Skyscanner processes your personal data if you are employed by or associated with Skyscanner’s corporate partners, suppliers, vendors or agencies in order to establish you as a point of contact for that organisation, onboard Your organisation to our platform (where relevant), communicate with you about the goods and services your organisation provides (or the services we may provide your organisation), and for internal administrative purposes. Your personal data is shared with our service providers, where necessary, some of which may be located outside the UK and the European Economic Area. This Corporate Business Contact Privacy Notice explains in detail how we process your personal data, and also includes information on your data protection rights, such as your right to object to certain processing activities including profiling.
What does this Privacy Notice cover?
This Corporate Business Contacts Privacy Notice (“Privacy Notice”) describes how Skyscanner Limited and other entities in the Skyscanner group of companies (“Skyscanner Group”) (we’ll go by "Skyscanner", "we", or "us") make use of your personal data when you interact with us on behalf of one of our corporate partners, suppliers, vendors or agencies (“Your Organisation”), for example in your capacity as an officer or employee of Your Organisation.
It also describes your data protection rights, including a right to object to some of the processing which Skyscanner carries out. More information about your rights, and how to exercise them, is set out in the “What rights do I have?” section.
What information do we collect?
We collect and process personal data about you when you interact with us on behalf of Your Organisation, for example:
when you are established as a point of contact for Your Organisation;
when we interact with you in order to procure goods and services from, or provide services to, Your Organisation,
when you communicate with us on Your Organisation’s behalf; or
when you use Skyscanner’s business platforms (such as the Partner Portal) on behalf of Your Organisation.
This personal data includes:
your role or job title;
the name of Your Organistaion;
your corporate contact details (postal address, email address, phone number);
correspondence and communications that you send to us, or we send to you (as well as how you interact with certain communications);
any feedback you provide in the course of participating in Skyscanner surveys, customer feedback or research initiatives; and
log-in credentials and usage information for Skyscanner’s business platforms (such as the Partner Portal), if relevant.
We usually receive this information directly from you, or from Your Organisation, publicly available networking resources, or third parties who assist with lead generation. We may also receive information about you from other entities in the Skyscanner Group, if Your Organisation has supplied goods or services to them in the past.
How do we use this information, and what is the legal basis for this use?
We process this personal data for the following purposes:
As required by Skyscanner to conduct our business and pursue our legitimate interests, in particular we use your information:
to establish you as a point of contact for Your Organisation;
to procure goods and services from Your Organisation, or provide Skyscanner services to Your Organisation;
to make or receive payments to/from Your Organisation (as applicable);
for internal planning and administration purposes, including maintaining records and accounts relating to Your Organisation and performing internal audits and analysis;
to raise any comments or complaints that we or others may raise about Your Organisation's products or services;
to communicate with you, invite you to provide feedback or participate in relevant market research, or send you marketing materials (where consent is not required);
to provide you with access to our business platforms (such as the Partner Portal) and to perform analytics on use of our business platforms (for example, to identify most popular features);
to prevent, investigate and/or report fraud, terrorism, misrepresentation, security incidents or crime, in accordance with applicable law; and
in connection with legal claims, compliance, regulatory and investigative purposes as necessary (including disclosure of such information in connection with legal process or litigation).
For purposes which are required by law, in particular we use your information:
to ensure that we comply with our anti-bribery, anti-corruption, anti-money laundering and anti-terrorism obligations.
to respond to requests by government or law enforcement authorities conducting an investigation.
Objecting to direct marketing
In the UK, we are able to send you direct marketing in your professional capacity without your consent, where we rely on our legitimate interests. You have an absolute right to opt-out of direct marketing, or profiling we carry out for direct marketing, at any time. You can do this by following the instructions in the communication where this is an electronic message, or by contacting us using the details set out below.
Who will we share personal data with, where and when?
Personal data will be shared with third party service providers who process it on behalf of Skyscanner for the purposes identified above. In particular, we use third party providers of IT systems (such as client/supplier relationship management platforms, accounting systems, portal/website platforms and email platforms), hosting and maintenance.
Additionally, we will share Personal Data with Your Organisation, where required to facilitate the relationship between Skyscanner and Your Organisation, or where we are asked (or choose to) provide feedback about you.
Personal data may be shared with government authorities and/or law enforcement officials if required for the purposes above, if mandated by law or if required for the legal protection of our legitimate interests in compliance with applicable laws.
In the event that the business is sold or integrated with another business, your details will be disclosed to our advisers and any prospective purchaser’s adviser and will be passed to the new owners of the business.
Some of the third party service providers we use are located outside, or process personal data outside, the UK and EEA. Where information is transferred outside the UK or the EEA, and where this is to a stakeholder or vendor in a country that is not subject to an adequacy decision by the EU Commission, data is adequately protected by EU Commission approved standard contractual clauses, or Binding Corporate Rules, along with any necessary supplementary measures.
What rights do I have?
You have the right to ask us for a copy of your personal data; to correct, delete or restrict (stop any active) processing of your personal data; and to obtain the personal data you provide to us for a contract or with your consent in a structured, machine readable format, and to ask us to share (port) this data to another controller.
In addition, you can object to the processing of your personal data in some circumstances (in particular, where we don’t have to process the data to meet a contractual or other legal requirement, or where we are using the data for direct marketing).
These rights may be limited, for example if fulfilling your request would reveal personal data about another person, where they would infringe the rights of a third party (including our rights) or if you ask us to delete information which we are required by law to keep or have compelling legitimate interests in keeping. Relevant exemptions are included in both the EU and UK GDPR, and in the Data Protection Act 2018 and other applicable national data protection laws. If relevant, we will inform you of relevant exemptions we rely upon when responding to any request you make.
To exercise any of these rights you can get in touch with us – or our data protection officer – using the details set out below. If you have unresolved concerns, you have the right to complain to an EU data protection authority where you live, work or where you believe a breach may have occurred.
What are the consequences of not providing my personal data?
For processing required to establish you as a point of contact for Your Organisation, provision of your name, job title/role, Your Organisation, region and corporate contact details is mandatory, along with any other information marked as required in forms you may submit to us. If this data is not provided, then we will not be able to communicate with you in order to procure goods and services from, or provide goods and services to, Your Organisation, or provide you with access to Skyscanner’s partner platforms. All other provision of your information is optional.
How long will you retain my personal data?
Skyscanner processes personal data only for as long as necessary to achieve the purposes described in this Privacy Notice. Information on our retention periods is available upon request to email@example.com
Which companies are in the Skyscanner Group?
ExperienceOn Ventures Sociedad Limitada (Spain)
Beijing Skyscanner Technology Co Limited (China)
Skyscanner Private Limited (Singapore)
Skyscanner Incorporated (USA)
Gogobot Inc d/b/a ‘Trip by Skyscanner’ (USA)
Shenzhen Skyscanner Technology Co. Limited (China)
How do I get in touch with you?
To exercise any of your rights, to obtain other information, or to discuss a concern with us, you can get in touch with the legal team or our Data Protection Officer at firstname.lastname@example.org.
If you have unresolved concerns you have the right to complain to the UK Information Commissioner’s Office (www.ico.org.uk) or an EU data protection authority where you live, work or where you believe a breach may have occurred.