Address:Rm22 2/F Fu Tao Building, No.98 Argyle Street, Mongkok, Kowloon, Hong Kong.
Privacy Policy
VoyageCopilot understands and respects the importance of your privacy and we are committed to safeguarding personal information.
We endeavour to ensure that your personal information is handled in accordance with "Data Protection Legislation". References to "Data Protection Legislation" in this Privacy Policy mean any law applicable to VoyageCopilot from time to time relating to the processing of personal data and/or privacy as in force as at the date of this Privacy Policy, or as re-enacted, amended, superseded, repealed or consolidated, including without limitation the EU General Data Protection Regulation 2016/679 ("EU GDPR"), the Data Protection Act 2018, the UK Privacy and Electronic Communications (EC Directive) Regulations 2003, the ePrivacy Directive 2002/58/EC as implemented in the relevant European Economic Area ("EEA") member state and "UK GDPR" (which is the EU GDPR as it was transposed into UK law on 1 January 2021).
Please read this Privacy Policy to see how we use and protect your personal information. We also have a Cookie Policy which explains how we use cookies and other similar technologies. From time to time, we may make changes to these policies, so please re-visit these pages regularly if you want to keep up to date with any changes we’ve made. Where we update such policies we will indicate its effective date or the date it was posted. We encourage you to review the changes carefully. If you continue to use our services we will assume that you understand that we have made those changes. Where you are providing information on behalf of another individual, such as a fellow traveller, it is your obligation to draw their attention to this Privacy Policy and the information contained herein as to how we may process their personal information.
Our Privacy Policy covers all the platforms through which you choose to interact with us, including our mobile-enabled and social media sites and our VoyageCopilot app (the "App") (together, the "Sites"). By giving us your personal information, you understand that we will transfer, store or process your data in accordance with this policy.
By making a booking or submitting any personal information via our channels, you understand that we will handle your personal information as set out below, including to provide that information (where relevant) to your "Service Providers" (being the third parties that you have selected as part of your booking, such as hoteliers, airlines, insurers and transfer providers). If you object to us using your personal information in these ways, unfortunately we may not be able to process your booking or other requests and you shouldn’t use our Sites.
What kind of personal information do we collect?
When you book through us, you need to provide certain information such as your name, address, e-mail, phone number and payment and voucher information. If you happen to fill in the booking pages but for some reason don’t actually complete the booking, you will still be considered to have provided us with your information.
If you contact us, whether by livechat, voice, SMS, e-mail, through the App or by another method, you’ll be asked to provide certain information which we will collect. This is likely to include your name, address, e-mail address and phone number so we can respond to you appropriately.
There are also other instances when you’ll provide us with information, for example if you register to manage your booking via the App or our website, leave a review, enter one of our competitions, complete a survey, sign up for marketing communications or register for price alert or deal alert notifications. In addition, in order to effectively manage your booking with some of your Service Providers (such as certain airlines), it may be necessary for us to create an additional user account on your behalf with those Service Providers (a "Unique Booking Profile").
Where you provide us with (or another person on your behalf provides us with) special category personal information about
- your health (including with respect to any mental or physical health condition that may be relevant for your booking or query or any information relating to Covid-19)
- your sexual orientation (such as to ask us about our couples' holidays),
and we have your consent (or another legal basis under Data Protection Legislation) to do so, we may (i) collect and store this information and (ii) provide this information to your Service Providers and/or (in the case of Covid-19) relevant health and/or government bodies. If you do not provide your consent to our processing of this information, we may be unable to notify your Service Providers and/or relevant health and/or government bodies (to the extent that your consent is required for us to do so). Where another person has provided that information to us on your behalf, it is their responsibility to obtain your consent to do so.
Information you give to us about others in your party
If you’re booking with others or for someone else, you will have to give us their information as well, for example their name and date of birth. It’s your responsibility to ensure that they are aware that you have done so, and also accept how we use and process their information as well as yours. In particular, we will require you to confirm that, where you are providing information on behalf of another traveller regarding their health with respect to Covid-19, you have obtained their consent to our processing of such information, including to (i) collect and store this information and (ii) provide this information to your Service Providers and/or relevant health and/or Government bodies.
What information do we collect automatically?
When you visit our Sites we automatically collect certain information such as the device IP address, the date and time you visited, the hardware, software or particular browser used and information about your visit, including any pages you viewed and interacted with. We do this automatically, even when you don’t actually make a booking.
If you’re using a mobile device to reach us, we keep data that identifies your device, location details and any specific settings. For more information on this, please see our Cookie Policy.
Information we get from others
We might also get information about you from other sources, such as your Service Providers, affiliates and other third-parties like credit reference agencies, payment processors, search engines or social media sites. We may use this information with other information you provide in order to complete or process your booking. We will notify you when we receive information about you from them and the purposes for which we intend to use that information.
If you use social media sites such as Facebook, Twitter and Instagram, booking search engines or personal banking sites, these sites are operated by third parties and they may share your personal data with us. We recommend you routinely review the privacy notices and preference settings of such information sharing platforms. We will respect any permissions you have set on those platforms regarding our use of your personal information collected via those sites.
What exactly do we do with your personal information?
Your personal information could be used in the following ways:
Processing your bookings: Put simply, we have to use your personal information and financial and other information provided by you to ensure the services you’ve selected with your Service Providers, which may include flights, hotels, transport, insurance and other ancillary products, are provided to you, or, where such services have been cancelled, to process and progress refund requests. As part of this, we will need to use your personal information to make bookings on your behalf. Where applicable, we will use your Unique Booking Profile to access your bookings so that we can view, administer and, where necessary, modify your booking, and give you notice of any cancellations or modifications to your booking. We will also need to monitor the status of (and handle correspondence in connection with) your bookings, for example to deal with and monitor and send on to you communications from your Service Providers relating to any rescheduling arrangements that might be required. We need certain information about you and your party so we can fulfil the contractual obligations when you make a booking including, where relevant, arranging direct payment using your financial information or redeeming vouchers provided by you for the relevant services or have been made.
User Accounts: The information that you provide when you set up an account allows us to provide you with additional services including the ability to manage your bookings, personal settings, save search results and access to special offers and ensure that your manage my booking account can only be accessed by you in a secure manner.
To communicate with you about your booking: We’ll need to contact you using the email or telephone number you provided or if you choose, through our App, to give you information relevant to your arrangements. For example, to confirm your booking, notification of any changes, security alerts or send administrative messages about your arrangements and reminders.
Customer Services: We may use your personal data to respond to and deal with any complaint or query or request which you contact us with. As part of our customer care procedures, we may also follow-up by letter, phone, SMS, email, or via social media with customers who have travelled with us, for example to resolve a complaint or to ask for a testimonial. You can contact us at any time, whether this is a general query, a question about your booking or to report an issue. You can do this through Manage My Booking on our website, via the App, by live chat, telephone or via social media. We’ll use the information that you’ve given us to answer any questions and respond to your query or other queries you might have in the future. If you do contact us by telephone, your communications may be recorded and monitored for contractual reasons, quality control purposes, analytics, staff training, to protect us in the event of a legal dispute and/or in connection with our third party supplier processing (see below). Any personal data obtained from you will be treated as set out in this Privacy Policy. Recordings are only kept for a limited period and then automatically deleted, unless we’ve got a legitimate interest in keeping them for a longer period and that is not overridden by your rights. We may also use your personal data to comply with your requests to exercise your rights under Data Protection Legislation.
VoyageCopilot may also process your personal data, including previous purchases and preferences, to provide you with a more streamlined and improved service, such as to help suggest alternative hotel and flight selections if your original selection is cancelled or to address common customer queries via our chat function. For example, our chat function may require you to provide certain information to verify your identity before we put you through to a member of our customer services team.
In addition, on occasion VoyageCopilot's use of certain automated processes may involve profiling (including making a decision based on the profile generated) and any such processing is always carried out in accordance with Data Protection Legislation. Please note that in such situations, you will always still be able to liaise with our customer service staff to seek alternative suggestions or address your queries. For example, VoyageCopilot may utilise an automated decision-making process which combines certain categories of your personal data relating to your booking (such as travel destination and information regarding travellers in your party) with various categories of non-personal data (such as destination border status, flight status, hotel status and FCDO travel advice) to perform the contractual obligations owed to you, in particular, concerning assessing any cancellation and refund rights which you may have pursuant to applicable law and/or our terms and conditions. Please contact sales@voyagecopilot.com if you have any queries and/or wish to contest any such decisions.
Personalisation of your experience: We sometimes use your data and information regarding your interaction with our website to develop a single profile of you as our customer to enable us to show you the most relevant products and services we think you’ll be interested in on our Sites and in our App and to communicate these with you, such as the best deals and special offers for destinations you like or have been to previously. If you register for a price alert service or a deal alert service, we will use your data to provide you with price alerts for the holiday you have selected or alerts for search results within the parameters you have selected (as applicable).
Marketing: Where you make a booking and haven’t specifically opted-out (or in any other case, if you have opted-in or signed up to marketing communications), we may contact you with information about other products and services that we offer that are similar to those that you have already purchased or enquired about and we think may interest you based on your personal information or profile. Don’t worry, you can opt-out of these emails at any time. You may still receive service-related communications from us. For example, to confirm your booking, notification of any changes, security alerts, administrative messages about your arrangements and reminders. Where you make a booking and haven’t specifically opted-out (or in any other case, if you have opted-in or signed-up to marketing or push communications), we may use your personal data to generate targeted messages or marketing where you receive notifications directly from applications on your mobile device. If you do not want to receive such push notifications from us, you can change your permissions via your mobile device settings at any time. Price alerts and deal alerts which you have requested can be turned off using the online subscription management tool. We endeavour to ensure that our marketing practices comply with the relevant Data Protection Legislation.
We may use your personal data to generate targeted marketing on various social media sites, including, but not limited to, Facebook. The relevant social media provider will also be considered a controller of your personal data in respect of any targeted marketing it carries out on our behalf and will be able to tell you more about how they use and process your personal data. We therefore recommend you routinely review the privacy policies, privacy notices, terms and conditions and preference settings that are available to you on social media platforms. If you do not wish to receive such targeted marketing generally, you are able to switch this off within the social media site. If you do not want to receive such targeted marketing from us, please contact us on sales@voyagecopilot.com or using the contact details below.
Promotional Activities: If you take part in any of our promotions (such as surveys or competitions or gift card promotions) we will need to use the information you provide to run these promotions.
**Improving our services and the services of our third party partners:**Sometimes we might use your personal data, and information about the way you use and access our Sites and App, to help us improve the design and functionality of our website or App or for training and quality control purposes. This could include eliminating bugs in our system, data analysis, testing, customer service quality review and for statistical and survey purposes, all of which helps us improve the service we offer. In some circumstances we may send data about our website and App users in aggregate, anonymised or pseudonymised form to third parties for them to provide these services to us. We also provide our customer communications data to our third party partner Twilio as controller to improve their services. The sharing of personal data with third parties is explained in more detail under "When do we share your data with third parties?" below. Our web system collects information about each visitor, including IP address, the length of time spent on the website and the order in which pages are visited. Our website may use technologies to help analyse how users navigate our web pages, links and forms and helps us provide you with a good experience when you browse our websites and improve the content of our marketing. You can change the way your browser manages cookies, which may be used to deliver online advertising, by following the settings on your browser. For further information on our use of cookies, please see our Cookie Policy.We may also use technologies to understand how you engage with communication material that we send to you, such as emails, including the action you take such as any links in them that you click on, your duration and frequency of your engagement with the email.
Security: We may use your data as part of the efforts to keep our Sites (and the information you provide to us) safe and secure, and to prevent fraud or unauthorised access/use of our Sites and/or your user account on our Sites.
Fraudulent Claims: We may use your personal information provided along with other publicly available information (including on social media) and information provided to us by third parties in order to prevent, detect or defend any claims/actions we believe to be potentially fraudulent or detrimental to our legitimate interests.
Legal and regulatory compliance: We might need to use your information in relation to any legal disputes, insurance claims, regulatory, compliance or criminal investigations, or if necessary to enforce our rights. This may include reviewing information which you have made publicly available and which may be relevant to any claim (including information available on social media sites). We may use your information to meet our regulatory obligations, including liaising with regulatory authorities and for our own internal audit purposes, to comply with applicable laws and regulations and to comply with lawful requests by public authorities, health authorities, discovery requests, or where otherwise required or permitted by applicable laws, court orders, government regulations, or regulatory authorities.
Covid-19: We might need to use your information in relation to managing your booking with us or to comply with our legal and regulatory obligations.
Business transaction: We might need to use your information for planning, due diligence and implementation in relation to a commercial transaction or service transfer that affects customers, for example mergers and acquisitions or a sale of all or part of our business.
When we process your information as described above, we will be relying on one or more of the following legal rights:
Performance of a contract: We need to use your information to carry out the contract that you have with us and your Service Providers and where necessary to take any steps requested by you prior to entering into that contract. We’ll use the information that you provide us when making a booking and, where applicable, your Unique Booking Profile(s) in accordance with the relevant Data Protection Legislation to conclude and process the reservations with your Service Providers.
Consent: You may be asked to consent to us sending you marketing and promotional material or to us using a testimonial and photos you have provided. If you do kindly give us this consent, we’ll rely on this consent when contacting you. You can always withdraw your consent to marketing at any time by simply unsubscribing – just follow the unsubscribe link in the email and it’s done. If you register for price alerts for a selected holiday or deal alerts for your selected parameter, we will action your request and rely on your consent to send these to you. You can withdraw your consent by turning off the relevant request using the online subscriptions management tool. You can withdraw your consent to the use of a testimonial and photos you have provided by emailing sales@voyagecopilot.com
Legitimate interest: We may use your information for our own legitimate interest, for example to provide you with the most relevant content on our Site or to promote new services and for certain administrative and legal purposes such as in connection with the sale of part or all of our business. If you fail to complete a purchase and did not opt out to such communications at the time, we may send you some follow-up emails to try and help you, or seek your feedback or offer you alternative products related to your selection. We may use your Unique Booking Profile(s) for our legitimate interest of monitoring the status of your booking with your Service Providers so that we can provide you with necessary information and take any necessary actions in order to provide our services to you.
Compliance with our legal obligations: In some cases, we will have a legal obligation to collect personal data from you (for example, for us to comply with tax laws which require us to collect and retain records of products and services that we sell).
Vital interests: It may also be necessary for us to process your personal data to protect your vital interests or those of another person (for example, if you are involved in an emergency and we need to provide the details which we hold about you to the emergency services).
Where that processing involves your special category personal data, such as information relating to your health, racial or ethnic origin, religious beliefs or sexual orientation, or information relating to criminal offences or proceedings, we may also rely on the following bases for processing:
Consent: You may also give us your consent to our processing of your special category personal data such as information about your health with respect to Covid-19 or otherwise listed at "What kind of personal information do we collect?". If you do give us this consent, we may (i) collect and store this information and (ii) provide this information to your Service Providers and/or relevant health and/or (in relation to Covid-19) government bodies. You have the right to withdraw this consent at any time and you can do this by using the appropriate email address set out in the Contact Us section below.
Vital interests where you are unable to consent: It may also be necessary for us to process your special category personal data to protect your vital interests or those of another person where you are physically or legally incapable of providing your consent (for example, if you are involved in an emergency and we need to provide your health information, such as allergies, to the emergency services).
Necessary for the establishment, exercise or defence of legal claims: For example, if you have an accident whilst on holiday with us, or seek to obtain a refund because you can no longer holiday with us as a result of your COVID-19 health status, and we need to process your health information to establish your claim. We may also rely on this ground where we process your personal data relating to criminal convictions or offences, for example where we may need to investigate to assess whether you have committed a crime.
Necessary for carrying out our obligations as an employer: For example, if you are a spouse or partner of one of our employees and listed as their emergency information or next of kin, that may inadvertently reveal certain of your special category personal data relating to your sexual orientation.
Substantial public interest: It may be necessary for us to process your personal data relating to criminal convictions or offences, such as in connection with the prevention and/or detection of unlawful acts or fraud.
How do we store your data?
Any information that you provide is stored on secure servers and all payment transactions on our Sites are encrypted. Only authorised personnel are permitted to access your information in the course of their work with us. Whilst we do our best to protect your information, no information transferred over the internet or stored electronically can be guaranteed to be completely secure and you provide your information to us at your own risk.
We’ll only retain your information for a reasonable period of time, or for so long as either you or Data Protection Legislation allows. When we have no ongoing legitimate business need to process your personal data (for example, to provide products or services to you or to retain records to manage any claims which you or we may have in respect of the products and services we provide to you), we will either delete or anonymise it or, if this is not possible (for example, because your personal data has been stored in backup archives), then we will securely store your personal data and isolate it from any further processing until deletion is possible.
When you pay for your holiday on our site, or otherwise make a payment on our Sites, we don’t store your full card details – instead we store the last 4 digits of the card and use an encrypted authorisation ‘token’ issued by your payment provider to collect the payment, or remaining payments if you chose to pay by instalments.
When do we share your data with third parties?
In certain circumstances we may share the information you provide to us with organisations outside of VoyageCopilot in addition to sharing internally with other members of the VoyageCopilot group. The third parties who we might share your data with include:
Your Service Providers: If you make a booking, we’ll have to share your booking data with your Service Providers to complete your booking contract, such as the hotel you're booking to stay at or the flights you've selected. We may need to share your financial information with certain third parties to purchase the relevant services from them in your name. The data shared may include your name and the names and ages of any guests travelling with you, any preferences or special requests you told us about when you made your booking and your contact details. If you contact us with a query about your booking, we may pass this on to your Service Providers if their assistance is needed to answer you. Where we have your consent (or another legal basis under Data Protection Legislation) to do so, we may provide information about your health or the health of members of your party with respect to Covid-19 to your Service Providers. We will take all reasonable steps to ensure that your data is handled securely but we cannot guarantee the same level of data protection by your Service Providers
Our third party suppliers: These include anyone who provides support services or functions on our behalf, including payment card orchestration and processing, business analytics, review agencies, customer support platform providers, insurers, legal and other advisers, auditors and accountants, and other third parties carrying out advertising, administering competitions and surveys and/or, gift card administration, collating customer feedback and customer support services. This may be to send you marketing material on our behalf, to collate information that can be analysed to improve our service and/or to receive legal or financial advice or make claims on our insurance. They have access to and may collect information only as required to perform their agreed functions and are not permitted to share or use information for any other purpose. Please note that while we shall impose appropriate contractual protections on them we cannot guarantee the same level of data protection by the third party suppliers.
Payment Processors and other financial institutions: When you make a payment on your booking, we use a third-party payment orchestrator and a third-party payment processor to take your payment. One of the third-party payment processors we use on our Sites is Nuvei, who act as a data controller in respect of the personal data you provide to them for such purposes: their privacy policy can be found on their corporate website . If you request a chargeback or a refund is due on your booking, it may be necessary for us to share certain details with the payment processor and the relevant financial institution, so they can manage the chargeback or refund accordingly. This may include a copy of your booking confirmation, financial details and the IP address that was used to make your booking.
Framed Websites: On occasion, we may provide a 'frame' of a third party website on our Website, such as the websites of payment processors or third parties that provide information about travel restrictions or entry requirements, or e-visa services. Please note that if you access that frame, you are accessing that third party website and we may need to provide them with certain limited information, such as your IP address, to enable you to interact with that website. Where this is the case, we will make it clear that you are accessing a third party website , however, please note that we have no control over that website and we encourage you to read the terms of use and privacy policies of these framed sites, because they will differ from ours. Please see section 5 of our Website Terms of Use for more details.
Referring websites: If you were referred to our Site(s) via another webpage, we may share some information about you with that referring website so that they can contact you about their products and services, which may include Google Analytics.
Business Affiliates: We may share your data with our business affiliates with whom we offer relevant joint services. This may include other agencies and advertising networks. We do this in order to maximise the services that we provide you and where you have provided your consent, they may contact you directly about their relevant products and services that may interest you. You can withdraw your consent to this sharing and/or unsubscribe from these emails at any time.
Law enforcement authorities: We will disclose personal information insofar as it is required by law or where we believe it is necessary for the prevention, detection or prosecution of potentially criminal acts, including for fraud, immigration, customs, security or anti-terrorism purposes.
Health and/or Governmental bodies: Where we have your consent (or another legal basis under data protection legislation) to do so, we may provide information about your health or the health of members of your party with respect to Covid-19 to relevant health and/or Government bodies.
Please note that whilst we have procedures and security features to protect your information from access by unauthorised persons and against unlawful processing, accidental loss, destruction and damage, we don’t control the privacy practices of any of these third-parties or your Service Providers and we would encourage you to review their own privacy policies where appropriate.
Furthermore, any information that you provide directly to your Service Providers or other suppliers is not covered under this Privacy Policy and we would urge you to check their own privacy policies before handing over any personal information.
What rights do you have in relation to your personal information?
You have the following rights in relation to the personal information that we hold about you:
You may request a copy of the personal information we are keeping about you by submitting a Data Subject Access Request to us at the below address.
You may ask that we correct any inaccuracies in the data.
You may ask us to transfer the personal data you provided to us to another party or provide it to you so you can transfer it to another party yourself.
You can ask us not to process your personal information (or where we are relying on your consent, you may withdraw that consent) for marketing purposes at any time by sending a request to the below address or clicking ‘unsubscribe’ on any of the emails that we send to you. Where you have signed up for price alerts or deal alerts, you can use the online subscription management tool to turn off the relevant alert.
You have the right to request that we delete all personal information that we hold about you. If there is no other reason beside you providing your consent for us to hold your data or we otherwise have no legal basis to hold it, we will delete it upon receiving your request.
You have the right to object to or request that we restrict our processing of your personal information. Where we are not otherwise permitted by Data Protection Legislation to continue such processing, we shall comply with such request.
If you would like to exercise any of your above rights, please contact us at sales@voyagecopilot.com writing ‘Data Subject Access Request’ in the subject line. We will deal with any requests we receive in accordance with the relevant UK Data Protection Legislation.
If you feel we haven’t handled your personal data correctly, you have the right to complain to your local data protection authority. If you are resident in the United Kingdom the Information Commissioner’s Office is the relevant data protection authority – further information is available on .
Transfers of personal data outside the UK or EEA
Due to the nature of our business and the arrangements you have chosen, it may be necessary for your personal data to be transferred to, and stored at, a country outside the UK or EEA, including but not limited to other members of the VoyageCopilot group and third parties. We will only transfer personal data outside the EEA or the UK where it is necessary to arrange your booking, where you have given us your consent or where one of the following safeguards applies:
- the transfer is to a country which has been assessed by the relevant body (either the European Commission or the equivalent UK body) as ensuring an adequate level of protection for personal data; or
- where there is no other mechanism available for transferring data, a written agreement has been entered into between the relevant parties which incorporates the "model clauses" as approved by the European Commission (or some other form of data transfer mechanism approved by the European Commission) to protect your personal information as required by Data Protection Legislation. A copy of the model clauses can be found on the European Commission website or at .
By submitting your personal information to us, you acknowledge the transfer, storing or processing of your personal information outside the UK or EEA.
What about data that is collected through a mobile device?
This Privacy Policy also applies to our collection of your personal information through your mobile device. Mobile devices can be used to access our services, as well as versions of our regular website that have been optimised for mobile and tablet browsing. These mobile sites work in a similar way to our main website. Sometimes we make use of something known as cross-device tracking, which allows us to track user behaviour across different devices. We use this to optimise the service that we provide you and for marketing activities, so advertisements shown to you on other websites may be offered based on your activities on linked devices (please see our Cookie Policy for further information on this).
How do we treat personal information of children?
You are only allowed to use this site or the App if you are over 18 years of age. We only process information about children with the consent of the parents or legal guardians.
How can you contact us?
If you have any questions about this Privacy Policy or wish to exercise any of your rights under it, please contact us at:
Email: sales@voyagecopilot.com
All persons resident in the Hong Kong and Northern Ireland should continue to use the above contact details to raise queries or exercise such rights.
EU GDPR Representative
VoyageCopilot is established in the Hong Kong but may have customers who are individuals who are resident in the EEA.
If you are resident in the EEA and you have any queries or complaints in respect of our data processing activities and wish to contact us please contact us at:
Email: sales@voyagecopilot.com