Flight Centre Travel Group is one of the world's largest travel agency groups. We need to collect,  use and disclose personal information in order to perform our business functions and activities,  including making and managing travel bookings on behalf of our customers. We are firmly committed  to protecting the privacy and confidentiality of personal information/personal data and to  maintaining various physical, electronic and procedural safeguards to protect personal information  in our care.

This Privacy Notice (“Notice”) sets out how this Flight Centre Travel Group business or application processes and protects the privacy of your personal information. It applies to all individuals with the  exception of residents of California (see section 2). 

For the purposes of the General Data Protection Regulation 2016/679 (“GDPR”) and other similarly  situated legislation we are a “data controller” (or equivalent) for the processing of personal  information you provide to us in connection with:  

• our provision of business travel products and services;  
• event management services;  
• the provision of leisure travel products and services; and 
• for the purpose of all our marketing activities. 

There may be instances where your local data protection laws impose more restrictive information handling practices than the practices set out in this Notice. Where this occurs, we will adjust our information handling practices in your jurisdiction to comply with your local data protection laws.

Residents of California must refer to our California Consumer Privacy Act (“CCPA”) Privacy Notice,

accessed via this link. Our CCPA Privacy Notice sets out how Flight Centre processes personal

information in compliance with California law including the CCPA.

Personal information has the meaning given under your local data protection law and, where the  GDPR applies, the meaning of personal data given under the GDPR. Personal information generally  means information which relates to a living individual who can be identified from that information,  or from that information and other information in a person’s possession, including any expression of  opinion, whether true or not, and whether recorded in material form or not, about an identified or  reasonably identifiable individual, and any indication of intention in respect of an individual.  

Generally, the type of personal information we collect about you is the information that is needed to  facilitate your travel arrangements and bookings and to arrange travel related products and/or  services on your behalf.  

We therefore typically process the following types of personal information about you: • Identifiers 

• contact information (such as name, residential/mailing address, telephone number,  email address);  
• date of birth; 
• passport details, national identity card details, driver’s license details;  
• online identifiers (such as IP address, device data, and network information);
• loyalty program / frequent flyer details; 

1. Commercial Information, including records of products or services purchased, obtained, or  considered, or other purchasing or consuming histories or tendencies; 
2. Biometric information; 
3. Internet or other electronic network activity (such as the device and network you are using  to connect with us), as further described in section 12;  
4. Geolocation data;
5. Audio (such voice recordings for quality control, service improvement, training and dispute  resolution), electronic and visual information (such as video surveillance footage) used for  security purposes,
6. Professional or employment-related information;
7. Payment account information (credit/debit card details, including card type, card number,  security number and expiry date and other financial details necessary to process various  transactions);
8. Health information such as your dietary requirements and health issues (if any); and
9. Other details relevant to your travel arrangements or required by the relevant travel service provider(s) (e.g., airlines and accommodation or tour providers).

When you contact us for other purposes, we may also collect personal information about you in  relation to those purposes. For example, we may collect your personal information so we can contact you about a competition you have entered (e.g., if you win), or to respond to an enquiry or complaint  you have made, or feedback you have provided to us. We also collect information that is required  for use in the business activities of Flight Centre and our related entities, including for example,  financial details necessary to process various transactions, and other relevant personal information  you may elect to provide to us.

In some circumstances, we may collect personal information from you which may be regarded as  sensitive information under your local data protection laws. Sensitive information may include  (without limitation) your racial or ethnic origin, philosophical or religious beliefs or affiliations, sexual  orientation, membership of political, professional or trade associations (for use in booking special  rates), biometric and genetic information, passwords, financial information and health information.  Please note that, when necessary for travel arrangements, we may collect from a responsible adult  personal information relating to a child of any age, but we do not knowingly collect any such  information directly from children.

We will only collect sensitive information in compliance with your local data protection laws, with  your explicit, voluntary consent and where it is reasonably necessary for, or directly related to, one  or more of our functions or activities (e.g., to provide travel-related products and services), unless  we are otherwise required or authorised to do so by law. To the extent permitted or required under  your local data protection laws, you voluntarily consent to us using and disclosing your sensitive  information for the purpose for which it was collected. For example, if you provide health information  to us in connection with a travel insurance application you would like to make, you voluntarily  consent to us using and disclosing that health information in connection with arranging that travel  insurance on your behalf. A further example is if you disclose your religious beliefs to us because  you are interested in, for example, certain holiday packages, in which case you voluntarily consent  to us using and disclosing that information in connection with facilitating your request. We will not  use or disclose sensitive information for purposes other than those for which it was collected, unless  we subsequently request and receive your voluntary consent to use it for another purpose.

We will only collect personal information in compliance with your local data protection laws. We usually collect your personal information directly from you during the course of your relationship with us. We will collect this information directly from you unless it is unreasonable or impracticable to do so.

Generally, this collection will occur: 

• when you deal with us either in person, by telephone, letter, email; 
• when you visit any of our websites; 
• when you use any of our apps; or  
• when you connect with us via social media.  

We may collect personal information about you: 

• when you purchase or make enquiries about travel arrangements or other travel-related  products and services;
• when you enter competitions or register for promotions;
• when you subscribe to receive marketing from us (e.g., e-newsletters);
• when you request brochures or other information from us; or
• when you provide information, or use our services, on social media.

Unless you choose to do so using a pseudonym or anonymously, we may also collect your personal  information (other than sensitive information) when you complete surveys or provide us with  feedback.

In some circumstances, it may be necessary for us to collect personal information about you from a  third party. This includes where a person makes a travel booking on your behalf which includes  travel arrangements to be used by you (e.g., a family or group booking or a travel booking made  for you by your employer). Where this occurs, we will rely on the authority of the person making  the travel booking to act on behalf of any other traveller on the booking.

Where you make a travel booking on behalf of another person(s) (e.g., a family or group booking or  a travel booking made for an employee), you agree to have obtained the voluntary and informed consent of the other person(s) for Flight Centre to collect, use and disclose the other person's  personal information in accordance with this Notice and that you have otherwise made the other  person(s) aware of this Notice.

You should let us know immediately if you become aware that your personal information has been  provided to us by another person without your voluntary consent or if you did not obtain voluntary  consent before providing another person's personal information to us.

We make every effort to maintain the accuracy and completeness of your personal information which  we store and to ensure all your personal information is up to date. However, you can assist us with  this considerably by promptly contacting us if there are changes to your personal information or if  you become aware that we have inaccurate personal information relating to you (see section 15 below). We will not be responsible for any losses arising from any inaccurate, inauthentic, deficient  or incomplete personal information that you, or a person acting on your behalf, provide to us.

Where the provision of services or other business processes is dependent upon you voluntarily  consenting to the collection and subsequent processing of your personal data, if you choose not to  provide your voluntary consent this may prevent us from providing specific services that rely upon  the collection of personal data, or otherwise impact the quality of the services, we can provide you.

Similarly, if you request that we restrict or stop using personal information we hold on you or  withdraw a voluntary consent you have previously given to the processing of such personal  information, this may affect our ability to provide services to you or negatively impact the services  we can provide to you. For example, most travel bookings must be made under the traveller's full  name and must include contact details and appropriate identification (e.g., passport details). We  cannot make bookings for you without that information.

Any voluntary consent you provide for the collection, use and disclosure of your personal data will  remain valid until such time as you withdraw your consent in writing. You may withdraw consent  and request us to stop collecting, using and/or disclosing your personal data by submitting your  request in writing using either the links provided in section 15, or by emailing/writing-to our Privacy  teams via the contact details provided in section 15. Please note that withdrawing consent does not  affect our right to continue to collect, use and disclose personal data where such collection, use and  disclosure without consent is permitted or required under applicable laws.

For the retention of personal data, we may retain your personal data for as long as it is necessary  to fulfil the purposes for which they were collected, or as required or permitted by applicable laws.  We will cease to retain your personal data, or remove the means by which the data can be associated  with you, as soon as it is reasonable to assume that such retention no longer serves the purposes  for which the personal data were collected, and are no longer necessary for legal or business  purposes.

We will only process your information, where:  

• you have given your voluntary consent to such processing (which you may withdraw at any  time, as detailed at section 4 above); 
• the processing is necessary to provide our services to you; 
• the processing is necessary for the performance of a contract to which you are a party;
• the processing is necessary for compliance with our legal obligations; and/or 
• the processing is necessary for our legitimate interests or those of any third party recipients  that receive your personal information (as detailed in this section and section 6 below).

In detail: Where you contact us in relation to a travel booking or query, the purpose for which we  collect your personal information is generally to provide you with travel advice and/or to assist you  with booking travel and/or travel-related products and services. However, the purpose for collection  may differ depending on the particular circumstances as disclosed in this Notice (e.g., collection of  your personal information for the purpose of your participation in a competition, provision of  feedback, etc.).

When you book or otherwise arrange travel-related products and services through us, we usually  act as an agent for the relevant travel service providers (e.g., for a hotel). In this case, we process  your personal information as necessary so as to provide the services you requested from us. This  usually includes collecting personal information about you both for our internal purposes as described  in this Notice and for the travel service provider for whom we act as agent (e.g., to provide you with  the booked services). For example, if you book a flight through us, then we use your personal  information to enable your flight to be booked and disclose it to the airline to enable the airline to  provide the flight service to you.

We may therefore share your personal information with our travel service providers such as hotel,  airline, car rental, or other providers, who fulfill your travel bookings. Please note that these travel  service providers also may use your personal information as described in their respective privacy  policies and may contact you as necessary to obtain additional information about you, facilitate your  travel reservation, or provide you with your requested services. We encourage you to review the  privacy policies of any third-party travel service providers whose products you purchase through us.  We will provide you with copies of all available relevant travel service provider terms, conditions and  privacy policies on request.

We act as agent for or on behalf of many thousands of travel service providers around the world, so  it is not possible for us to set out in this Notice all of the travel service providers for whom we act  or their locations. For more information about the disclosure of personal information to travel service  providers located overseas, please refer to section 7 below.

If you have any concerns regarding the transfer of your personal information to a travel service  provider, or you wish to contact us for further information, please refer to the “Feedback / Complaints  / Subject Access Requests / Contacts” section below (section 15).

Further purposes for which we process personal information include:

• providing you with services and tools you choose to use (for example, saving travel  preferences on our websites to a wish list or saving personal information to allow for pre population of online forms);
• identification of errors;
• protecting against, deterring, detecting and investigating fraudulent, unauthorised or illegal  activities;
• regulatory reporting and compliance;
• developing and improving our products and services and those of our related entities;
• servicing our relationship with you by, among other things, creating and maintaining a  customer profile to enable our brands to service you better or presenting options on our  website we think may interest you based on your browsing and preferences; 
• the provision of reports, analytics, and dashboards, to your employer on activities comprising  their business travel programme as part of contracted business travel services;
• involving you in market research, gauging customer satisfaction and seeking feedback  regarding our relationship with you and/or the service we have provided; 
• to facilitate your participation in loyalty programs;
• for research and analysis in relation to our business and services, including but not limited  to trends and preferences in sales and travel destinations, and use of our websites; 
• internal reporting, analytics, accounting and administration;
• to comply with our legal obligations, including complying with law enforcement or  government authority requests, and any applicable customs/immigration requirements  relating to your travel;
• to comply with a valid and authorised court order or other valid legal process; and
• other purposes as authorised or required by law (e.g., to prevent a threat to life, health or  safety, or to enforce our legal rights). 

Where permitted by your local data protection laws, we may use your personal information to send you targeted marketing activities relating to our products and services (and those of third parties)  that we think may interest you, unless you have requested not to receive such information. These may include, but are not limited to, mail outs, electronic marketing and notifications as described below, and telephone calls. We will only use your personal information to send electronic marketing materials to you (including e-newsletters, email, SMS, MMS and iM) if you have opted-in to receive them or not opt-ed out of receiving them, depending upon the applicable law. You can subscribe to receive e-newsletters and other electronic promotional/marketing materials by following the relevant links on our website or requesting one of our consultants to do so for you.

Should you no longer wish to receive promotional/marketing material from us, participate in market  research or receive other types of communication from us, please refer to the “Feedback /  Complaints / Subject Access Requests / Contacts” section below (section 15). You can unsubscribe  from receiving electronic marketing materials by following the unsubscribe prompt in your email,  SMS, MMS, iM or other forms of electronic marketing. Please also see the “Your rights” section of  this Notice to learn about your ability, at any time, to opt out or limit the use of your browsing  behaviour for online behavioural advertising purposes (section 9 below).

We do not and will not sell, rent out or trade your personal information. We will only disclose your personal information to third parties in the ways set out in this Notice and, in particular, as set out  below, and in accordance with your local data protection laws. Note that, in this Notice, where we  say “disclose”, this includes to transfer, share (including verbally and in writing), send, or otherwise  make available or accessible your personal information to another person or entity.

Your personal information may be disclosed to the following types of third parties:

• our independent contractors, suppliers and service providers, including without limitation:

1. in each of the circumstances set out in section 5 (“How do we use your personal  information?”); 
2. suppliers of IT based solutions that assist us in providing products and services to you (such as any external data hosting providers we may use);  
3. publishers, printers and distributors of marketing material;  
4. event and expo organisers; 
5. marketing, market research, research and analysis and communications agencies;  o mailing houses, freight services, courier services; and 

• external business advisers (such as lawyers, accountants, auditors and recruitment  consultants);
• our related entities and brands;
• travel-related service providers such as travel wholesalers, tour operators, airlines, hotels,  car rental companies, transfer handlers, travel risk management companies, travel  insurance companies, and other related service providers;
• any third party to whom we assign or novate any of our rights or obligations; 
• financial institutions such as banks, when processing financial transactions;
• credit providers, issuers and payment service providers;
• a person making your travel booking on your behalf, where you are travelling on a booking  made on your behalf by another person (for example, a family member, friend or work  colleague); 
• your employer, where you are an employee of one of our corporate, business or government  clients and you are participating in an event or travelling for work purposes;
• third parties who provide services to our business travel clients, in order to facilitate the  delivery of those services; 
• a person who can verify to us that they have a relationship with you (e.g., a family member)  where you are not contactable, the person correctly answers our required security questions and the request is, in our opinion, in your interest (for example, where the person is  concerned for your welfare or needs to undertake action on your behalf due to unforeseen  circumstances);
• as required or authorised by applicable law, and to comply with our legal obligations;
• customs and immigration to comply with our legal obligations and any applicable  customs/immigration requirements relating to your travel;
• government agencies and public authorities to comply with a valid and authorised request,  including a court order or other valid legal process;
• various regulatory bodies and law enforcement officials and agencies, including to protect  against fraud and for related security purposes;
• enforcement agencies where we suspect that unlawful activity has been or may be engaged  in and the personal information is a necessary part of our investigation or reporting of the  matter; and
• third-party services or applications when you use these to log into your account (e.g., if you use a third-party service or application (e.g., Facebook, Google) to log into your Flight Centre account, we share certain personal information with that third party).

When you engage us to book flights on your behalf, we will provide your personal information (i.e.,  name, email address and/or mobile number) to the relevant airline. This enables airlines to advise passengers of irregular flight operations and disruptions (e.g., flight cancellations, schedule changes)  directly. Similarly, when booking rail journeys we will provide your personal information to the relevant rail provider where required.

Other than the above, we will not disclose your personal information without your voluntary consent unless we reasonably believe that disclosure is necessary to lessen or prevent a threat to life, health or safety of an individual or to public health or safety or for certain action to be undertaken by an enforcement body (e.g., prevention, detection, investigation, prosecution or punishment of criminal offences), or where such disclosure is authorised or required by law (including applicable privacy/data protection laws).  

On our websites, you may choose to use certain features that can be accessed through, or for which we partner with, other entities that are not otherwise affiliated with us. These features, which include social networking and geo-location tools, are operated by third parties, including social networks,  and are clearly identified as such. These third parties may use or share personal information in  accordance with their own privacy policies. We strongly suggest you review the third parties’ privacy policies if you use the relevant features.

We may disclose your personal information to certain overseas recipients, as set out below. We will  ensure that any such international transfers are necessary for the performance of a contract between  you and the overseas recipient, and/or are made subject to appropriate or suitable safeguards as  required by your local data protection laws (e.g., GDPR, China cybersecurity law, etc.).

Flight Centre Travel Group (USA), Inc. d/b/a FCM, Corporate Traveler and FCM Meetings & Events  and WhereTo, Inc. (collectively, the “Flight Centre USA corporate brands”) comply with the EU-U.S.  Data Privacy Framework (EU-U.S. DPF) and the UK Extension to the EU-U.S. DPF as set forth by the  U.S. Department of Commerce. The Flight Centre USA corporate brands have certified to the U.S.  Department of Commerce that they adhere to the EU-U.S. Data Privacy Framework Principles (EU U.S. DPF Principles) with regard to the processing of personal data received from the European Union  in reliance on the EU-U.S. DPF and from the United Kingdom (and Gibraltar) in reliance on the UK  Extension to the EU-U.S. DPF. If there is any conflict between the terms in this Notice and the EU U.S. DPF Principles, the Principles shall govern. To learn more about the Data Privacy Framework  (DPF) program, and to view our certification, please visit https://www.dataprivacyframework.gov/.  The Flight Centre USA corporate brands shall remain liable under the DPF Principles if its agent  processes your personal information in a manner inconsistent with the DPF Principles, unless the  Flight Centre USA corporate brands prove that they are not responsible for the event giving rise to  the damage.

It is possible that information will be transferred to an overseas recipient (other than any of our  overseas related entities) located in a jurisdiction where you will not be able to seek redress under  your local data protection laws and that does not have an equivalent level of data protection as in  your jurisdiction. To the extent permitted by your local data protection laws, we will not be liable for  how these overseas recipients handle, store, and otherwise process your personal information.

We will ensure that any such international transfers are either necessary for the performance of a  contract between you and the overseas recipient or are made subject to appropriate or suitable  safeguards as required by your local laws.

We use key service providers located in India, Indonesia, Philippines, Hong Kong, USA, United  Kingdom, and Australia. We also deal with many different service providers all over the world, so it  is not possible for us to set out in this Notice all of the different countries to which we may send  your personal information. However, if you have any specific questions about where or to whom  your personal information will be sent, please refer to the “Feedback / Complaints / Subject Access  Requests / Contacts” section below (section 15).

(a) Our overseas related entities

Flight Centre operates a global business, including operations in Australia, New Zealand, Canada,  United States, United Kingdom, South Africa, Hong Kong, India, China, Singapore, Japan, the United  Arab Emirates, Kingdom of Saudi Arabia, Ireland, the Netherlands, Malaysia, Mexico, the Dominican  Republic, Costa Rico, Germany, Norway, Sweden, Denmark, Finland, Spain, France and Switzerland.  Your personal information may be disclosed to our overseas related entities in connection with  facilitation of your travel booking and/or to enable the performance of administrative, advisory and  technical services, including the storage and processing of such information. This includes enabling “single sign-on” allowing you to login to a shared account across our brands using a single set of  log-in credentials, which allows us to, for example, show your reservations and bookings made  through the websites, applications, and services of our group companies on your account page, and  allow our group companies to show information in your respective account(s) with them.

(b) Travel service providers located overseas 

In providing our services to you, it may be necessary for us to disclose personal information to  relevant overseas travel service providers. We deal with many different travel service providers all  over the world, so the location of a travel service provider relevant to your personal information will  depend on the travel services being provided. The relevant travel service providers will in most cases  receive your personal information in the country in which they will provide the services to you or in  which their business or management is based.

(c) Our third-party service providers located overseas 

We may also disclose your personal information to third-parties located overseas for the purpose of  performing services for us, including the storage and processing of such information. Generally, we  will only disclose your personal information to these overseas recipients in connection with facilitation  of your travel booking and/or to enable the performance of administrative and technical services by  them on our behalf.

(d) China cyber security law requirements 

Personal information which is collected and generated within the territory of the People's Republic  of China shall only be transferred outside this territory for business reasons or other authorized  reasons. These include the following situations:

1. where the international transfer is required or authorized by the traveler; 
2. when you use our platforms or online booking tools to book overseas hotels, airlines, and  travel related services or products; 
3. to provide reports, analytics, and dashboards of your travel to your employer for activities  comprising their business travel programme as part of contracted travel services; or 
4. to otherwise fulfil the purposes set out in section 5 above.

We are committed to safeguarding and protecting personal information and will implement and maintain appropriate technical and organisational measures to ensure a level of security appropriate to protect any personal information provided to us from accidental or unlawful destruction, loss,  alteration, unauthorised disclosure of, or access to, personal information transmitted, stored or otherwise processed. Flight Centre has implemented various physical, electronic and organisational security procedures in order to protect the personal information it holds from loss and misuse, and from unauthorised access, modification, disclosure and interference. Flight Centre regularly reviews security technologies and will strive to protect your personal information as fully as we protect our own confidential information. Flight Centre is not responsible for any third-party’s actions or their security controls with respect to information that third-parties may collect or process via their websites, services or otherwise.

We will destroy or de-identify personal information once we no longer require it for our business  purposes, or as required by law. 

If you wish to make a Subject Access Request to:

• access, update, modify, rectify, erase, object to, or obtain a copy of the personal information  that we hold on you; or 
• restrict or stop us from using any of the personal information which we hold on you, including  by withdrawing any voluntary consent you have previously given to the processing of such  information; or 
• where any personal information has been processed on the basis of your voluntary consent  or as necessary to perform a contract to which you are a party, request a copy of such  personal information in a suitable machine-readable format or have that personal  information transmitted by us to another controller, 

you can request this by contacting us as set out in section 15 below. You will receive  acknowledgement of your request. 

We will always process your requests within the timeframes set by applicable privacy laws. Please  note we reserve the right to extend this period for complex requests or as otherwise permitted by  applicable law. 

We reserve the right to deny your access for any reason permitted under applicable laws. Such  exemptions may include national security, corporate finance and confidential references. If we deny  access or correction, we will provide you with written reasons for such denial unless it is  unreasonable to do so and, where required by local data protection laws, will note your request and  the denial of same in our records.  

You have the right to lodge a complaint with a relevant supervisory authority. 

Further correspondence regarding your request should only be made in writing to the applicable Chief Privacy Officer as set out in section 15 below.  

You must always provide accurate information and you agree to update it whenever necessary. You  also agree that, in the absence of any update, we can assume that the information submitted to us  is correct, unless we subsequently become aware that it is not correct. 

You can at any time tell us not to send you marketing communications by email by clicking on the  unsubscribe link within the marketing emails you receive from us or by contacting us as indicated  below (section 15). 

In any of the situations listed above, we may request that you prove your identity by providing us  with a copy of a valid means of identification in order for us to comply with our security obligations  and to prevent unauthorised disclosure of personal information. 

To the extent permissible by law, we reserve the right to charge you a reasonable administrative  fee for any manifestly unfounded or excessive requests concerning your access to your personal  information, and for any additional copies of the personal information you request from us. 

This section pertains only to the processing of personal data by us that falls specifically within the scope of the Singapore Personal Data Protection Act (“PDPA”). 

Where voluntary consent to the processing of personal data has not been obtained, we will collect, use and disclose personal data pursuant to an exception under the PDPA or as required/authorised under any other written law. 

Upon receipt of a written request to withdraw your voluntary consent, we may require reasonable time (depending on the complexity of the request and its impact on our relationship with you) for your request to be processed and for us to notify you of the consequences (including any legal consequences which may affect your rights and liabilities to us) of us completing this request. We will never delay our processing of such requests, and in any event will process them in accordance with the timelines set by the PDPA.

Our websites and mobile applications may use social media features and widgets (such as “Like” and “Share” buttons/widgets) (“SM Features”). These are provided and operated by third-party companies (e.g., Facebook) and either hosted by a third-party or hosted directly on our website or mobile application. SM Features may collect information such as the page you are visiting on our website/mobile application, your IP address, and may set cookies to enable the SM Feature to function properly.  

If you are logged into your account with the third-party company, then the third-party may be able to link information about your visit to and use of our website or mobile application to your social media account with them. Similarly, your interactions with the SM Features may be recorded by the third-party. In addition, the third-party company may send us information in line with their policies, such as your name, profile picture, gender, friend lists and any other information you have chosen to make available, and we may share information with the third-party company for the purposes of serving targeted marketing to you via the third-party social media platform. You can manage the sharing of information and opt out from targeted marketing via your privacy settings for the third party social media platform. 

Your interactions with these SM Features are governed by the privacy policy of the third-party company providing them. For more information about the data practices of these third-party companies, and to find out more about what personal information is collected about you and how the third-party uses such personal information, please refer to their privacy policy directly. 

When you access our website, use any of our mobile applications or open electronic correspondence or communications from us, our servers may record data regarding your device and the network you are using to connect with us, including your IP address. An IP address is a series of numbers which identify your computer, and which are generally assigned when you access the internet.  

you are using to connect with us, including your IP address. An IP address is a series of numbers which identify your computer, and which are generally assigned when you access the internet.

We may use IP addresses for system administration, investigation of security issues and compiling anonymised data regarding usage of our website and/or mobile applications. We may also link IP addresses to other personal information we hold about you and use it for the purposes described above (e.g., to better tailor our marketing and advertising materials, provided you have opted in to receive electronic marketing).

We may use third-party web analytics services on our websites and mobile apps, such as those listed  in our Cookies Policy. The analytics providers that administer these services use technologies such  as cookies and web beacons to help us analyse how visitors use our websites and apps.

For information regarding our use of cookies and tracking technologies, refer to our Cookies Policy on our website.

Our websites may contain links to third-party websites over which we have no control. We are not responsible for the privacy practices or the content of such websites. We encourage you to read the privacy policies of any linked third-party websites you visit as their privacy policy and practices may differ from ours.

You can direct any questions or complaints about the use or disclosure of your personal information to the contact information below.

Wherever you are in the world, if you wish to make a Subject Access Request to inform us of a change or correction to your personal information, request a copy of the information we collect on you, request deletion of your information or would like to restrict the further processing of your data,  please use the Subject Access Request Link below. We will respond to these requests within the time period required by the applicable jurisdiction. 

Global Subject  

Access Requests

Submit Request

Similarly, if you have any enquiries, comments or complaints about this Notice or our handling of  your personal information, please contact your consultant or the Chief Privacy Officer using the  details set out below and we will respond as soon as practicable. 

Africa

privacy@fctg.co.za

Block 8, 299 Pendoring street, Pendoring Office Park, Johannesburg, 2195

Americas

privacy@am.flightcentre.com 

(877) 867-2907

Chief Privacy Officer, 5 Paragon Drive, Suite 200, Montvale, NJ 07645

Asia

DPO@fcm.asia

Chief Privacy Officer, 30 Cecil Street, #22-01/08, Prudential Tower, Singapore, 049712

Australia

privacy@flightcentre.com.au

Chief Privacy Officer, 275 Grey Street, South Brisbane, Queensland 4101

Cross Hotels & Resorts

dataprotection@crosshotelsandresorts.com

Chief Privacy Officer, 30 Cecil Street, #22-01/08, Prudential Tower, Singapore, 049712

Discova

dataprotection@discova.com

Buffalo Tours (Singapore) Pte Ltd, 30 Cecil Street, #22-01/08 Prudential Tower, Singapore 049712

or 

Olympus Tours, Yaxchilan SM 17 Mz 2 Lt 13, Cancun, Quintana Roo, Mexico

Europe & Middle East

data.protection@flightcentre.co.uk

Chief Privacy Officer, Flight Centre (UK) Limited 4th Floor, 120 The Broadway,  Wimbledon, London, SW19 1RH

New Zealand

privacy@flightcentre.co.nz

Privacy Officer, 124 Vincent Street, Auckland, 1010

In compliance with the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF, the Flight Centre USA  corporate brands commit to resolve DPF Principles-related complaints about our collection and use of your personal information. EU and UK individuals with enquiries or complaints regarding our handling of personal data received in reliance on the EU-U.S. DPF or the UK Extension to the EU U.S. DPF should first contact Flight Centre at privacy@am.flightcentre.com.

In compliance with the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF, the Flight Centre USA  corporate brands commit to refer unresolved complaints concerning our handling of personal data received in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF to JAMS, an alternative dispute resolution provider based in the United States or the United Kingdom. If you do  not receive timely acknowledgment of your DPF Principles-related complaint from us, or if we have  not addressed your DPF Principles-related complaint to your satisfaction, please visit Data Privacy  Framework Resolution | JAMS Mediation, Arbitration, ADR Services (https://www.jamsadr.com/DPF 

Dispute-Resolution) for more information or to file a complaint. The services of JAMS are provided at no cost to you. In addition, you may, under certain conditions, be able to invoke binding arbitration for complaints regarding DPF compliance not resolved by any of the other DPF  mechanisms. Please see Annex I for additional  information: https://www.dataprivacyframework.gov/s/article/ANNEX-I-introduction-dpf?tabset 

35584=2

The U.S. Department of Transportation has jurisdiction over the Flight Centre USA corporate brands’  compliance with the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF. 

We may amend this Notice from time to time. If we make a change to the Notice, the revised version will be posted on our website. We will post a prominent notice on our website to notify you of any significant changes to our Notice and indicate at the end of the Notice when it was most recently updated. It is your responsibility, and we encourage you, to check the website from time to time in  order to determine whether there have been any changes.

This Privacy Notice was last updated on 10 May 2024.