You can access our full Privacy Policy below to help you to understand better how we use your personal information. In it, we explain in more detail the types of personal information we collect, how we collect it, what we may use it for and who we may share it with.
Within the Privacy Policy you will find some specific examples of why and how we use your personal information. If you have further questions please get in touch with us by writing to Data Protection Officer, Trips of Discovery, Waterside (HCB3), PO Box 365, Harmondsworth, UB7 0GB, England.
Without prejudice to your rights under applicable laws, the above and the Privacy Policy are not contractual and do not form part of your contract with us.
Any personal information processed by British Airways in connection with this Privacy Policy is controlled by Trips of Discovery, which is considered the “data controller” of your personal information under European Union and UK data protection law. Our address is Data Protection Officer, Trips of Discovery, Waterside (HCB3), PO Box 365, Harmondsworth, UB7 0GB, England. If you have made a flight booking with us but one or more flights are to be provided by other airline(s) then that other airline will also separately be considered a “data controller” under European Union and UK data protection law. You can access the privacy policies of the other airlines via their own websites. Any provider of services such as a hotel or car rental company will also separately be a “data controller”. You can access the privacy policies of those providers from them directly.
If you have made a booking for non-flights services (hotel, car, transfers or experiences) or booked a “package” then the package booking Terms and Conditions identify if your contract is with British Airways Holidays Limited, British Airways is the “data controller”.
If you are a member of the British Airways Executive Club, Avios Group (AGL) Limited will also separately be a “data controller” of your personal information. Avios Group (AGL) Limited’s address is Waterside, PO Box 365, Harmondsworth, UB7 0GB. Avios Data Protection Officer can be contacted by email addressed to data.protection@avios.com.
Personal information means details which identify you or could be used to identify you, such as your name and contact details, your travel arrangements and purchase history. It may also include information about how you use our websites and mobile applications.
This Privacy Policy applies to personal information about you that we collect, use and otherwise process regarding your relationship with us as a customer or potential customer, including when you travel with us or use our other services, use our websites or mobile applications, contact our service agents or call centres and book to use our services through third parties (such as travel agents and other airlines). Where we reference that others are data controllers in the sections ’Controller of Personal Information’ and ’Who do we share your personal information with?’ you should consult their privacy policies for further information. Additional Terms and Conditions or policies may apply if you elect to take additional services from us such as making a Highlife purchase on board, using our on-board Wi-Fi or entering a competition linked to British Airways and other third parties.
We take great care to protect the personal information you provide to us. You can read more about how we do this in our Website Security Policy. Here are some things you can do to keep your information secure. Keep your booking reference confidential When you make a booking, you will be given a booking reference (also known as a PNR or Passenger Name Record). This will appear on the email confirmation or ticket of each person in your booking. You should always keep your booking reference confidential. Giving your booking reference to others may allow them to access your booking details through our systems. If you are travelling with others and would not like your individual booking details to be accessible by them, you may prefer each person to make separate bookings.
To make sure your access to our websites, other online services, and mobile applications is secure, you should not share your log in details with anyone else. When you finish using the website, online services or mobile app you should log out if others may be able to access your computer or device. This is especially important if you are using a publicly accessible computer.
Under data protection laws, you have rights we need to make you aware of regarding your data. You have the right to access your information. In some circumstances, you have the right to object to our processing of your data and can ask us to restrict our use of your data and to delete it. You also have the right to ask us to correct your information if it’s inaccurate and, to ask us to transfer information you have provided, to withdraw permission you have given us to use your information and to ask us not to use automated decision-making which will affect you. We would like to make you aware that your rights do not always apply in all cases, for example we might not be able to delete your data if we need it to fulfil your order or we are required to keep it by law. We also might not be able to provide you with information if it would infringe someone else’s rights. We’ll always try to help you with your request and will let you know in our correspondence with you how we will be able to meet your request and explain why if we are unable to do so.