Privacy Notice September 2023
Talk to an expert
+18446805323
+18446805323
Thumbnail

Privacy Notice

North America Privacy Policy

Our Commitment to Keeping Your Data Safe

Please note this North America Privacy Notice is applicable to United States residents and individuals in Canada only. Please see our Global Privacy Notice if you are not a United States resident or are not in Canada.

TCS & Starquest Expeditions, Inc. (t/a TCS World Travel) is part of the Travelopia group of companies (https://www.travelopia.com/). Here at TCS, we take your privacy very seriously.

We understand the concerns about how data may be stored, sent and used by companies. We are committed to complying with all data protection laws and want you to feel confident in the measures we are taking to uphold your data privacy rights.

This privacy notice explains how we collect and use your personal data. We explain the types of information we collect, how we collect it, what we use it for, and who we may disclose your personal data to. Depending on where you live, we also let you know what rights you have over your information.

Quick links to key topics

Who’s in control?
What personal data might we collect about you?
Children’s personal data
How do we collect your personal data and why?
How and why do we use your personal data?
How do we use your personal data for marketing and advertising purposes?
To whom do we disclose your personal data?
Third-party links
International use of our website or services
What are your personal data rights?
Keeping your personal data secure
How long do we keep your personal data for?
California residents
Information for individuals in Canada
How can I exercise my privacy rights?
How can you contact us?
Changes to this privacy notice and your duty to inform us of changes

Who’s in control?

TCS & Starquest Expeditions, Inc. is the “data controller” or “business,” as those and similar terms are defined under applicable data privacy laws, of all personal data collected and used for the purposes of providing our products or services and for any other purposes set out in this privacy notice. This means that TCS & Starquest Expeditions, Inc. is responsible for keeping your personal data safe; deciding how and why your data is used; and ensuring that your personal data is handled legally.

What personal data might we collect about you?

We do our best to keep the personal data we collect about you to the minimum needed to fulfill the purpose of collection or processing.

The personal data we collect depends upon how you are interacting with us. For example, if you are making a booking with us we are likely to ask for more information than if you’re only requesting a brochure or browsing our website. We may collect, use, store and transfer different kinds of personal data depending on the nature of the product or service you buy from us; the below contains some of the personal data we may ask you to provide:

Details about you: Your first and last name, marital status, title, gender, email address, telephone number, postal address, date of birth, loyalty membership details, your reasons for travel, emergency contact details, clothing size (for merchandise) and qualifications (e.g., if you book a cruising/sailing holiday).

Payment details: Your bank details and payment card details when making a booking with us. Details about payments to and from you and other details of products and services you have purchased from us.

Identification documents: If you are traveling on a route requiring advance passenger information, your passport or identity card details including your passport number, the country in which your passport was issued and the expiry date.

Details about your booking with us: Details such as where you are flying from and to, your booking information (including anyone else on the booking), any onward travel details if relevant, details of experiences or excursions booked through us, baggage requirements, upgrade information, lounge visits, seat preferences, meal or dietary preferences or requirements, details of any special assistance required and any other relevant information so that we can provide you with the entirety of the services you have arranged with us.

Details from your interactions with us: Information about interactions or conversations with us and our staff, including when you make enquiries, comments, complaints or submit feedback to us. This could also include username and password and your interests, marketing preferences, reviews, and survey responses.

Your use of our systems and services: This includes how you use our site, app, physical locations (such as bases, vessels or retail stores), call centers, social media pages, IP addresses, information from cookies and other electronic tracking technologies and information you may post on social media.

Job applications: If you apply for a job with us, your CV, work history, educational details and the role you are applying for.

Special types of data: In some circumstances, we may need to collect personal data from you that is deemed sensitive. For example, we might collect:

Data about your health. Knowing your dietary requirements, medical history, and any medical conditions you have will ensure that the trip is suitable for you, that any necessary adjustments are made, and that we can provide you with appropriate or emergency medical care in the event of an incident, if necessary. 

Information about your personal beliefs. For example, if you specify a meal preference that indicates a particular religion, such as a kosher or halal meal.

We try to limit any sensitive personal data we collect to the minimum possible. Where we are required to do so by applicable law, we will ask for your explicit consent to collect it.

Children’s personal data

We do not knowingly collect or solicit any personal data directly from children under the age of 16. In the event that we learn that we have collected personal data from a child, we will promptly take steps to delete that information. If you are a parent or legal guardian and think your child has given us their personal data, you can contact us via the methods in the [“How can you contact us?”] section below.

How do we collect your personal data and why?

Depending upon your interactions with us, we might collect personal data in the following ways:

Direct interactions:

You may give us your identity, contact and financial data by filling in forms or by corresponding with us by post, phone, email or otherwise. This includes personal data you provided when you:

  • Book or search for a holiday or other service (such as a flight, cruise, hotel lounge access, transportation or special assistance) via one of our websites, any apps we use, physical locations (such as bases, vessels or retail stores), or our call center

  • Fill in part of the booking information on our site but do not complete the booking

  • Request a brochure, sign up to receive email updates, participate in any of our competitions, promotions (e.g. via any social media channels, email or our site), reviews, surveys or market research

  • Create an account on our website and enter information onto online forms

  • Provide us with information about an accident, illness or incident that occurred or some other feedback

  • Apply for a job with us by email or via the site

  • Contact us via our call center, press office, physical locations (such as bases, vessels or retail stores), social media, post, email or instant messenger. Our interactions with you may be recorded and monitored for the purposes of improving customer service, quality assurance, training, security and general business purposes; or attend any of our in-person or virtual events.

Cookies and other automated technologies:

As you interact with our website, we may automatically collect technical data about your equipment, browsing actions and patterns. We collect this personal data by using cookies, server logs, pixels, web beacons and other similar technologies. We process the personal data collected through such technologies to help operate certain features of our website, to enhance your experience through personalization, and to help us better understand the features of the website that you and other users are most interested in.

We use analytics services, including Google Analytics, to assist us with analyzing our website traffic through cookies and similar technologies. To learn more about how Google uses data, visit Google’s page on “How Google uses data when you use our partners’ sites or apps.” You may download the Google Analytics Opt-out Browser Add-on for each web browser you use, but this does not prevent the use of other analytics tools. To learn more about Google Analytics cookies, visit Google Analytics Cookie Usage on Websites.

You can set your browser to refuse all or some browser cookies, or to alert you when websites set or access cookies. If you disable or refuse cookies, please note that some parts of this website may become inaccessible or not function properly. For more information about the cookies we use, please see our [Cookie Policy] for further details.

Third parties or publicly available sources

We may receive personal data about you from various third parties, including (but not limited to) those set out below:

  • Airlines, hotel providers or other parties we work with if you make a complaint to them or otherwise regarding the services provided to you by those third parties
  • Analytics providers
  • Authorities, agencies, regulators or other bodies following an accident or incident; and travel agents and affiliates. 

How and why do we use your personal data?

We have set out below a description of the ways we may process your personal data:

What we use your personal data for:

To manage your booking with us. We will use your personal data to provide you with any products or services that you request or purchase.

To contact you with information about your bookings and support services. We will use your contact details to send you communications that relate to bookings or services that you have requested. The types of information usually included would be: emails responding to enquiries, providing you with tickets, alerting you to changes in itineraries or responding to any complaints you have.

To handle and investigate complaints. We may use your personal data to follow up on and manage complaints. In some instances, we may disclose your personal data to relevant third parties in order to properly investigate.

To enable you to complete a review or survey.

To send you marketing communications. We will use your personal data to contact you in order to keep you up to date with the latest news, offers, events, sales, brochures, promotions and competitions that we consider may be of interest or relevant to you. 

To personalize your customer experience and improve our service. We use your personal data to provide you with a more personalized service. This might include personalizing the communications we send to you with preferences, sending you only with advertising that we think you might like and/or enhancing your holiday experience. We may also record and/or monitor calls.

To ensure security and protect our business interests. In certain circumstances, we use your personal data to ensure the security of our services, buildings, physical locations (such as bases, vessels or retail stores), and people, including to protect against, investigate and deter fraud, unauthorized or illegal activities, systems testing, maintenance and development.

To process your job applications. We will use your personal data to process any job applications that you submit to us, whether directly or via an agent or recruiter (speculatively or in response to any ad).

To optimize our sites and app. If you use our sites or apps, we will use your personal data to ensure that the content from our websites are presented in an effective manner for you and your device, to provide you with access to our site and app in a manner that is effective, convenient and optimal, and to provide you with content that is relevant to you, using site analytics and research and in certain circumstances combining that with other information we know about you. 

To use data analytics to improve our website, products/services, marketing, customer relationships and experiences.

To conduct research. We use your personal data to carry out aggregated and anonymized research about general engagement with our services and systems, or if you choose to participate in customer surveys, consumer focus groups and research.

To comply with our legal obligations. In certain circumstances, we will need to use your personal data to comply with our legal obligations, for example to comply with any court orders or subpoenas.

To protect, realize or grow the value in our business and assets. We may use your personal data in connection with a significant corporate transaction or restructuring, which may include (without limitation) merger, acquisition, asset sale or initial public offering or in the event of insolvency.

Change of purpose

We will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. 

If we need to use your personal data for an unrelated purpose, we will notify you and if required we will obtain your consent to such use.

Please note that we may process your personal data without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law. 

How do we use your personal data for marketing and advertising purposes?

When we will get in touch with you:

One of the other reasons we sometimes collect your personal data is so that we can form a view on what may be of interest to you. With this information, we decide which products, services and offers may be relevant for you and what marketing you may be interested in. 

 We keep you up to date with our latest offers, partnerships, sales, promotions, and competitions (or those of our partners such as other members of the Travelopia group) that we think might be of interest/relevance to you.

When required by applicable law, we will obtain your consent prior to contacting you for these purposes. 

What if I don’t want to receive marketing?

We never want to send our marketing to someone who isn’t interested in receiving this content. If you have decided that you no longer wish to hear from us, you can unsubscribe from marketing by clicking on the “unsubscribe” link included in all of our emails or by [contacting us]. 

To whom do we disclose your personal data?

In order to provide you with the services described above, we may disclose your personal data to third parties such as:

  • Companies within the Travelopia group. We may disclose your personal data to other companies in the Travelopia group, for example and without limitation, to provide, manage and improve our products and services; for day-to-day administrative and operational purposes including delivery of our products and services; to help to personalize your experience; to handle and manage any complaints and enquiries where such services are provided at Travelopia group level; and where appropriate, to make contact and interact with you.
  • Third-party suppliers we work with to provide your booking and our other services to you. We may disclose your personal data to third parties such as, but not limited to, travel agents, booking agents, airlines, hotels, destination management companies, tour operators, event operators, transport companies, excursion providers, airport authorities, insurance companies, car hire companies, ground handling agencies, and cruise companies.
  • Service providers that we work with in connection with our business. We disclose your personal data to third party service providers that we use to provide services in connection with the products, services and experiences we offer to you. This might include marketing agencies and/or companies that run our marketing campaigns, IT developers, service providers and hosting providers, third parties that manage promotions, competitions, reviews or surveys, software companies, site analytics providers, medical service providers, payment service providers and credit card screening companies.
  • Airports, immigration/border control and/or other government authorities. Sometimes we have to provide certain personal data about you to border or immigration authorities of the country you are traveling to. This would usually be the basic information contained in your passport, but the laws of certain countries may require additional information. We will provide this personal data when we are required to do so.
  • Third parties/other Travelopia group companies for marketing. In accordance with applicable law, we may disclose your personal data to third parties or other Travelopia group companies for marketing purposes.
  • Credit references and fraud prevention agencies.
  • Courts or advisors. We may have to disclose your personal data to other third parties (such as legal, accountants or other advisors, regulatory authorities, courts and government agencies) to enable us to enforce our legal rights, or to protect the rights, property or safety of our employees or where such disclosure may be permitted or required by law.
  • Third parties to whom we may choose to sell, transfer, or merge parts of our business or our assets, alternatively, other businesses we may seek to acquire or merge with (and professional advisors acting on our or their behalf). If a change happens to our business, then the new owners may use your personal data in the same way as set out in this privacy notice. In the event of our insolvency we, or any appointed insolvency practitioner, may disclose your personal data to third parties (such as regulators or trade associations) so that they can assess the status of your booking and advise you on the appropriate course of action under any scheme of financial protection.

We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.

This website may include links to third-party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or disclose your personal data. We do not control these third-party websites and are not responsible for their privacy statements. When you leave our website, we encourage you to read the privacy notice of every website you visit. 

International use of our website or services

If you are visiting this website or using our products or services from outside of the United States or Canada, please note that by providing your personal data, it may be transferred to, stored, collected or processed in the United States or Canada. 

What are your personal data rights?

Depending on where you live in the United States or Canada, and subject to certain exceptions, you may have the following rights with respect to your personal data:

  • Access: You may have the right to know what personal data we have collected about you and to access such personal data.

  • Data portability: You may have the right to receive a copy of your personal data in a portable and readily usable format.

  • Deletion: You may have the right to delete your personal data.

  • Correction: You may have the right to correct inaccuracies in your personal data.

  • Opt out of certain processing: You may have the right to opt out of the processing of your information for purposes of (a) targeted advertising, (b) the sale of your personal data, or (c) profiling in furtherance of decisions that produce legal or similarly significant effect concerning you.

If you wish to exercise any of the privacy rights afforded to you in this section, please see the [“How can I exercise my rights”] section below. 

Keeping your personal data secure

We take the security of your personal data very seriously. While no organization can guarantee absolute security, we have reasonable technical and organizational security measures in place to address risk and prevent your personal data from being accidentally or unlawfully lost, used, accessed, altered, or disclosed in an unauthorized way. In addition to these measures, we limit access to your personal data to those employees, agents, contractors, and other third parties on a ‘need-to-know’ basis. 

How long do we keep your personal data for?

We will retain personal data only for as long as necessary to fulfill the purposes described in this privacy notice, unless otherwise required by applicable laws. We consider the following criteria to determine how long we will retain your personal data, including whether: we need your personal data to provide you with the products and services you requested; we continue to have a business relationship with you; you have requested information on our products and services; we have a legal right or obligation to continue to retain your personal data; we have an obligation to a third party that involves your personal data; our retention or recordkeeping policies and obligations dictate that we retain your personal data; we have an interest in providing you with information about other products and services; and we have another business purpose for retaining your personal data.

In some circumstances, we may anonymize your personal data (so that it can no longer be associated with you) for research or statistical purposes in which case we may use this information indefinitely without further notice to you. 

California residents

This section applies to our collection and use of Personal Information if you are a resident of California, as required by the California Consumer Privacy Act of 2018 and its implementing regulations, as amended by the California Privacy Rights Act (collectively, “CCPA”), where “Personal Information” has the definition set forth in the CCPA.

Categories of Personal Information Collected, Used and Disclosed

We have collected the following categories of Personal Information from our customers within the last 12 months. The sources from which we obtain this information and the ways in which we use this information are set forth in above. We will not collect additional categories of Personal Information or use the Personal Information we collected for materially different, unrelated, or incompatible purposes without providing you notice.

Categories of CA Personal Information We CollectCategories of Third Parties to Which We Disclose Personal Information for a Business or Commercial PurposeCategories of Third Parties to Which We May Sell or Share Personal Information
IdentifiersAffiliates, third party suppliers,  and service providersCompanies that operate cookies and other online tracking technologies
Personal information, as defined in the California customer records lawAffiliates, third party suppliers,  and service providersCompanies that operate cookies and other online tracking technologies
Commercial InformationAffiliates, third party suppliers,  and service providersNot sold or shared
Biometric InformationN/AN/A
Characteristics of protected classifications under California or Federal LawAffiliates and service ProvidersNot sold or shared
Internet or other similar network activityAffiliates, third party suppliers,  and service providersCompanies that operate cookies and other online tracking technologies
Geolocation dataAffiliates, third party suppliers,  and service providersCompanies that operate cookies and other online tracking technologies
Audio, electronic, visual, thermal, olfactory, or similar informationAffiliates, third party suppliers,  and service providersNot sold or shared
Inferences drawn from other personal informationAffiliates, third party suppliers,  and service providersCompanies that operate cookies and other online tracking technologies
Professional or employment-related informationAffiliates, third party suppliers,  and service providersNot sold or shared
Non-public education information (per the Family Education Rights and Privacy Act (20 U.S.C. Section 1232g, 34 C.F.R. Part 99)N/AN/A
Sensitive personal informationAffiliates, third party suppliers,  and service providersNot sold or shared

Please see the [“How long do we keep your personal data for?”] section for information related to our data retention practices.

California Privacy Rights

Subject to certain exceptions, you may have the following rights:

Privacy RightDescription
NoticeThe right to be notified of what categories of Personal Information will be collected at or before the point of collection and the purposes for which they will be used and disclosed.
AccessThe right to know what Personal Information we have collected about you, including (a) the categories of Personal Information; (b) the categories of sources from which the Personal Information was collected; (c) the business or commercial purpose for collecting, selling, or sharing Personal Information; (d) the categories of third parties to whom the business discloses Personal Information; and the specific pieces of Personal Information we have collected about you.
Data PortabilityThe right to receive a copy of your Personal Information in a portable and readily usable format.
ErasureThe right to have your Personal Information deleted. 
CorrectionThe right to request that we correct any incorrect Personal Information that we collect or retain about you.
Automated Decision MakingThe right to request information about the logic involved in automated decision-making and a description of the likely outcome of processes, and the right to opt out. We do not currently engage in any automated decision making practices.
To Opt Out of Sales or Sharing of Personal InformationTo the extent we sell or share your Personal Information, you may have the right to opt out of such sale or sharing by clicking the “Do Not Sell or Share My Personal Information” link at the bottom of this Site.
Limit the Use of Sensitive Personal InformationWe do not use or disclose Sensitive Personal Information other than to provide our products and services.

Only you, or an authorized agent that you authorize to act on your behalf, may make a request related to your Personal Information. You may also make a request on behalf of your minor child.

You may only make a request for access or data portability twice within a 12-month period. The request must:

  • Provide sufficient information that allows us to reasonably verify you are the person about whom we collected Personal Information or an authorized representative.

  • Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.

  • For more information see the [“How can I exercise my rights?”] section below.

Other California Rights

Pursuant to California’s Shine the Light statute (Cal. Civ. Code Sec. 1798.83), individual customers who reside in California and who have an existing business relationship with us may request information about our disclosure of certain categories of personal information to third parties for the third parties’ direct marketing purposes, if any. To opt-out of us sharing your information with third parties for such promotional purposes, email us at the email address provided in the [“How can you contact us?”] section of this privacy notice and include “Marketing Opt-Out” in your request.  This request may be made no more than once per calendar year. Please note that, as of the date of this privacy notice, we do not disclose your information with third parties for their marketing purposes.

Information for individuals in Canada

We comply with applicable Canadian data protection laws, including the Personal Information Protection and Electronic Documents Act (PIPEDA).

Your provision of personal data to us means that you agree and consent that we may collect, use and disclose your personal data for the purposes described in this privacy notice. Should you choose not to provide us with required personal data, we may not be able to provide certain services. You acknowledge and consent that we may retain service providers to perform certain services. In the event that a service provider is located in the United States or another jurisdiction, personal data may be processed and stored in that jurisdiction, and that foreign courts or law enforcement or regulatory agencies may be able to obtain disclosure of personal data through the laws of those jurisdictions.

Residents of Canada may access, review, and request correction of their personal data held by us. We will take reasonable steps to verify your identity prior to responding to your requests. The verification steps will vary depending on the sensitivity of the personal data and whether you have an account with us.

We reserve the right not to change personal data if we disagree that it is incorrect, but we will maintain a record of your request. We may not provide access to personal data if an exemption applies, for example, where the information requested would disclose the personal data of another individual or if the information would reveal confidential commercial information.

You have the right to refuse to provide or to withdraw your consent to processing of your personal data at any time. This would not affect processing where the applicable law allows us to process personal data without consent.

We will not collect, use or disclose your personal data for any other purpose than those outlined above, except with your consent. We will respond to your request regarding your personal data as promptly as possible. 

How can I exercise my privacy rights?

You will not be discriminated against in any way by virtue of your exercise of the rights listed in this privacy notice which means we will not deny goods or services to you, provide different prices or rates for goods or services to you, or provide a different level or quality of goods or services to you.

To exercise any of the privacy rights afforded to you under applicable data protection law, please submit a request to us by one of the following methods: Calling us toll free at 888.599.1361 or Emailing us at TCSPrivacy@tcsworldtravel.com 

Verification and Process

We must verify your identity before fulfilling your requests.  If we cannot initially verify your identity, we may request additional information to complete the verification process. We will only use personal data provided in a request to verify the requestor’s identity. If you are an authorized agent making a request on behalf of an individual, we will also need to verify your identity, which may require proof of your written authorization or evidence of a power of attorney.   

We endeavor to respond to requests within the time period required by applicable law. If we require more time, we will inform you of the reason and extension period in writing. 

Whether you have an account with us or not, we will deliver our written response by mail or electronically, at your option.

We do not charge a fee to process or respond to your request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.

We cannot respond to your request or provide you with personal data if we cannot verify your identity and confirm the personal data relates to you. Making a verifiable consumer request does not require you to create an account with us. 

We may deny certain requests, or only fulfill some in part, as permitted or required by law.  For example, if you request to delete personal data, we may retain personal data that we need to retain for legal purposes.

Appeals

If you are not satisfied with the resolution of your request and you are afforded a right to appeal such decision, you can contact us using the information provided below. 

How can you contact us?

If you have any questions about this privacy notice, including any requests to exercise your legal rights, please contact us using the details set out below.

Data Protection
TCS World Travel
3131 Elliott Avenue, Suite 250, Seattle, WA 98121 
To: TCSPrivacy@tcsworldtravel.com
Cc: dataprotection@travelopia.com

Please contact us in the first instance if you have any concerns. If we are unable to resolve your concern, you have the right to make a complaint to the relevant data protection authority where you live.

Changes to this privacy notice and your duty to inform us of changes

We keep our privacy notice under regular review. This version was last updated September 2023.

Please note that we may modify or update this privacy notice from time to time, so please review it periodically. We may provide you with an updated privacy notice if material changes are made. Unless otherwise indicated, any changes to this privacy notice will apply immediately upon posting to our website.  

It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your relationship with us.

Global Privacy Policy

Our Commitment to Keeping Your Data Safe

If you are visiting from the United States or Canada, please see our North America Privacy Notice.

TCS & Starquest Expeditions, Inc. (t/a TCS World Travel) is part of the Travelopia group of companies (https://www.travelopia.com/). Here at TCS World Travel, we take your privacy very seriously.

We understand the concerns about how data may be stored, sent and used by companies. We are committed to complying with all data protection laws and want you to feel confident in the measures we are taking to uphold your data privacy rights.

This privacy notice explains how we collect and use your personal information. We explain the types of information we collect, how we collect it, what we use it for, and who we may share your personal information with. We also let you know what rights you have over your information.

Quick links to key topics

Who’s in control?
What information might we collect about you?
Children’s personal data
How do we collect your information and why?
How and why do we use your personal data?
How do we use your data for marketing and advertising purposes?
Who do we share your personal data with?
When do we send your data internationally?
What are your personal data rights?
Keeping your personal data secure
How long do we keep your personal data for?
How can you contact us?
Changes to this privacy notice and your duty to inform us of changes

Who’s in control?

TCS & Starquest Expeditions, Inc.is the “data controller” of all personal data collected and used for the purposes of providing our products or services and for any other purposes set out in this privacy notice. This means that TCS & Starquest Expeditions, Inc. is responsible for keeping your data safe; deciding how and why your data is used; and ensuring that your data is handled legally.

What information might we collect about you?

We do our best to keep the information we collect about you to the minimum necessary.

The information we collect depends upon how you are interacting with us. For example, if you are making a booking with us we are likely to ask for more information than if you’re only requesting a brochure or browsing our website. We may collect, use, store and transfer different kinds of personal information about you depending on the nature of the product or service you buy from us; the below contains some of the information we may ask you to provide:

Details about you: Your first and last name, marital status, title, gender, e-mail address, telephone number, postal address, date of birth, loyalty membership details, your reasons for travel, emergency contact details, clothing size (for merchandise) and qualifications (e.g. if you book a cruising/sailing holiday).

Payment details: Your bank details and payment card details when making a booking with us. Details about payments to and from you and other details of products and services you have purchased from us.

Identification documents: If you are travelling on a route requiring advance passenger information, your passport or identity card details including your passport number, the country in which your passport was issued and the expiry date.

Details about your booking with us: Details such as where you are flying from and to, your booking information (including anyone else on the booking), any onward travel details if relevant, details of experiences or excursions booked through us, baggage requirements, upgrade information, lounge visits, seat preferences, meal or dietary preferences or requirements, details of any special assistance required and any other relevant information so that we can provide you with the entirety of the services you have arranged with us.

Details from your interactions with us: Information about interactions or conversations with us and our staff, including when you make enquiries, comments, complaints or submit feedback to us. This could also include username and password and your interests, marketing preferences, reviews and survey responses.

Your use of our systems and services: This includes how you use our site, app, physical locations (such as bases, vessels or retail stores), call centres, social media pages, IP addresses, information from cookies and other electronic tracking technologies and information you may post on social media.

Job applications: If you apply for a job with us, your CV, work history, educational details and the role you are applying for.

Special types of data: In some circumstances, we may need to collect information from you that is deemed sensitive. For example, we might collect:

Data about your health. Knowing your dietary requirements, medical history and any medical conditions you have will ensure that the trip is suitable for you, that any necessary adjustments are made, and that we can provide you with appropriate or emergency medical care in the event of an incident, if necessary.

Information about your personal beliefs. For example if you specify a meal preference that indicates a particular religion, such as a kosher or halal meal.

We try to limit any sensitive personal data we collect to the minimum possible. Unless we have another specific lawful reason to use this information, we will ask for your explicit consent to collect it.

Where we need to collect personal data by law, or under the terms of a contract we have with you and you do not provide that data when requested, we may not be able to perform the contract we have or are trying to enter into with you (for example, to provide you with goods or services). In this case, we may have to cancel a product or service you have with us but we will notify you if this is the case at the time.

Children’s personal data

We are committed to protecting the privacy of all individuals, including children and young people. We may collect information about children and young people, as detailed in the ‘What information we might collect about you’ section, to allow us to plan and deliver the products or services they have signed up to or are included in.

If applicable, we collect information about children and young people who are under the age of 18 years either:

  • from the school or organization that is organising a trip and has already obtained the necessary consent from parents or guardians to process their personal data; or

  • from parents or guardians whom we will obtain consent from directly, if applicable.

Where we are aware of a young person completing an online application (applicable to the UK only) we will hold the data until parental/guardian consent is gained. If parental/guardian consent is not given in this context, this data is deleted.

Children have the same personal data rights as an adult. If a child wishes to exercise their personal data rights, in some circumstances such requests can be made by a parent or guardian on their behalf. For more information on these rights and how to exercise them, please refer to the “Your Personal Data Rights” section in this privacy policy.

How do we collect your information and why?

Depending upon your interactions with us, we might collect information in the following ways:

Direct interactions:

You may give us your identity, contact and financial data by filling in forms or by corresponding with us by post, phone, email or otherwise, This includes personal data you provided when you:

  • book or search for a holiday or other service (such as a flight, cruise, hotel lounge access, transportation or special assistance) via one of our websites, any apps we use, physical locations (such as bases, vessels or retail stores), our call centre;

  • fill in part of the booking information on our site but do not complete the booking;

  • request a brochure, sign up to receive email updates, participate in any of our competitions, promotions (for example via any social media channels, email or our site), reviews, surveys or market research;

  • create an account on our website and enter information onto online forms;

  • provide us with information about an accident, illness or incident that occurred or some other feedback;

  • apply for a job with us by email or via the site;

  • contact us via our call centres, press office, physical locations (such as bases, vessels or retail stores), social media, post, email or instant messenger. Our interactions with you may be recorded and monitored for the purposes of improving customer service, quality assurance, training, security and general business purposes; or

  • attend any of our in-person or virtual events.

Automated technologies or interactions

As you interact with our website, we may automatically collect technical data about your equipment, browsing actions and patterns. We collect this personal data by using cookies, server logs, pixels, web beacons and other similar technologies. We process the information collected through such technologies, which may include or be combined with personal data, to help operate certain features of our website, to enhance your experience through personalisation, and to help us better understand the features of the website that you and other users are most interested in.

Cookies

You can set your browser to refuse all or some browser cookies, or to alert you when websites set or access cookies. If you disable or refuse cookies, please note that some parts of this website may become inaccessible or not function properly. For more information about the cookies we use, please see our Cookie Policy for further details.

Third-party links

This website may include links to third-party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy notices. When you leave our website, we encourage you to read the privacy notice of every website you visit.

Third parties or publicly available sources

We may receive personal data about you from various third parties, including (but not limited to) those set out below:

a. airlines, hotel providers or other parties we work with if you make a complaint to them or otherwise regarding the services provided to you by those third parties;
b. analytics providers;
c. authorities, agencies, regulators or other bodies following an accident or incident;
d. business-to-business lead providers i.e. for schools and organisations (where applicable); and
e. travel agents and affiliates.

How and why do we use your personal data?

Under data protection laws we are allowed to use personal information only if we have a proper reason to do so such as:

  • to fulfil a contract we have with you; or

  • when it is our legal duty; or

  • when it is in our legitimate interest (or those of a third party) and your interests and fundamental rights do not override those interested; or

  • when you consent to it.

Generally we do not rely upon consent as a legal basis for processing your personal data other than in relation to sending our own or third party direct marketing communications to you via e-mail or text message. You have the right to withdraw consent to marketing at any time by contacting us.

We have set out below a description of the ways we may process your personal data, and which of the legal bases we rely on to do so. Note that we may process your personal data for more than one lawful ground depending on the specific purpose for which we are using your data.

What we use your personal data forOur reasons
To manage your booking with us. We will use your information to provide you with any products or services that you request or purchase.This entails booking all services provided as part of your booking such as your flights, accommodations, organising tours, transportation and car hire and providing you with your tickets (on the basis of performing our contract with you) and providing you with any special assistance you require (where you give us your consent).
To contact you with information about your bookings and support services. We will use your contact details to send you communications that relate to bookings or services that you have requested. The types of information usually included would be: e-mails responding to enquiries, providing you with tickets, alerting you to changes in itineraries or responding to any complaints you have.We do these things in order to fulfil our contract with you and on the basis of our legitimate business interest of providing you with customer service.
To provide assistance with online bookings. We may collect information when you enter it into forms on our websites but do not complete your booking. We do so in order to offer assistance in case you are experiencing difficulties using our websites.We do this on the basis of our legitimate business interest of providing you with customer service.
To handle and investigate complaints. We may use your information to follow up on and manage complaints. In some instances, we may share information with relevant third parties in order to properly investigate.We do this on the basis of our legitimate business interest to investigate and resolve complaints, continually improve our products, services, and customer service, or where we have a legal obligation to do so.
To enable you to partake in a prize draw, competition or complete a review or survey.We do this to perform our contract with you or for our legitimate interest in carrying out market research to improve our customer experience, products and/or services and promoting products and services with positive customer reviews.
To send you marketing communications. We will use your information to contact you in order to keep you up to date with the latest news, offers, events, sales, brochures, promotions and competitions that we consider may be of interest or relevant to you.We will usually only do this when we have your consent to do so or on the basis of our legitimate interest to provide you with customer service. Please see the Marketing section below for more information.
To personalise your customer experience and improve our service. We use your information to provide you with a more personalised service. This might include personalising the communications we send to you with preferences, sending you only advertising that we think you might like and/or enhancing your holiday experience. We may also record and/or monitor calls.We do this on the basis of our legitimate interests to present you with the right kinds of products and services and improve our customer service.
To ensure security and protect our business interests. In certain circumstances, we use your information to ensure the security of our services, buildings, physical locations (such as bases, vessels or retail stores), and people, including to protect against, investigate and deter fraud, unauthorised or illegal activities, systems testing, maintenance and development.We do this on the basis of our legitimate interests to operate a safe and lawful business or where we have a legal obligation to do so.
To process your job applications. We will use your information to process any job applications that you submit to us, whether directly or via an agent or recruiter (speculatively or in response to any ad).We do this on the basis of our legitimate interest to recruit new employees or contractors.
To optimise our sites and app. If you use our sites or apps, we will use your information to ensure that the content from our websites are presented in an effective manner for you and your device, to provide you with access to our site and app in a manner that is effective, convenient and optimal, and to provide you with content that is relevant to you, using site analytics and research and in certain circumstances combining that with other information we know about you.We do this on the basis of our legitimate interests to operate and present an effective and convenient website to our website users.
To use data analytics to improve our website, products/services, marketing, customer relationships and experiences.We will usually only do this when we have your consent to do so or this is necessary for our legitimate interests to define types of customers for our products and services, to keep our website updated and relevant, to develop our business and to inform our marketing strategy.
To conduct research. We use your information to carry out aggregated and anonymised research about general engagement with our services and systems, or if you choose to participate in customer surveys, consumer focus groups and research.We do this on the basis of our legitimate interests to improve our products, services and customer service.
To comply with our legal obligations. In certain circumstances, we will need to use your information to comply with our legal obligations, for example to comply with any court orders or subpoenas.We do this on the basis of our legitimate interests to comply with a legal obligation.
To protect, realise or grow the value in our business and assets. We may use your information in connection with a significant corporate transaction or restructuring, which may include (without limitation) merger, acquisition, asset sale or initial public offering or in the event of insolvency.Depending on the circumstances: to comply with our legal and regulatory obligations; in other cases, for our legitimate interests, i.e. to protect, realise or grow the value in our business and assets.

Change of purpose

We will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose.

If we need to use your personal data for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.

Please note that we may process your personal data without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.

How do we use your data for marketing and advertising purposes?

When we will get in touch with you

One of the other reasons we sometimes collect your information is so that we can form a view on what we think you may want or need, or what may be of interest to you. With this information, we decide which products, services and offers may be relevant for you and what marketing you may be interested in.

We keep you up to date with our latest offers, partnerships, sales, promotions, and competitions (or those of our partners such as other members of the Travelopia group) that we think might be of interest/relevance to you.

We will only contact you in this way if:

  • you have signed up to receive marketing communications from us or one of the other Travelopia group companies and have not later told us that you don’t want to hear from us;

  • where permitted by law, you have made a booking or you have asked for a quote from us and have not told us that you do not want to hear from us. We will only contact you about similar products and/or services for which you have made a booking with us for or we originally gave you a quote.

What if I don’t want to receive marketing?

We never want to send our marketing to someone who isn’t interested in receiving this content. If you have decided that you no longer wish to hear from us, you can unsubscribe from marketing by clicking on the ‘unsubscribe’ link included in all of our e-mails or by contacting us

Third parties and marketing

We do not share your personal data with any third parties for marketing of their products or services unless you provide express opt-in consent.

Sometimes we may use third parties to send communications to you on our behalf, such as brochures or e-newsletters, however these companies do not have the right to send marketing to you for their own purposes.

The marketing material we send to you we may occasionally also include information about selected business partners who provide services closely related to our own product.

Social media and online platforms

We share personal information with media agencies, social media, search engines and other online platforms to help us target our online marketing. These third parties might link your data to other information they collect to deliver targeted ads to you or create custom audiences that we think would be interested in our online marketing.

Who do we share your personal data with?

In order to provide you with the services and on the lawful grounds described above, we may share your personal data with third parties such as:

  • Companies within the Travelopia group. We may share your information with other companies in the Travelopia group, for example and without limitation, to provide, manage and improve our products and services; for day-to-day administrative and operational purposes including delivery of our products and services; to help to personalise your experience; to handle and manage any complaints and enquiries where such services are provided at Travelopia group level; and where appropriate, to make contact and interact with you.

  • Third party suppliers we work with to provide your booking and our other services to you. We may share your information with third parties such as, but not limited to, travel agents, booking agents, airlines, hotels, destination management companies, tour operators, event operators, transport companies, excursion providers, airport authorities, insurance companies, car hire companies, ground handling agencies, and cruise companies.

  • Other suppliers that we work with in connection with our business. We share your information with third party suppliers that we use to provide services in connection with the products, services and experiences we offer to you. This might include marketing agencies and/or companies that run our marketing campaigns, IT developers, service providers and hosting providers, third parties that manage promotions, competitions, reviews or surveys, software companies, site analytics providers, medical service providers, payment service providers and credit card screening companies.

  • Airports, immigration / border control and/or other government authorities. Sometimes we have to provide ‘Advance Passenger Information’ about you to border or immigration authorities of the country you are travelling to. This would usually be the basic information contained in your passport, but the laws of certain countries may require additional information. We will provide this information when we are required to do so.

  • Third parties/other Travelopia group companies for marketing. We only share your information with third parties or other Travelopia group companies for marketing of their products and services when you provide express opt-in consent to our sharing of your information.

  • Social media and online platforms: We share personal information with social media and online platforms as described in the Marketing section above.

  • Credit references and fraud prevention agencies.

  • Courts or advisors. We may have to share your information with other third parties (such as legal, accountants or other advisors, regulatory authorities, courts and government agencies) to enable us to enforce our legal rights, or to protect the rights, property or safety of our employees or where such disclosure may be permitted or required by law.

  • Third parties to whom we may choose to sell, transfer, or merge parts of our business or our assets, alternatively, other businesses we may seek to acquire or merge with (and professional advisors acting on our or their behalf). If a change happens to our business, then the new owners may use your personal data in the same way as set out in this privacy notice. In the event of our insolvency we, or any appointed insolvency practitioner, may disclose your information to third parties (such as regulators or trade associations) so that they can assess the status of your booking and advise you on the appropriate course of action under any scheme of financial protection.

We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.

When do we send your data internationally?

The personal data that we collect from you may be transferred to, stored and/or processed at an international location where our suppliers and third parties we work with or other companies within the Travelopia group are based.

Where we transfer information to parties internationally, we ensure appropriate safeguards are in place to make sure your personal data remains adequately protected which include, but are not limited to:

  • transferring to countries that have been found to provide an adequate level of protection for processing personal information (for example by the European Commission adequacy decision or UK adequacy regulation), and/or

  • putting in place appropriate contract clauses (for example standard contract clauses approved by the European Commission or the UK Information Commissioner’s Office).

 If you want further information on the specific mechanism used by us when transferring your personal data internationally please contact us.

What are your personal data rights?

We want you to feel reassured that you have control of your personal information. With this in mind, we have explained below the rights you have in relation to the personal information we hold about you:

  • The right to be advised of how we will use your personal information. This is set out in this privacy notice and we do our best to provide you with as much information as we can at the point at which you provide us your data.

  • The right to ask us to correct any information you believe is incorrect.

  • The right to ask us not to use your information for marketing purposes.

  • The right to receive a copy of the personal information we hold about you or to request that we transfer this to another service provider.

  • In certain circumstances, the right to ask us to stop using information about you.

  • In certain circumstances, the right to ask us to limit or cease processing or erase information we hold about you.

  • The right to withdraw consent that you have provided to us to use your personal information.

You can exercise these rights over your data or to tell us that you don’t want to participate in marketing by contacting us, or by checking the applicable boxes on forms where we collect your information. You can also unsubscribe from any marketing circulation lists you are on by scrolling to the bottom of the e-mail and clicking the ‘unsubscribe’ link.

We will comply with your requests unless we have a lawful reason not to do so. We may need you to provide additional details to confirm your identity in order to process your request.

Keeping your personal data secure

We take the security of your personal data very seriously. While no organisation can guarantee absolute security, we have appropriate technical and organisational security measures in place to address risk and prevent your personal data from being accidentally or unlawfully lost, used, accessed, altered, or disclosed in an unauthorised way. In addition to these measures, we limit access to your personal data to those employees, agents, contractors, and other third parties on a ‘need-to-know’ basis.

We have put in place procedures to manage any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.

We continually test our systems and follow recommended industry standards for information security.

How long do we keep your personal data for?

We will only keep your personal data for as long as necessary to fulfil the purpose we collected it for, including for the purpose of satisfying any legal, accounting or reporting requirements in accordance with our data retention policy.

We have a right to keep basic information about bookings and our customers for a minimum of six years for legal claims and tax purposes.

In some circumstances, we may anonymise your personal data (so that it can no longer be associated with you) for research or statistical purposes in which case we may use this information indefinitely without further notice to you.

How can you contact us?

If you have any questions about this privacy notice, including any requests to exercise your legal rights, please contact us using the details set out below.

Data Protection
TCS & Starquest Expeditions, Inc.
3131 Elliott Avenue, Suite 250, Seattle, WA 98121 
To: TCSPrivacy@tcsworldtravel.com
Cc: dataprotection@travelopia.com

Please contact us in the first instance if you have any concerns. If we are unable to resolve your concern, you have the right to make a complaint to the relevant data protection authority where you live.

Changes to this privacy notice and your duty to inform us of changes

We keep our privacy notice under regular review. This version was last updated September 2023.

It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your relationship with us.

Back to Top
Contact Us
Ask a Question