This Privacy Policy was last updated on 25th March 2022. GmbH ensures the privacy of its customers and Suppliers having contractual relationships with us. The contractual relationship may arise with any means where our products are purchased or intent was shown through channels including Website, mobile site, mobile app & offline channels including offices. We protect personally identifiable information by handling it responsibly and safeguarding it using available measures to us.

This Privacy Policy applies GmbH, Our apps, pages, communications, and services including off-site Services, such as our email services, customer care, and support services and the “Contact us”; “Apply with Hotelsatweb” and “Share on” plugins on our digital properties. By using or accessing the Website or other Sales Channels, the user hereby agrees with the terms of this Privacy Policy and the contents herein. In case Hotelsatweb is providing services as part of agreement with your employer, contractor, business partner, affiliate, or any other party who is having a contractual arrangement with Hotelsatweb in such cases the terms and conditions stipulated in such contractual arrangement shall prevail over this data privacy policy.

Our Privacy Policy does not apply to any of third parties, even if their websites/products are linked to our Website.

Following Information are collected as part of our standard procedures as part of our Business Transactions. Some of the Information we may not collect directly but are necessary to be transmitted to a third party as standard procedures.

  • Contact information such as address, email, and mobile phone number
  • Country of residence
  • Credit Card details
  • Passport Number & frequent flyer number (wherever needed)
  • Family details/information (for example, your marital status and dependents)
  • Employment and education details (for example, the organization you work for, your job title and your education details)
  • Financial and tax-related information (like your income, investments and tax residency)
  • Postings or messages on any blogs, forums, platforms, wikis or social media applications ER
  • IP address, browser type and language, your access times
  • Information in any complaints you make
  • Details of how you use our products and services
  • Dietary requirements (for example, while providing your meal preference during flight/ hotel bookings)

If you provide personal information to us regarding individuals other than yourself, you agree

  • To inform the individual about the content of this privacy policy
  • To obtain any legally-required consent, for the collection, use, disclosure, and transfer (including cross-border transfer) of an individual’s personal information, from the individual in accordance with the legal and regulatory requirements

Our Products are intended for the buyers over the Permissible Age. We do not knowingly collect any personal information from you or the market to solicit information from anyone under the Permissible Age. If we become aware that a person submitting personal information is under the Permissible Age, we will delete the account and any related information immediately.

The other information that we collect

  • Analytics: Google Analytics, Appsflyer, Facebook Ads conversion tracking, Google Tag Manager, Intent Media,
  • Adobe Analytics: Cookies, Usage Data and various types of Data as specified in the privacy policy of the service.
  • Infrastructure monitoring: Crashlytics- Geographic position, unique device identifiers for advertising (Google Advertiser ID or IDFA, for example) and various types of Data as specified in the privacy policy of the service.
  • Location-based interactions: Geographical locations
  • Unique device identification: This Application may track Users by storing a unique identifier of their device, for analytics purposes or for storing Users’ preferences.

Q:- How do we collect Personal Data?

Ans. Directly: We obtain personal data directly from individuals in a variety of ways

Individuals who provide us their business card, complete our online forms on our website/mobile app, provide records relating to previous requests or reservations made, Individuals who subscribe to our newsletters and preference center, register for webinars, and attend meetings or events we host, visit our offices. We may also obtain personal data directly when we are establishing a business relationship, performing professional service through a contract, or through our hosted software applications.

Indirectly: We obtain personal data indirectly about individuals from a variety of sources, which includes but is not limited to travel agents, other travel websites, social media, authorized representative from whom you seek travel services on behalf of others and our clients. We may add personal data to our customer relationship management records to better understand and serve you, or to satisfy a legal obligation.

  • Public sources – Personal data may be obtained from public sources such as news articles and Internet searches.
  • Social and professional networking sites – If you register or login to our websites using social media (e.g., LinkedIn, Google, or Twitter) to authenticate your identity and connect your social media login information with us, we will collect information or content needed for the registration or login that you permitted your social media provider to share with us. That information may include your name and email address and depending on your privacy settings, additional details about you, so please review the privacy controls on the applicable service to set how much information you want to be shared with us.
  • Business clients – Our business clients may engage us to provide products/services offered by us which involves sharing personal data they control as part of that engagement. Our services may also include processing personal data under our client’s control on our hosted software applications:

Our Reasons for the processing of your Personal and Professional data

We may rely on the following lawful reasons when we process your personal and professional data to operate our business and provide our products and services:

  1. Contract – We may process personal information in order to perform our contractual obligations to which you (data subject) or our client (data controller) is party.
  2. Consent – We may rely on your freely given, specific, informed and unambiguous consent at the time you provided your personal information to us for one or more specific purposes.
  3. Legitimate interests – We may rely on legitimate interests based on our evaluation that the processing is fair, reasonable and balanced.
  4. Legal obligations– We may process personal information where processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject, which require protection of personal data, in particular where the data subject is a child.

How will we use/process your personal data

We do not sell or trade upon any of the above foregoing information. The foregoing information collected from you is put to the following use:

  • For the purpose of reservation and booking the services for you and for individuals whose information has been provided by you.
  • Information like Credit Card Details and Net Banking Details that we store, in case a customer opts for it, are in adherence to the PCI Compliance and are stored in an encrypted form in a segmented zone. We do not store CVV details.
  • These details may also be processed with the help of certain third parties only for the purpose of processing ‘Cash Back & Discounts’ and Charge Backs, if applicable.
  • Information like Mobile number, e-mail address and postal address may be used for promotional purposes, unless the customer/user opts-out of such use.
  • To manage and respond to any request you submit through our website.
  • To meet legal and regulatory requirements.
  • Promoting our professional services, products and capabilities to existing and prospective business clients/customers.
  • Sending invitations and providing access to guests attending our events and webinars or our sponsored events.

How we use Cookies?

In general, you can visit our website without telling us who you are or revealing any personal information about yourself. We track the Internet address of the domains from which people visit us and analyse this data for trends and statistics, but the individual user remains anonymous.

Some of our web pages use “cookies” so that we can better serve you with customized information when you return to our website. Cookies are identifiers which websites send to the browser on your computer to facilitate your next visit to our website. You can set your browser to notify you when you are sent a cookie, giving you the option to decide whether or not to accept it. The information we collect and analyse is used to improve our service to you. However, our mobile phone application “Adopt-A-Heritage”, does not use cookies.

In order to have a better experience and to use all features in the app, we need below permissions to be used in our app:

  • Camera: We will not access your photos or camera without first getting your permission and we will never scan or import your photo library or camera roll. If you give us permission to access photos or your camera, we will only use images that you specifically choose to share with us.
  • Contacts: We will not scan or import your contacts stored on your phone without first getting your explicit permission. We will only use the contact information to help you find friends or contacts who use Hotelsatweb App, if you choose to do so, and we will not use contact information for any other purpose without first getting your separate explicit permission.
  • Calendar: This permission enables us to put your travel plan on your calendar.
  • Location: We will not gather or use the specific location of your mobile device (by using, for example, GPS or Bluetooth) without first getting your explicit permission. And if you choose to share location information but later change your mind, you will always have the option to stop sharing. Please note that this does not include IP address. The permissions will benefit the user location specific deals and provide you a personalized experience with time zone.
  • GET ACCOUNTS: This permission enables us to know about details of your account(s) on your mobile device. This will help you to get register on the Platform by logging into online accounts you may have with Third Party social networking sites (e.g. Facebook, Twitter, Google Login); each such account
  • Access WiFi State: By using Wi-Fi connection details, we provide you a seamless experience depending upon your network. We try to use this information to optimize the app’s performance on slow networks.
  • Third Party:? The User allows us to provide services to third party service accounts for Displaying content from external platforms, SPAM protection, Hosting and back-end infrastructure, Infrastructure monitoring, Content commenting, Interaction with external social networks and platforms, Location-based interactions, Social features, Contacting the User, User database management, Targeted Advertising and Re-marketing and behavioral targeting.

In addition to these permissions, below mentioned permission is additionally required by our Android Application:

SMS: This application reads, uploads and do syntactic analyses of text messages from travel providers within the app for any flight and train PNR booking messages. We use this information to provide updates on PNR status, flight and train delays. This information is stored in a secured environment and always transmitted using SSL.

Permissions required to use various features in our ) app – Android and IOS:

In order to have a better experience and to use all features in the app, we need below permissions to be used in our app:

  • Camera/Storage: We will not access your photos or camera without first getting your permission and we will never scan or import your photo library or camera roll. If you give us permission to access photos or your camera, we will only use images that you specifically choose to share with us.
  • Location: We will not gather or use the specific location of your mobile device (by using, for example, GPS or Bluetooth) without first getting your explicit permission. And if you choose to share location information but later change your mind, you will always have the ability to stop sharing. Please note that this does not include IP address. The permissions will benefit the user location-specific deals and provide you a personalized experience with the time zone.

Third-Party: The User allows us to provide services to third party services’ accounts for Displaying content from external platforms, SPAM protection, Hosting and backend infrastructure, Infrastructure monitoring, Content commenting, Interaction with external social networks and platforms, Location-based interactions, Social features, Contacting the User, User database management, Targeted Advertising, and Remarketing and behavioral targeting.

With whom do we share your Personal Data?

In connection with any of the purposes outlined in the “How will we use/process the personal data” section above, we may disclose details about you to:

  1. travel service providers such as travel wholesalers, tour operators, airlines, hotels, car rental companies, transfer handlers and other related service provides
  2. suppliers of IT based solutions that assist us in providing services to you (such as any external data hosting providers we may use)
  3. Competent authorities (including auditors, courts and authorities regulating us for internal compliance and audit(s)) as required or authorized by applicable law, and to comply with our legal and regulatory obligations;
  4. Credit reference agencies or other third party organizations (CyberSource, Paypal) that help us make credit decisions or conduct risk checks to reduce the incidence of fraud
  5. Other organizations to whom we may transfer our rights and/or obligations under the Terms agreed between Hotelsatweb and respective organization
  6. And other members of third parties that may reasonably require access to personal data relating to you or providing services to you. With specific reference to third party, we use third-party service providers to serve ads on our behalf across the Internet and sometimes on this site. They may collect anonymous information about your visits to our website, and your interaction with our products and services. They may also use information about your visits to this and other websites to target advertisements for goods and services. This anonymous information is collected through the use of a ‘pixel tag’, which is industry standard technology used by various major websites. No personally identifiable information is collected or used in this process. Such third parties do not know your name, phone number, address, email address, or any personal information which can identify you.

Our website hosts various blogs, forums, wikis and other social media applications or services that allow you to share content with other users (collectively “Social Media Applications”). Any personal data that you contribute to these Social Media Applications can be read, collected and used by other users of the application. We have little or no control over these other users, so any information you contribute to these Social Media Applications might not be handled in line with this privacy policy.

Where do we transfer (cross boarder transfer) your Personal Data?

Information we hold about you may be transferred to countries:

  1. where we do business
  2. which are linked to your engagement with us
  3. from which you regularly receive or transmit information
  4. Where our third parties conduct their activities

For EU residents, when we, or our permitted third parties, transfer your personal data outside the EEA, we will impose contractual obligations on the recipients of that data to protect your personal data to the standard required in the EEA. We or they may also require the recipient to subscribe to international frameworks intended to enable secure data sharing. If we transfer your personal data outside the EEA in other circumstances (for example, because we have to by law), we will make sure it remains adequately protected.

We may share non-personal, anonymized and aggregated information with third parties for several purposes, including data analytics, research, submissions, thought leadership and promotional activity.

How we protect your Personal Data?

We have implemented appropriate technical and organizational measures to safeguard and help prevent unauthorized access to your information and to maintain data security. These safeguards take into account the sensitivity of the information that we collect, process and store and the current state of technology. We follow generally accepted industry standards to protect the personal information submitted to us, both during transmission and once we receive it. The third party with respect to payment gateway and payment processing are all validated as compliant with the payment card industry standard (generally referred to as PCI compliant service providers).

We assume no liability or responsibility for disclosure of your information due to errors in transmission, unauthorized third-party access or other causes beyond our control.

What are your data Protection Rights?

Your data protection rights are highlighted below:

  • Right to Access – You may ask us to verify whether we are processing personal data about you, and if so, to provide more specific information.
  • Right to Correction – You may ask us to correct our records if you believe they contain incorrect or incomplete information about you.
  • Right to Erasure – You may ask us to erase (delete) your personal data after you withdraw your consent to process it, or when we no longer need it for the purpose it was originally collected and we shall erase your personal data, subject to the data retention requirements under the applicable rules, regulations, guidelines, law, by-law, to meet our legal/regulatory obligations.
  • Right to Processing restrictions – You may ask us to temporarily restrict our processing of your personal data if you contest the accuracy of your personal data, prefer to restrict its use rather than having us erase it, or need us to preserve it for you to establish, exercise, or defend a legal claim. A temporary restriction may apply while verifying whether we have overriding legitimate grounds to process it. You can ask us to inform you before we lift that temporary processing restriction.
  • Right to Data portability – You may request portability of your personal data, which shall be limited to the transfer of information pertaining to the customer profile and transaction records, to another data controller.
  • Automated Individual Decision-making – You may ask us to review any decisions made about you which we made solely based on automated processing, including profiling, that produced legal effects concerning you or significantly affecting you.
  • Right to Object to Direct Marketing including Profiling – You may object to our use of your personal data for direct marketing purposes, including profiling. We may need to keep some minimal information to comply with your request to cease marketing to you.
  • Right to Withdraw Consent –You may withdraw your consent that you have previously given to one or more specified purposes to process your personal data. This will not affect the lawfulness of any processing carried out before you withdraw your consent. However, this may lead to Hotelsatweb not able to provide certain products or services to you.

We may need to request specific information from you to help us confirm your identity and ensure your right to access the information or to exercise any of your other rights. This helps us to ensure that personal data is not disclosed to any person who has no right to receive it. No fee is required to make a request unless your request is clearly unfounded or excessive. Depending on the circumstances, we may be unable to comply with your request based on other lawful grounds, in such cases we will ensure that you are notified about the same without undue delay.

How long shall we retain/ dispose your Personal Data?

We seek to ensure that we only keep your personal data for the longest of:

  • The period necessary for the relevant activity or services.
  • Any retention period that is required by law.
  • The period in which litigation or investigations might arise in respect of the services

Please note: Even after your account is terminated, we retain your data for as long as we have a legitimate purpose to do so:

Changes to this privacy statement:

From time to

Annexure A: Cookie Notice

This Website uses cookies to improve the user experience and ensure that it is functioning effectively, and on occasion also to provide marketing information or advertise online, either directly or through third party vendors.

This Cookie Notice is part of Hotelsatweb Policy .

In order to provide you with a more personalized and responsive service, WE need to remember and store information about how you use this Website. This is done using small text files called cookies. Cookies contain small amounts of information and are downloaded to your computer or other device by a server for this Website. Your web browser then sends these cookies back to this Website on each subsequent visit so that it can recognize you and remember things like your user preferences. You can find below more detailed information about cookies.

Whenever you use this Website, information may be collected through the use of cookies and other technologies. By using this Website you agree to Hotelsatweb use of cookies as described in this Cookie Notice.

What cookies do we use and why?

Some of the cookies Hotelsatweb uses are mandatory and cannot be disabled so as to enable you to move around the Website and use its features such as accessing secure areas that may contain content for registered users. Should you not wish to allow Hotelsatweb use the said cookies, you may at your wish stop using the Hotelsatweb Website.

Hotelsatweb also uses functional cookies to record information about the choices you have made and to allow it to tailor the site to its users; for example, to remember your language or region or that you have already completed a survey. This information is usually anonymized and is not used for any other purpose.

How to control cookies?

By using this Website, you agree that Hotelsatweb can place cookies on your computer or device as explained above. However, you can control and manage cookies in various ways.

Browser controls

Most browsers will allow you to see what cookies you have, and delete them on an individual basis or block cookies from any particular or all websites. Be aware that any preference you have set will be lost if you delete all cookies, including your preference to opt-out from cookies, as this itself requires an opt-out cookie to have been set.

Managing Analytics cookies

Hotelsatweb use the following service providers and you can learn more about their privacy policies by clicking on following links:


Google Analytics:

Managing Local Shared Objects

A local shared object is like most other browser cookies except that it can store additional types of information. These cookies cannot be controlled using the mechanisms listed above. Some parts of this Website use these types of cookies to store user preferences for media player functionality and without them some video content may not play properly.

Social buttons

The Website contains ‘social buttons’ to enable users to share or bookmark web pages. These are buttons for third party social media sites and these sites may log information about your activities on the Internet including on this Website. Please review the respective terms of use and privacy policies of these sites to understand exactly how they use your information.

External web services

We sometimes use external web services on this Website to display content within the web pages of this Website, for example to display images, show videos or run polls. As with the social buttons, Hotelsatweb cannot prevent these sites or external domains, from collecting information on your use of this embedded content.

Email Communications

Hotelsatweb may also use tracking technologies to determine whether you have read, clicked on, or forwarded certain email communications which Hotelsatweb sends to you, to make its communications more helpful and interesting. If you do not wish Hotelsatweb to confirm whether you have opened, clicked or forwarded its communications, you will need to unsubscribe, as it is not possible for Hotelsatweb to send these emails without tracking enabled

We use cookies to ensure that we give you the best experience on our website. If you continue to use this site we will assume that you are happy with it.

We have recently updated our Privacy Notice, click here for further details