan.

Web browser cookies may store information such as your IP address or another identifier, your browser type, and information about the content you view and interact with on digital services. By storing this information, web browser cookies can remember your preferences and settings for online services and analyse how you use them.

Alongside cookies, we also use tracking technologies that are very similar. Our website, emails and mobile apps may contain small transparent image files or lines of code that record how you interact with them. These include ‘web beacons’, ‘scripts’, ‘tracking URLs’ or ‘software development kits’ (known as SDKs):

Web beacons have a lot of different names. They might also be known as web bugs, tracking bugs, tags, web tags, page tags, tracking pixels, pixel tags, 1×1 GIFs or clear GIFs.

In short, these beacons are a tiny graphic image of just one pixel that can be delivered to your device as part of a web page request, in an app, an advertisement or an HTML email message.

They can be used to retrieve information from your device, such as your device type or operating system, your IP address, and the time of your visit. They are also used to serve and read cookies in your browser or to trigger the placement of a cookie.

Scripts are small computer programs embedded within our web pages that give those pages a wide variety of extra functionality. Scripts make it possible for the website to function properly. For example, scripts power certain security features and enable basic interactive features on our website.

Scripts can also be used for analytical or advertising purposes. For example, a script can collect information about how you use our website, such as which pages you visit or what you search for.

Tracking URLs are links with a unique identifier in them. These are used to track which website brought you to the Booking.com website or app you’re using. An example would be if you click through from a social media page, search engine or one of our affiliate partners’ websites.

Software Development Kits (SDKs) are part of our apps’ source code and unlike browser cookies, SDK data is stored in the app storage.

They’re used to analyse how the apps are being used or to send personalised push notifications. To do this, they record unique identifiers associated with your device, like device ID and IP address, as well as your in-app activity and your network location.

All these tracking technologies are referred to as ‘cookies’ here in this Cookie Statement.

How are cookies used?

Cookies are used to collect information, including:

IP address

Device ID

Viewed pages

Browser type

Browsing information

Operating system

Internet service provider

Timestamp

Whether you have responded to an advertisement

A referring URL

Features used or activities engaged in on the website/apps

They allow you to be recognised as the same user across the pages of a website, across devices, between websites or when you use our apps. When it comes to purpose, they are divided into three categories – functional cookies, analytical cookies and marketing cookies.

Functional cookies

These are cookies required for our websites and apps to function and they must be enabled in order for you to use our services.

Functional cookies are used to create technologically advanced, user-friendly websites and apps that adapt automatically to your needs and preferences, so you can browse and book easily. This also includes enabling essential security and accessibility features.

More specifically, these cookies:

Enable our website and apps to work properly, so you can create an account, sign in, and manage your bookings.

Remember your selected currency and language settings, your past searches and other preferences to help you use our website and apps efficiently and effectively.

Remember your registration information, so that you don’t have to retype your login credentials each time you visit our website or app. (Don’t worry, passwords will always be encrypted.)

Analytical cookies

These cookies measure and track how our website and apps are used. We use this information to improve our website, apps and services.

More specifically, these cookies:

Help us understand how visitors and customers like you use Booking.com and our apps.

Help improve our website, apps, and communications to make sure we’re interesting and relevant.

Allow us to find out what works and what doesn’t on our website and apps.

Help us understand the effectiveness of advertisements and communications.

Teach us how users interact with our website or apps after they have been shown an online advertisement, including advertisements on third-party websites.

Enable our business partners to learn whether or not their customers make use of any accommodation offers integrated into their websites.

The data we gather through these cookies can include which web pages you have viewed, which referring/exit pages you have entered and left from, which platform type you have used, which emails you have opened and acted upon, and date and time stamp information. It also means we can use details about how you’ve interacted with the site or app, such as the number of clicks you make on a given screen, your mouse movements and scrolling activity, the search words you use and the text you enter into various fields.

Marketing cookies

These cookies are used by Booking.com and our trusted partners to gather information about you over time, across multiple websites, applications, or other platforms.

Marketing cookies help us to decide which products, services and interest-based advertisements to show you, both on and off our website and apps.

More specifically, these cookies:

Categorise you into a certain interest profile, for instance, on the basis of the websites you visit and your click behaviour. We use these profiles to display personalised content (such as travel ideas or specific accommodations) on Booking.com and other websites.

Display personalised and interest-based advertisements both on the Booking.com website, our apps and other websites. This is called ‘retargeting’ and is based on your browsing activities, such as the destinations you’ve been searching for, the accommodation you’ve viewed and the prices you’ve been shown. It can also be based on your shopping habits or other online activities.

Retargeting ads can be shown to you both before and after you leave Booking.com, as their purpose is to encourage you to browse or return to our website. You might see these ads on websites, in apps or in emails.

Integrate social media into our website and apps. This allows you to like or share content or products on social media such as Facebook, Instagram, YouTube, Twitter, Pinterest, Snapchat and LinkedIn.

These ‘like’ and ‘share’ buttons work using pieces of code from the individual social media providers, allowing third party cookies to be placed on your device.

These cookies can be purely functional, but they can also be used to keep track of which websites you visit from their network, to build a profile of your online browsing behaviour and to show you personalised ads. This profile will be partly built using comparable information the providers receive from your visits to other websites in their network.

To read more about what social media providers do with your personal data, take a look at their cookie and/or privacy statements: Facebook (includes Instagram, Messenger and Audience Network), Snapchat, Pinterest and Twitter. Be aware that these statements may be updated from time to time.

We work with trusted third parties to collect data. We may also sometimes share information with these third parties, such as your email address or phone number. These third parties might link your data to other information they collect to create custom audiences or deliver targeted ads. For information on how these third parties process your data, please take a look at the following links: How Google uses information, Facebook’s data policy.

Non-cookie techniques – email pixels

We may also use techniques, such as pixels, which we don’t mark as cookies because they do not store any information on your device.

We sometimes place pixels in emails, such as newsletters. A ‘pixel’ is an electronic file the size of a single pixel, that is placed in the email and loaded when you open it. By using email pixels, we can see if the message was delivered, if and when you read the message and what you click on.

We also receive this information about the push notifications we send you. These statistics provide us with feedback about your reading behaviour, which we use to optimise our messages and make our communication more relevant to you.

What are your choices?

To learn more about cookies and how to manage or delete them, visit allaboutcookies.org or the help section of your browser.

In the settings for browsers like Internet Explorer, Safari, Firefox or Chrome, you can choose which cookies to accept and which to reject. Where you find these settings depends on which browser you use:

Cookie settings in Chrome

Cookie settings in Firefox

Cookie settings in Internet Explorer

Cookie settings in Safari

If you choose to block certain functional cookies, you may not be able to use some features of our services.

In addition to specific settings that we may offer on the Booking.com and apps, you can also opt-out of certain cookies:

Analytics

To prevent Google Analytics from collecting analytical data on certain browser types visit the following link: Google Analytics Opt-out Browser Add-on (only available on desktop).

Advertising

We always aim to work with advertising and marketing companies that are members of the Network Advertising Initiative (NAI) and/or the Interactive Advertising Bureau (IAB).

Members of the NAI and IAB adhere to industry standards and codes of conduct and allow you to opt out of behavioural advertising.

Visit www.networkadvertising.org to identify NAI members that may have placed advertising cookies on your computer. To opt out of any NAI member’s behavioural advertising programme, just check the box that corresponds to that company.

You may also want to visit www.youronlinechoices.com or www.youradchoices.com to learn how to opt out of customised ads.

It’s possible that your mobile device allows you to limit information sharing for retargeting purposes through its settings. If you choose to do so, it’s good to be aware that opting out of an online advertising network doesn’t mean you’ll no longer see or be subject to online advertising or marketing analysis. It just means that the network you’ve opted out from will stop delivering ads that are tailored to your web preferences and browsing patterns.

Some websites have ‘Do Not Track’ features that allow you to tell a website not to track you. We’re currently unable to support ‘Do Not Track’ browser settings.

How to contact us

If you have any questions about this cookie statement, please send an email to dataprotectionoffice@booking.com.

Our cookie statement may also be updated from time to time. If these updates are substantial, particularly relevant to you or impact your data protection rights, we’ll get in touch with you about them. However, we recommend that you visit this page regularly to stay up to date with any other (less substantial or relevant) updates.

For any additional information, please write to:

Cactus Hydra Apartments
Hydra, Greece
info@cactushydra.com