At Hey Escapes, protecting your personal data is a key priority. This policy explains how we collect, use, and safeguard your information when you use our services. We comply with the UK GDPR and the Data Protection Act 2018.

 

What Information We Collect

We may collect:

• Your name, address, date of birth, and passport details

• Your contact details including email and telephone number

• Travel preferences and booking history

• Sensitive information (e.g. health or religious requirements) when necessary

• Payment details for transactions (handled securely)

• Website usage data like IP address and browser type

We only collect what we need to deliver our services.

​

How We Use Your Information

We use your information to:

• Prepare quotes and travel itineraries

• Communicate regarding enquiries and bookings

• Process payments and manage travel arrangements

• Meet legal requirements (e.g., immigration, security)

• Send marketing communications (with your consent)

• We may also use your testimonials or feedback

We do not sell or rent your personal data to third parties.

​

Lawful Basis for Processing

We process your information based on:

• Contract: To deliver quotes, bookings, and related services

• Consent: For sensitive data and marketing communications

• Legitimate Interests: To inform you of offers or updates after you engage with us

 

Sharing Your Information

To fulfil your bookings, we may share your information with:

• Airlines, hotels, tour operators, and other travel partners

• Payment processors and banks

• With authorities (e.g., customs, immigration) where legally required

• With GDPR-compliant third-party services (e.g., email delivery, CRM software)

• IT service providers supporting our operations

We require all partners to treat your data with respect and according to the law.

We never sell or rent your data.

 

Data Transfers

Some travel services require us to transfer your information outside the UK. We ensure adequate protection is in place for all such transfers.

 

Data Retention

We retain your personal data only as long as necessary:

• Enquiries and quotes: Retained for the duration of our business relationship

• General enquiries: Kept until satisfactorily resolved

• Booking data: Retained in line with legal accounting and tax obligations (typically up to 7 years)

• Payment card details: Not retained

​

How We Keep Your Data Safe

We implement strong security measures including:

• SSL encryption on our website

• Secure UK-based data servers and firewalls

• GDPR-compliant third-party service providers

• Restricted, password-protected system access

Although no system is 100% secure, we take every reasonable step to protect your data.

 

Your Rights

You have the right to:

• Access the data we hold about you

• Request correction or deletion

• Object to or restrict processing

• Withdraw consent at any time

• Lodge a complaint with the Information Commissioner’s Office (ICO)

Contact us at steph@heyescapes.co.uk to exercise your rights.

 

Updates to This Policy

We may update this Privacy Policy as needed.
All changes will be posted on our website and, where necessary, communicated directly to you.

 

Contact Us

If you have questions about this policy or your personal data, please contact:

Hey Escapes
Flat 6 Yew Tree Court, London, N16 0QE
steph@heyescapes.co.uk
+44 7457 410877