자주 하는 질문(FAQ) |
When you interact or use our website and App (together “Website”), or
If you use any of our products, services and or applications (together “services”).
For ease, we have divided our Privacy Notice into sections. At the end of our Privacy Notice, we have also included a Glossary to explain some of the terms mentioned.
Under Applicable Data Protection Law, we are the Controller of your Personal Data we process. We may also act as a Processor if you obtained your priority pass through your card issuer.
The Collinson Group has appointed a Group Data Protection Officer (“DPO”). If you have any questions about this Privacy Notice or would like to know how we handle your Personal Data, please contact the DPO or the Data Protection Team by post at The Data Protection Officer, 3 More London Riverside, London , SE1 2AQ or by email at Data.Protection@prioritypass.com
We will collect your Personal Data from:
-
You e.g. when you register your interest or sign up to use our services or provide us with your marketing preference.
-
our clients or prospective clients who send us your Personal Data to allow us to give you access to our services or communicate with you.
-
your devices e.g. when you connect to our Website, use our Website.
-
through cookies we use on our Websites to secure our Website, to offer you personalised experiences.
-
third parties such as social media platforms where you may interact with our social media pages, companies within the Collinson Group assisting us with services we offer you, service providers carrying out services on our behalf e.g. marketing and fulfilment partners
The table below outlines the categories of Personal Data we collect and examples of the type.
We will use your Personal Data in the following circumstances:
-
to perform a contract, we have with you (Terms and conditions – to allow us to carry out the test) or about to enter with you.
-
for our Legitimate Interest (or those of a third party), but only when your rights and freedoms do not override our legitimate interest. Our legitimate interest is, to help us improve our services and products and to obtain feedback from you.
-
to comply with a legal and regulatory obligation.
-
where we have your consent. If we have relied on consent to process your personal data, you have the right to withdraw your consent at any time by contacting info@prioritypass.com
The table outlines the lawful basis we can rely on to process your Personal Data.
Marketing communications to our clients or other companies
We send commercial e-mails to individuals at our clients’ or other companies where we want to develop or maintain a business relationship or if they have used or shown interest in our services previously and have not opted out of marketing.
Marketing within the Collinson Group
We are part of the Collinson Group. If you consent to receive marketing from other companies within the Collinson Group, we will share your Personal Data with these companies so they can send you information about their products and services and any news that may be of interest to you. Each entity will be a separate Controller for the marketing they send to you and will handle your Personal Data, and any opt outs as set out in their Privacy Notice on their Website.
Third Party Marketing
With your consent we may share your information with selected third parties and partners outside the Collinson Group for marketing purposes. If you consent, we will share your Personal Data with these partners and third parties. They will handle your Personal Data, and any opt outs as set out in their Privacy Notice on their Website.
Opting out of Marketing
Where you consent to receive communication for marketing purposes, you have the right to opt-out. You can opt-out of receiving marketing communication at any time by following the opt-out links or option in any marketing messages sent to you or by contacting us any time at info@prioritypass.com
If you opt-out of marketing, you will stop receiving marketing from us within 30 days. Please note, this does not apply to service communication, market research or customer surveys or any other processing outside marketing.
If opting out of marketing by post, please expect 30 days for the marketing to stop.
Where you consent to receive marketing from our selected partners, third parties or companies within the Collinson Group. You should contact them directly to opt-out of receiving their marketing communications.
We may share your Personal Data with the following types of companies, (Controllers or Processors) for the reasons explained in section 6.
Companies (Processors) we will share your Personal Data with include:
-
IT service providers, data disposal service providers and data storage service providers.
-
Companies within the Collinson Group acting as our processor, to help us provide our services to you e.g. our customer service function to handle your enquiries.
-
Our providers, AWS, who host our Websites
-
Lounges or merchants’providers which you visit, as part of your program benefit, so they can record and account for your visit.
-
We also share your Personal Data with payment service providers and data analytics services
We willsend your data to countries outside the UK and the EEA (transfers outside the EEA include transfers to the UK), where different data protection laws may apply. These transfers will only happen when:
-
we use service provider companies outside the UK or EEA;
-
there is a legal or regulatory obligation;
-
to meet our contractual obligation with you or about to enter with you; or
-
we have your consent.
Where we transfer your data to a service provider company outside the UK or the EEA, we will implement safeguards so that your data continues to be protected. We protect your data by making sure:
-
the country has adequacy protection approved by the European Commission or UK; or
-
we conduct a security and data protection transfer assessment and put an appropriate contract in place with approved UK or European Commission standard contractual clauses between the company and us.
We will not keep your Personal Data for longer than is necessary. When defining the retention period, we take several factors into consideration, the type and sensitivity of the Personal Data in question, the reason why the data was collected and processed, our legal basis for processing the Personal Data, who the Personal Data relates to and their rights and freedom. We also consider any legal and regulatory requirements to keep the data. Where we are the Processor, we will retain and dispose of the information under instructions from the Controller.
When the retention period has expired, we dispose of your Personal Data securely.
If you opt-out of receiving marketing, some Personal Data will be retained and added to our suppression list to ensure we do not market to you again.
We use appropriate technical, organisational and administrative security measures to protect any information we hold in our records from loss, misuse, and unauthorised access, disclosure, alteration and destruction. We have written procedures and policies regularly audited, and the audits are reviewed at a senior level.
Where personal data is transmitted across the internet, it will be encrypted. Where we have given you (or where you have chosen) a password which enables you to access certain parts of your personal data, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.