CLOSE

Make a booking

Flight date
Flight time
0
Adults
0
Children (2-11)

Privacy Notice

  1. INTRODUCTION

    Thank you visiting the No1 Lounges website. This privacy notice, together with our terms and conditions sets out important information about the ways in which we collect and use your personal data. We also explain what rights you have with regard to your personal data and how you can exercise those rights.

    We are also open to improvement; if you have any feedback on this notice, contact our Data Protection Officer or EU representative with your thoughts.

  2. WHO WE ARE

    No1 Lounges is a provider of premium airport services. We operate airport lounges and other services at London Gatwick, London Heathrow and Birmingham Airports.

    Our registered office address is:

    No1 Lounges Ltd, Hampton Court, Manor Park, Runcorn, Cheshire, England, WA7 1TT, company number 05778886

  3. Our Data Protection Officer and how to contact us

    If you have any queries about this Privacy Notice or you would like to exercise your rights please contact our voluntarily appointed Data Protection Officer (DPO), Simon Ghent at privacy@no1lounges.com.

    If you are an EU Data Subject you can contact our EU Representative, Rune Peterson, at eurep@fifthsquare.eu Our EU Representative complies with our obligations under GDPR Article 27 and is established in the Republic of Ireland. Please note that our EU Representative is a Third Party. They will process your personal data in accordance with this Privacy Notice.

  4. COMPANIES AND WEBSITES WITHIN SCOPE
    The following companies and websites are within scope for this privacy notice:
    • No1 Lounges Ltd
    • No1 Lounges (BHX) Ltd
    • No1 Lounges (LGW) Ltd
    • No1 Lounges (LHR) Ltd
    • No1 Lounges (LHR) Ltd
    • https://no1lounges.com
  5. HOW WE COLLECT YOUR PERSONAL DATA
    We collect your data in three ways:
    1. Information you provide us

      We will collect and store any information you provide to us when you:

      • register for an account with us;
      • register at one of our lounges or otherwise;
      • book with or purchase a Service from us;
      • enter one of our promotions or surveys;
      • subscribe to our mailing list;
      • complete an enquiry form;
      • apply for a job with us;
      • complete one of our feedback forms; or
      • contact or otherwise correspond with us.

      This information may include your name, address, email address, phone number, payment card information, affiliate membership number, your CV, feedback about our services, any other information you send to us, and/or any other information relevant to the Services that you’re booking or purchasing.

    2. Information from third parties

      We may also collect information about you from third parties that we work closely with for the purposes of delivering to you the Services that you request from us.

      For example, you may book access to our lounges or other Services via third parties such as tour operators, travel agents or other third-party intermediaries. You might also be part of a scheme that permits you access to our lounges. In those circumstances we may receive information from the third parties in relation to your booking with us. This may include your name, applicable membership number or booking reference, lounge facility or Service location, your arrival/flight time and number, number of guests that you have booked or are entitled to access and any comments associated with your booking, such as special requests.

      We may also engage third parties to operate certain Services on our behalf, for example our chauffeur services or airport hosting services. These entities may collect information directly from you about your use of our site or your engagement with the Services that they provide on our behalf.

      We may also receive information about you from third parties where you have consented to such third party sharing your information with us for specific purposes. For example, we might receive information about you from third parties if you have indicated to that third party that you would like to hear from us.

    3. Other Information we collect

      When you visit one of our locations we will capture you on CCTV.

      The table in section 6 below provides more detail about the data we collect for each of these purposes, the lawful basis for doing so, and the period for which we will retain each type of data.

    Technical information

    In addition, to ensure that each visitor to our website can use and navigate the site effectively, we collect the following:

    • Technical information, including the IP (Internet Protocol) address used to connect your device to the internet.
    • Your login information, browser type and version, time zone setting, browser plugin types and versions.
    • Operating systems and platform.
    • Information about your visit, including the URL (Uniform Resource Locator), preferences selected, clickstream to, through and from our site.

    From time to time we may use technologies, such as tracking pixels (also called 1x1 pixels tags), to collect the above information from your interaction with emails we send you. This enables us to focus our marketing to your needs, leading to more relevant emails to our subscribers. It also helps us to identify subscribers that are not engaged with our marketing emails, enabling us to remove them from our send lists.

    Our cookie policy, which can be viewed from the homepage of our website, describes in detail how we use cookies.

    In section 8 below, we identify your rights in respect of the personal data that we collect and describe how you can exercise those rights.

  6. LAWFUL BASIS FOR PROCESSING OF PERSONAL DATA
    1. The table below describes the reason to process your information and the lawful basis. Some data may be shared with third parties; where this happens, this is also identified below.
       
      Reason to Process 3rd Parties involved in Processing Basis to Process
      Provide access to our site and monitor activity and performance. Website Host and Developers Legitimate Interest - to ensure our website is presented in an effective and optimal manner.
      Provide you with our Services that you have purchased – either directly or through a third party. Booking Agent/Affiliate, Payment Service, Booking System Contractual – to ensure we can deliver the service ordered,
      Respond to requests from you MS365, CRM Legitimate Interest – so we can reply to you
      To confirm your membership with an affiliate that permits you access to our lounges Affiliate member Contractual – to ensure your membership is valid
      Contacting you in relation to your booking including customer service and support Marketing Platforms, MS365. Legitimate Interest
      To keep in contact with you about other Services of ours that we believe may interest you: Marketing and CRM Platforms See below
      a) if you are an existing direct customer of ours you haven’t asked us not to contact you Marketing and CRM Platforms Legitimate Interest
      b) if you are a new or prospective customer of ours that you have asked us to contact you Marketing and CRM Platforms Consent / Implied Consent unless the information is supplied by an affiliate/agent
      Share your data with other selected third parties, to enable them to contact you with information about goods or services that may interest you MS365 and with those third parties including our DPO Consent
      To carry out aggregated and anonymised research about general consumer engagement with our Services and site Marketing and CRM Platforms, MS365 Legitimate Interest
      To process any job applications, you submit to us including sharing this with any relevant third-party recruitment agency we use MS365, Reference Agencies, Former Employees at time of offer, Recruitment Agencies Legitimate Interests
      To comply with any airport rules and/or regulations including that of Security Services MS365, Security Services Contractual, Legal Obligation
      To uphold our Legal Rights including cases of claims MS365, Legal Council Legal
    2. Where we use your information for our legitimate interests, we make sure that we take into account any potential impact that such use may have on you. Our legitimate interests don’t automatically override yours and we won’t use your information if we believe your interests should override ours unless we have other grounds to do so (such as your consent or a legal obligation).
  7. STORAGE OF PERSONAL DATA
    1. Data is processed/stored on encrypted systems on-premises and on hosted cloud services such as Microsoft 365.
    2. As such, some data will either be in UK and EU data centres or on US based servers. We may also process your data in countries outside the UK or European Union from time to time in other aspects of our business.
    3. We use the following safeguards with respect to data transferred outside the United Kingdom:
      • the processing is within the same corporate group as our business or the organisation and is obligated to uphold the same standards of Data Protection and Security as our UK entity.
      • the data protection clauses in our contracts with data processors include transfer clauses written by or approved by the supervisory authority in the United Kingdom.
      • we comply with a code of conduct approved by a supervisory authority of the United Kingdom.
    4. We regularly review suppliers for data security compliance to ensure your data is safe and track where your data is held.
    5. We also use your data to market to you, fulfil contractual arrangements or for agreed purposes. Calls may be recorded for information holding, quality and training purposes. Our email, document management and website analytics are used for information purposes. All our processes are subject to various internal policies to ensure that your data privacy and security is upheld.
    6. You may contact us if you are concerned about the processors we use
  8. SUMMARY OF YOUR RIGHTS

    You have the following rights over any data we hold about you:

    • The right to be informed(about: what information is being used, how it is used, for how long it is used, and your rights)
    • The right to access (to see it)
    • The right to rectification (to be able to correct it if incorrect)
    • The right to have it erased once there is no longer a legitimate basis to use it (also known as the right to be forgotten)
    • The right to restrict processing
    • The right to data portability (to be able to share the information with other organisations)
    • The right to object to use
    • Rights regarding automated decision making and profiling.

    You can read more about your rights here.

    If you would like to uphold your rights then please contact our Data Protection Officer at privacy@no1lounges.com

    If you are in anyway dissatisfied with our response you also have the right to lodge a complaint with the Data Protection Authority. This can be done at https://ico.org.uk/concerns/

  9. RETENTION

    Dependant on the data you provide us and for what purpose it is provided we may need to retain your data.

    We operate a data retention policy and look to find ways to reduce the amount of information we hold about you and the length of time that we need to keep it. For example:

    1. we store CCTV footage for 30 days unless an incident occurs to our knowledge that may be required for evidence at a later stage
    2. we archive our email and paper correspondence regularly and destroy information older than 7 years unless we are required to retain it for evidential or legal purposes;
    3. we retain information relating to orders, refunds and customer queries for approximately 7 years unless we are required to retain it for evidential or legal purposes; and
    4. we maintain a suppression list of email addresses of individuals who no longer wish to be contacted by us. We need to keep this information to comply with their wishes not to contact them.

    If you wish to find out more about your specific data retention, please contact us.

  10. DATA PERMISSIONS

    Every marketing email sent from Us allows you to opt out of receiving emails from us, except for the purposes of fulfilling any contractual arrangements.

    You can also contact us at the email address above and request to opt out, view, export or delete your data.

    If you request for your data to be deleted, your name and email address will be added to an exceptions list and all other data removed.

  11. WEBSITE USE

    We use remarketing services from third parties. These rely on the use of cookies. You are provided an option to opt out of these when you visit our site.

    Our website and other materials sent to you may contain links to other third party websites. We may also offer buttons to social media that link to third party services. We’re not responsible for the content or your data privacy these sites provide through their tools or sites.

    This Privacy Policy is reviewed on a regular basis and was last reviewed on the 14/9/2021.