Privacy Policy – Fly to the East

Cypher Travel Software Ltd (Flytotheeast.com)

Our Privacy Policy

This privacy policy sets out details of how we, at Cypher Travel Software Ltd (Flytotheeast.com) protect the privacy of your personal information in accordance with the UK Data Protection Act 1998, other data privacy regulations and the General Data Protection Regulation (GDPR (EU) 2016/679).

FlytotheEast.com is a online travel agent in the West Midlands (UK). We need to collect, use and disclose personal information to perform our business functions and activities, including making and managing travel bookings on behalf of our customers. We are firmly committed to protecting the privacy and confidentiality of personal information and to maintaining various physical, electronic and procedural safeguards to protect personal information in our care.

Cypher Travel Software Ltd will be a “data controller” for the purposes of the General Data Protection Regulation 2016/679 (“GDPR”) for any personal information you provide to us in connection with our relationship.

By providing personal information to us, you agree that this Privacy Notice will apply to how we handle your personal information and you consent to us collecting, using and disclosing your personal information as detailed in this Notice. If you disagree with any part of this Notice, or any of our general terms and conditions you must not provide your personal information to us. If you do not provide us with your personal information, or if you withdraw a consent that you have given under this Notice, this may affect our ability to provide services to you or negatively impact the services we can provide to you.

What personal information do we collect from you?

What constitutes ‘’Personal information’’ has been explained under your local data protection law, and, where the GDPR applies, the meaning of personal data given under the GDPR which is much broader than what is explained as per DPA. Personal information generally means information which relates to a living individual who can be identified from that information, or from that information and other information in a person’s possession, including any expression of opinion, whether true or not, and whether recorded in material form or not, about an identified or reasonably identifiable individual, and any indication of intention in respect of an individual.

Typically, the type of personal information we collect about you is the information that is mandatory to enable your travel reservations and to arrange travel related services and/or products on your behalf.

We generally collect and process the following personal information about you:

Personal and contact details such as ; Your full name, address of residence and work place, telephone number, email address,

Payment account information (credit/debit card details, including card type, card number, security number, card registered address and expiry date);

Passport details and/or passport copy for visa related services

loyalty program / frequent flyer details;

information about your dietary requirements and health issues (if any); and

other details relevant to your travel arrangements or required by the relevant travel service provider(s) (e.g. airlines and accommodation or tour providers).

Information provided by filling forms or required fields on our website – e.g. email address, where you heard about us, your marketing preferences and your travel preferences. This information will be used to keep you up to date with all our latest offers and services

Call recordings – calls may be recorded for the purposes of quality control and staff training

Social media – by interacting with the social media features conducted by us you will be bound by the privacy policies of the respective social media companies

IP address and cookies – When you access our website our servers may record data regarding your device, time zone setting and the network you are using to connect with us, including your IP address. The internet pages of Cypher Travel Software Ltd/Flytotheeast.com use cookies, text files that are stored in a computer system via an internet browser, in order to provide users of this website with a more user-friendly experience. In addition to the first party cookies, we may use anonymised third-party web analytics services on our websites and mobile apps, such as Google analytics. The analytics providers that administer these services use technologies such as cookies, to help us analyse how visitors use our websites and apps.

When you contact us for enquiries or other purposes, we may also collect personal information about you in relation to those purposes. For example, we may need to collect your personal information and save your contact details so we can contact you further about price updates on your enquiry or about a competition you have entered (e.g. if you win) or to respond to an enquiry or feedback you have sent to us. We also collect information that is required for use in the business activities of Cypher Travel Software Ltd and our related entities, including for example, financial details necessary in order to process various transactions, video surveillance footage used for security purposes, and other relevant personal information you may choose to provide to us.

In some situations such as issuing tickets to specific countries or processing visas on behalf of you, or as required by accommodation providers or tour operators in specific destinations, , we may need to collect personal data from you which may be regarded as sensitive information under your local data protection laws. These may include but not limited to your racial or ethnic origin, religious beliefs or affiliations, sexual preferences or practices, criminal records or charges of an offence, membership of political, professional or trade associations, biometric and genetic information, passwords and financial information and health information including special requirements and (in the USA) any personal information relating to a child under the age of 13. Sensitive information will only be collected in agreement with your local data protection laws, with your precise consent and where it is absolutely needed for, or directly related to, one or more of our functions (e.g. to make travel arrangements/book accommodations or arrange tours), unless we are otherwise required or authorised to do so by law. We will not use sensitive information for purposes other than those for which it was collected, unless we subsequently receive your consent to use it for another purpose.

How do we collect personal information?

We will only collect personal information in accordance with your local data protection laws. We usually collect your personal information from directly the information you submit during your relationship with us.

Generally, this collection will occur:

when you contact us either in person, by chat, telephone, letter, email;

when you visit any of our websites; or

when you connect with us via social media.

When you register for promotions, subscribe or request for marketing or promotional material (eg; newsletters/brochures etc) or enter competitions

when you purchase or make enquiries about travel arrangements or other products and services;

Unless you choose to do so under a pseudonym or anonymously, we may collect your personal information (other than sensitive information) when you complete surveys or provide us with feedback or add reviews.

In some circumstances, it may be necessary for us to collect personal information about you from a third party. This includes when a person makes a travel booking on your behalf which includes travel arrangements to be used by you (e.g. a family or group booking or a travel booking made for you by your employer). Where this occurs, we will rely on the authority of the person making the travel booking to act on behalf of any other traveller on the booking and that this person agree you have obtained the consent of the other person for us to collect, use and disclose the other person’s personal information in accordance with this Notice.

If you become aware that your personal information has been provided to us by another person without your consent or if you did not obtain consent before providing another person’s personal information to us, you should let us know immediately.

What do we use your personal data for and what is the lawful basis for doing so?

We use your personal data;

4.1 To perform our duties as a online travel agent, as without this information we will be unable to complete your travel arrangement or related services.

4.2 Personal and contact details are used for the purposes of completing the travel bookings you make on our site. Similarly, payment information, passport numbers, date of birth, frequent flyer numbers and dietary requirements.

4.3 For direct marketing communications to help us to offer you relevant products and services, including deciding whether or not to offer you certain products and service.

4.4 Your data may also be used for other reasons, such as: to provide you with travel confirmation and updates or changes on your itinerary, to manage your booking and to allow us to contact you for customer service.

4.5 We may use your personal information to send you targeted marketing activities; about special offers and promotions, new products or competitions. These may include emails, text messages and data messages. If you do not wish to receive such information, you may ask us in writing not to receive it.

4.6 In specific situations, we may collect and process your data with your consensus. For example, when you tick a box to receive email newsletters, or text messages, your personal information may be used, with your explicit consent, to send you relevant promotional fares.

With whom do we share your personal data?

We may share your information with the following entities:

a. Primary suppliers: airlines, hotels, tour operators, transfer providers, cruise lines, car rental and activity providers who fulfil your travel related services

b. An individual making a third-party reservation, on your behalf

c. Third parties who provide services on our behalf, including credit card processing, business analytics and fraud prevention

d. As required or authorised by applicable law, and to comply with our legal obligations customs and immigration to comply with our legal obligations and any applicable customs/immigration requirements relating to your travel; government agencies and public authorities to comply with a valid and authorised request, including a court order or other valid legal process; various regulatory bodies and law enforcement officials and agencies, including to protect against fraud and for related security purposes; and enforcement agencies where we suspect that unlawful activity has been or may be engaged in and the personal information is a necessary part of our investigation or reporting of the matter.

e. a person who can verify to us that they have a relationship with you (e.g. a family member) where you are not contactable, the person correctly answers our required security questions and the request is, in our opinion, in your interest (for example, where the person is concerned for your welfare or needs to undertake action on your behalf due to unforeseen circumstances);

Cypher Travel Software Ltd deals with travel or tour operators outside the EEA. Your personal information may be disclosed to our overseas related entities in order for us to complete your travel booking and/or to enable the performance of administrative, advisory and technical services, including the storage and processing of such information. We will ensure that any such international transfers are either necessary for the performance of a contract between you and the overseas recipient or are made subject to appropriate or suitable safeguards as required by your local data protection laws.

Other than the above, we will not disclose your personal information without your consent unless we reasonably believe that disclosure is necessary to lessen or prevent a threat to life, health or safety of an individual or to public health or safety or for certain action to be undertaken by an enforcement body (e.g. prevention, detection, investigation, prosecution or punishment of criminal offences), or where such disclosure is authorised or required by law (including applicable privacy / data protection laws).

For how long do we keep your personal data on file?

a. Personal data is retained as long as is necessary, for the purpose that it was originally obtained

b. To protect us against any contractual claims, generally for a period of 6 years

c. Records are kept in line with legal and regulatory requirements / guidance

Your rights regarding the personal information we process

a. Confirm with us that we are processing your data

b. Request access to the personal data we hold

c. Have data amended if it is inaccurate or incomplete

d. Request that we delete your personal data which were given to us under your consent previously, if there is no compelling reason for its continued processing. However please note that, if you request that we restrict or stop using personal information we hold on you, or withdraw a consent you have previously given to the processing of such information, this may affect our ability to provide services to you or negatively impact the services we can provide to you. For example, most travel bookings must be made under the traveller’s full name and must include contact details and appropriate identification (e.g. passport details). We cannot make bookings for you without that information.

e. Request that we remove your consent

You can send us requests regarding your personal data by emailing us at the address set out in section 9 below. We will then advise you of the timeframe within which you will receive your information. Please note we reserve the right to extend the time frame to respond you if any complex requests.

f. At any time you hold the right to tell us not to send you marketing communications by email or text by clicking on the unsubscribe link within the marketing emails you receive from us or by contacting us as indicated below in section 9 – How to reach us.

In any of the situations listed above, we may request that you prove your identity by providing us with a copy of a valid means of identification in order for us to comply with our security obligations and to prevent unauthorised disclosure of personal information.

We reserve the right to charge you a reasonable administrative fee for any manifestly unfounded or excessive requests concerning your access to your personal information, and for any additional copies of the personal information you request from us.

If you wish to exercise any of the above rights, please contact us on [email protected] providing details of your request.

If you are dissatisfied with our data processing activities, you have the right to complain to the Information Commissioners Office (ICO) https://ico.org.uk/concerns/

Visiting our website from outside the United Kingdom

In case you visit/browse our website from outside the United Kingdom, please note that your data may be transferred to/stored in/and processed in the UK. The preservation/protection of the data/information and other laws of the United Kingdom and other countries that your data may be transmitted to may not be as all-inclusive as those in your country, but be assured that we take all the necessary steps to guarantee that your privacy is maintained and protected. By using our features/services, you authorize and fully understand that your information could be transmitted to our facilities and other third parties with whom we share it as described in this Policy.

How to Reach Us

If you have any question about this Privacy Policy (or travel planning and product purchase), kindly contact us at:

Branch – 17, Bourton Road, Solihull, B92 8AY

Email:- [email protected]

Call:- (44) 02086729111

Changes to this Privacy Policy

We may update this Privacy Policy in the future. We will notify you about the material changes to this Privacy Policy by mailing you a notice to the email address you provide to us, or by inserting a notice on our website.