Privacy Policy
LAST UPDATED: MAY 29TH, 2024
Turks Luxury Escapes Privacy Notice
Summary
Welcome to Turks Luxury Escapes.
We are committed to respecting and protecting your privacy. This privacy notice sets out how we collect and use the personal data (as defined below) that you provide to us via this website, www.turksluxuryescapes.com (our “Site”), our mobile app, Turks Luxury Escapes (our “App”), our social media pages such as Instagram or LinkedIn, any messages that we send to you that link to this notice or other communications with you, and offline business interactions you have with us (together with any other services we provide to you, our “Services”). It also tells you about your privacy rights and how certain laws may apply to you.
If you have any queries about this notice or how we use your personal data, please contact us at info@turksluxuryescapes.com
Contents
-
About us
-
What personal data do we collect via the Services?
-
How we collect personal data
-
How and why we use personal data
-
How we share personal data
-
Children
-
International transfers
-
Data security / Sensitive data
-
How long we keep personal data
-
Third party links
-
Your rights
-
Changes to this notice or your personal data
About us
Our services are operated by Turks Luxury Escapes Limited and its affiliates (including Turks Luxury Escapes, Inc.) (“us”, “we”, or “our”).
Turks Luxury Escapes Limited is a limited company registered in England & Wales with company number 11044817, and with its registered office at 20 Grosvenor Place, London, SW1X 7HN, United Kingdom. It is registered with the UK data protection authority: the UK Information Commissioner’s Office (ICO) under number ZA913397.
Turks Luxury Escapes, Inc. is a company registered in the State of Delaware with company number 5230204, and with its registered office at 1680 Capital One Drive, McLean, VA 22102.
Turks Luxury Escapes is the data controller of any personal data you provide to us via our Services.
You can contact us about any queries you have regarding this privacy notice at info@turksluxuryescapes.com
What personal data do we collect via the Services?
“Personal data” means any data which can be associated with you as an individual, either directly or indirectly. We collect different information depending on how you use the Services and how you interact with us.
The personal data we collect via the Services include:
-
Identity data, such as your name, title (e.g., Mr., Mrs., etc.), organization name and position, and your driving license and passport information.
-
Contact data, such as your postal address and email and telephone details.
-
Usage data, which includes information about how you use the Services (including any bookings, reservations or other services we have provided to you, and our conversations with you), and your location.
-
Log-in data, such as your username and password.
-
Payment and transaction data, including your booking history, and certain other information associated with your payments. This does not include your payment card details, which you provide direct to our payment processors (See section 5a below for more information).
-
Preference data, including information about your interests and other relevant information to your bookings, such as likes and dislikes and specific dietary or health restrictions or personal requests to ensure your wellbeing.
-
Technical data, such as the device you are using to access our Services, your unique device ID, your internet protocol (IP), browser type and version, time zone and location, display settings, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access the Services.
-
Marketing and communications data, including any communications we may receive from you, and your preferences in receiving notifications, marketing and other communications from us.
-
Background check information: including credit checks, criminal history, and reference/background checks.
In certain circumstances, we may also collect data about your family members, children, and companions, including their names and ages. We will only ask you for ‘special categories’ of personal data (defined under applicable laws to include details about your health, race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, or trade union membership) to the extent necessary to provide the services and where we are permitted to do so. For example, we may ask you to share information about allergies or other health conditions so that we can accommodate your requests and tailor your experiences.
How we collect personal data
Different personal data is collected in different ways.
Personal data you provide to us
When you create an account to use our Services, sign up for a newsletter, attend one of our events or contact customer service, you will provide us with your personal data (as listed in Section 2 above).
You will also provide us with personal data when you correspond with us.
Personal data we collect from other sources or as you use our Services
We may receive personal data about you from other sources, for example publicly available sources when we carry out screening as part of our membership process and to comply with applicable laws. In addition, if you connect other third party accounts (such as social media or music accounts) to your Services account, you will share certain personal data with us, for example, your profile name and any other information that may be or you make accessible to us as a result of the connection.
As you use the Services, we will also collect your technical, usage and transaction data as described above. Some of this data is collected using cookies, beacons and similar technologies.
We need to collect certain personal data to provide the requested Services to you. If you do not provide the information requested, we may not be able to provide the Services. We will note which personal data is required to provide the Services at the time of its collection.
If you disclose any personal data relating to other people to us, you represent that you have the authority to do so and to permit us to use the information in accordance with this notice.
How and why we use personal data
We will only use your personal data where:
We need the personal data to fulfill our contract with you
The personal data that we use will depend on the Service(s) we have agreed. For example:
-
We will use your identity and contact data so that we can complete your transactions, communicate with you about the Services we provide, facilitate providing our Services to you and, and respond to any requests, queries, issues or concerns you may have.
-
If you ask us to book certain forms of travel on your behalf, we will need your driving license and/or passport details and certain preference data (e.g., your preferred travel class) in order to do so.
-
We will use your identity and log-in data to create a profile for you on our Services. You will need this profile to use our Services.
-
We will use your technical data to ensure that our Services display and function correctly on your device.
-
We will use your identity, contact, preference, log-in and usage data to customise our Services to you.
-
We (and our Suppliers, as defined below) will need your payment data to facilitate any payments you authorize. For further information about this, please see Section 5 (‘How we share your data’ section) below.
-
As part of our Services, we will recommend products and services to you. We will use your IP address to determine your approximate location (for example, by city, state, or country), and use this information to ensure that the suggestions or other content we suggest to you is relevant to your location. For the avoidance of doubt, we will never track your exact location unless you have provided us with your express permission to do so.
-
To provide you with membership rewards and incentives.
We have a legitimate interest (reasonable business purpose) in doing so
We will use your personal data for our legitimate business reasons where our doing so will not unduly affect your rights.
-
We will use your identity, log-in, contact and usage data to keep our records up to date.
-
We will use your technical, location and usage data to:
-
provide and make improvements to our Services, system maintenance, support, reporting and hosting of data, and troubleshooting;
-
ensure that our Services are secure;
-
analyze how users interact with our Services; and
-
develop new products and services.
-
-
We may use your personal data to administer and manage our business in general, to detect and prevent misuse of our Services (including fraud and unauthorized payments), and to enforce our Terms and Conditions or any other contract to which we may be a party.
-
We may aggregate and/or anonymize personal data so that it will no longer be considered personal data. We do so to generate other data for our use, which we may use and disclose for any purpose, as it no longer identifies you or any other individual.
You have given us your consent
If you sign up to our mailing lists, we will send you updates and marketing information that you have consented to receive. You may opt out of receiving any, or all, of these communications from us by following the unsubscribe link or instructions provided in any email we send, or by emailing us at info@turksluxuryescapes.com We will try to comply with your request(s) as soon as reasonably practicable. Please note that if you opt out of receiving marketing from us, we may still send you important administrative messages, from which you cannot opt out.
If you have chosen to create an account with us using a social media network, we will have access to the information set out in Section 2 (‘What personal data do we collect via the Services?’) above. If you would prefer that we do not have access to this personal data, you can create an account using only your email address.
Likewise, we may need your contact, identity, technical and/or usage data to respond to a question you have asked us.
We need to comply with a legal or regulatory obligation
In certain circumstances, we may need to retain or use your personal data to comply with regulations and/or the law.
How we share personal data
We will share your data:
With our trusted third party service providers
These include:
-
When you request Services that will be fulfilled by a third party (such as a restaurant, theater or gallery, for example), we will share your details with that third party (our “Suppliers”). We will only disclose your personal data to Suppliers to the extent necessary for the Service(s) you have requested. This will typically include your identity and contact data.
-
We share certain information with our information technology providers, such as website and mailing list hosts, and third party screening tool service providers, where appropriate for the purposes set out in this notice.
-
We may also share data with analysts, consultants and other professional advisors whom we retain for advice in respect of our business operations.
-
We will only disclose your data to third party service providers under terms of confidentiality, and they will only use your personal data for the purposes stated in this notice.
As noted above, we do not share your payment and transaction data with our payment processors - instead, you provide it to them directly. The only exception to this is if we suspect that your account is being misused, in which case we may discuss certain aspects of your payment and transaction data and/or identity details (where available) with our payment processors.
We will also share your personal data with other third parties and suppliers, but only if you ask us to do so (for example, if you ask us to make a booking on your behalf).
With other members of our Services
Where we provide the functionality, you may choose to share some of your profile information with other members of the Services. We will never make your profile visible to other members without your express consent.
With our affiliates
We will share personal data with our affiliates, Capital One Financial Corp and Capital One subsidiaries or affiliates, including affiliates in the United States, for the purposes described in this privacy notice.
If you choose to share it via social media
Where we provide the functionality, you may choose to share some of your information from our Services with your friends, followers, or contacts on social media.
Your personal data may be disclosed or transferred to potential or actual buyers of, investors into or lenders to our business or any of our assets, or any of the advisors or representatives of the above. If so, we will ensure that appropriate confidentiality terms are in place.
Other disclosures
On rare occasions, we may share personal data when we believe it is necessary to comply with the law, regulation or legal request (including a court order, law enforcement request or government inquiry); to enforce or apply our terms of use or other agreements; in the context of a sale, business transaction, business reorganization or restructuring exercise; or to protect the rights, property, or safety of our business, our employees, our users, or others.
Children
Our Services are not intended to be used by any individuals under the age of 18 and we do not knowingly collect personal data directly from individuals under 18.
International transfers
Our Services are hosted on servers located worldwide. We also use cloud-hosted software solutions which are located in the US, UK, and European Economic Area (EEA).
As such, transfers of personal data may take place to countries that have different data protection rules than are found in the country where you are from, including to other Turks Luxury Escapes affiliates or Suppliers, as required to provide the Services.
As required by applicable law, we implement safeguards to protect your personal data when we transfer it outside your country of residence. For example:
-
For transfers from within the EEA to outside the EEA, we ensure a similar degree of protection is afforded to it by ensuring that at least one of the following safeguards is implemented:
-
Adequacy Decisions: Some countries outside of the EEA and UK are recognized by the European Commission and the UK government, respectively, as providing an adequate level of data protection according to EEA/UK standards (the full list of these “specified countries” is available here). The UK recognizes the EEA member states, the specified countries and certain other countries as providing an adequate level of data protection according to UK standards (the full list is available here).
-
Adequate Measures: For transfers from the EEA or UK to countries not considered adequate by the European Commission or the UK government (as applicable), we have put in place adequate measures, such as standard contractual clauses adopted by the relevant authority, to protect your personal data. You may obtain a copy of these measures by emailing info@turksluxuryescapes.com
-
Data security / Sensitive data
The safety of your personal data is of paramount importance to us, and we seek to use various reasonable technical, organizational, and administrative measures to help ensure that your data is secure.
However, no transmission of information via the internet or electronic storage can be guaranteed to be completely secure. If you have reason to believe that your interaction with us is no longer secure, please immediately notify us in accordance with the “About Us” section above.
Unless we request it, we ask that you not send us, and you not disclose, any sensitive data on or through the Services or otherwise to us.
How long we keep personal data
We will only retain your personal data for as long as necessary to fulfill the purposes we collected it for, consistent with our legal requirements.
The criteria used to determine our retention periods include:
-
The length of time we have an ongoing relationship with you and provide the Services to you (for example, for as long as you have an account with us or keep using the Services);
-
Whether there is a legal obligation to which we are subject (for example, certain laws require us to keep records of your transactions for a certain period of time before we can delete them); or
-
Whether retention is advisable in light of our legal position (such as in regard to applicable statutes of limitations, litigation or regulatory investigations).
In some circumstances we will anonymize your personal data (so that it can no longer be associated with you) for research or statistical purposes, in which case we may use this information indefinitely without further notice to you.
Third party links
Our Service may contain links to third party sites whose information practices may be different than ours. Please consult all third party sites’ privacy notices, as we have no control over information that is submitted to, or collected by, third parties.
Your rights
You have the right to:
-
require us to rectify the personal data we hold about you, where any personal data is incorrect;
-
require that we restrict or suppress the processing of your personal data;
-
request access to the personal data that we hold about you;
-
require that we delete the personal data we hold about you;
-
require that we provide you with the personal data that we hold about you in a structured, commonly used and machine-readable format;
-
object to, or withdraw your consent to, our using your personal data (which will not affect the lawfulness of processing prior to the withdrawal);
-
to be free from unlawful discrimination for exercising your rights.
Exercising your rights
We will respond to your request consistent with applicable law. In your request, please make clear what personal data you would like to have changed or whether you would like to have your personal data suppressed from our database. For your protection, we may only implement requests with respect to the personal data associated with the particular email address that you use to send us your request, and we may need to verify your identity before implementing your request. We will try to comply with your request as soon as reasonably practicable.
Please note that we may need to retain certain personal data for recordkeeping purposes and/or to complete any transactions that you began prior to requesting a change or deletion (e.g., when you make a purchase or enter a promotion, you may not be able to change or delete the personal data provided until after the completion of such purchase or promotion).
You also have the right to lodge a complaint with the ICO, who may be contacted here. For the EU, a list of data protection authorities is available here. We would, however, be grateful if you would contact us in the first instance so we can endeavor to deal with your concerns directly.
If you wish to exercise any of these rights or know more about our privacy practices, please contact us at info@turksluxuryescapes.com Alternatively, you can contact our EU representative at datarequest@datarep.com.
Changes to this notice or your personal data
We may amend or modify this privacy notice from time to time. We will post any revised notice on this site and on our App, and if the changes are significant, we will notify you by email.
It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your relationship with us by contacting info@turksluxuryescapes.com