TERMS AND CONDITIONS OF THE PERSONAL AREA: “My Rumbo” SERVICE

Welcome to the services of lastminute.com group (“lm group”), the European leader in the online travel and leisure sector that offers you the opportunity to book and purchase products and/or services related to tourism and leisure, in particular flights, holiday packages, hotel accommodation, car hire and other ancillary services (“products and/or services”).

lm group uses cutting-edge technology and offers you products and services tailored to your needs and preferences, allowing you to choose and book the products and/or services you want at the best price and quickly and easily via websites of lastminute.com group (“Website/s”). You can consult all of the Websites of lastminute.com group via the following link https://lmgroup.lastminute.com/our-business/our-sites.aspx

Furthermore, we hereby inform you that the products and services available through the Websites are furnished by companies that belong to lm group or other companies associated to the same. Should you wish, you may request the list of enterprises that belong to lastminute.com group by sending an email to privacy.en@lastminutegroup.com.

1. SERVICE DESCRIPTION

A free and flexible tool is available through the lm group personal area that offers a variety of features, including easy viewing of all hotel bookings, tourist packages, flights and other ancillary services requested on any website of the lm group over the last 3 years, managing your bookings, restoring the most recent searches performed on this website, forwarding a request for additional services to the applicable provider, amending your booking, requesting assistance, viewing any available discounts - where applicable - including on Cruise products, and examining the best current offers proposed by lm group companies (“Service”).

The company providing this Service is BravoNext, S.A., a Swiss company belonging to lm group, listed in the Commercial Register of Canton Ticino under Identification number CHE-115.704.228 and with registered office at Vicolo de’ Calvi 2 - 6830 Chiasso, Switzerland.

You can access the Service by registering on any Website of lm group where this is available. Once you have registered you will be able to access all the information on the bookings you have made with any company of lm group on any Website.

You will also be able to use the same credentials (user and password) to access the Services on any of the Websites of lm group. Consequently, the Service and access are unique and there is no need to generate registration records on each Website of lm group.

Lastly, you must remember that, given that the products and services available through the Websites are furnished by companies that belong to lm group or other companies associated to the same, the booking information available through the Service will refer to bookings formalised with any company of lastminute.com group. For these purposes, you hereby expressly authorise BravoNext, S.A. to collect and obtain the information about your bookings from any company of lastminute.com group with which you have contracted, in turn authorising these companies to report this information to BravoNext, S.A. This authorisation is directly related with the Service and with the creation and maintenance of the contractual relationship established between you and BravoNext, S.A. by registering for the Service. Please note that the processing of your data is necessary for the provision of the Service and the performance of this contract, in accordance with Art. 6(1)(b) of the General Data Protection Regulation 2016/679.We recommend that you read paragraph 3.A in the Privacy Policy.You will be entitled to revoke your consent by requesting your removal from the Service by sending an email to privacy.en@lastminutegroup.com without prejudice to your rights concerning data protection, pursuant to clause 3 of these terms and conditions. Unsubscribing from the Service does not involve any implication and/or consequence with regard to the bookings you have made on any Website of lastminute.com group, which shall remain in force for all purposes in accordance with the contracting terms thereof.

In addition to the Service, BravoNext may promote in your Personal Area personalised offers of products and services. These special and personalised offers of products and/or services might be provided by BravoNext, lm group companies or by our partners. To improve the effectiveness and quality of the named special and personalized offers we inform you that we may analyse your personal information, including your booking details, to create a profile of your interests and preferences so that we can tailor and target our communications in a way that is timely and relevant to you. Legal basis for displaying personalised offers on the Personal Area, as previously described, is legitimate interest,  based on the Art.6.1. f) of the General Data Protection Regulation 2016/679. We have carried out a “balancing test” to ensure that our processing is necessary and that your fundamental rights of privacy are not outweighed by our legitimate interest and we believe that our legitimate interest is appropriate given the value we bring to you so you can find easily the best offers of products and/or services to add to your booking. Please note that you have the right to opt out to, and seek restriction of such processing and you can always deactivate this option directly inside the Personal Area or by writing at privacy.en@lastminutegroup.com.

Please note that the Service will remain available until you will delete your account or untill Bravonext will stop the Service. If you request the cancellation of your personal information to one company of lastminute.com group, those information won’t be available on this website even before the expiration of the 3 year term.

2. SERVICE REGISTRATION

To register with the Service of lm group you need to fill in the registration form available on the Website to obtain the login and authentication data.

To this end, you hereby declare and warrant that all the information and personal data notified to us during the registration stage are up-to-date, complete and true. Furthermore, you are liable and hereby undertake to immediately report any change to these data to BravoNext, S.A.

Once registration has concluded, you will receive an email with a link through which to activate your account. Once activated you will be able to access the Service with your user and password.

You can also choose to register or access the Personal Area services by using your social network credentials. Please check p.2.3. of our Privacy Policy for more information about the use of Facebook log-in and Google sign-in when registering and/or using your account into the Personal Area. 

Please, note that when you sign into your registered personal account, you will remain logged-in to the Personal Area page for a period of sixty days or until you choose to log out of your account. 

The password is personal and non-transferable and you hereby undertake to keep it and use it with due diligence. If you suspect that your login details are being used in an unauthorised or improper way by third parties, you must immediately contact lastminute.com group, reporting this abuse by sending an email to the following address: privacy.en@lastminutegroup.com.

We hereby remind you that to ensure the diligent use and authorised access to the Service, the authentication will be solely and exclusively performed through the user and password that have been assigned to you. Therefore, any operation performed with the user and password assigned shall be considered as carried out personally by the holder of the login details, and this party shall therefore be liable in the event of breach of obligations concerning the diligent use of the Service.

Before registering for this Service, please read our Privacy Policy.

3. PRIVACY POLICY AND INFORMATION REGARDING THE PROCESSING OF PERSONAL DETAILS - PERSONAL AREA

We recognise the importance of protecting your privacy and your rights with regards to data protection. The Internet is a very powerful medium when it comes to transmitting personal information; for that reason, we and all other companies belonging to the lastminute.com group undertake the serious task of respecting the current laws regarding the protection of personal data and the security of the same, with the aim of guaranteeing secure, controlled and confidential navigation for its users and customers who register on our services and/or give us their consent for an specific purpose (you as a "Customer").

This Privacy Policy describes how we collect, use, process, and disclose your personal data in conjunction with your access to and use of our Website and services and, specifically:

3.1. Who is the controller of your data? 3.2. What categories of your data do we collect and use? 3.3. Why and how do we collect your data? 3.4. Who sees, receives and uses your data and where? 3.5. How long do we retain your data? 3.6. What are your data protection rights and how can you exercise them? 3.7. Contact details of the data controller 3.8. Contact details of our data protection officer 3.9. Information about cookies 3.10. Privacy notice for Facebook 3.11. Update and old versions of this privacy policy 

It also informs you of how you can exercise Your Rights (including the right to object to some of the data handling we carry out). More information about your rights and how you can exercise them is set out in the section below.

If you see an undefined term in this Privacy Policy (such as “Service” or “Website”), it has the same definition as in our Company contractual service conditions.

3.1. Who is the controller of your personal data?

When this Privacy Policy mentions “Company”, “we,” “us,” “our” or “Data Controller”, it refers to:
BravoNext, S.A., a Swiss company belonging to the lm group, listed in the Ticino business register under no. CHE - 115.704.228 and with registered office at Vicolo de’ Calvi 2 - 6830 Chiasso, Switzerland, which is responsible for the processing of Users’ and/or Customers’ personal data under this Privacy Policy (hereinafter, referred to as the “Company”, “we”, “us”, “our”, “Data Controller”). Furthemore, we inform you that, for compliance with the General Data Protection Regulation (EU) 2016/679 (“GDPR”) purposes only (Art. 27 GDPR),  Bravonext has designated as its EU representative Viaggiare SRL., an Italian company belonging to the lm group, listed in the Italian Chamber of Commerce - Milano under VAT identification no. IT04403760962 and registered office at Via del Don 3, 20123 Milan, Italy.

We, being an entity located in Switzerland, are subject to Swiss law regarding the protection of personal data. For that reason, we undertake to comply with the obligations imposed by the General Data Protection Regulation (EU) 2016/679 (“GDPR”) and the Swiss Federal Act on Data Protection of 19 June 1992 (FADP). In the same vein, we inform our Users and/or Customers that the Decision of the Commission of 26 July 2000 in accordance with Directive 95/46/CE of the European Parliament and the Council relating to the adequate level of protection for personal data in Switzerland declared that, in Switzerland, the laws guarantee an adequate level of protection in accordance with Directive 95/46/CE.

In accordance with Swiss Federal Act on Data Protection of 19 June 1992 and with Article 45 of the Swiss Federal Act on the Supervision of Insurance Companies of 17 December 2004 (FASIC) we inform our Users and/or Customers that their personal data is processed and kept by the Company in the manner and for the means as follows, in accordance with the LPD and LSA.

3.2. What categories of your data do we collect and use?

When you visit the Website and use our Comparison Service (you as a "User") or then purchase or register to our services (you as a "Customer")  we collect the categories of personal data as follows:

3.2.1. Personal data provided by you

  • The personal data that you share with us including when you register for an account, subscribe to marketing communications and which you provide to us when using our services, downloading our app, including the information entered into our booking platform and included in your comments, reviews or messages sent via telephone to our Customer Care Team,  or through the Live Chat or through social media channels. 

  • More specifically:  When you take part in surveys or questionnaires about our services you may provide us with your contact details, your feedback and contributions to customer surveys and questionnaires. When you subscribe to the personalised marketing services under p.3 - F of this privacy policy you may provide us with: Your personal details, information about your purchases, including what you booked, information about when you click on our adverts, the way you access the website, including IP address, online identifiers and browsers details. You may also provide us with information about your bookings, your browsing behaviour or your personal interests. Please note that some of this information might be collected automatically in accordance with p. 2.2. When you register for an account into the Personal Area, or you use your Account you may provide us with: your personal details such as your name, surname, email, address, phone number, profile picture and your login information as your email and the password you choose. Please, check p. 2.3. of this privacy policy in case you register or access the Personal Area services using your social network credentials. Please, note that when you sign into your registered personal account, you will remain logged-in to the Personal Area page for a period of sixty days or until you choose to log out of your account. The company providing this service on all the websites within the lm group is BravoNext, S.A. a Swiss company belonging to lm group, listed in the Commercial Register of Canton Ticino under Identification number CHE-115.704.228 and with registered office at Vicolo de’ Calvi 2 - 6830 Chiasso, Switzerland. Before completing the registration process, you must confirm that you have read and accept the specific Privacy Policy and Terms and Conditions of BravoNext, S.A. for this service. Special categories of personal data, for example, relevant medical data and any special dietary or disability requests, so information concerning your health (including medical certificates) or revealing religious, philosophical or sexual orientation that you might voluntary provide us in the course of making a booking (e.g. by selecting the box "Special assistance" and filling in the empty field during the booking process or by other means, such as via telephone to our Customer Care Team) or after the conclusion of the booking for the management of your refund or post-sale request (e.g. adding wheelchair assistance to your confirmed booking). Please note that, only where it is strictly necessary to fulfill your request and with your prior explicit consent, we may be required to send the above special categories of personal data to the relevant third parties, such as airlines, hotels, Tour Operators. We will use the special categories of personal data only as strictly necessary to fulfill your request. Where we need to process this data, we will only do it if we have your explicit consent, in accordance with Art.6.1.a) and Art. 9.2 GDPR or if permitted by regulations. Therefore, please note that if you don’t authorize us to this processing, we will not be able to manage your requests since we need your explicit consent to collect these special categories of personal data.

  • Personal data you provide about other individuals: If you plan to submit someone else's personal data to us, for instance when booking on their behalf, you should only provide us with that third party's details with their consent and after they have been given access to this Privacy Policy. When submitting data about other individuals you declare you have their consent 

  • Personal data about children: Please note that we may collect and use the information of children only as provided by their parent or guardian or with their consent. If we become aware that we have processed information of a child without the valid consent of a parent or guardian, we reserve the right to delete it. 

The provision of the above personal data, where requested, is necessary for the adequate performance of the contract between you and us and to allow us to comply with our legal obligations except when we rely on consent as legitimate basis for processing and or our legitimate interest. Without it, we may not be able to provide you with all the requested services.

It is important that all the personal data you give us is correct and accurate. This includes, by way of example only, ensuring that we have your correct contact (including email) details at all times. 

3.2.2. Personal data collected automatically from our Website, on the phone, from communication we send, and/or  from third parties

  • We collect information about your visits to and use of the Website, such as information about the device and browser you are using, your IP address or domain names of the computers connected to the Websites, uniform resource identifiers for requests made, the time of request, the method used to submit the request to the server, the size of the archive obtained as a response, the numerical code indicating the status of the response given by the server (correct, error, etc.) and other parameters relative to the operating system and the computer environment used, the date and time that you visited, the duration of your visit, the referral source and website navigation paths of your visit and your interactions on the Website including the Services and offers you are interested in. Please note that we may associate this information with your account.  

See the cookies section of this Privacy Policy (9. Information about cookies) for further information on the purposes for which we collect and use this information. Please note that, your personal information may also be linked to Cookies to i.e. enable the storage of your travel searches on your Personal Account when you are registered to the service and/or collect information on how you use our product and services.

  • We may use this style to also understand how you engage with communication material that we send to you, such as emails, including the action you take such as any links in them that you click on, your duration and frequency of your engagement with the email.  

  • To the extent permitted by the applicable law wherein we receive additional information about you, such as fraud detection information and warnings from third party service providers and/or partners for our fraud prevention activities.

  • For the provision of the Personal Area service BravoNext, S.A. might collect and obtain the information and personal data about your bookings from any company of lm group you have contracted with,

 3.2.3. Other sources of personal data: Facebook log-in,Google sign-in and Apple Sign-in when registering and/or using your account into the Personal Area 

You may create and use the Personal Area through our login system or you might choose to link, connect or login to the Personal Area with a third party service (e.g., Facebook, Google and Apple), the third party service may send us information such as your registration and profile information (i.e. user name, user ID associated with your social media account, picture, email), and any other information you permit the social network to share with third parties. The data we receive is dependent upon your privacy settings with the social network and those third parties.. You should always review and, if necessary, adjust your privacy settings on third-party websites and services before linking or connecting them to our Website. 

Please also note that by using the service provided by the third party, the information may be  transferred or transmitted or stored and processed by such third party in the United States or other countries outside the EU, in accordance with the privacy policies linked below. As a consequence, certain extra-EU national programmes may enable public authorities to have access to your personal data for security purposes. 

In particular:  

Facebook log-in 

  • When you choose to register and/or log-in using Facebook to connect to our platforms of services on our Website, either when you register or after you have registered, you agree to share your name, email, profile picture, user ID associated with your social media account with us. We will also record the fact that you have registered through Facebook. 

Information about your activity on our Website may be sent to Facebook, when you have an account with them and choose to use the social media login feature to register with us. 

The social media platform may receive information, such as your IP and the browser URL.

For more information on the collection and use of data by Facebook, about your rights in this regard and ways to protect your privacy, see the privacy policy of Facebook https://www.facebook.com/policy.php 

Google log-in 

  • When you log-in using Google to connect to our platforms or services you agree to share your email and your picture profile with us. We will also record the fact that you have registered through Google. 

Google’s platform may receive information, such as your IP and browser URL. 

Please review Google’s privacy policy to find out more about your rights in this regard and ways to protect your privacy: https://policies.google.com/privacy  

Apple Sign-in 

  • When you log-in using Apple Sign-in to connect to our platforms or services you agree to share your name,surname and email address and Apple ID associated with us. We will also record the fact that you have registered through Apple.

Apple's platform may receive information, such as your IP and browser URL. 

Please review Apple’s privacy policy to find out more about your rights in this regard and ways to protect your privacy: https://support.apple.com/en-us/HT208650

3.3. Why do we collect your data?

In general terms, we use your personal data to provide you with the services you request, process payment, provide customer services, send you marketing and promotional communications, notify you about important changes to our Website and to deliver our content and ads which we think may be of interest to you. More specifically:

 

A. To create and maintain the contractual relation established for the provision of the Service requested by you in all its phases and by way of any possible integration and modification or to take steps at your request in relation to the contract prior to entering into contract (e.g. facilitating your bookings and taking payments; responding to your questions and concerns; administering your account). Information concerning our provision of the Service and/or to provide you with any clarification or assistance may be sent to you via email, phone, SMS, recorded calls or other similar technologies.

 Please note that if your call to us is not connected, or if it is disconnected mid-call, you authorize us to use your phone number to call you back, in order to respond to your request. To collect and obtain the information about your bookings from any company of lastminute.com group with which you have contracted, in turn authorizing these companies to report this information to BravoNext, S.A.

Finally, in order to access the Customer Care and receive assistance in a timely and efficient manner, you will be asked to enter the identification code of your booking (so-called "Booking ID"). If you contact our Customer Care Team by using the same telephone number entered during the booking process, the Booking ID will be automatically recognised.

On which legal basis? To fulfill a contract, or take steps linked to a contract (i.e. to provide the Service you request and/or to provide you with any clarification). In case the fulfillment of the contract implies the processing of sensitive data, we will rely also on your explicit consent.

**************

B. If permitted by the applicable law, to request your participation in our surveys conducted via email, phone, SMS, recorded calls or other similar technologies from time to time, so that you can tell us about your experience as a recipient of the Service. We will use your feedback to develop and improve our services. Following our analyses of your feedback, we may consider it necessary to contact you to provide you with a response to your survey submission. Please note that your participation in the survey is voluntary and there are no consequences should you prefer not to participate.

On which legal basis? To pursue our legitimate interest (i.e. to manage and improve our products, services and day by day operations), or when you give your consent where required by the applicable local laws. You can inform us at anytime if you no longer want to receive our surveys or if you want to revoke your consent by writing to privacy.en@lastminutegroup.com.

**************

C. To meet the legal, regulatory and compliance requirements and to respond to requests by government or law enforcement authorities conducting an investigation.

On which legal basis? To comply with the law (i.e. to share personal data with regulatory authorities)

**************

D. To carry out aggregative statistical analyses on anonymised groups or to analyse identifiable individuals behaviour so that we can see how our Website, products and services are being used and how our business is performing.

On which legal basis? To pursue our legitimate interest (i.e. improving our Website, its features and our products and services)

**************

E. To send you (in cases permitted by law except where you did not object) advertising material via email or, where permitted by the law, other equivalent electronic communication regarding products and services similar to those already purchased by you and offered on our Website. On some occasions, we may send you a personalised and tailored version of the aforementioned advertisement materials.

On which legal basis? Soft Opt-in/To pursue our legitimate interest (i.e. marketing)

**************

F. To send you personalised and profiled marketing communications.

Without prejudice to the provisions of the preceding paragraph E and only with your prior explicit consent, to share with you via email, phone, mail, Whatsapp, SMS and/or on our website or third party ones (e.g. using ads and/or Web Push Notifications) the best deals and offers on products and services we think you might find interesting. If you have already given us your consent to profiling activities through marketing cookies or other means, we may send personalised communications. The personalised service or the offers can be related to the following sectors (please note that we do not share your email address with third parties): tourism, leisure, entertainment, high technology, fashion, decoration, consumer goods, food and beverage, finance, banking, insurance, energy, environment, communication, mass media, real estate, pharmaceuticals, clothing and textiles, education and training, energy, publications and publishing, information and communications technology, retail, sport, telecommunications and general services. 

For this purpose we may:

-        analyse your personal information to create a profile of your interests and preferences so that we can tailor and target our communications in a way that is timely and relevant to you.

-    combine the information you give us via cookies and other tracking technologies with information related to your purchases.]

-    analyse information about the way you engage with communication material you receive from us, such as data on when emails have been opened  or to determine if you have viewed or interacted with an ad, to record the number of times you have viewed each ad, to prevent a single ad being shown to you too frequently etc.

-    temporarily share an encrypted version of your email address,  with carefully selected partners who may combine this information with other forms of online identifiers or other personal data  in order to present you with our offers cross device or cross channel, for example on social networks (Facebook, Pintrest, Instagram, twitter ).

-    use automated decision making to segment and target product offers based on your demands and needs. This allows us to be more focused, efficient and cost effective with our resources and also reduces the risk of someone receiving information they may find inappropriate or irrelevant. You can always request a manual decision- making process instead, express your opinion or contest decision based solely on automated processing, including profiling, if such a decision would produce legal effects or otherwise similarly significantly affect you. For further details, you may contact our Data Protection Officers whose details are provided in this privacy policy.

On which legal basis? Where you give your consent (by ticking the appropriate checkbox or by inserting your email address into the proper field to receive personalised communications about us and our selected third parties).

**************

G. n.a.

**************

H. n.a.

**************

I. To verify compliance with our terms and conditions and for the establishment, exercise or defence of legal claims.

On which legal basis? To pursue our legitimate interest (i.e. compliance with our terms and conditions, protection of our rights in the event of any dispute or claim)

**************

J. To tailor and personalise online marketing notifications and advertising for you based on the information on your use of our Website, products and services and other sites collected through cookies (please see the Cookies section of this Privacy Policy for further information). 

On which legal basis? Where you give your consent (i.e. through the cookie banner or by your browser's settings)

**************

K. n.a.

**************

L. When you register or access your Personal Area, to promote personalised offers of products and services related to your past or current bookings in the same Personal Area. Please note that these special and personalised offers of products and/or services may concern products and/or services of lm group and those of our partners, which are sold on our site.

To improve the efficiency and quality of the aforementioned special and personalised offers, we inform you that we reserve the right to analyse your personal information, including booking details, with the aim of creating a profile of your interests and preferences in order to display personalised and targeted advertisements that are timely and relevant.

Please note that you have the right to object to this processing of your data at any time from your Personal Area, and in case you prefer to not see personalised offers and advertisements related to your bookings in your Personal Area, this objection would bear no consequence on the Services provided in the Personal Area.

On which legal basis? To pursue our legitimate interest

Where we rely on legitimate interest as a basis for processing your personal information, we carry out an assessment to ensure that our interest in the use of your data is legitimate and that your fundamental rights of privacy are not outweighed by our legitimate interests (‘balancing test’). You can find out more information about the balancing test by contacting our Data Protection Officer at to dpo.en@lastminutegroup.com .

3.4. Who sees, receives and uses your data and where?

3.4.1. Categories of recipients of your data

We share your personal data, for the purposes described in this Privacy Policy, to the following categories of recipients:

  • Our authorised employees and/or collaborators that assist and advise us on administration, products, legal affairs, Customer Care Team, and information systems, as well as those in charge of maintaining our network and hardware/software equipment;

  • Airlines, hotels, car hire companies, insurance companies, tour operators as well as those other parties to which it is necessary to disclose your personal data in order to provide you with the requested services that will be operating as autonomous data controllers. Please note that airline companies are required, in accordance with new regulations introduced in the US and other countries, to allow customs and border authorities to have access to flight passenger data. For that reason, in certain situations, we may communicate data collected on passengers included in the reservation to the competent authorities of the countries included in the Customer’s travel itinerary if required by the local law.

  • Our third-party service providers (including other entities of the lmastminute.com group), which process your personal data on our behalf and under our instructions for the purposes described hereinabove acting as data processors, such as those providing us with IT and hosting services call centre and customer support, analytics and administration services etc.

  • Payment providers and financial institutions (e.g. for chargeback, fraud detection and prevention purposes) acting as autonomous data controllers.

  • Our business partners who are social media platforms when it is explicitly requested by you (e.g. when you share information generated from our website onto those platforms), when using social media authentication methods or downloading our App whereby you agree either with our privacy policy or with the platforms that we may share information about your online activity with these partners even when you are not logged in to the social media platform). or when these business partners that provide us with functionality capabilities request information about the specifications of the device that the App has been installed on, which they have obtained the right to do.  The information you share will be governed by the social media's privacy policy. Please check clause 2.3 of this Privacy Policy for more information.

  • Competent authorities when we are required to do so by the current law.

  • Competent authorities and Law and enforcement third parties when this is necessary so that we can enforce our terms of use and protect and defend our rights or property or the rights or property of any third party.

  • Third parties that receive the data (e.g. business consultants, professionals for delivering due diligence services or assess value and capabilities of the business) when it is necessary in connection with any sale of our business or its assets (in which case your details will be disclosed to our advisers and any prospective purchaser’s advisers and will be passed to the new owners. 

The complete list of parties to which your personal data may be disclosed is available at our registered office and may be requested by writing to privacy.en@lastminutegroup.com.

3.4.2. International transfer of your data

Users’ and/or Customers’ personal data is processed in at the Data Controller’s registered office (see point 1), on the lm group servers, and at the offices of other entities to which data may be provided in order to provide the services requested of the Data Controller.

Given the fact that we are an international travel company, we also transfer your personal data to:

  • non-European Economic Area (EEA) countries offering an adequate level of data protection such as Switzerland in accordance with the “Adequacy decisions” of the EU Commission that recognises some countries as providing adequate protection;

  • non-European Economic Area countries where data protection laws may be less protective than the legislation in the EEA. This happens when:

    • we disclose your data to autonomous data controllers such as airlines, hotels, car hire companies, tour operators etc. that might process your data outside the EEA in order to provide you with the requested services.

    • we disclose your data to our service providers who act as data processors on our behalf that might be located in a country outside the EEA, including Morocco, Albania, UK, India and Tunisia. When such a transfer happens, we ensure that it takes place in accordance with this Privacy Policy and is regulated by standard contractual clauses approved by the European Commission as ensuring adequate protection for data subjects. Our providers, acting as data processor, may be engaged in, among other things, the fulfilment of your service request, the processing of your payment details, the provision of advertising and marketing services on our behalf and the provision of support services through electronic communications or call centre.

Should you want to obtain further details about the safeguards put in place, you can contact us by writing to privacy.en@lastminutegroup.com.

3.5. How long do we retain your data?

We retain your personal data for as long as is required to achieve the purposes and fulfil the activities as set out in this Privacy Policy, otherwise communicated to you or for as long as is permitted by applicable law. Further information about the retention period is available here: 

CUSTOMER RECORDS

Booking records - Retention period: 10 years from the date of the purchase

Booking records (name, address, contact information, PNR, ID Booking, birth date, number or identity document, date of issue, date of expiring, issuer country, typology ) including: - Product details - records of customer contacts related to the Agent section (i.e. Notes/Events in the BO), - "Special assistance" section

Account information - Retention period: 10 years from the date of the last interaction

Account information (see Personal Area): - User, password - Social login

 - Purchase data - Retention period: 3 years from the date of the purchase

Surveys - Retention period: 1 month from the date of the survey

Surveys

DATA USED FOR MARKETING PURPOSES (CRM)

Data used for marketing activities - Retention period: 5 years from the consent or the renewal of the consent via interaction with marketing communications

Data used for marketing activities to customers/users subject to the consent or under soft-opt in

DATA COLLECTED VIA TAG

Technical cookies - Retention period: Max 3 years from the date of browsing on our websites

Technical cookies

Non-Technical cookies - Retention period: Max 1 year from the date of consent

Non-Technical cookies

3.6. What are your data protection rights and how can you exercise them?

You can exercise the rights provided by the Regulation EU 2016/679 (Articles 15-22), including the right to:

Right of access - To receive confirmation of the existence of your personal data, access its content and obtain a copy. 

Right of rectification - To update, rectify and/or correct your personal data. 

Right to erasure/right to be forgotten and right to restriction - To request the erasure of your data or restriction of your data which has been processed in violation of the law, including whose storage is not necessary in relation to the purposes for which the data was collected or otherwise processed; where we have made your personal data public, you have also the right to request the erasure of your personal data and to take reasonable steps, including technical measures, to inform other data controllers which are processing the personal data that you have requested the erasure by such controllers of any links to, or copy or replication of, those personal data. 

Right to data portability - To receive a copy of your personal data you provided to us for a contract or with your consent in a structured, commonly used and machine-readable format (e.g. data relating to your purchases) and to ask us to transfer that personal data to another data controller. 

Right to withdraw your consent - Wherever we rely on your consent (see p. 3 - F and J), you will always be able to withdraw that consent, although we may have other legal grounds for processing your data for other purposes. 

Right to object, at any time - You have the right to object at any time to the processing of your personal data in some circumstances (in particular, where we don’t have to process the data to meet a contractual or other legal requirement (see p. 3-B,C,D, H, I), or where we are using your data for direct marketing (p. 3-E).

Right not to be subject to a decision based solely on automated processing, including profiling - You can always request a manual decision- making process instead, express your opinion or contest decision based solely on automated processing, including profiling, if such a decision would produce legal effects or otherwise similarly significantly affect you.

You can exercise the above rights at any time by:

  • Contacting us via email at privacy.en@lastminutegroup.com.

  • As for direct marketing, please note that you can also object at any time by clicking the unsubscribe link which we provide in each communication sent to you

  • As for online targeted ads and the withdrawal of your consent please refer to our Cookie section of this Privacy Policy.   

In case you exercise any of the above rights provided by GDPR, please note that we will attend your request considering the personal information held by all the companies within the lm group where BravoNext, S.A. holds, directly or indirectly, 100% of the shares.  

Your rights in relation to your personal data might be limited in some situations. For example, if fulfilling your request would reveal personal data about another person or if we have a legal requirement or a compelling legitimate ground we may continue to process your personal data which you have asked us to delete.

You also may have the right to make a complaint if you feel your personal information has been mishandled. We encourage you to come to us in the first instance but, to the extent that this right applies to you, you are entitled to complain directly to the relevant Data Protection Supervisory Authority.

3.7. Contact details of the data controller

The contact details of the Data Controller of the data processing described hereinabove are:

BravoNext, S.A., a Swiss company belonging to the lm group, listed in the Ticino business register under no. CHE - 115.704.228 and with registered office at Vicolo de’ Calvi 2 - 6830 Chiasso, Switzerland.

3.8. Contact details of our data protection officer (DPO)

Our Data Protection Officer (or "DPO") is available at:

dpo.en@lastminutegroup.com

Vicolo de’ Calvi 2 - 6830 Chiasso, Switzerland.

3.9. Information about cookies

3.9.1 What are cookies and other similar technologies (“Cookies”)?

For any information about Cookies please read the following Cookie Policy.

3.10. Privacy notice for Facebook 

3.10.1. Facebook Custom Audiences - Facebook pixel

We use the remarketing function “Custom Audiences” of Facebook Inc. (1601 Willow Road, Menlo Park, California 94025) or, if you are based in the EU, Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland. This function allows us to show our Users and/or Customers of our website interest-based ads when they visit Facebook (“Facebook ads”), and to analyze such Facebook ads for statistical and market research purposes, which helps us optimize future advertising. This allows us to serve more relevant advertising. 

For this purpose we use the so-called Facebook pixel for our website. 

When a User or a Customer visits our website and takes an action (for example, buying something), the Facebook pixel is triggered and reports this action. This way, we will know when a customer took an action after seeing our Facebook ad. We will also be able to reach this customer again by using a Custom Audience. Therefore, this pixel allows user behavior to be tracked after they have been redirected to our Website by clicking on a Facebook ad. This way, we will know when a customer took an action after seeing our Facebook ad. We will also be able to reach this customer again by using a Custom Audience.

Therefore, this enables us to measure the effectiveness of Facebook ads for statistical and market research purposes. The data collected in this way is anonymous to us, i.e. we do not see the personal data of individual users. However, this data is stored and processed by Facebook, which is why we are informing you, based on our knowledge of the situation. Facebook may link this information to your Facebook account and also use it for its own promotional purposes, in accordance with Facebook’s Data Usage Policy  https://www.facebook.com/about/privacy. Such data may allow Facebook and its partners to show ads on or off Facebook. A cookie may also be stored on your computer for these purposes.

3.10.2. Facebook SDK

Within our App, we use the Software Development Kit (SDK) from Facebook. The Facebook SDK is issued and administered by Facebook Inc, 1601 S. California Ave, Palo Alto, CA 94304, USA, or, if you are based in the EU, Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland. By means of this integration, we can link various Facebook services with our App (i.e. Facebook Analytics, Facebook Ads, Facebook Login via the SDK, Facebook Account Ki, Facebook Share, Facebook Graph API and Facebook App Events). 

In particular, we have linked the following SDK Facebook services with our App:

Facebook Login: to provide you with the the possibility to register or log in with your Facebook account 

Facebook App Events: To understand people's actions in our app and measure the effectiveness of your Mobile App Ads. We use this service  to evaluate the reach of our advertising campaigns and use of Facebook SDK. Facebook merely provides us with an aggregated analysis of user behavior within our app. 

In addition, as our App is linked to SDK Facebook services, we have to follow Facebook policies, which include that we are obliged to share with Facebook, when you download the App, even when you are not logged in to the social media platform, the following data: 

  • Anonymous online identifier; 

  • Information confirming that you have download our App;

  • Type of device you have used to download our App;

  • Your device model name;

  • Your geographical zone; 

  • Your time zone;

  • Your connection provider;

  • The size and density of your screen device;

  • CPU cores of your device;

  • The external storage size in GB of your device;

  • The free space on external storage in GB of your device;

  • Device timezone

By downloading our App you declare that you agree with the communication of the data to Facebook as described above. 

Further information about Facebook SDK within iOS can be found here:https://developers.facebook.com/docs/ios. For Android, please refer to: https://developers.facebook.com/docs/android.

You can check and modify the status of your connection to Facebook and the respective access privileges of our Apps at any time under your Facebook profile settings (https://www.facebook.com/settings?tab=applications). If you want to cancel the connection between Facebook and our App, please log in to Facebook and make the necessary changes in your profile settings.

3.11. Update and old versions of this privacy policy

We reserve the right to modify this Privacy Policy at any time in accordance with this provision. If we make changes to this Privacy Policy, we will post the revised Privacy Policy on our Website and update the “Last Updated” date at the top of this Privacy Policy.

Old versions of this Privacy Policy are available here.

4. LAW AND APPLICABLE JURISDICTION

These Terms & Conditions are governed by Swiss law. In the same vein, to the extent permitted by applicable law and international agreements, the parties agree to act in accordance with the jurisdiction of the Courts of Mendrisio, Switzerland, for any matter concerning the interpretation, implementation or enforcement of these Terms and Conditions, expressly waiving any of their own jurisdiction that may apply, provided that the applicable regulations do not establish a mandatory specific jurisdiction.

We inform you that the European Commission makes available to all citizens of the European Union a platform for resolving online disputes regarding services provided by companies in the European Union (the “ODR Platform”), which can be accessed via the following link: http://ec.europa.eu/consumers/odr. Nonetheless, since the Company is a Swiss business with registered office in Vicolo de’ Calvi 2 - 6830 Chiasso, Switzerland, your dispute is not admissible via the aforementioned platform. For this reason, we invite you to contact our dispute resolution team directly via email and/or phone using the information provided in the confirmation email, so that we can assist in resolving your issue.

Mobile app:

About us

Support and useful information

Need help? 

Airline information 

Contact us

Useful information