PRIVACY POLICY

  1. Welcome
  2. Data Protection Officer
  3. How we use your personal information
  4. General use of our websites and services 
  5. Sharing information with third parties
  6. Retention of your information
  7. Security of your information
  8. Data Subject Rights
  9. UK GDPR
  10. The California Consumer Privacy Act (CCPA)
  11. Making a complaint
  12. Sensitive information and information from minors
  13. Updates to this Privacy Policy

1. Welcome 

The Club is operated by Airport Dimensions Holdings Ltd. trading as “Airport Dimensions”, a wholly owned subsidiary of The Collinson Group Ltd. (“Collinson Group”). At The Club ("we, us, our,") we respect and commit to protecting your personal data.  

This Privacy Notice covers the way we handle your personal data that we receive from yourself and from our third parties, what your rights are and our contact details if you need further information or wish to make a complaint.  

It informs you about the types of personal data we collect, why we collect it, what we use it for, what your rights are and how to contact us. Contact details are provided at the end of this notice.  

2. Data Protection Officer 

The Club has appointed a Group Data Protection Officer (“DPO”) through our parent company Collinson Group. If you would like to contact the DPO or the Data Protection Team please contact us by email at dataprotectionteam@collinsongroup.com or by post to The Data Protection Officer, Collinson Group, 3 More London Riverside, London, SE1 2AQ, United Kingdom. 

3. How we use your personal information 

Customers: 

We collect your personal data to enable us to provide you with our services. This includes information you provide when you use our websites and/or our services. The lawful basis to process your information for the use of our services is the performance of a contract. The lawful basis to process your information for purposes such as marketing is consent. The lawful basis to record calls and collect feedback from you to improve our products and services is legitimate interests.  

- Pre-bookings: 

When you book a lounge with us, we will collect personal data such as your name, address, email address, contact number, flight details, reason for travel and payment details. If you have registered with us, we will collect your email address and password to retrieve your information. This information helps us to correctly identify you, use your information to provide you with the services and keep records about your purchases.  

We do not store your full payment card details are your payment is processed by our trusted third-party payment processor. 

- Enquiries 

When you contact us via our website at Contact Us – The Club Airport Lounges, we collect your full name, email address, phone number and lounge visit details. The content of your message may also contain further personal information and will be handled in accordance with the UK General Data Protection Regulation (UK GDPR) and California Consumer Privacy Act (CCPA). We also may record your calls with us and store copies of emails sent.  

- Marketing and Advertising 

Where you provide your consent, we will use your email address to send you information about our company and similar products and services that might be of interest to you. This includes details of news and exclusive offers to improve your travel experience. You can unsubscribe and opt-out of receiving future communications from us about special offers and product information at any time by following the instructions contained within any message you receive or by using our ‘contact us’ form here. If you opt-out of marketing via our contact us form, you will stop receiving marketing from us within 5-15 business days. Please note, this does not apply to service communication, market research, customer surveys or any other processing outside of direct marketing.  

- WiFi 

When you sign up to The Club WiFi, we will collect technical information about your device including IP address, MAC address and browsing data to provide you with access to our WiFi network.  

4. General use of our websites and services 

We collect statistics about your use of our services, such as what sections of the website you visit. We may also collect information about how our website and services are performing. For example, each time you visit our website, we may automatically collect the following information:  

- Technical information, including the type of mobile device you use, a unique device identifier, mobile network information, your mobile operating system, the type of mobile browser you use, time-zone setting, details of your use of our website including, but not limited to, traffic data and location data.  

- We use Google analytics to track customer behaviour on our website. You can read more about how Google processes this information here. 

5. Sharing information with third parties 

We use data processors who are third parties that provide certain elements of services on our behalf. We have contracts in place with our data processors which means that they cannot do anything with your personal data unless we have instructed them to do so. They will not share your personal data with any organisation other than us, unless we have provided approval. They will hold personal data securely and retain it for the period that we have instructed.  

In certain circumstances we are legally required to share information. For example, under a court order. We may also share information with regulatory bodies or statutory agencies for their own purposes to safeguard national security and prevent and detect crime. In each case, we will ensure that we have a lawful basis to share this information and document our decision making.  

Where we provide links to websites of other organisations, this privacy notice does not cover how that organisation may process personal information. You should read the privacy notice provided by other websites that you visit.  

Where we share your personal data with third parties, they will only use it in compliance with data protection legislation. We will always ensure the processing is legitimate and proportionate including in relation to any international transfers.  

We may disclose your personal data to any member of the Collinson Group. For more information about our group of companies, please click here to visit our website.  

6. Retention of your information 

The Club has a detailed Data Retention Policy, which sets the requirements to store and retain information in line with regulatory obligations and business requirements. Data will be securely destroyed when it is no longer required. Specific retention periods for information are available on request.  

7. Security of your information 

We use appropriate technical, organisational and administrative security measures to protect any information we hold in our records from loss, misuse, and unauthorised access, disclosure, alteration and destruction.  

8. Data Subject Rights 

The UK General Data Protection Regulation (UK GDPR) gives you certain rights relating to the personal data that is processed by The Club. Please see the list below for details regarding those rights and what they mean. If you wish to exercise any of these rights (or make a complaint regarding data protection) please contact us by emailing marketing@airportdimensions.com. Your request will be reviewed and responded to as quickly as possible and within the timeframes provided for within the applicable data protection legislation.  

Please note that we may charge a reasonable fee or refuse to act on a request if such a request is excessive, repetitive or manifestly unfounded. 

If you make a request, where required, we will confirm your identity and ask you to provide us with information to help us deal with your request. We have one month from receiving your request (provided we have verified your identity) to respond. For complex requests, we may extend this period by a further two months. 

9. UK GDPR 

Right of Access: You have the right to access all personal data and supplementary information that we hold about you. This will allow you to be aware of and verify the lawfulness of us processing your information. 

Right to Rectify: You have the right to request for your inaccurate personal data to be rectified or completed if it is incomplete.  

Right to Erasure: We automatically delete your information from our records when the retention period has expired. Prior to us automatically deleting your information, you have the right to request for your information to be deleted and have your personal information erased from our records, if there is no reason for us to hold your information.  

Right to Restrict Processing: You have the right to object to the processing of your information is it causes unwarranted and substantial damage or distress. If it does, you have the right to require us to stop (or not to begin) the processing in question. This right does not automatically trigger the right to erasure. You will have to request for your personal data to be fully deleted from our records if you wish to exercise your right to erasure.  

Right to Data Portability: You have the right to obtain and reuse your personal data which we hold. This will allow you to move, copy or transfer personal data from one IT environment to another in a safe and secure manner.  

Right to Object: You have the right to object to us using your personal data for direct marketing and profiling. This right can be exercised at any point in time, whether at the point where we collect your personal data, or after we have already collected your personal data. If you wish to object to us processing your personal data, please contact the DPO at our address at the end of this notice. Alternatively, you can unsubscribe from any marketing email you receive by clicking the unsubscribe button. 

Right to Withdraw Consent: You have the right to withdraw your consent at any time. Your withdrawal of consent shall not affect the lawfulness of processing of your data before the withdrawal. You can withdraw consent by contacting our Data Protection Officer or by contacting marketing@airportdimensions.com.   

For US customers, Data Privacy legislation gives you certain rights relating to the personal data that is processed by The Club. Please see the list below for details about these rights and what they mean. If you wish to exercise any of these rights (or make a complaint regarding data protection) please contact us by emailing marketing@airportdimensions.com. Your request will be reviewed and responded to as quickly as possible and within the timeframes provided for within the applicable data protection legislation. Please note that your request will be handled by Airport Dimensions Holdings Limited who reside in the UK.  

10. The California Consumer Privacy Act (CCPA): 

Right to Disclosure: You have the right to disclosure of all the personal information and supplementary information that we hold about you. This will allow you to be aware of and verify the lawfulness of us processing your information.  

Right to Erasure: You have the right to request for your information to be deleted and have your personal information erased from our records, if there is no compelling reason for us to hold your information.  

Right to Object: You have the right to object to us selling your personal information for the use of marketing or analytics. This right can be exercised at any point in time, whether at the point where we collect your personal information, or after we already have collected your personal information. Please note that we will not sell your personal information to anyone.  

11. Making a complaint 

If you have any questions, concerns or complaints about this Privacy Notice, please contact our Data Protection Officer or our Data Protection Team at dataprotectionteam@collinsongroup.com. 

If you are unsatisfied with our response, you can contact the United Kingdom (“UK”) Data Protection Supervisory Authority, the Information Commissioner at: Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, United Kingdom, SK9 5AF 

If located within the EU you can also make a complaint to our lead supervisory authority, Commission Nationale de l'Informatique et des Libertés (‘CNIL’) in France at: 3 Place de Fontenoy, TSA 80715, 75334 PARIS CEDEX 07, France.  

If outside the UK or EU, you can also make a complaint to your local data protection supervisory authority. 

12. Sensitive information and information from minors 

Sensitive Personal Information 

We ask that you not send us, and do not share sensitive personal information (for example, information related to racial or ethnic origin, political opinions, religion or other beliefs, genetic or biometric data, etc.). 

Children’s privacy 

Our business is not directed to minors and we do not promote or market our services to minors. If you believe we have mistakenly or unintentionally collected personal information of a minor, please notify us so that we may immediately delete the information from our servers and make any other necessary corrections.  

13. Updates to this Privacy Notice 

We keep our Privacy Notice under regular review, and we will make new versions available on our Privacy Notice page on our website. This Privacy Notice was last updated in October 2024.