At Transun Travel Limited, we follow tight security procedures on how your personal information is used and stored: we limit who sees it and we have a number of processes in place to stop unauthorised access to it. This privacy policy explains how in more detail.

About
We are committed to safeguarding the privacy of our clients under the General Data Protection Regulation (GDPR) – Regulation (EU) 2016/679, Transun Travel Limited has a legal duty to protect any personal information we collect from you. Transun Travel Limited of 1A Iffley Road, Oxford, OX4 1EA will act as Data Controller in all instances pertaining to the handling of your data.

Personal information we collect and how we use it
Transun does not capture or store any personal information given to us, except in circumstances provided in this policy. Personal information may be given to Transun in a variety of circumstances in order to carry out our business activities effectively. Such information may be provided to us in the following ways:

• You make a booking, enquiry, purchase or subscribe to a membership through our websites, or through our consultant teams by email, phone, letter, electronic form or in person.

• You make amendments or changes to a booking, enquiry or purchase as above.

• You consent and take part in a survey or provide us with feedback.

• You subscribe to our newsletter and travel updates.

• You enter one of our competitions.

• You accept cookie usage on one of our websites or digital tools allowing us to track information about your computer or device, and your visits to and use of our services.

• You send us any other information which is pertinent to the fulfilment of your travel booking, in particular this may extend to personal information about your family members or friends for holiday bookings.

• You enquire or place a booking through your travel agent.

• You have applied for a job vacancy. 

• In other forms of correspondence such as email, letter, and telephone which pertain to the activities of the business.

Telephone calls are recorded and monitored for quality and training purposes and these may contain personal information and are backed up and stored for up to one year. All email correspondence is stored locally and backed up and can be accessed for quality and regulatory purposes. Bookings and travel records are held for seven years after travel to comply with UK regulations. Travel profiles are held while you remain an active client/traveller, and can be reviewed at any time at the client’s request providing this does not prevent the company from carrying out its business activities.

Any marketing materials we send you will be sent to you by post or in electronic format or communicated by telephone. Should you wish to remove your details from our email marketing list, then you will need to follow the unsubscribe link at the bottom of our emails. Should you wish to opt-out of postal mailings, then please contact Transun via telephone, email or letter and we will change your preferences accordingly.

If you provide payment details to us to facilitate a travel booking, then this information is stored on secure, encrypted databases that comply with the Payment Card Industry (PCI-DSS) security standards and is only used for payment and accounting purposes.

Sensitive personal information
If you wish, you may provide us with some special categories of Personal Information in order for Transun to provide you with a better standard of service. For example, when booking a flight or holiday with us you may provide us with information about your dietary or medical requirements, which may reveal details about your mental or physical health or condition. The provision of this Information is entirely voluntary. If you do not consent to our processing of this type of Personal information, we may be unable to provide you with certain goods and/or services that you wish to book.

Statistical data, use of cookies and website tracking
Transun may use aggregate information and statistics for the purposes of monitoring Websites’ and Digital Tools’ usage, in order to help us develop our Websites and Digital Tools and our services and may provide such information in aggregate to third parties. These statistics and data will not include any information that can be used to identify any individual.

Our Transun website and some of our Digital Tools use cookies to improve our website experience and so we can provide a more personalised approach to our marketing. A cookie is a text file which identifies your computer to Transun servers. Cookies in themselves do not identify the individual user, just the computer or device used. Cookies are not used to collect personal information. From 25 May 2018 all our Websites and (where used) our Digital Tools will ask you to accept cookie usage or decline it, the first time you use each service.

Additionally some or all of our Websites and Digital Tools use:

•  Google Analytics
We use Google Analytics to understand and improve the experience of our website visitors. Google Analytics measures your website experience factors and uses cookies to collect data on our users’ behaviour and their devices as well as collecting information on the webpages the visitor has visited. Aggregated data is anonymised from the outset to recommend improvements to webpages. No data from Google Analytics is ever used to identify an individual. 

•  Bing and Google AdWords
We use Bing and Google AdWords cookies to track the suitability of our digital advertising campaigns. Like Google Analytics, Bing and Google AdWords measure website experience factors. They use cookies to collect data on our users’ behaviour and their devices. No data from Bing or Google AdWords is ever used to identify an individual and anonymised data is only used to optimise our advertising campaigns. 

•  Facebook and Instagram
We use a Facebook ‘pixel’ to collect aggregated, anonymised data about the behaviour of our website visitors, in order to promote relevant adverts to them. The ‘pixel’ is a cookie that collects data about what webpages a visitor has been on, aggregates demographic data (e.g. age range, gender) and whether somebody who has visited our website via Facebook has gone on to make a ‘conversion’ (e.g. make an enquiry, request a brochure, sign up to our newsletter). Typically we use this data is to provide relevant adverts to our website visitors based on expressed holiday interests from browsing our website. At no point in time do we know the users’ identities when collecting the data and advertising to them. 

•  Dotdigital
Dotdigital is an email marketing platform that we use to send our databases’ emails. We also use Dotdigital to email travel agents with news or occasional relevant information. We use a Dotdigital cookie on our website that tracks whether an individual who has been sent an email has proceeded to order a brochure or make an enquiry. It is possible to identify somebody who has opened one of our emails, including what they have clicked on. We use aggregated data to identify what was popular in any given email so we can better understand clients’ preferences. We also aggregate the data to provide more personalised emails based on a theme of interest. We never use the data to identify individual users’ preferences, only a collated dataset that is impartial. 

•  Zolv – WTP CMS
All data captured is handled by Zolv in a data processor capacity and is stored in Microsoft Azure encrypted cloud-based system. We have an extended validation SSL certificate (Secure Socket Layer), which means that the information you enter when making your booking is full encrypted and it’s impossible for anyone else to read this information. The green address bar or padlock icon on your web browser shows that you’re in a secure part of the website. 

All data collected, Google Analytics, Google and Bing AdWords, Facebook pixels, Dotdigital and Zolv WTP CMS is stored securely and is not shared with anybody outside the Transun company, unless expressly for the delivery of the business’ activities.

Disclosure
Transun will only hold your information for as long as it is necessary for the purpose for which it was collected. However, in line with our Data Security Policy, some regulatory bodies do require us to hold records for up to seven years after travel.

Save as stated below, your personal information is not disclosed to third parties unless this is indicated by our consultants, or is indicated on our Websites or Digital Tools and/or the relevant form at the point of collecting the information, or as required or allowed by law.

Your personal information may be passed to a third party in order to fulfil your travel requirements or certain processes necessary for the operation of our website and marketing activities. This may include passing your details outside of the UK and European Economic Area (EEA). These countries may not have data protection laws equivalent to those in force in the EAA, and you agree to this transfer, storing or processing by submitting your travel request to us. If we transfer data outside of the EEA we will take steps to ensure that your privacy rights continue to be protected as outlined in this privacy policy. Whether via the completion of an assessment to ensure the adequacy of a non-EEA country’s level of data protection, or the provision of a contract with non-EEA suppliers to ensure adequate protective measures are in place.

We may disclose your personal information to any member of our Group, which means our subsidiaries, our ultimate holding company and its subsidiaries, as defined in section 736 of the UK Companies Act 1985.

We may, from time to time, expand or reduce our business and this may involve the sale and/or transfer of control of all or part of Transun Travel Limited. Information provided by our clients will, where it is relevant to any part of our business being transferred, be transferred along with that business and the new owner or new controlling party will, under the terms of this privacy policy, be permitted to use the information for the purposes for which it was originally supplied to us. We may also disclose information to prospective purchasers of our business or any part of it. In this instance we will take steps to ensure your privacy is protected.

How we protect your information
At Transun, payment security is of paramount importance. To give you confidence, our online and telephone booking service uses industry-standard encryption technology to ensure that your credit or debit card transaction is secure.

Please note, however, that the transmission of information via the internet is never completely secure and, although we will take steps to protect your Personal Information, we cannot guarantee the security of your Personal Information transmitted via the Website – any transmission is therefore at your own risk.

All Transun employees and data processors, who have access to or are associated with the processing of personal information, are obliged to respect the confidentiality of that information. Access to our systems is secured by password. Should Transun receive any complaint, notice, request or communication which relates directly to the processing of your personal information by a third party supplier (whether travel principal or technology supplier) and the supplier’s compliance with Data Protection laws, we shall notify you as soon as possible of any breach or suspected breach of personal information.

Transun ensures that your personal information is not disclosed to government institutions and authorities, except if required or allowed by law.

•  Email security
All Transun outbound emails are encrypted, but please note that unless encrypted an email sent from you to us via the internet may not be secure and could be intercepted and read by someone else. Please keep this in mind when deciding whether to include personal information in any email you intend to send us.

•  Links
Our Websites and Digital Tools may contain links to and from other websites, including those of our suppliers. If you follow a link to any of these websites, please note that these websites will have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check external websites policies before you submit any personal information to these websites. 

•  Your consent
Whenever you are required to submit personal information you will be given options to restrict our use of this information, which will include the use of this information for direct marketing purposes. By submitting your personal information you consent to the use of that information as set out in this policy. If Transun changes this privacy policy it will post the changes on this page. Continued use of our service will signify that you agree to any such changes. 

•  Data protection by design
Transun’s Data Protection Policy covers all new processes, technology and procedures introduced at Transun including Data Protection at the design stage. 

•  Clients aged 16 and under
If you are aged 16 or under, please get your parent/guardian’s written permission sent to us before you provide personal information to Transun Website, Digital Tools or consultants. Clients/users aged 16 or under without this consent are not allowed to provide us with personal information.

Accessing your personal information and data Transun holds on you
Transun will process any personal information that it collects in accordance with the Data Protection Act 1998. If you wish to access personal information collected from you or you have an enquiry or concern regarding the processing of personal data by Transun, please make an individual information request by sending an email to Customer.Services@transun.co.uk or writing to Data Protection Officer at Transun Travel, 1A Iffley Road, Oxford, OX4 1EA.

Under the Data Protection Act 1998 you can request a copy of your personal information. Transun will provide you with a legible copy of the personal information it holds and to which you are entitled. This will be sent to you within 30 days of your request. Please note Transun requires proof of your identity before supplying the information and may ask you for further information to assist in locating your personal information. Individual traveller requests are free of charge.

•  Your right to rectify
You can ask Transun to update your personal information if something is inaccurate or missing. You do not need to submit an information request to do this, simply send any changes by email or post to Transun. 

•  Your right to restrict processing
If you think there is something wrong with the date being held about you, or you are unsure Transun is complying with the GDPR rules, you can restrict any further use of your personal information until the problem is resolved. However please note we will not be able to make any future travel bookings or provide tickets/documentation for imminent travels while such a restriction is in place. 

•  Your right to erasure
From 25 May 2018 you have the right to erasure, which means after an individual data request, you may instruct Transun to erase the personal information we hold on you. Subject to there being no legal reasons to retain this information, Transun will erase the information within one month and provide you with a written confirmation of its erasure. In cases where we are required to keep travel records for legal or regulatory reasons or for the integrity of trend reporting, we may anonymise your personal information rather than erase it, but your information will be anonymised in a non-redactable way. 

•  Your right to data portability
You can request a copy of your information by writing to the Data Protection Officer at Transun Travel, 1A Iffley Road, Oxford OX4 1EA. Your information will be provided via electronic media in a commonly used format which is compatible with other IT systems. 

•  Your right not to be subject to automated decision making
Transun does not use automated decision making in any of its processes. Should this change, Transun will always provide an opt-out capability and will always review any objections within the GDPR framework.

For individual clients this information will be provided free of charge, although we reserve the right to charge for repeated or excessive requests.

General
You may not transfer any of your rights under this privacy policy to any other person. We may transfer our rights under this privacy policy where we reasonably believe your rights will not be affected.

If any court of competent authority finds that any provision of this privacy policy (or part of any provision) is invalid, illegal or unenforceable, that provision or part-provision will, to the extent required, be deemed to be deleted, and the validity and enforceability of the other provisions of this privacy policy will not be affected.

Unless otherwise agreed, no delay, act or omission by us or you in exercising any right or remedy will be deemed a waiver of that, or any other, right or remedy.

This policy will be governed by and interpreted according to the laws of England and Wales. All disputes arising under this policy will be subject to the exclusive jurisdiction of the England and Wales courts.

Variation
This privacy policy may be updated from time to time, so you may wish to check it each time you submit personal information to our Websites or Digital Tools.

Transun Travel Limited | March 2025
Contact us