Flight Centre is one of the world's largest travel agency groups. We need to collect, use and disclose personal information in order to perform our business functions and activities, including making and managing travel bookings on behalf of our customers. We are firmly committed to protecting the privacy and confidentiality of personal information and to maintaining various physical, electronic and procedural safeguards to protect personal information in our care.
By providing personal information to us (either directly or allowing another person to do so on your behalf), you agree that this Policy will apply to how we handle your personal information and you consent to us collecting, using and disclosing your personal information as detailed in this Policy. If you do not agree with any part of this Policy, you must not provide your personal information to us. If you do not provide us with your personal information, or if you withdraw a consent that you have given under this Policy, this may affect our ability to provide services to you or negatively impact the services we can provide to you. For example, most travel bookings must be made under the traveler's full name and must include contact details and appropriate identification (e.g. passport details). We cannot make bookings for you without that information.
For the purposes of the General Data Protection Regulation 2016/679 ("GDPR"), in the provision of business travel and event management services, we will be the "data processor" for any personal information you provide to us in connection with our relationship. The terms of our applicable data processing agreement with each corporate client shall apply to such data processing, and the information set out below in this Policy may not be applicable. However, the purpose of all our marketing activities directed to corporate clients, we will be the data controller and this Policy shall apply.
There may be instances where your local data protection laws impose more restrictive information handling practices than the practices set out in this Policy. Where this occurs we will adjust our information handling practices in your jurisdiction to comply with these local data protection laws.
2. What personal information do we collect?
Personal information has the meaning given under your local data protection law, and where GDPR applies, the meaning of personal data given under GDPR applies. Personal information generally means information which relates to a living individual who can be identified from that information, or from that information and other information in a person's possession, including any expression of opinion, whether true or not, and whether recorded in material form or not, about an identified or reasonably identifiable individual, and any indication of intention in respect of an individual.
Generally, the type of personal information we collect about you is the information that is needed to facilitate your travel arrangements and bookings and to arrange travel related services and/or products on your behalf. For example, we may collect details such as your name, residential/mailing address, telephone number, email address, credit/debit card details (including card type, card number, security number and expiry date), passport details, loyalty program / frequent flyer details, information about your dietary requirements and health issues (if any), and other details relevant to your travel arrangements or required by the relevant travel service provider(s) (e.g. airlines and accommodation or tour providers). When you contact us for other purposes, we may also collect personal information about you in relation to those purposes. For example, we may collect your personal information so we can contact you about a competition you have entered (e.g. if you win) or to respond to an inquiry or feedback you have sent to us. We also collect information that is required for use in the business activities of Flight Centre and our related entities, including for example, financial details necessary in order to process various transactions, video surveillance footage used for security purposes, and other relevant personal information you may elect to provide to us.
In some circumstances, we may collect personal information from you which may be regarded as sensitive information under your local data protection laws. Sensitive information may include (without limitation) your racial or ethnic origin, philosophical or religious beliefs or affiliations, sexual preferences or practices, criminal record and the alleged commission of an offence, membership of political, professional or trade associations, biometric and genetic information, passwords and financial information and health information, and any personal information relating to a child under the age of 13. We will only collect sensitive information in compliance with your local data protection laws, with your consent and/or where it is reasonably necessary for, or directly related to, one or more of our functions or activities (e.g. to make travel arrangements), unless we are otherwise required or authorised to do so by law. To the extent permitted or required under your local data protection laws, you consent to us using and disclosing your sensitive information for the purpose for which it was collected, unless we subsequently receive your consent to use it for another purpose. For example, if you provide health information to us in connection with a travel insurance application you would like to make, you consent to us using and disclosing that health information in connection with arranging that travel insurance on your behalf. A further example is if you disclose your religious beliefs to us because you are interested in, for example, certain holiday packages, in which case you consent to us using and disclosing that information in connection with facilitating your request. We will not use sensitive information for purposes other than those for which it was collected, unless we subsequently receive your consent to use it for another purpose.
3. How do we collect personal information?
We will collect personal information directly from you unless it is unreasonable or impracticable to do so. Generally, this collection will occur when you deal with us either in person, by telephone, letter, facsimile, email, when you visit any of our websites or when you connect with us via social media. We may collect personal information about you when you purchase or make inquiries about travel arrangements or other products and services; when you enter competitions or register for promotions; when you subscribe to receive marketing from us (e.g. e-newsletters); when you request brochures or other information from us; or when you provide information, or use our services, on social media. Unless you choose to do so under a pseudonym or anonymously, we may also collect your personal information (other than sensitive information) when you complete surveys or provide us with feedback.
In some circumstances, it may be necessary for us to collect personal information about you from a third party. This includes where a person makes a travel booking on your behalf which includes travel arrangements to be used by you (e.g. a family or group booking or a travel booking made for you by your employer). Where this occurs, we will rely on the authority of the person making the travel booking to act on behalf of any other traveler on the booking. By providing your personal information to us, either directly or through a family member, employer or other agent or representative in connection with a travel booking or related service, you will be deemed to have consented to your personal information being collected by us and used and disclosed in accordance with this Policy.
Where you make a travel booking on behalf of another person (e.g. a family or group booking or a travel booking made for an employee), you agree you have obtained the consent of the other person for Flight Centre to collect, use and disclose the other person's personal information in accordance with this Policy and that you have otherwise made the other person aware of this Policy.
You should let us know immediately if you become aware that your personal information has been provided to us by another person without your consent or if you did not obtain consent before providing another person's personal information to us.
4. How do we use your personal information?
We will only process your information, where:
- you have given your consent to such processing (which you may withdraw at any time, as detailed at section 8 below);
- the processing is necessary to provide our services to you;
- the processing is necessary for compliance with our legal obligations; and/or
- the processing is necessary for our legitimate interests or those of any third-party recipients that receive your personal information (as detailed in sections 5 and 6 below)
Where you contact us in relation to a travel booking or query, the purpose for which we collect your personal information is generally to provide you with travel advice and/or to assist you with booking travel and/or travel related products and services. However, the purpose for collection may differ depending on the particular circumstances as disclosed in this Policy (e.g. collection of your personal information for the purpose of your participation in a competition, provision of feedback, etc.).
We act as agent for or on behalf of many thousands of travel service providers around the world, so it is not possible for us to set out in this Policy all of the travel service providers for whom we act or their locations. For more information about the disclosure of personal information to travel service providers located overseas, please refer to the section below titled "Is personal information transferred overseas".
If you have any concerns regarding the transfer of your personal information to a travel service provider, or you wish to contact us for further information, please refer to the "Feedback / Complaints / Contact" section below.
The purposes for which we collect personal information further include:
- providing you with services and tools you choose to use (for example, saving travel preferences on our websites to a wish list or saving personal information to allow for pre-population of online forms);
- identification of fraud or error;
- regulatory reporting and compliance;
- developing and improving our products and services and those of our related entities;
- servicing our relationship with you by, among other things, creating and maintaining a customer profile to enable our brands to service you better or presenting options on our website we think may interest you based on your browsing and preferences;
- involving you in market research, gauging customer satisfaction and seeking feedback regarding our relationship with you and/or the service we have provided;
- to facilitate your participation in loyalty programs;
- for research and analysis in relation to our business and services, including, but not limited to, trends and preferences in sales and travel destinations and use of our websites;
- internal accounting and administration;
- to comply with our legal obligations and any applicable customs/immigration requirements relating to your travel; and
- other purposes as authorized or required by law (e.g. to prevent a threat to life, health or safety, or to enforce our legal rights).
Where permitted by local data protection laws, we may use your personal information to send you targeted marketing activities relating to our products and services (and those of third parties) that we think may interest you, unless you have requested not to receive such information. These may include, but are not limited to, mail outs, electronic marketing and notifications as described below, and telephone calls). We will only use your personal information to send electronic marketing materials to you (including e-newsletters, email, SMS, MMS and iM) with you consent (which consent may be express or, where permitted by local data protection laws, inferred).
Should you no longer wish to receive promotional/marketing material from us, participate in market research or receive other types of communication from us, please refer to the "Feedback / Complaints / Contact" section below (section 13). You can unsubscribe from receiving electronic marketing materials by following the unsubscribe prompt in your email, SMS, MMS, iM or other form of electronic marketing. Please also see the "Your rights" section of this Policy to learn about your ability, at any time, to opt out or limit the use of your browsing behavior for online behavioral advertising purposes (section 8 below).
5. Is personal information disclosed to third parties?
We will only disclose your personal information to third parties in the ways set out in this Policy and, in particular, as set out below, and in accordance with your local data protection laws. Note that, in this Policy, where we say "disclose", this includes to transfer, share (including verbally and in writing), send, or otherwise make available or accessible your personal information to another person or entity.
Your personal information may be disclosed to the following types of third parties:
- our contractors, suppliers and service providers, including without limitation:
- in each of the circumstances set out in the section titled "How do we use and disclose your personal information?" ;
- suppliers of IT based solutions that assist us in providing products and services to you (such as any external data hosting provider(s) we may use);
- publishers, printers and distributors of marketing material;
- event and expo organizers;
- marketing, market research, research and analysis and communications agencies;
- mailing houses, freight services, courier services; and
- external business advisers (such as lawyers, accountants, auditors and recruitment consultants);
- our related entities and brands;
- travel service providers such as travel wholesalers, tour operators, airlines, hotels, car rental companies, transfer handlers and other related service providers;
- a prospective purchaser, in connection with a merger, acquisition, reorganisation or sale of Flight Centre, or any of our subsidiaries, business lines, related bodies corporate and franchisees, or of assets of Flight Centre or any such subsidiaries, business lines, or related bodies corporate and franchisees;
- a person making your travel booking on your behalf, where you are traveling on a booking made on your behalf by another person (for example, a family member, friend or work colleague);
- your employer, where you are an employee of one of our corporate, business or government clients and you are participating in an event or traveling for work purposes;
- a person who can verify to us that they have a relationship with you (e.g. a family member) where you are not contactable, the person correctly answers our required security questions and the request is, in our opinion, in your interest (for example, where the person is concerned for your welfare or needs to undertake action on your behalf due to unforeseen circumstances);
- as required or authorized by applicable law, and to comply with our legal obligations;
- customs and immigration to comply with our legal obligations and any applicable customs/immigration requirements relating to your travel;
- government agencies and public authorities, to comply with a valid and authorized request, including a court order or other valid legal process;
- various regulatory bodies and law enforcement officials and agencies, including to protect against fraud and for related security purposes; and
- enforcement agencies where we suspect that unlawful activity has been or may be engaged in and the personal information is a necessary part of our investigation or reporting of the matter.
Other than the above, we will not disclose your personal information without your consent unless we reasonably believe that disclosure is necessary to lessen or prevent a threat to life, health or safety of an individual or to public health or safety or for certain action to be undertaken by an enforcement body (e.g. prevention, detection, investigation, prosecution or punishment of criminal offences), or where such disclosure is authorised or required by law (including applicable privacy / data protection laws).
On our websites, you may choose to use certain features that can be accessed through, or for which we partner with, other entities that are not otherwise affiliated with us. These features, which include social networking and geo-location tools, are operated by third parties, including social networks, and are clearly identified as such. These third parties may use or share personal information in accordance with their own privacy policies. We strongly suggest you review the third parties’ privacy policies if you use the relevant features.
When you engage us to book flights on your behalf, we will provide your personal information (i.e. name, email address and/or mobile number) to the relevant airline. This enables airlines to advise passengers of irregular flight operations and disruptions (e.g. flight cancellations, schedule changes) directly.
- our contractors, suppliers and service providers, including without limitation:
6. Is personal information transferred overseas?
We may disclose your personal information to certain overseas recipients, as set out below, which we will do in accordance with your local data protection laws.
It is possible that information will be transferred to an overseas recipient (other than any of our overseas related entities) located in a jurisdiction where you will not be able to seek redress under your local data protection laws and that does not have an equivalent level of data protection as in your jurisdiction. To the extent permitted by your local data protection laws, we will not be liable for how these overseas recipients handle, store and process your personal information.
Our corporate branded businesses have elected to self-certify to the EU-US Privacy Shield Framework administered by the US Department of Commerce ("Privacy Shield") regarding the collection, use, and retention of personal information transferred from the European Union and the United Kingdom to the United States in reliance on Privacy Shield. Our corporate branded businesses adhere to the Privacy Shield Principles of Notice, Choice, and Accountability for Onward Transfer, Security, Data Integrity and Purpose Limitation, Access, Recourse, Enforcement, and Liability, Sensitive Data, The Role of the Data Protection Authorities, Self-Certification, Verification, Human Resources Data, Obligatory Contracts for Onward Transfers; and Dispute Resolution and Enforcement. If there is any conflict between the terms in this Policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern.
For purposes of demonstrating compliance with the Privacy Shield, we are subject to the investigatory and enforcement authority of the US Department of Transportation. For more information about the Privacy Shield, see the US Department of Commerce's Privacy Shield website
located at: https://www.privacyshield.gov. To review our certification on the Privacy Shield list, see
the US Department of Commerce's Privacy Shield self-certification list located at: https://www.privacyshield.gov/list.
(a)Our overseas related entities
Flight Centre operates a global business, including operations in Australia, New Zealand, Canada, United States, United Kingdom, South Africa, Hong Kong, India, China, Singapore, the United Arab Emirates, Ireland, the Netherlands, Mexico, Germany, Norway, Sweden, Denmark and Finland. Your personal information may be disclosed to our overseas related entities in connection with facilitation of your travel booking and/or to enable the performance of administrative, advisory and technical services, including the storage and processing of such information.
(b) Travel service providers located overseas
In providing our services to you, it may be necessary for us to disclose personal information to relevant overseas travel service providers. We deal with many different travel service providers all over the world, so the location of a travel service provider relevant to your personal information will depend on the travel services being provided. The relevant travel service providers will in most cases receive your personal information in the country in which they will provide the services to you or in which their business or management is based.
(c) Our third party service providers located overseas
We may also disclose your personal information to third parties located overseas for the purpose of performing services for us, including the storage and processing of such information. Generally, we will only disclose your personal information to these overseas recipients in connection with facilitation of your travel booking and/or to enable the performance of administrative and technical services by them on our behalf.
We use key service providers located in India, Indonesia, Philippines, Hong Kong, USA, United Kingdom, Spain and Australia, among other jurisdictions. We also deal with many different service providers all over the world, so it is not possible for us to set out in this Policy all of the different countries to which we may send your personal information. However, if you have any specific questions about where or to whom your personal information will be sent, please refer to the "Feedback / Complaints / Contact" section below.
7. Security of information
Flight Centre has implemented appropriate technical and organizational measures in order to protect the personal information it holds from loss and misuse, and from unauthorized access, modification, disclosure and interference. Flight Centre regularly reviews security technologies and will strive to protect your personal information as fully as we protect our own confidential information. Flight Centre is not responsible for any third party’s actions or their security controls with respect to information that third parties may collect or process via their websites, services or otherwise.
We will destroy or de-identify personal information once we no longer require it for our business purposes, or as required by law.
8. Your rights in relation to the personal information we collect.
If you wish to:
- access, update, modify, rectify, erase, object to, or obtain a copy of the personal information that we hold on you; or
- restrict or stop us from using any of the personal information which we hold on you, including by withdrawing any consent you have previously given to the processing of such information; or
- where any personal information has been processed on the basis of your consent or as necessary to perform a contract to which you are a party, request a copy of such personal information in a suitable machine-readable format or have that personal information transmitted by us to another controller
you can request this by contacting us as set out in section 13 below. You will receive acknowledgement of your request and we will advise you of the timeframe within which you will receive your information pack.
We endeavor to respond to such requests within a month or less, although we reserve the right to extend this period for complex requests.
We reserve the right to deny you access for any reason permitted under applicable laws. Such exemptions may include national security, corporate finance and confidential references. If we deny access or correction, we will provide you with written reasons for such denial unless it is unreasonable to do so and, where required by local data protection laws, will note your request and the denial of same in our records.
You have the right to lodge a complaint with a relevant governmental authority.
Further correspondence regarding your request should only be made in writing to the Data Protection Officer at the address set out in section 13 below.
Please note that, if you request that we restrict or stop using personal information we hold on you or withdraw a consent you have previously given to the processing of such information, this may affect our ability to provide services to you or negatively impact the services we can provide to you. For example, most travel bookings must be made under the traveler's full name and must include contact details and appropriate identification (e.g. passport details). We cannot make bookings for you without that information.
You must always provide accurate information and you agree to update it whenever necessary. You also agree that, in the absence of any update, we can assume that the information submitted to us is correct, unless we subsequently become aware that it is not correct.
You can at any time tell us not to send you marketing communications by email by clicking on the unsubscribe link within the marketing emails you receive from us or by contacting us as indicated below (section 13).
In any of the situations listed above, we may request that you prove your identity by providing us with a copy of a valid means of identification in order for us to comply with our security obligations and to prevent unauthorized disclosure of personal information.
We reserve the right to charge you a reasonable administrative fee for any manifestly unfounded or excessive requests concerning your access to your personal information, and for any additional copies of the personal information you request from us.
9. Social Media Integrations
Our websites and mobile applications may use social media features and widgets (such as "Like" and "Share" buttons/widgets) ("SM Features"). These are provided and operated by third party companies (e.g. Facebook) and either hosted by a third party or hosted directly on our website or mobile application. SM Features may collect information such as the page you are visiting on our website/mobile application, your IP address, and may set cookies to enable the SM Feature to function properly.
If you are logged into your account with the third party company, then the third party may be able to link information about your visit to and use of our website or mobile application to your social media account with them. Similarly, your interactions with the SM Features may be recorded by the third party. In addition, the third party company may send us information in line with their policies, such as your name, profile picture, gender, friend lists and any other information you have chosen to make available, and we may share information with the third party company for the purposes of serving targeted marketing to you via the third party social media platform. You can manage the sharing of information and opt out from targeted marketing via your privacy settings for the third party social media platform.
10. IP addresses
When you access our website, use any of our mobile applications or open electronic correspondence or communications from us, our servers may record data regarding your device and the network you are using to connect with us, including your IP address. An IP address is a series of numbers which identify your computer, and which are generally assigned when you access the internet. Alone, IP addresses are not personal information, as any one computer or device may be used by multiple people (i.e. it is not possible to ascertain the identity of a user simply from the computer or device being used).
We may use IP addresses for system administration, investigation of security issues and compiling anonymized data regarding usage of our website and/or mobile applications. We may also link IP addresses to other personal information we hold about you and use it for the purposes described above (e.g. to better tailor our marketing and advertising materials, provided you have opted in to receive electronic marketing).
11. Tracking Technologies / Cookies
(a) What Are Cookies?
A cookie is a small text file that is stored on a user’s computer for record-keeping purposes. We may link the information we store in cookies to any personal information you submit while on our website. Cookies save data about individual visitors to the website, such as the visitor's name, password, username, screen preferences, the pages of a website viewed by the visitor, and the advertisements viewed or clicked by the visitor.
We use both session ID cookies and persistent cookies. A session ID cookie expires when you close your browser. A persistent cookie remains on your hard drive for an extended period of time. When a visitor revisits the website, we may recognize the visitor by the cookie and customise the visitor's experience accordingly. You can remove persistent cookies by following directions provided in your Internet browser’s “help” file.
If you reject cookies, you may still have access to our website, but your ability to use some areas of our website, such as contests or surveys, may be limited.
Web Beacons / Gifs
We employ a software technology called clear gifs (a.k.a. Web Beacons), that help us better manage content on our website by informing us what content is effective. Clear gifs are tiny graphics with a unique identifier, similar in function to cookies, and are used to track the online movements of Web users. In contrast to cookies, which are stored on a user’s computer hard drive, clear gifs are embedded invisibly on Web pages and are about the size of the period at the end of this sentence. We do not tie the information gathered by clear gifs to our customers’ personal information.
3rd Party Tracking
Behavioural Targeting / Re-Targeting
If you wish to not have this information used for the purpose of serving you targeted ads, you may opt-out by emailing email@example.com. Please note this does not opt you out of being served advertising. You will continue to receive generic ads or targeted ads where third parties do not honour opt-out capabilities.
(c) Third Party Cookies
When you visit certain sections of our website and/or use our mobile application, third parties may place cookies on your computer’s browser and/or make use of web beacons to collect information. This information may include things such as your use of the website or mobile application, device and browser information and ad data. The information generated by the cookies and web beacons about your use of the website is transmitted to those third parties. This information is then used for the purpose of compiling statistical reports to enable us to measure and analyse the number of visits to the site and its pages, the average time spent on the site and the pages viewed; serving targeted advertising to you (including use to target advertising on other sites or applications based on your online activity); providing us with services and enhancing/improving our website, mobile application and the third party’s technology products and services.
Our current providers, and information regarding their data practices and how to opt out, include any one of the following as may be updated from time to time:
(d) Managing Cookies Usage
You may block the installation of cookies by certain settings provided by your browser software; we would like to inform you however that in this case you may not be able to have full access to all Flight Centre Site functions. Furthermore, you can prevent the compilation of data (including your IP address) through cookies and website use by downloading and installing the browser plug-in available through the following link: http://tools.google.com/dlpage/gaoptout?hl=de.
12. Linked Sites
13. Feedback / Complaints / Contact
You can direct any questions or complaints about the use or disclosure of your personal information to the contact information below.
We will investigate all complaints promptly and diligently to address your concerns and resolve any
disputes quickly. If a complaint or dispute cannot be resolved through our internal process, we agree
to alternative dispute resolution procedures administered by JAMS. If you are unsatisfied with the
resolution of your complaint, you may contact JAMS at: https://www.jamsadr.com/eu-us-privacyshield to open a case with them.
You may have the option to select binding dispute resolution for the resolution of your complaint
under certain circumstances, provided you have taken the following steps: (1) raised your complaint
directly with us and provided us the opportunity to resolve the issue; (2) made use of the
independent dispute resolution mechanism identified above; and (3) raised the issue through the
relevant data protection authority and allowed the US Department of Commerce an opportunity to
resolve the complaint at no cost to you. For more information on binding arbitration, see US
Department of Commerce's Privacy Shield Framework: Annex I (Binding Arbitration), available at
If you wish to make a Subject Access Request to inform us of a change or correction to your personal information, request a copy of the information we collect on you, request deletion of your information or would like to restrict the further processing of your data, please use the following link:
Link: SAR Request
We will respond to these requests within a month of receipt.
If you have any additional inquiries, comments or complaints about this Policy or our handling of
your personal information, please contact the Data Protection Officer using the details set out below:
Flight Centre Travel Group - The Americas
Address: 5 Paragon Drive, Suite 200, Montvale, NJ 07645
Telephone: + 1 877 867 2907
We will respond to any inquiries or complaints received as soon as practicable.
14. Changes to our Policy
We may amend this Policy from time to time. If we make a change to the Policy, the revised version will be posted on our website at websites as follows:
It is your responsibility, and we encourage you, to check the website from time to time in order to
determine whether there have been any changes.
Last updated December 16, 2019.