Welcome to our privacy notice (“Privacy Notice”). At Priority Pass ("we, us, our,") we respect and commit to protecting your personal data. Our Privacy Notice, together with our Terms of Use, will explain how we collect, use, store, share and look after your data:
When you interact or use our website and App (together “Website”), or
If you use any of our products, services and or applications (together “services”).

For ease, we have divided our Privacy Notice into sections. At the end of our Privacy Notice, we have also included a Glossary to explain some of the terms mentioned.
Priority Pass is a company registered in England and Wales, at 3 More London Riverside, London, SE1 2AQ with company number 02728518 and is a subsidiary of The Collinson Group Limited (the “Collinson Group”).

Under Applicable Data Protection Law, we are the Controller of your Personal Data we process. We may also act as a Processor if you obtained your priority pass through your card issuer.

The Collinson Group has appointed a Group Data Protection Officer (“DPO”). If you have any questions about this Privacy Notice or would like to know how we handle your Personal Data, please contact the DPO or the Data Protection Team by post at The Data Protection Officer, 3 More London Riverside, London , SE1 2AQ or by email at Data.Protection@prioritypass.com
We are a company with a global presence and must meet many data protection and privacy law requirements in the countries we operate. If you are a resident of California, we must comply with the Californian Consumer Privacy Act (“CCPA”). Please click here for the CCPA notice.

We will collect your Personal Data from:  

  • You e.g. when you register your interest or sign up to use our services or provide us with your marketing preference. 

  • our clients or prospective clients who send us your Personal Data to allow us to give you access to our services or communicate with you.  

  • your devices e.g. when you connect to our Website, use our Website.  

  • through cookies we use on our Websites to secure our Website, to offer you personalised experiences. 

  • third parties such as social media platforms where you may interact with our social media pages, companies within the Collinson Group assisting us with services we offer you, service providers carrying out services on our behalf e.g. marketing and fulfilment partners

The table below outlines the categories of Personal Data we collect and examples of the type.  

 We will use your Personal Data in the following circumstances: 

  • to perform a contract, we have with you (Terms and conditions – to allow us to carry out the test) or about to enter with you. 

  • for our Legitimate Interest (or those of a third party), but only when your rights and freedoms do not override our legitimate interest. Our legitimate interest is, to help us improve our services and products and to obtain feedback from you.

  • to comply with a legal and regulatory obligation.

  • where we have your consent. If we have relied on consent to process your personal data, you have the right to withdraw your consent at any time by contacting info@prioritypass.com


The table outlines the lawful basis we can rely on to process your Personal Data.  

Marketing communications to our clients or other companies 

We send commercial e-mails to individuals at our clients’ or other companies where we want to develop or maintain a business relationship or if they have used or shown interest in our services previously and have not opted out of marketing. 

Marketing within the Collinson Group 

We are part of the Collinson Group. If you consent to receive marketing from other companies within the Collinson Group, we will share your Personal Data with these companies so they can send you information about their products and services and any news that may be of interest to you. Each entity will be a separate Controller for the marketing they send to you and will handle your Personal Data, and any opt outs as set out in their Privacy Notice on their Website.

Third Party Marketing 

With your consent we may share your information with selected third parties and partners outside the Collinson Group for marketing purposes. If you consent, we will share your Personal Data with these partners and third parties. They will handle your Personal Data, and any opt outs as set out in their Privacy Notice on their Website. 

Opting out of Marketing  

Where you consent to receive communication for marketing purposes, you have the right to opt-out.  You can opt-out of receiving marketing communication at any time by following the opt-out links or option in any marketing messages sent to you or by contacting us any time at info@prioritypass.com

If you opt-out of marketing, you will stop receiving marketing from us within 30 days. Please note, this does not apply to service communication, market research or customer surveys or any other processing outside marketing.  

If opting out of marketing by post, please expect 30 days for the marketing to stop. 

Where you consent to receive marketing from our selected partnersthird parties or companies within the Collinson Group. You should contact them directly to opt-out of receiving their marketing communications.

We may share your Personal Data with the following types of companies(Controllers or Processors) for the reasons explained in section 6

Companies (Processors) we will share your Personal Data with include: 

  • IT service providers, data disposal service providers and data storage service providers.

  • Companies within the Collinson Group acting as our processor, to help us provide our services to you e.g. our customer service function to handle your enquiries.

  • Our providers, AWS, who host our Websites

  • Lounges or merchants’providers which you visitas part of your program benefit, so they can record and account for your visit.

  • We also share your Personal Data with payment service providers and data analytics services

We willsend your data to countries outside the UK and the EEA (transfers outside the EEA include transfers to the UK)where different data protection laws may apply.  These transfers will only happen when:

  • we use service provider companies outside the UK or EEA;

  • there is a legal or regulatory obligation;

  • to meet our contractual obligation with you or about to enter with you; or

  • we have your consent. 


Where we transfer your data to a service provider company outside the UK or the EEA, we will implement safeguards so that your data continues to be protected. We protect your data by making sure:

  • the country has adequacy protection approved by the European Commission or UK; or


  • we conduct a security and data protection transfer assessment and put an appropriate contract in place with approved UK or European Commission standard contractual clauses between the company and us.

We will not keep your Personal Data for longer than is necessary. When defining the retention period, we take several factors into consideration, the type and sensitivity of the Personal Data in question, the reason why the data was collected and processed, our legal basis for processing the Personal Data, who the Personal Data relates to and their rights and freedom. We also consider any legal and regulatory requirements to keep the data. Where we are the Processor, we will retain and dispose of the information under instructions from the Controller. 


When the retention period has expired, we dispose of your Personal Data securely. 


If you opt-out of receiving marketing, some Personal Data will be retained and added to our suppression list to ensure we do not market to you again. 

We use appropriate technical, organisational and administrative security measures to protect any information we hold in our records from loss, misuse, and unauthorised access, disclosure, alteration and destruction. We have written procedures and policies regularly audited, and the audits are reviewed at a senior level.


Where personal data is transmitted across the internet, it will be encrypted. Where we have given you (or where you have chosen) a password which enables you to access certain parts of your personal data, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.

We keep our Privacy Notice under regular review, and we will make new versions available on our Privacy Notice page on our website. This Privacy Notice was last updated on08 January 2021



Applicable Data Protection Law

means all applicable worldwide legislation and regulation relating to data protection and privacy including without limitation UK and European Applicable Data Protection Law, the CCPA.


is a person(s) or company (either alone or jointly or in common with other persons) who decides how Personal Data will be processed.

Criminal Data

Data about criminal proceedings or convictions. Criminal Data should be treated in the same way as Special Category Data.


The issuing bank of the membership offering providedtoyou.

Legitimate Interest

Processing Personal Data for our activities and needs including providing you with the best service and experience we can offer. We will balance its interests against any possible impact on to you (both positive and negative), your rights or freedom. Where our interest and needs are overridden by your interests,rightsor freedom, we will not process your Personal Data (unless you provide us with your consent or required by law).

Personal Data

Information relating to an identifiable person, who can be directly or indirectly identified by reference to an identifier.

Privacy Notice

Also referred to as a Fair Processing Notice) or a Privacy Policy)– Privacy Notice is a document explaining to data subject what Personal Data is processed and how a company will process it


is an external company or other third parties that collects and processes Personal Data on behalf of aController.We undertake activity as both a Controller, and a Processor

Special Category Data

Also referred to as sensitive data,is defined as Personal Data relating to the following,race, ethnic origin, politics, religion, trade union membership, genetics, biometrics (where used for ID purposes), health, sex life or sexual orientation.