Data Protection Policy | Friendz Travel UK

Last updated: 03-11-2025

Friendztravel UK Limited (operating as Friendztravel.co.uk) takes your privacy and the security of your personal data extremely seriously. This Data Protection Policy outlines how we collect, use, store, and protect your personal information, confirming our compliance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

This policy is designed to be clear, transparent, and easy to understand, ensuring you are fully informed about your privacy rights and our obligations.

1. Important Information and Contact Details

Our Commitment to Privacy

This Policy details our methods for handling your personal data when you use our website, make a booking, subscribe to our marketing, or contact us.

We are committed to processing your data lawfully, fairly, and in a transparent manner.

Controller Details

For the purpose of the UK GDPR, Friendztravel UK Limited is the Data Controller (referred to as "we," "us," or "our"). This means we are responsible for deciding how and why your personal data is processed.

Our Operating Name: Friendztravel.co.uk
Contact for Data Protection Queries:

Email:support@friendztravel.co.uk
Telephone: 0203 893 8768

Supervisory Authority

You have the right to lodge a complaint with the UK's supervisory authority for data protection issues: the Information Commissioner’s Office (ICO).

ICO Website: www.ico.org.uk

We would appreciate the opportunity to resolve your concerns directly before you approach the ICO.

Policy Changes

We may update this Policy periodically to reflect changes in our data practices or legal requirements. We encourage you to review it regularly. It is vital that the personal data we hold about you is accurate and current. Please inform us if your personal details change during your relationship with us.

Third-Party Links

Our website may contain links to third-party websites, plug-ins, or applications. We do not control these third-party sites and are not responsible for their privacy practices. We advise you to read the Privacy Policy of every website you visit after leaving ours.

2. The Data We Collect About You

Personal data is any information that can be used to identify an individual. It does not include data where the identity has been removed (anonymous data).

We may collect, use, store, and transfer various categories of personal data, which we have grouped as follows:

Data Category	Examples of Data Included
Identity Data	First name, last name, title, date of birth, gender, marital status, and passport details (number and copy, if required for travel).
Contact Data	Billing address, delivery address, email address, and telephone number.
Financial Data	Payment card and bank account details required to process bookings. Note: We do not store or directly access full payment card details; these are processed securely by our trusted payment partner.
Transaction Data	Details about payments, booking history, and services/products purchased from us.
Technical Data	IP address, browser type and version, operating system, time zone setting, and other technology used to access our site.
Profile Data	Your username, password, preferences, feedback, and communication history.
Usage Data	Information about how you use our website, products, and services (e.g., pages visited, actions taken).
Marketing & Communications Data	Your preferences regarding marketing from us and our third parties, and your communication preferences.

Special Categories of Personal Data

To finalise your travel arrangements, we may need to collect limited sensitive information, which falls under 'Special Categories' of personal data:

Health Data: Information related to mobility needs, medical assistance (e.g., wheelchair), or specific dietary requirements relevant to your travel.
In specific instances, such as travel during late pregnancy, medical clearance may be required.

We do not collect data concerning your race, ethnicity, religious beliefs, political opinions, or sexual orientation.

Children's Data

Our services are aimed at customers aged 16 and over. We do not knowingly collect personal information from children other than what is legitimately required to fulfil a travel booking made by an adult (e.g., a child's name and date of birth for a flight reservation).

If You Cannot Provide Personal Data

If we are required by law or under the terms of a contract (e.g., to process your booking) to collect personal data and you fail to provide it when requested, we may not be able to fulfil your reservation or provide our services. We will notify you if this results in a cancellation.

3. How and Why We Use Your Personal Data (Lawful Basis)

We will only use your personal data when the law allows us to. We rely on the following lawful bases for processing your data under the UK GDPR:

Contractual Necessity

This is necessary for the performance of the contract we are about to enter into or have entered into with you, specifically to:

Process Your Bookings and Deliver Our Services: Using Identity, Contact, Financial, Transaction, and Special Categories Data to make and manage your reservations, send confirmations, and liaise with travel partners (airlines, hotels, etc.).

Legitimate Interests

This is where processing is necessary for our business interests (or those of a third party) and your fundamental rights do not override those interests, specifically to:

Manage Your Account and Customer Relationship: Using your data to set up/manage your account, respond to queries, provide after-sales service, and ensure service consistency.
Improve and Personalise Your Experience: Analysing Usage, Profile, and Technical Data to understand website usage, improve functionality, and provide tailored recommendations and offers.
Improve Our Website and Services: Using Technical and Analytics Data to measure performance, debug issues, and develop new features.
For Legal, Regulatory, and Security Purposes: Processing data to prevent fraud, adhere to legal/tax standards, and assist with investigations.

Legal Obligation

This is necessary for us to comply with a legal or regulatory obligation, specifically to:

Comply with Legal, Tax, and Accounting Requirements.

Consent

This is where you have given us clear consent for a specific processing purpose, specifically for:

Marketing and Promotional Communications: Sending you special offers, travel updates, and newsletters. You can withdraw your consent at any time via the 'unsubscribe' link in our emails or by contacting us directly.

4. Disclosure and International Transfers of Your Data

Sharing Your Data

We respect your privacy and do not sell or rent your personal data to any third parties. We only share your data when necessary to provide the service you have requested, as required by law, or to enhance your experience.

We may share your data with the following recipients:

Travel Partners and Service Providers: Airlines, hotels, car rental firms, and other suppliers who fulfil the services included in your booking.
Third-Party Vendors and Technical Support: Trusted partners for payment processing, IT services, data storage, customer support, and marketing assistance. These partners are required to adhere to strict confidentiality and data protection contracts.
Professional Advisors: Legal consultants, auditors, and insurers, where necessary to protect our business or resolve a dispute.
Regulatory Authorities and Legal Compliance: Government agencies or law enforcement where legally required.
Business Transfers: If we merge or restructure, your data may be transferred to the new entity, subject to continued protection under this Policy.

International Data Transfers

Many of our travel partners and service providers are based outside the UK and the European Economic Area (EEA). This means your personal data may be transferred or accessed in countries outside these areas.

When transferring your data internationally, we ensure a high standard of protection, compliant with the UK GDPR. We implement safeguards which may include:

Adequacy Decisions: Transferring data to countries formally recognised by the UK as offering an adequate level of data protection.
Standard Contractual Clauses (SCCs): Implementing legally binding agreements approved by the ICO for transfers to countries without an adequacy decision.
Transfer Necessity: Transferring data based on the necessity to perform our contract with you (e.g., providing your booking details to a non-UK airline).

5. Data Security and Retention

Data Security

We have implemented strong technical, organisational, and administrative security measures to prevent your personal data from being accidentally lost, used, accessed, disclosed, or altered in an unauthorised way.

Access to your personal data is restricted to employees, agents, contractors, and trusted third-party partners who have a clear business need to know. All such parties are subject to a duty of confidentiality and must process your data only on our instructions and in line with relevant data protection laws.

We have procedures to deal with any suspected data breach and will notify you and the appropriate regulator where legally required.

Data Retention

We retain your personal data only for as long as necessary to fulfil the purposes for which we collected it, including for satisfying any legal, accounting, or reporting requirements.

To comply with UK tax and record-keeping laws, we must retain certain basic personal and transactional information for six (6) years after you cease to be a customer.
If you have not booked or engaged with us for an extended period (e.g., 6 years), your data will be securely deleted or anonymised.

In some circumstances, you may request the deletion of your data (see Your Rights below). We may retain anonymised data for statistical or research purposes indefinitely.

6. Your Legal Rights

The UK GDPR grants you a number of rights over your personal data. You can exercise these rights at any time by contacting us at support@friendztravel.co.uk.

Your Right	Description
Right to Access	The right to request a copy of the personal data we hold about you (Data Subject Access Request).
Right to Rectification	The right to have any inaccurate or incomplete personal data we hold about you corrected or updated.
Right to Erasure	The right to ask us to delete your personal data from our files (often called the "right to be forgotten"). This right is not absolute and may be subject to legal or regulatory retention requirements.
Right to Object to Processing	The right to object to us processing your data where we are relying on a legitimate interest, or for direct marketing purposes.
Right to Restriction of Processing	The right to request that we temporarily suspend the processing of your personal data, for example, while we verify its accuracy.
Right to Data Portability	The right to request that we transfer your personal data to you or another party in a structured, commonly used, machine-readable format.
Right to Withdraw Consent	The right to withdraw consent at any time where we are relying on consent to process your personal data. This will not affect the lawfulness of any processing carried out before you withdraw your consent.

To protect your privacy, we may need to request specific information from you to confirm your identity before processing any rights request. We aim to respond to all legitimate requests within one month.

7. Glossary of Key Data Protection Terms

Term	Definition under UK GDPR
Controller	The natural or legal person, public authority, agency, or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data. (This is Friendztravel UK Limited).
Processor	A natural or legal person, public authority, agency, or other body which processes personal data on behalf of the Controller (e.g., a cloud storage provider).
Personal Data	Any information relating to an identified or identifiable natural person ('data subject'). An identifiable natural person is one who can be identified, directly or indirectly.
Special Categories of Personal Data	Personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, and the processing of genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person's sex life or sexual orientation.
Processing	Any operation or set of operations which is performed on personal data or on sets of personal data, such as collection, recording, organisation, structuring, storage, adaptation, retrieval, use, disclosure, dissemination, restriction, erasure, or destruction.
Lawful Basis	The legal justification required under the UK GDPR for any processing of personal data to be legitimate. The main bases we use are Contractual Necessity, Legitimate Interests, Legal Obligation, and Consent.
UK GDPR	The UK General Data Protection Regulation, which is the data protection law in the UK that governs how organisations must handle personal data.
ICO	The Information Commissioner’s Office, the independent body set up in the UK to uphold information rights in the public interest.
Data Subject	The identified or identifiable natural person to whom the personal data relates (This is you, the customer).
Legitimate Interest	The balance of the needs of our business against the individual’s fundamental rights and freedoms. We must ensure your interests do not override our need to process the data.

Friendztravel.co.uk is represented by Friendztravel UK Limited which is registered in 5 Phoenix House, Phoenix Business Centre, Rosslyn Crescent, Harrow, London, Middlesex, United Kingdom, HA1 2SP

"Some of the flights and flight-inclusive holidays on this website are financially protected by the ATOL scheme. But ATOL protection does not apply to all holiday and travel services listed on this website. Please ask us to confirm what protection may apply to your booking. If you do not receive an ATOL Certificate then the booking will not be ATOL protected. If you do receive an ATOL Certificate but all the parts of your trip are not listed on it, those parts will not be ATOL protected. Please see our booking conditions for information, or for more information about financial protection and the ATOL Certificate go to: www.atol.org.uk/ATOLCertificate."

Disclaimer : The rates, offers, and promotions featured on our website are subject to change and may not always be accurate. There could be occasional errors related to destinations, fares, or deals listed. Friendztravel is not responsible for any inaccuracies or mistakes concerning any third-party travel products and services presented on our site, which include flights, hotels, cruises, vacation packages, and car rentals.

Friendztravel.co.uk is an independent travel portal with no third party association. By using friendztravel.co.uk, you agree that friendztravel is not accountable for any loss - direct or indirect, arising of offers, materials or links to other sites found on this website. In case of queries, reach us directly at our Contact Number 0203 893 8768 or, simply email at support@friendztravel.co.uk

Fare and Discount Terms for International Travel : The round-trip fares inclusive of all fuel surcharges, our service fees and taxes that are displayed here are subject to change during the booking, and we do not take any responsibility for the varying fares, as these fares are based on historic data and cannot be guaranteed until ticketed. For best fares, book 21 days prior to departure.

Disclaimer On Machine Translation : This content has been translated via Google Translate and follows every precise parameter in translation. However, you cannot completely rely on a machine for language translation. We provide translation for your convenience, but we do not guarantee complete accuracy and dependability of the translation. Language translators are limited to mere language and are not able to translate other content like pictures, movies, flash, etc.

Call US & Get Unpublished Flight Deals

0203 893 8768

Our site uses cookies so we can provide you with the best possible web experience. Click here to learn more about how we use cookies.

Accept & Continue

1. Important Information and Contact Details

2. The Data We Collect About You

3. How and Why We Use Your Personal Data (Lawful Basis)

4. Disclosure and International Transfers of Your Data

5. Data Security and Retention

6. Your Legal Rights

7. Glossary of Key Data Protection Terms

Internationl

UK Destinations

Legal

Quick Links

Contact Info