Privacy Policy

At a glance


This Privacy Policy explains how That’s My Dream Holiday Ltd (“we”, “us”, “our”) collects, uses and protects your personal information when you use our website at thatsmydreamholiday.com (the “site”), our app, or any of our services.


If you only want the headlines:


  • We collect contact details, booking information, payment records and information about how you use our site, mostly so we can sell and deliver holidays.
  • We share what we have to with airlines, hotels, payment processors and authorities to make your trip happen.
  • You have rights over your data, including access, correction and deletion. Contact info@thatsmydreamholiday.com to exercise them.
  • Information about cookies and similar technologies is set out in our separate Cookie Policy.


 Contents


1. Who we are


2. The information we collect


3. How and why we use your information


4. Who we share information with


5. Marketing


6. International transfers


7. How long we keep information


8. Security


9. Your rights


10. Complaints


11. Changes to this policy


12. Contact us 


1. Who we are


Thatsmydreamholiday.com is a trading name of That’s My Dream Holiday Ltd, a company registered in England and Wales (company number 11291381) with its registered office at 3rd Floor, 207 Regent Street, London W1B 3HH, United Kingdom. For the purposes of the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018 and the Privacy and Electronic Communications Regulations 2003 (PECR, as amended by the Data (Use and Access) Act 2025), we are the data controller of personal information we hold about you. If you have any questions about this policy or about how we handle your information, you can contact us using the details in section 12.


2. The information we collect

We collect personal information in three ways: directly from you, automatically when you use our site or app, and sometimes from other people (for example, when someone makes a group booking that includes you).


2.1 Information you give us


  • Contact details — name, email, telephone number, postal address.
  • Account details — username, password, preferences and marketing settings. If you sign in with a social account, we receive your name and email only — never your password or social contacts.
  • Booking information — details needed to fulfil your trip, which may include passport numbers, date of birth, dietary requirements, accessibility requirements and information about fellow travellers in your group.
  • Payment details — a record of the bookings you make and the payment method used. We do not store full card details on our systems; payments are handled by our payment providers.
  • Communications — the content of any messages, calls, surveys or forms you complete with us, including customer service interactions.


2.2 Information we collect automatically


  • Device and connection data — IP address, device type, operating system, browser, mobile network and similar identifiers.
  • Usage data — pages viewed, time spent, links clicked, searches and bookings started or completed.
  • Approximate location — derived from your IP address. We don’t collect precise location data without your consent.
  • How this is collected is explained in our Cookie Policy.


2.3 Information from others 
If someone else books a trip that includes you (for example a group or family booking), we will receive the personal information they give us about you for that booking. We rely on the person making the booking to have your permission to share that information. Where you ask to be referred by, or to refer, a friend, we will use the contact details provided only to send that single invitation.


3. How and why we use your information

Under UK GDPR we can only use your personal information where we have a lawful basis. The sections below summarise what we do with your information and the basis we rely on.


3.1 To deliver our services (contract)


  • Verify your identity and create your account.
  • Process bookings and payments and pass the information on to airlines, hotels, tour operators and authorities (such as US Customs and Border Protection where required) so your trip can happen.
  • Communicate with you about your booking, queries and customer service issues.


3.2 To run and improve our business (legitimate interests)


  • Use your booking history and preferences to suggest holidays and offers we think you’ll like.
  • Analyse how the site and app are used so we can improve them, fix bugs and design new features.
  • Detect and prevent fraud, abuse and security threats.
  • Contact you if you start a booking but don’t finish (for example to help with an uncompleted payment)
  • Develop new products and services.


Where we rely on legitimate interests, we balance our interests against your rights. You can object to any of this processing using the details in section 12.


3.4 To meet legal obligations


  • Respond to requests from regulators, law enforcement and tax or border authorities.
  • Meet our obligations under consumer, travel, anti-fraud and accounting law. 


4. Who we share information with


We share personal information only where we need to. The main recipients are:


  • Travel suppliers — airlines, hotels, tour operators, transfer and excursion providers, car hire companies and travel insurers, so they can deliver your booking.
  • Payment providers — to process the cost of your trip. These currently include providers such as Stripe Payments Europe Ltd, Barclaycard and VIVA Wallet (this list is subject to change as we add or remove providers).
  • Border and immigration authorities — for example, advance passenger information may be passed to authorities such as US Customs and Border Protection where the destination requires it.
  • Our service providers — third parties who help us run the business, including our website and database hosting, CRM, email and newsletter platforms, customer service contact centre, analytics, and professional advisers (legal, accounting). They act under contract and can only use your information on our instructions.
  • Advertising and analytics partners — see our Cookie Policy for the list and how their cookies operate.
  • Other group companies — if our corporate structure changes, between affiliates that act under this same policy.
  • Buyers — if we sell or transfer all or part of our business, your information may be transferred to the buyer.
  • Authorities and others were required by law — for example to respond to court orders, regulatory requests, or to protect our rights, property or safety, or those of others.


We also share information that has been aggregated or fully anonymised (so it can no longer identify you) for research and reporting.


5. Marketing


Most of our marketing reaches you by email. We may also contact you by post, phone, app push notifications, or through ads served by the platforms named in our Cookie Policy. You can opt out at any time by:


  • Clicking “unsubscribe” at the bottom of any marketing email.
  • Changing the settings in “Your account” on our site.
  • Turning off push notifications in your app settings.
  • Emailing info@thatsmydreamholiday.com.


We will keep a record of your opt-out so we can respect your choice in future. 


6. International transfers


Your personal information may be transferred to and stored in countries outside the UK. This happens, for example, when we use service providers based in the EEA, the United States or Singapore, or when you book a holiday outside the UK and we share your details with the supplier in that destination.

When we transfer information to a country that is not covered by UK adequacy regulations, we put in place safeguards required by UK law — typically the UK International Data Transfer Agreement, the UK Addendum to the EU Standard Contractual Clauses, or Binding Corporate Rules. You can ask us for a copy of the relevant safeguards using the contact details in section 12.


7. How long we keep information


  • Account information — for as long as you are an active user, plus a reasonable period afterwards.
  • Booking and transaction records — 6 years from your last interaction with us, so we can deal with customer service issues, complaints, claims and tax obligations.
  • Marketing data — until you ask us to stop, plus a record of your opt-out so we can respect your request going forward.
  • Cookies and similar technologies — see the retention periods in our Cookie Policy.


8. Security


We use technical and organisational measures to protect your information against accidental or unlawful loss, alteration, destruction or unauthorised access. Card payments are handled by PCI-compliant providers and we do not store full card details on our own systems.

No method of transmission over the internet is 100% secure, so we cannot guarantee absolute security — but we work to keep your information protected and we will tell you and the regulator about any qualifying personal data breach as required by law.


9. Your rights


You have the following rights under UK data protection law:


  • Access — to ask for a copy of the personal information we hold about you.
  • Correction — to ask us to fix information that is inaccurate or incomplete.
  • Deletion — to ask us to delete your information in certain circumstances.
  • Restriction — to ask us to limit how we use your information.
  • Objection — to object to processing based on legitimate interests, or to direct marketing.
  • Portability — to receive your information in a portable format and have it sent to another provider where technically possible.
  • Withdraw consent — where we rely on your consent, you can withdraw it at any time.


To exercise any of these rights, email info@thatsmydreamholiday.com or use the details in section 12. We may need to verify your identity before responding. We aim to respond within one month.


10. Complaints

If you’re not happy with how we’ve handled your personal information, please tell us first using the contact details in section 12. We will acknowledge your complaint within 30 days and respond without undue delay, in line with our obligations under section 164A of the Data Protection Act 2018.


You also have the right to complain to the UK’s data protection regulator:


Information Commissioner’s Office (ICO)

Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF

Telephone: 0303 123 1113

Website: https://ico.org.uk


11. Changes to this policy

We may update this policy from time to time. When we make a material change we will update the “Last updated” date at the top and, where appropriate, notify you by other means.


12. Contact us

That’s My Dream Holiday Ltd

3rd Floor, 207 Regent Street, London W1B 3HH, United Kingdom

Email: info@thatsmydreamholiday.com

Telephone: 020 8050 7658