top of page

Privacy Policy

Our Commitment to Your Privacy

​

Wishlist Getaways LLC (“Wishlist Getaways” or “we” or “us”) is committed to protecting the privacy of our potential and existing customers. Wishlist Getaway's privacy policy (the “Privacy Policy”) applies to all Personal Data (as defined below) processed by us, including Personal Data collected or submitted through our websites, emails, mobile applications or through our official social media pages or through other channels online and offline as further described below (collectively the “Wishlist Getaways services or products”). If you cannot, or will not, provide us with the personal information we reasonably require, we may be unable to provide you with the information, goods or services you have requested.

​

How we collect your Personal Data

​

Data that we will be collecting from our customers:

  • Identity data: first name, last name, passport copy, username or similar identifier, title, date of birth, and gender.

  • Contact data: billing address, delivery address, email address, and telephone numbers.

  • Financial data: bank account and payment card details.

  • Other data: personal preferences, dietary requirements etc.

  • Transaction data: details about payments to and from you and other details of products and services you have purchased from us.

  • Technical data: Includes internet protocol (IP) address, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform, and other technology on the devices you use to access this website.

  • Profile data: customer's username and password, purchase or order history, your interests, preferences, feedback, and survey responses.

  • Enquiries, Bookings, and Complaints: information created while managing your enquiries, reservations, or complaints.

  • Contract Fulfillment: data produced during the delivery of services or fulfillment of agreements.

  • Data Analysis: insights derived from analyzing personal data to enhance our services and overall customer experience.

  • Usage data: information about how you use our website, products, and services.

  • Marketing and Communications data: Includes your preferences in receiving marketing from us and your communication preferences.

  • Call Recordings: recordings of calls made to our reservation centres.

Purpose: This information is used to support operations, improve service quality, enhance customer support, and conduct business analysis.

Legal Basis: We process this data based on our legitimate interests in providing and refining our services, meeting contractual responsibilities, and fulfilling legal obligations.

​​

We collect Personal Data in a variety of ways:

  • Directly: Information is collected directly from you, by you providing the information directly to us in writing and completing a physical form.

  • Offline: for example when you contact customer service, enroll in a product or service or provide information to us in writing.

  • Online: for example when you sign up for a newsletter or a brochure or enroll in or use a product or service. We also collect Personal Data: through cookies (pieces of information that a website transfers to your computer's hard disk for record-keeping purposes. We use both session and persistent cookies. The use of cookies is an industry standard, used to provide useful features for customers), through your use of a mobile application (when you download and use one of our mobile applications, and to the extent allowed by your privacy settings in the application, we track and collect mobile application usage data), through your device (provided that you have enabled that function on your device, we collect the physical location of it to provide you with personalized location-based services and content), through links (we track and collect information about how users interact with links across products and services, including through email and links made available through third party services), through browsing our site (we may also collect information about your use of our services through your browser to trace activity on our sites, such as your IP address, Media Access Control (MAC) address, computer type, screen resolution, operating system name and version, device manufacturer and model, language, Internet browser type and version, service provider, time of visit, page(s) visited on our website) and from other sources (we may receive your Personal Data from other sources, such as public databases; licensed databases from third parties; joint marketing partners such as marketing agencies or providers of software and services for digital marketing automation and analytics; social media platforms, including but not limited to; Facebook, Instagram, LinkedIn, YouTube and messenger services such as WhatsApp or Facebook Messenger; from people with whom you are friends or otherwise connected with on social media platforms, as well as from other third parties). 

​

Sharing data with Third Parties

​

We will share personal data about you from third parties, including: providers of holidays and tours, accommodation facilities, transport companies and travel services. This will be required date to fulfill bookings and provide comprehensive travel services.​

Wishlist Getaways, along with any affiliated subcontractors, or other authorized tour operators processing your personal data on our behalf, may transfer, store, and handle your personal data within both the European Economic Area (EEA) and the United States. In some cases, your data may also be transferred outside the EEA and the U.S., but only to other companies within our group or to third parties with whom we have agreements based on the European Commission’s Standard Contractual Clauses. We require all group entities and contracted partners to follow consistent data protection standards, ensuring your personal data remains secure and adequately safeguarded during such international transfers.

​

Children's personal information

​

Our website is not intended to be used by children, as defined under data protection laws, and we may not always be able to determine a user’s age. If a child has provided personal information without the consent of a parent or guardian, we ask that the parent or guardian reach out to us. If we become aware that a child’s data was collected without proper consent, we will delete the child’s account, if one exists.

In certain situations—such as processing bookings, purchasing travel services, or offering family-oriented travel features—we may need to collect personal information about children. When doing so, we adhere to strict guidelines to ensure the data is handled lawfully, only when necessary, and with appropriate security measures.

If you have any concerns about how we manage children’s personal information, or if you’re a parent or guardian who would like to update or remove your child’s data, please contact us at office@wishlistgetaways.com

​

Legal Bases for Processing 

 

We are using your personal data under the following legal bases:

  • Consent: You have explicitly agreed to allow us to use your personal data for a defined purpose, such as arranging travel, booking hotels, securing transportation, making restaurant reservations, and similar services.

  • Contract: We need to process your data either to fulfill a contract we have with you or to carry out actions you’ve requested before entering into a contract.

  • Legal Obligation: We are required to process your data to comply with legal responsibilities that apply to us.

  • Legitimate Interests: We process your data because it’s necessary for our legitimate business interests—or those of a third party—unless your rights and interests outweigh those reasons.

​

Marketing communications

​

You may receive marketing messages from us if you've requested information or purchased our products or services—unless you've chosen to opt out. If you’ve agreed to receive marketing, we may also send you promotional content from our partners or operators offering similar products. This may include communications following brochure requests or quote inquiries (RAQs).

Additionally, we might receive your contact details from third-party lists where you’ve given permission for your information to be shared for marketing purposes. This helps us provide you with relevant updates and promotional offers about our services.

If you’d rather not receive marketing communications from us or our partners, you can opt out at any time by using the unsubscribe link in any marketing email or by getting in touch with us directly. To stop receiving marketing via direct mail, you can complete a designated opt-out form.

​

Safeguarding your information

​

Protecting a Traveller’s personal information is a priority for us. Wishlist Getaways takes commercially reasonable measures to safeguard this information from risks such as loss, theft, unauthorized access, cyber attacks, disclosure, copying, use, alteration, or destruction. We use a combination of physical, administrative, and technological protections to help ensure data security. However, no system for transmitting or storing data can be guaranteed completely secure. If you believe your interaction with us may no longer be secure, please contact us right away.

We are committed to safeguarding your personal data through robust security measures designed to prevent unauthorized access, loss, or disclosure:

  • Physical Security: restricted access to secure facilities and storage areas.

  • Encryption & Network Protection: use of encryption, firewalls, and advanced security technologies.

  • Access Management: limited access to data, enforced through strong authentication methods.

  • Data Minimization: we only collect and retain data that is strictly necessary.

  • Monitoring & Audits: routine assessments to identify vulnerabilities and ensure compliance.

  • Staff Training: continuous education on best practices in data protection.

  • Incident Response: swift and structured approach to handling data breaches.

  • Third-Party Oversight: compliance ensured through contractual agreements.

  • Privacy by Design: privacy considerations built into all systems and processes from the outset.

  • Ongoing Enhancements: regular updates to improve and strengthen security protocols.

These practices help ensure your personal data is protected and managed with care at all times.

​

Unsubscribe from Email Marketing

​

We respect our users’ privacy, and you have the option to opt out of receiving marketing emails by following the unsubscribe link included in those messages or emails. However, please be aware that even if you choose to stop receiving promotional emails, we may still contact you about your account or any transactions you’ve made with us.

​

Deletion Request Rights

​

You have the right to request that we delete any of your personal information that we collected from you and retained, subject to certain exceptions. Once we receive and confirm your verified consumer request, we will delete (and direct any service providers to delete) your personal information from our records unless an exception applies, which may include but is not limited to information needed: complete your transaction or provide requested services, fulfill our contractual obligations, detect and prevent security threats or illegal activity, support internal operations aligned with your relationship with us, comply with legal requirements, and use the data in other lawful ways consistent with the purpose for which it was collected.

 

Updating this privacy policy

​

We may revise this Privacy Policy from time to time, with changes taking effect once the updated version is posted on our website. If any significant updates affect the personal information you've already provided, we may inform you and request your consent where necessary. This Privacy Policy was last updated on May 8, 2025. We encourage you to review this page regularly to stay informed about any changes. By continuing to use our website after updates are made, you agree to the revised policy.

​

​

​

​

bottom of page