Privacy Statement
Last Updated: July 30, 2024
At Vogue25, your privacy is important to us. This Privacy Statement explains how we collect, use, and disclose your personal information. It also describes your rights regarding your information and how to contact us with any questions.
Privacy Statement Summary
This summary provides key highlights from our Privacy Statement. For detailed information, please [click here] or scroll down.
What does this Privacy Statement cover?
Aspect | Details |
---|---|
Types of Information Collected | Types of personal data we collect and how we use it. |
Information Sharing | When and with whom we share your personal data. |
Your Rights | Options regarding the collection, use, and sharing of your data. |
Access and Updates | How you can access and update your personal information. |
Types of Personal Information We Collect and Use
Category | Purpose | Sources | Lawful Basis |
---|---|---|---|
Identification Data | Booking, account creation, and security | Directly from you, affiliates | Legal obligation, Performance of a contract |
Contact Information | Communication, customer service, marketing | Directly from you, affiliates, third parties | Performance of a contract, Legitimate interest |
Payment Data | Payment processing, financial transactions | Directly from you, affiliates | Legal obligation, Performance of a contract, Consent |
Travel Preferences | Personalization of services and marketing | Directly from you, affiliates | Legitimate interest, Consent |
Loyalty Data | Manage loyalty programs and rewards | Directly from you, affiliates | Performance of a contract, Consent |
Geolocation Data | Provide location-based services and marketing | Directly from you, affiliates | Legal obligation, Performance of a contract, Consent |
Images and Videos | Booking purposes, marketing, and security | Directly from you, affiliates | Performance of a contract, Consent |
Communications | Customer service, marketing, and quality control | Directly from you, affiliates | Legal obligation, Performance of a contract, Legitimate interest |
Site Interaction Data | Improve user experience and marketing | Directly from you, affiliates, third parties | Legitimate interest, Consent |
Device Data | Platform usage analysis and security | Directly from you, affiliates, third parties | Legal obligation, Legitimate interest, Consent |
Friends and Co-travelers | Manage bookings and services | Directly from you, affiliates | Performance of a contract, Legitimate interest |
Child Data | Manage bookings for minor travelers | Directly from you, affiliates | Performance of a contract, Consent |
Clickstream Data | Analyze site usage and improve services | Directly from you, affiliates, third parties | Legitimate interest, Consent |
Birthdate and Gender | Personalization and marketing | Directly from you, affiliates, third parties | Legal obligation, Performance of a contract, Legitimate interest, Consent |
Sensitive Data | Handle with care for specific purposes | Directly from you, affiliates | Legal obligations, Consent |
How We Share Your Personal Information
Recipient | Purpose |
---|---|
Vogue25 Affiliates | For platform and booking purposes, marketing, and compliance |
Third-Party Service Providers | To deliver services and maintain security |
Travel Suppliers | To facilitate travel bookings and services |
Business Partners | For joint promotions and services |
Marketing Partners | For targeted advertising and market research |
Social Media Platforms | For online marketing and audience targeting |
Other Third Parties | For features like social media login and content sharing |
Legal Obligations | To comply with legal requirements and protect our rights |
Corporate Transactions | In connection with business changes or asset sales |
Your Rights and Choices
You can manage your data preferences, opt out of marketing, and exercise your data protection rights as described in our full Privacy Statement.
How to Contact Us
For questions or concerns about your personal information, please refer to the “Contact Us” section in the full Privacy Statement.
Privacy Statement Details
Aspect | Details |
---|---|
Joint Controllers | Expedia Group companies are joint controllers of your personal information. |
Processing Categories | All categories of personal information identified in the “Categories of Personal Information We Collect and Use” section are processed jointly. |
Expedia Group Companies | The companies listed at Expedia Group process your personal information jointly. |
Responsible Party | Expedia, Inc. is responsible for managing your personal information. For more details, see the “Contact Us” section. |
Purpose | Details |
---|---|
Enhancing User Experience | AI is used to improve your experience and maintain site safety. |
Sorting Content | Determines the order of content you see on our site. |
Recommendations | Provides recommendations for destinations, properties, or activities. |
Flight Price Insights | Offers insights and alerts about flight prices. |
Content Screening | Reviews uploaded content (e.g., images) for quality and relevant amenities. |
Review Screening | Ensures reviews do not contain identifiable personal information and assesses customer satisfaction. |
Fraud Prevention | Detects and prevents breaches of terms and fraudulent activities. |
Language Preferences | Displays language and dialect preferences in virtual agent interactions. |
Automated Decisions | Automated decisions may be made, but significant decisions will not be based solely on automated processing unless consented to, necessary for a contract, or legally authorized. |
Rights Related to Automated Decisions | You may request a manual decision-making process or contest decisions based solely on automated processing. For more details, see “Your Rights and Choices.” |
Right | Details |
---|---|
Communication Preferences | Change by logging in and updating account settings or contacting us directly. |
Cookie Control | Manage cookie preferences via our Cookie Statement. |
Access and Amend Information | Access, amend, inquire about deletion, or update accuracy by logging into your account or contacting us. |
Unsubscribing from Marketing | Unsubscribe via the ‘unsubscribe’ link in emails or by changing settings in your account or contacting us. Important transactional messages will still be sent. |
Mobile App Notifications | Manage notifications and preferences in app settings and your operating system. |
Withdrawing Consent | Withdraw consent by contacting us. This does not affect previous processing or other legal processing. |
Additional Regional Rights | Rights vary by region and may include requesting copies, deleting information, or objecting to processing. For more details, [click here]. |
Data Protection Authority | You may contact a data protection authority, but we encourage contacting us first. Details for complaints and appeals are provided in our response. |
Aspect | Details |
---|---|
Data Access and Processing | Personal information may be accessed, processed, or transferred to countries other than your residence. |
Safeguards | Safeguards are in place to ensure protection of personal information, including agreements and certifications. |
Appropriate Measures | Includes adequacy decisions by the European Commission, APEC-CBPR certification, and contractual clauses. |
Intra-Group Agreements | Agreements within the group include strict data transfer terms to protect personal information. |
Risk Assessments and Measures | Regular assessments and technological measures ensure compliance with data transfer laws. |
Framework | Details |
---|---|
DPF Certifications | U.S. affiliates are certified under the EU-U.S. DPF, UK Extension, and Swiss-U.S. DPF. |
Principles and Compliance | Adherence to DPF Principles including Notice, Choice, Accountability, Security, Data Integrity, and more. |
Complaint Resolution | Commitment to resolve complaints under the DPF Frameworks, including potential binding arbitration. |
Contact for Inquiries | Contact us for inquiries or complaints about DPF compliance. |
Aspect | Details |
---|---|
Compliance | Privacy practices comply with APEC CBPR, a framework for protecting personal information among APEC economies. |
Aspect | Details |
---|---|
Security Measures | Implementation of physical, technical, and organizational measures to protect personal information. |
Cybersecurity | Technical controls and measures, including PCI-DSS certification and encryption protocols. |
Employee Training | Regular security training for employees and management of access controls. |
Incident Notification | Notification of data security incidents in accordance with laws and reporting to regulatory authorities. |
Aspect | Details |
---|---|
Target Audience | Our services are not directed at minors. |
Data Collection | Personal information of minors may be collected in specific circumstances. |
Parental Contact | Parents or guardians should contact us if they discover personal information collected without consent. |
Aspect | Details |
---|---|
Retention Period | Personal information retained as per legal requirements and relevance for the purposes stated. |
Deletion Methods | Industry standard methods are used for data deletion and residual copies are kept for security. |
Retention Criteria | Includes relationship duration, legal obligations, and regulatory requirements. |
Aspect | Details |
---|---|
Questions and Concerns | Contact us via the Privacy Section for questions or to exercise your rights. |
Data Controllers | Your principal data controller is the Expedia Group company with which you interact. |
Additional Information | For a list of companies and more details, [click here]. |
Aspect | Details |
---|---|
Statement Updates | We may update this Statement in response to changes in laws or business developments. |
Notification of Changes | Material changes will be notified on this page. |
Last Updated Date | Check the “last updated” date at the top of this Statement for the most recent update. |