As a visitor to Expedia's UK Web sites, www.expedia.co.uk and msn.expedia.co.uk ("Expedia.co.uk"), you have the right to understand our information privacy practices prior to providing Expedia.co.uk with any of your PII.

What information we collect
Expedia.co.uk only collects PII that you voluntarily provide to us.
Tell me more.

How we use your information
Expedia.co.uk uses your PII only for the purpose of responding to and fulfilling your requests for Expedia.co.uk travel products and services.
Tell me more.

Who we share your information with
Expedia.co.uk will only share your PII with our authorised travel service providers, and only as necessary in order to complete a transaction that you specifically request. Expedia.co.uk does not sell or rent your PII to anyone.
Tell me more.

How you can control the use of your information
Expedia.co.uk provides you with choice and control over the collection and use of your PII, as well as a means of updating, correcting, or removing any PII stored in your customer profile.
Tell me more.

How you can decide what marketing communications you'll receive
Expedia.co.uk provides you with the opportunity to specifically choose the promotional marketing communications you wish to receive from Expedia.co.uk. If you choose not to receive any of the promotional email services that Expedia.co.uk provides, then Expedia.co.uk will only send you email that relates to a specific travel purchase you have made on Expedia.co.uk.
Tell me more.

How we protect your information
To ensure the confidentiality of your PII, Expedia.co.uk uses leading security technology and procedures.
Tell me more.

By providing you with this Privacy Statement, Expedia.co.uk is pledging our continued commitment to protecting the information you provide us.

Expedia.co.uk Privacy Statement
This Expedia.co.uk Privacy Statement discloses the information privacy practices for Expedia's United Kingdom Web sites, www.expedia.co.uk and msn.expedia.co.uk ("Expedia.co.uk"). The Expedia.co.uk Web sites are intended for use by residents of the UK that are over 18 years of age.

Information collected about you
Expedia.co.uk collects personally identifiable information ("PII") about you that you specifically and voluntarily provide. PII includes information that can identify you as a specific individual, such as your name, phone number, or email address. Although you are required to register as a member of Expedia.co.uk in order to use selected travel planning tools, and some PII is needed in order to process and fulfill travel requests, many areas of Expedia.co.uk can be accessed without providing any PII.

On all Expedia.co.uk pages that collect PII, we specifically describe what information is required in order to provide you with the product or service you have requested.

At present, Expedia, Inc. centralises its records of PII for all Expedia operations, including Expedia.co.uk, in the United States. As a consequence Expedia, Inc. may perform some of its data processing of your PII outside of the United Kingdom, for example in the United States. To do this, Expedia, Inc. may transfer your PII internationally to other countries including the United States. Some of the countries may have laws that protect your PII, some may not. Expedia, Inc. will protect your PII no matter where we process or store your data by following this privacy statement. By becoming a member of Expedia.co.uk you give your consent to this transfer of your PII.

Expedia.co.uk collects PII when you:

• Become an Expedia.co.uk member
• Complete a traveller profile
• Purchase travel
• Use the Travel Arranger service
• Participate in a survey, contest, or sweepstakes
• Contact Expedia.co.uk

Traveller profile information
Expedia.co.uk collects the full name and contact number for a traveller when a travel reservation is made. We may also collect information about each traveller's preferences, including meal requests, seat selection, frequent flyer/hotel/car hire programmes and membership numbers, and ticketing options. This information is stored in the My Profile area of a member's Expedia.co.uk account.

When someone other than yourself is accompanying you on travel purchased through Expedia.co.uk, we may collect PII and travel preferences about that individual. You should obtain the consent of other individuals prior to providing Expedia.co.uk with their full names, contact numbers, and travel preferences, as they will be unable to directly access our systems to view or change any information you provide on their behalf.

Travel purchase information
Expedia.co.uk collects the billing address of the credit card that is used to purchase travel. We will also collect credit card information, including card number, card type, cardholder name, and expiry date, in order to bill you for travel purchased through Expedia.co.uk. Please view our Credit Card Guarantee for additional information on Expedia's commitment to protecting your credit card security.

Travel Arranger information
Expedia.co.uk offers you the ability to authorise others to make and purchase travel arrangements on your behalf and allows you to become an authorised Travel Arranger for other Expedia.co.uk members. If you elect to participate in this service, Expedia.co.uk will collect the email address of the person you are authorising to make travel arrangements on your behalf or for whom you are requesting authorisation to make travel arrangements.

Surveys, contests, and sweepstakes information
Occasionally, Expedia.co.uk may offer our members and site visitors an opportunity to participate in a survey, contest, or sweepstakes. Information collected by Expedia.co.uk when you participate in a survey, contest, or sweepstakes may include your full name, email address, and street address.

Contacting Expedia.co.uk
Expedia.co.uk collects PII such as your full name, Member ID, email address, and/or contact number whenever you submit a question or suggestion, or request assistance with viewing your itinerary, logging on to Expedia.co.uk, or accessing your account.

Our partners
Expedia.co.uk has partnered with reputable third parties to offer our members and site visitors a variety of products and services. All travel services throughout Expedia.co.uk that are provided by a third-party partner are described as such. Although we only work with reputable third parties, our business partners may have different privacy policies and practices than Expedia.co.uk. We encourage you to review our business partners' privacy policies to further understand their procedures for collecting, using, and disclosing your information.

Other information we collect
Some information is collected automatically every time you visit Expedia.co.uk. Expedia.co.uk collects information about your computer and assigns you a "cookie" (a small, unique identifier text file) when you visit Expedia.co.uk. You do not provide this informationit is collected automatically as a means of supporting your visit to our site. This cookie does not contain any PII. Click here to find out more about cookies.

Cookies and other Web technologies
As a member or visitor to Expedia.co.uk you will be assigned a permanent cookie file on your computer's hard drive. You can always choose to not receive a cookie file by enabling your Web browser to refuse cookies or prompt you before accepting a cookie. Be advised that, by refusing to accept a cookie, you will not be able to access many travel services and planning tools offered by Expedia.co.uk.

When you access the My Trips or My Profile areas of the Expedia.co.uk Web site, reserve or purchase travel, or use selected travel planning tools, Expedia requires you to sign in as a member, using your Member ID and password. Once you sign in as an Expedia.co.uk member, we record the Member ID and the name on the member account in the cookie file on your computer. We may also record your password in this cookie file if you checked the box entitled "Save this password for automatic sign-in." Your Member ID, password, and the name on your member account is stored in the cookie file as encrypted data, so no one can view the information it contains by obtaining unauthorised access to your computer. Permanent cookie files remain on your computer's hard drive until you manually delete the file.

We may rely on technology that tracks the use of our website and helps us to understand our customers’ choices in order to provide you with promotions about travel-related and other goods and service that you may be interested in.

A cookie file may also be placed on your hard drive by Expedia.co.uk's third-party advertising companies or by Microsoft, Expedia.co.uk's Corporate Affiliate. These companies may use aggregated statistics about your visits to this and other Web sites in order to provide advertisements about travel-related goods and services that you may be interested in. The information they collect does not include your PII.

The third-party advertising companies may also employ technology that is used to measure the effectiveness of ads. This is primarily accomplished through the use of an action tag (also known as an invisible gif), which the third party places on our site to collect anonymous information. They may use this anonymous information about your visits to this and other sites in order to provide advertisements about goods and services of potential interest to you. No PII is collected during this process. The information is anonymous and does not link online actions to an identifiable person.

Computer information
Expedia.co.uk collects certain technical information from your computer each time you request a page during a visit to Expedia.co.uk. This information is collected from your computer's Web browser and may include your IP address, operating system, Web browser software (i.e., Netscape Navigator or Internet Explorer), screen resolution, and referrer Web site. Wireless users: Please check with your wireless company if you are using your cellular phone to access the Internet to understand whether PII may be used to identify you.

Use of your information
Information collected on Expedia.co.uk may be used to:

• Register you as an Expedia.co.uk member
• Plan and purchase travel
• Notify you of travel changes through the Travel Alerts service
• Notify you of new or unique travel opportunities, special deals or promotions that are available on Expedia.co.uk
• Send you promotional emails regarding other companies’ products or services
• Respond to your questions or suggestions
• Improve the quality of your visit to our site

Travel planning and purchase
Information collected when you complete your traveller profile is used to confirm and process your travel reservation. In addition, information collected from you when you purchase travel is used to bill your credit card and deliver your travel itinerary, either electronically or through the mail.

Travel Alerts notification
In the event your travel plans are disrupted because of mechanical, weather, or carrier business conditions, Expedia.co.uk may send you an email notification to inform you of these conditions and help you make alternative travel arrangements.

Email notifications
If you chose to receive communications from Expedia.co.uk about special promotions when registering as an Expedia.co.uk member, we may use your email address to send you communications about surveys, contests, sweepstakes, promotions, flight specials, Before You Go information, or other travel opportunities on Expedia.co.uk and its marketing partners. If you choose to receive our Fare Tracker service, your email address will also be used to notify you of current fares to cities you have selected. We may use your email address or telephone number to contact you about changes to your purchased travel itinerary.

Responses to your questions or suggestions
We will use your email address or telephone number to respond when you submit a question or suggestion, or request assistance with viewing your itinerary, logging on to Expedia.co.uk, or accessing your account.

Improving the quality of your visit to our site
We collect information about your computer (not your name, address, email address, or telephone number) through your permanent cookie file for the purpose of assessing the effectiveness of site content and traffic. This data allows us to improve the quality of your visit by streamlining your ability to navigate the site and develop featured programmes and content that will be of interest to our members and site visitors.

Sharing your information
Expedia.co.uk does not sell or rent your PII to anyone.

Corporate affiliates
If you access Expedia through msn.expedia.co.uk, we share technical information about your computer (collected through the assigned cookie file) with Microsoft, our Corporate Affiliate. This information is used by Microsoft for the purpose of assessing the effectiveness of site content and Web traffic navigation across the MSN network of Internet services. This is the only information Expedia shares with Microsoft and Microsoft does not have access to the PII you have provided to Expedia.

Service providers
We only provide information about travel either reserved or purchased on Expedia.co.uk to third parties that provide services or functions on behalf of Expedia.co.uk. Our service providers need information about your traveller profile, as well as your credit card information, to process and confirm your travel reservation. These service providers will disclose information about your traveller profile to hotel, airline, cruise, and/or car hire suppliers whose products you have purchased. Like any other travel agent, this information must be shared with our travel suppliers to confirm your reservation and travel preferences. Although Expedia.co.uk offers travel products from hotel, airline, cruise, and car hire suppliers that are reputable companies, we have not placed limitations on these suppliers from using or disclosing your information without your permission. Therefore, we encourage you to review the information privacy practices of any travel suppliers whose products you purchase on Expedia.co.uk. In addition, these travel suppliers may also contact you as necessary to obtain additional information about your confirmed reservation.

Expedia.co.uk will occasionally share aggregated information with our service providers. This information does not contain any PII and is used to develop featured programmes and content that will be of interest to our members and site visitors.

In the event that you make a new, or update an existing, travel reservation by calling our call centre number, your information may be accessed by a third-party service provider, as necessary, to respond to your request for customer service.

Expedia.co.uk may contract a reputable third-party to facilitate the distribution of survey, promotion, or sweepstakes programs. Upon completion of these projects, all information is returned to Expedia.co.uk.

Our legal obligations
Expedia.co.uk may be required by law to disclose information you have provided in obtaining our travel products or services in the good-faith belief that such action is necessary to (a) conform to the edicts of the law or comply with legal process served on Expedia, Inc. or the site; (b) protect and defend the rights or property of Expedia, Inc., the site or the users of, and (c) act under exigent circumstances to protect the personal safety of users of Expedia, Inc., the site or the public.

Under US Law, airlines are required to provide the US Department of Homeland Security with certain information about passengers travelling between the European Union and the US. A list of FAQs has been compiled by the Article 29 Data Protection Working Party to provide further information to passengers: click here

Other Web sites
There are several places throughout Expedia.co.uk that may link you to other Web sites that do not operate under Expedia.co.uk information privacy practices. When you click through to these Web sites, Expedia.co.uk information privacy practices no longer apply. We recommend that you examine the privacy statements for all third party Web sites to understand their procedures for collecting, using, and disclosing your information.

Control over and access to your information
Expedia.co.uk believes that members and site visitors should have control over the collection and use of their PII. You have access to your information in the following areas of Expedia.co.uk:

My Profile
The My Profile page on Expedia.co.uk allows members to view and change their account settings. The email settings option lets you change your email address and subscribe or unsubscribe to the Fare Tracker or special promotional notification services. You can also change your password and elect to have an automatic password sign-in when logging on to Expedia.co.uk. You can add new travellers and delete existing travellers from your member profile; update or correct names, phone numbers, passport information, and emergency contacts for travellers associated with your profile; and update your travel preferences.

You can also close your Expedia.co.uk account by selecting the Account Closure option. Once you close an account, you will not be able to sign in or access any information associated with the account, but you can open a new account at any time. We will send you an email confirming your account closure to the email address contained in your member profile.

My Trips
The My Itineraries page on Expedia.co.uk allows members to view, update, or delete their saved itinerary. Members can also change their Fare Tracker preferences.

Communications from Expedia.co.uk
Members will receive communications from Expedia.co.uk when they:

• Sign up to become an Expedia.co.uk member
• Request to close an account
• Purchase travel
• Elect to receive Fare Tracker, Travel Arranger, Before You Go, or other special promotional marketing communications
• Win a contest or sweepstake
• Contact Expedia.co.uk with questions/suggestions

Sign up to become an Expedia.co.uk member
When you sign up as a new Expedia.co.uk member, you will receive a "Welcome to Expedia.co.uk" email. This email contains your Member ID and describes the benefits of using Expedia.co.uk for planning and purchasing your travel needs.

Request to close an account
When you complete an Account Closure request, we will send you an "Account Closure Confirmation" email.

Purchase travel
Each time you purchase travel through Expedia.co.uk, or change or cancel a confirmed travel reservation, you will receive confirmation of your travel itinerary via email. In the event that your travel plans are disrupted because of mechanical, weather, or carrier business conditions, Expedia.co.uk may contact you to inform you of these disruptions and help you make alternative travel arrangements.

Elect to receive Fare Tracker, Travel Arranger, Before You Go, or other special promotional marketing communications
As a registered Expedia.co.uk member, you will occasionally receive emails notifying you of special promotions or other travel news. Special promotional emails are intended to inform you of new or unique travel opportunities or special deals that are available on Expedia.co.uk. If you have purchased travel services, you may also receive a Before You Go email that provides information about your destination, such as weather conditions, current events, or items of interest. If you choose to receive our Fare Tracker service, we will use your email address to notify you of current fares to cities you have selected.

You can discontinue your subscription to Expedia.co.uk's promotional email services at any time on the My Profile page under the heading "Email settings." You can also unsubscribe to the Fare Tracker or special promotional emails at any time by replying to the email with the word "unsubscribe" in the subject line.

Request customer support or submit questions/suggestions
When you request assistance with viewing your itinerary, logging on to the Expedia.co.uk Web site, or accessing your account, we will respond to you via email or telephone.

FAQs on the transfer of air passenger information to the US authorities

1. What sort of passenger information will be transferred to US authorities?

United States law requires airlines operating flights to, from, or through the United States (US) to provide the US Department of Homeland Security (DHS) with certain passenger data to facilitate safe travel and to secure US security. The passenger data falls into two categories.

• Passenger Name Record (PNR) : This includes a variety of information provided during the booking process or held by airlines or travel agents, such as the passenger’s name, contact details, details of the travel itinerary (such as date of travel, origin and destination, seat number, and number of bags) and details of the reservation (such as travel agency and payment information) or other information (such as affiliation with a frequent flier program);

• Advanced Passenger Information (API): this includes mainly information contained on a passenger’s passport and is often collected at check-in. This information is provided prior to arrival to frontier control authorities. This is also used to screen passengers against lists of persons believed to pose a threat to aviation security.

These FAQs relate primarily to PNR data as this is regulated in accordance with the International Agreement signed on 16 October 2006 between the European Union and the United States. The European Union will make sure that air carriers comply with these obligations.

For a more detailed explanation of the way DHS handles PNR collected from flights between the European Union (EU) and the US, please refer to the Undertakings of the Department of Homeland Security, Customs and Border Protection ("PNR Undertakings") published in the US Federal Register, Volume 64, No 131, p.41543. You can also access them as an Annex to Commission Decision 2004/535/EC, available click here

2. Why is my Passenger Name Record being transferred to US DHS before I travel to, from, or through the United States?

The main purpose of collecting PNR information in advance of flights is to facilitate safe travel between the EU and the US and to safeguard US security. DHS uses Passenger Name Record (PNR) data from flights between the EU and the US for the purposes of preventing and combating:

• terrorism and related crimes;
• other serious crimes, including organised crime, that are transnational in nature; and
• flight from warrants or custody for crimes described above.

DHS can obtain most of the information contained in PNR data when they examine an individual’s airline ticket and other travel documents as part of its normal border control functions. The ability to receive this PNR data electronically in advance of passengers' arrival at or departure from ports of entry in the US significantly enhances DHS’s ability to carry out efficient and effective advance risk assessment of passengers.

3. What is the legal framework for the transfer of PNR data?

By legal statute (title 49, United States Code, section 44909(c)(3)) and its implementing (interim) regulations (title 19, Code of Federal Regulations, section 122.49b), each air carrier operating passenger flights in foreign air transportation to or from the US must provide DHS with electronic access to PNR data collected and contained in the air carrier’s reservation and/or departure control systems.

DHS has published Undertakings to use these data in accordance with certain conditions which concern, in particular:

• the purpose of the processing;
• the data used;
• the method of accessing the data;
• the maximum storage time;
• the security measures used;
• the disclosure of the data to other parties; and
• how you can access your data and make a complaint.

Based on DHS implementing the Undertakings, the European Union and the United States concluded an International Agreement signed on 16 October 2006, and the European Union will now make sure that air carriers provide DHS with PNR data.

The competent authorities in EU Member States, in particular national Data Protection Authorities, may use their existing powers to suspend data flows to DHS to protect individuals with regard to the processing of their personal data in cases where DHS breaches the applicable standards of protection as set out in the Undertakings.

4. Is sensitive data included in the PNR data transfer?

Certain PNR data identified as “sensitive” may be included in the PNR when it is transferred from reservation and/or air carrier departure systems in the EU to DHS. Such “sensitive” PNR data would include certain information revealing the passenger's racial or ethnic origin, political opinion, religion, health status or sexual preference. DHS has undertaken that it will not use any “sensitive” PNR data that it receives from air carrier reservation systems or departure control systems in the EU. DHS has put in place an automated filtering program so that “sensitive” PNR data is not used.

5. Will my PNR data be shared with other authorities?

PNR data received in connection with flights between the EU and the US may be shared with other domestic and foreign government authorities that have counter-terrorism or law enforcement functions, on a case-by-case basis and under specific data protection guarantees, for purposes of preventing and combating terrorism and other serious criminal offences; other serious crimes, including organised crime, that are transnational in nature; and flight from warrants or custody for the crimes described above.

PNR data may also be provided to other relevant government authorities, when necessary, to protect the vital interests of that passenger or of other persons, in particular as regards to significant health risks, or as otherwise required by law.

6. How long will DHS store my PNR data?

PNR data from flights between the EU and the US will be kept by DHS for a period of three years and six months, unless DHS manually consults that particular PNR data. In such cases, PNR data will be kept by DHS for an additional eight years. Additionally, information that is linked to a specific enforcement record will be maintained by DHS until the enforcement record is archived.

7. How will my PNR data be secured?

DHS will keep PNR data from flights between the EU and the US secure and confidential. Careful safeguards, including appropriate data security and access controls, will make sure that the PNR data is not used or accessed improperly.

8. Who will make sure that the PNR Undertakings are complied with?

The Department of Homeland Security Chief Privacy Officer is statutorily obliged to make sure that all parts of that Department handle personal information in a manner that complies with relevant law. He is independent of any directorate within DHS and his findings are binding on the Department. He will exercise oversight over the program to ensure strict compliance by DHS and to verify that proper safeguards are in place.

9. Can I request a copy of my PNR data that is collected by DHS?

Any passenger may request more information about the types of PNR shared with DHS and may ask for a copy of that passenger's PNR data contained in DHS databases.

As permitted by the Freedom of Information Act and other US laws, regulations, and policies, DHS will consider a request for documents by a passenger regardless of their nationality or country of residence, including PNR documents in its possession. DHS may deny or postpone disclosure of all or part of a PNR in certain circumstances (e.g., if it could be reasonably expected to interfere with pending enforcement proceedings or would disclose techniques and procedures used in law enforcement investigation).

In cases where DHS denies access to PNR data under an exemption of the Freedom of Information Act, you can administratively appeal this decision to the Chief Privacy Officer of DHS, who is responsible for both privacy protection and disclosure policy for DHS. A final agency decision may be judicially challenged under US law.

10. Can I request that corrections be made to my PNR?

Yes. Passengers may seek to correct their PNR data that is contained in DHS databases by contacting the offices indicated below in FAQ 12. DHS will note corrections that it determines are justified and properly supported.

11. Who do I contact in the US regarding this program?

General inquiries about PNR data or inquiries about my PNR data

If you wish to make an inquiry about PNR data shared with DHS or seek access to PNR data held by DHS about you, please write to: Freedom of Information Act (FOIA) Request, U.S. Customs and Border Protection, 1300 Pennsylvania Avenue, N.W., Washington, D.C. 20229. For further information regarding the procedures for making such a request, you may refer to section 19 Code of Federal Regulations, section 103.5 (www.dhs.gov/foia).

Concerns, complaints, and correction requests

If you wish to file a concern, complaint, or request for correction regarding PNR data, please write to: Assistant Commissioner, DHS Office of Field Operations, US Customs and Border Protection, 1300 Pennsylvania Avenue, N.W., Washington, D.C. 20229.

Decisions by DHS may be reviewed by the Chief Privacy Officer of the Department of Homeland Security, Washington, DC 20528. An inquiry, complaint or request for correction of PNR data may also be referred by a passenger to the Data Protection Authority (DPA) within their EU Member State for further consideration if appropriate.

12. Who do I contact if my complaint is not resolved?

If your complaint cannot be resolved by DHS, the complaint may be directed, in writing to the Chief Privacy Officer, Department of Homeland Security, Washington, DC 20528. The Chief Privacy Officer will review the situation and try to resolve the complaint. You can make a complaint via the DPA in your country. For contact details of the DPA in your country, please click here.

The Chief Privacy Officer has committed to deal with complaints received from the Data Protection Authorities of European Union Member States on behalf of an EU resident, when that resident has authorised the DPA to act on their.

13. How can I get more information?

You can get more information about how your airline handles your personal data by contacting your airline in your country.

Protecting your information
We want our members and site visitors to feel confident about using Expedia.co.uk to plan and purchase their travel, so we are committed to protecting the information we collect. Expedia.co.uk has implemented a security programme to keep information that is stored in our systems protected from unauthorised access. Currently, Expedia.co.uk only stores the information you provide when registering to become an Expedia.co.uk member, create a travel profile, purchase travel, or use selected travel tools such as Fare Tracker.

Our systems are configured with data encryption, or scrambling, technologies, and industry-standard firewalls. When you send personal information to Expedia.co.uk over the Internet, your data is protected by Secure Socket Layer (SSL) technology to ensure safe transmission.

Expedia.co.uk has also obtained a digital certificate from RSA Data Security, Inc., a top maker of hardware and software used to protect and manage computer network access. To view this site certificate on each secured page, click on the image of the closed lock or the solid key on the bottom bar of your browser window. A small frame displaying site security information will pop up.

• For Internet Explorer users: Click on the word "Subject" to verify that you are on the Web site www.expedia.co.uk. Click on "Issuer" to verify the site certification authority.
• For Netscape Communicator users: Click on "View Certificate" to verify that you are on the Web site www.expedia.co.uk and to verify the site certification authority.

Regardless of later updates, we will abide by the information privacy practices described in this Privacy Statement at the time you provided us with your information.

If you have questions about our Privacy Statement, please email us.

Contacting Expedia.co.uk
We want to make sure you have control over your online travel experience as an Expedia.co.uk customer, from planning and purchasing your travel to protecting your personal information.

Expedia.co.uk customer service travel agents are ready to help with your Expedia.co.uk travel concerns seven days a week. When you need help, use our feedback form. All email receives a response within 24 hours. You may also call 0871 226 0808 (Call cost from 10p/min) or from outside the UK on +44 (0) 28 90444609 (usual costs apply) from 8am - 10pm Monday to Friday, and 9am - 10pm at weekends to speak to a representative personally. Agents will address any questions or concerns you may have about your Expedia.co.uk travel planning or purchases. We will do our best to respond to your request for assistance or other questions about Expedia.co.uk within 24 hours.

In addition, you may directly contact the travel supplier at the phone number or address provided on your travel itinerary.