top of page

Privacy Policy

About this privacy notice

This privacy notice is intended for travellers using or considering using our products and services.

 

Your privacy matters to us. You place your trust in us by using our services and we value that trust. That means we’re committed to protecting and safeguarding your personal data.

 

This privacy notice describes how we collect and otherwise process your personal data when you, for example, visit our websites, use our mobile apps or buy a travel-related product or service through us. Amongst other things, it tells you what rights you have in relation to your personal data and how you can contact us.

 

We offer online travel-related services through our own websites and mobile apps as well as via third-party channels such as partners’ websites.

 

This privacy notice applies to any kind of traveller information processes through all of the above services.

 

This privacy notice may be amended from time to time and we recommend that you visit our privacy notice pages occasionally to stay informed. If we make updates to a privacy notice that could impact persons significantly, we will take steps to inform these persons about such changes before they take effect.

Terms we may use in our privacy notices

Throughout its privacy notices, Booking.com uses particular terms that have a specific meaning in the context of these notices and the services Booking.com offers. These specific terms are described here.

Term Meaning

When we refer to “we”, “us” or “our”, we mean group entities and other Booking Holdings Inc. companies as described in the section on Our Company

Platform    Any websites, mobile apps or other technologies that we provide in order to interact with travellers and other parties for travel-related services.

Strategic partner    A company (such as an airline, a bank, another brand or a mobile device manufacturer) with whom we contract and collaborate to expand reservation opportunities. Through these partnerships, travellers can conveniently book their trip at various touch-points beyond our direct channels, websites and mobile apps.

Traveller    Anyone who uses, or is considering using, any of our travel products and services, whether for themselves or for others, through our platform.

Trip    One or more travel products and services a traveller can select to obtain from one or more trip providers via our platform.

Trip provider    The third-party provider of an accommodation (a hotel, motel, apartment, bed & breakfast or other lodging, for example), an attraction (a theme park, museum or sightseeing tour, for example), transportation (for example by air or through ground transportation including private transport, public transport, car rental, railways or coach tour and related transfers) and any other travel or related product (such as insurance) or service as from time to time available on the platform for a trip reservation.

Trip service    The online reservation, order, purchase, and payment services as offered, enabled and supported for trip providers on the platform.

Trip reservation    The online reservation, order, purchase or payment in connection with a trip.

Personal data we collect and process

Personal data you give to us

When you make a trip reservation, you are (at a minimum) asked for your name and email address. Depending on the nature of the trip reservation, we may also need to ask you for your home address, telephone number, payment information, date of birth, current location (in the case of on-demand services), whether you’re travelling for work purposes or not, the names and dates of birth of the people travelling with you and any preferences you might have for your trip (such as dietary or accessibility requirements). For reservations for flights and certain attractions, we may be required to ask you for additional information including your and your co-travellers’ passport or national ID information. This may also be necessary for online check-in.

 

When you contact our customer service team, contact your trip provider through our platform or reach out to us in a different way (such as through social media, for example) we also collect information from you via these channels including metadata such as, for calls, who you are, where you called from and the date and length of the call.

 

When you search using our platform for possible trip reservations, you can select to save specific trip items in a list which we store for you. During or after your trip, we may also invite you to submit reviews that can inform others about the experiences you had on your trip. When you submit reviews on the platform, we collect information you’ve included along with your first name or display name and avatar (if you choose one).

 

If you create a user account on our platform, we also store information you include and manage in that user account. This can include personal settings, credit card information, uploaded photos and your reviews. You can also choose to add to your user account details from one or more of your identification documents so that you don't have to re-enter this information for future trip reservations. The data kept in your user account can help you plan and manage future trip reservations and personalised recommendations.

 

There are other circumstances where you’ll provide us with personal data. For example, if you’re using our platform from your mobile device, you can decide to allow us to use your current location or grant us access to some other details. This helps us to give you the best possible service and experience by, for example, suggesting the nearest restaurants or attractions to your location or making other recommendations.  

Purposes of collecting and processing your personal data

We can only provide you with certain trip services if we can collect and process some personal data about you. For example, we can only process a trip reservation for you with your name and contact details.

First and foremost, we process your personal data to complete and administer your online trip reservation – which is essential to provide this service. This includes sending you communications that relate to your trip reservation, such as confirmations (including, where applicable, providing you with a proof of purchase and/or payment), modifications and reminders. In some cases, this may also include processing your personal data to enable online check-in with the trip provider or processing personal data in relation to possible damage deposits.

 

In addition to your contact details (your email address and telephone number, for example), in order to provide you services, we may also need reservation identifiers and dates to determine the duration of the reservation.

Legal purposes

In certain cases, we may need to reuse your information to:

Handle and resolve legal claims and disputes

Address possible regulatory investigations

Enforce our online reservation Terms of Service

Comply with lawful requests from law enforcement

Comply with laws and regulations that apply

For example, we may be required to process your reservation history, the details of one or more of these reservations and associated payment information.

How we protect personal data

We combine people, processes and technology to protect your personal data and respect your privacy.

 

This includes, amongst other things, that we:

 

Maintain a comprehensive framework of security policies, procedures and protocols

Employ personnel dedicated to cybersecurity and data protection

Keep staff alert to security risks through continual security training and awareness activities

Use up-to-date security technologies such as encryption and data leakage prevention to help guard against unauthorised data disclosure or destruction

Maintain inventories to provide oversight over processes, systems and data assets

Use multiple systems for fraud prevention/detection and continuous system monitoring including for security purposes

Use identity and access management and other logical and physical access restrictions to control that only authorised personnel can access personal data

Maintain and test protocols to respond to reports about possible incidents and data breaches

Verify and enhance our security systems, procedures and protocols on a recurring basis

Impose equivalent measures on third parties we appoint

We use retention practices to keep and, where possible under applicable law, dispose of personal data. Generally, we keep your personal data for as long as is necessary to:

 

Enable you to use our services or to provide our services to you

Prevent and detect online fraud attempts and/or other illegal activities

Comply with legal obligations such as those from accounting and tax laws

Resolve any disputes and legal claims

bottom of page