Privacy policy

  • This Privacy Policy explains how we use personal information about you and the steps we take to ensure your personal information is kept secure and confidential.

    1. Our identity and contact details

      • 1.1
        We are WebBeds FZ LLC (referred to as “we”, “us” and “our” in this Privacy Policy), a company registered in Dubai, United Arab Emirates with company number 91277 whose registered office is at Suite 1714-1715 Al Shatha Tower, PO Box 502115, Dubai Media City, Dubai, United Arab Emirates.
      • 1.2
        Please note that this Privacy Policy does not apply to any personal data provided within any hotel bookings relating to hotel guests or travellers, as we are not the data controller in respect of any such personal data. The data controllers in these cases will be the relevant hotel and travel agent via which a booking was made. If you are a hotel guest or traveller and have any queries regarding the use of your personal data or wish to access your personal data, you should contact the relevant data controller directly (or contact us, and we will try to assist with directing you to the relevant person).
      • 1.3
        This Privacy Policy applies to all clients and/or suppliers of WebBeds FZ LLC (including but not limited to hotel clients, travel agent clients and potential hotel or travel agent clients) or any personal data provided via any websites, web applications, mobile applications or similar devices, channels, platforms, service applications or other applications operated by or on behalf of us or which reference this Privacy Policy.
      • 1.4
        In respect of all persons to whom this Privacy Policy applies (see above) (referred to as “you” and “your” in this Privacy Policy), we are the data controller of your personal data, i.e. we are the controller of how all personal information we are holding about you is stored, processed or transferred. We will only deal with you personal data in accordance with the terms of this Privacy Policy. Our contact details are as follows:
        Address: 8 Holmes Road, London, NW5 3AB.
        Telephone number: +44 (0) 2030965221.
        Email address: [email protected] (please include “Personal Data Request” in your subject heading to ensure it receives the correct attention).
      • 1.5
        Our Data Protection Officer is Tammy Helg, whose contact details are as follows:
        1.5.1 Email address: [email protected]

    2. Information we collect from you

    How you engage with us
      • 2.1
        In respect of all persons to whom this Privacy Policy applies (see above), the information we hold about you comes from the way you engage with us, for example by doing any of the following:
        filling in forms or making a general enquiry via our website;
        registering your interest in partnering with us;
        providing information in the course of negotiating and/or entering into contractual agreements with us; and
        corresponding with us by phone, email or otherwise.
    Information we collect about you
      • 2.2
        The information we collect when you engage with us for any of the purposes described above may include, for example:
        your name, email address and phone number;
        your marketing preferences;
        the Internet Protocol (IP) address attached to your device;
        your login information, browser type and version, time zone setting, browser plug-in types and versions, operating system and certain device information; and
        information about your visit, including the full Uniform Resource Locators (URLs), clickstream to, through and from our website (including date and time), services you viewed or searched for page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs) and methods used to browse away from the page.

    3. Uses made of the information

      • 3.1
        We use information held about you in the following ways:
        for internal record keeping and account creation;
        in order to enter into contractual agreements with you in relation to hotel services;
        to carry out our obligations arising from any contracts entered into between you and us, including, but not limited to, the processing and administration of bookings;
        to provide you with the services that you request from us;
        to contact you in the course of providing services to you in your capacity as a travel agent, hotel operator or technology platform provider, as applicable;
        for insight purposes (e.g. to analyse market trends and demographics, and develop the service which we offer to you or other individuals in the future); and
        to send promotional emails about other services we offer which are similar to those that we already provide to you or that you have enquired about; (with your consent).
      • 3.2
        Please note that we are a company incorporated in Dubai, and as such, information we collect about you will be stored and processed (at least partly) in Dubai. Please note that data protection laws in Dubai may not offer equivalent protection as data protection laws offered in the United Kingdom, however, we take the privacy of personal data very seriously and are taking steps to ensure the security and safeguarding of all personal information collected by us (please see further details at section 8 (security) below).

    4. Our legal grounds for processing your information

      • 4.1
        We will only process your personal information for the purposes set out in this Privacy Policy and in each case, on the basis that:
        it is necessary for us to do so for the performance of a contract or for the purpose of taking steps to enter into a contract with you; or
        if it is our legitimate business interests to do so (for example for internal record keeping, insight or marketing purposes, as detailed above); or
      • 4.2
        For any other processing of your personal data, we will only do so in accordance with data protection laws.

    5. Sharing your information

      • 5.1
        We may share information about you with any company within the WebBeds FZ LLC Group (which means our subsidiaries and our ultimate holding company and its subsidiaries, as defined in section 1159 of the UK Companies Act 2006) for the purposes set out in this Privacy Policy only.
      • 5.2
        The personal data you provide to us may be shared with and processed by:
        regulators or other third parties for the purposes of monitoring and/or enforcing any legal and regulatory obligations, including statutory or regulatory reporting or the detection or prevention of unlawful acts;
        any third party in the context of actual or threatened legal proceedings, provided we can do so lawfully (for example in response to a court order);
        if we are under a duty to disclose or share your personal data in order to comply with any legal obligation;
        external hosting providers in order for the administration of our website (or any other online platform operated by us);
        our own professional advisors and auditors for the purpose of seeking professional advice or to meet our audit responsibilities;
        third parties where you have a relationship with that third party and you have consented to us sending information (for example social media sites or other third party application providers);
        third parties for marketing purposes (with your consent); and
        another organisation to whom we may transfer our agreement with you or if we sell or buy (or negotiate to sell or buy) our business or any of our assets.
  • 6. International transfers

      • It may be necessary in certain cases for us to transfer your personal information to other locations outside the UK or the European Economic Area (EEA), to locations that may not provide the same level of protection as the UK. However, we will only do so provided that appropriate safeguards and protections are in place (for example using the European Commission’s Standard Model Clauses for transfers of personal data outside the EEA), or in accordance with any other requirements under data protection legislation.

    7. How long will we keep your information for?

      • 7.1
        Unless we are required or permitted by law to hold on to your information for a specific retention period, we may retain your information for the following purposes and periods:
        if we are holding data for the performance of a contract with you, we will store information on our systems for a period of seven years following completion of a trip by the hotel guest/traveller (or upon termination of our contract with you, if later); and
        if we are holding information for our legitimate business interests (as outlined above), we will delete your information if it is no longer necessary for us to retain it, e.g. if our business focus moves to a different market sector.
      • 7.2
        Where we no longer need your personal information, we will dispose of it in a secure manner.

    8. Security

      • 8.1
        We keep your information protected by taking appropriate technical and organisational measures to guard against unauthorised or unlawful processing, accidental loss, destruction or damage. For example:
        we have implemented safeguards in relation to access and confidentiality in order to protect the information held within our systems; and
        we frequently carry out risk assessments and audits to monitor and review threats and vulnerabilities to our systems to prevent fraud.
      • 8.2
        However, while we will do our best to protect your personal information, we cannot guarantee the security of your information which is transmitted to any website or other online platform operated by us via an internet or similar connection.
      • 8.3
        The registration process via any website or other online platform operated by us may include the creation of a username, password and/or other identification information. All such details should be kept confidential by you and should not be disclosed to or shared with anyone. In order to protect your account, please choose a strong password (which should include a mixture of letters and numbers) and ensure that it is kept safe. If you disclose details of your username or password information, you will be responsible for all activities undertaken on the platform where they are used.
      • 8.4
        All information you provide to us is stored on our secure servers. Where we have given you (or where you have chosen) a password which enables you to access certain parts of our website, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.

    9. Your rights to your personal data

      • 9.1
        You have certain rights under existing data protection laws, including the right to (upon written request) access a copy of your personal data that we are processing. From 25 May 2018, if you are based within the UK or the EEA or within another jurisdiction having similar data protection laws:
        you will have the following rights:
        right to access: the right to request certain information about, access to and copies of the personal information about you that we are holding (please note that you are entitled to request one copy of the personal information that we hold about you at no cost, but for any further copies, we reserve the right to charge a reasonable fee based on administration costs);
        right to rectification: the right to have your personal information rectified if it is inaccurate or incomplete; and
        in certain circumstances, you will also have the following rights:
        right to erasure/”right to be forgotten”: the right to withdraw your consent to our processing of the data (if the processing is based on your consent) and the right to request that we delete or erase your personal information from our systems (however, this will not apply if we are required to hold on to the information for compliance with any legal obligation or if we require the information to establish or defend any legal claim);
        right to restriction of use of your information: the right to stop us from using your personal information or limit the way in which we can use it;
        right to data portability: the right to request that we return any information you have provided in a structured, commonly used and machine-readable format, or that we send it directly to another company, where technically feasible; and
        right to object: the right to object to our use of your personal information including where we use it for our legitimate interests or for marketing purposes.
  • 9.2
    Please note that if you withdraw your consent to the use of your personal information for purposes set out in our Privacy Policy, we may not be able to provide you with access to all or parts of our website or other platforms operated by us or carry out our contractual obligations to you.
  • 9.3
    If you consider our use of your personal information to be unlawful, you have the right to lodge a complaint with the UK’s supervisory authority, the Information Commissioner’s Office. Please see further information on their website:

10. Changes to our privacy policy

  • We may amend this Privacy Policy from time to time, for example to keep it up to date, to implement minor technical adjustments and improvements or to comply with legal requirements. We will always update this Privacy Policy on our website, so please try to read it when you visit the website (the “last updated” reference tells you when we last updated our Privacy Policy).