Privacy Policy

World Travel & Tourism Council is committed to protecting your privacy. This policy was last reviewed in November 2023 and will be reviewed at least once per calendar year.

We recognise our obligation to keep personal information secure and believe it is important for our partners, Members, website users, and other individuals to know how we treat their personal information.

This policy sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed by us.

Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it.

Any changes we may make to our privacy policy in the future will be posted on this page. Please check back frequently to see any updates or changes to our privacy policy.

Who are we?

We are the World Travel & Tourism Council (“WTTC”), a membership organisation founded by, and existing to serve companies and institutions engaged in or with the economic sector of Travel & Tourism. We are headquartered in the United Kingdom and incorporated as a Private company limited by guarantee without share capital, company number 02506591. Our registered office address is The Harlequin Building, 65 Southwark Street, London, SE1 0HR, U.K.

WTTC is registered as a Data Controller with the UK Information Commissioner’s Office (“ICO”), which is an independent public body sponsored by the Department for Digital, Culture, Media and Sport of the UK Government. The representative of the Data Controller can be contacted by organisations with questions about any aspect of our handling of data privacy, by email at dpo@wttc.org, by telephone at +44 (0) 20 7481 8007, or in writing to the company registered address.

The information we collect from you

We collect information directly from individuals when they voluntarily submit their personal information to us by filling in forms (on our website or otherwise), or by corresponding with us by phone, email or otherwise.

This includes information you provide when you apply for Membership, register to attend an event, request information, participate in a competition, promotion or survey or in discussion boards on our website.

The information you give us may include your name, address, email address, phone number, company name and address, alternative contact details (e.g. those of a family member or secretary), photograph, financial information and passport details.

At certain parts of our website, we may provide the opportunity for users to send an e-mail to us which may contain their personal data.

When this sort of information is collected we will provide the reason for collecting the information and how the information will be used.

We also collect data regarding your visit to our website via analytics and website optimisation tools.

The information we collect about you

With regard to each of your visits to our website we may automatically collect the following:

• Technical information, including the Internet Protocol (IP) address used to connect your computer to the Internet, your browser type and version, time zone setting, browser plug-in types and versions, operating system and platform; and
• Information about your visit, including the full Uniform Resource Locators (URL) clickstream to, through and from our website (including date and time); page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), and methods used to browse away from the page.

If you work for or are otherwise engaged with a company or institution in which WTTC has a legitimate interest, we may collect personal data about you from friends, colleagues or from information in the public domain to contact you. When we do so we will tell you the source of the personal data and give you the option to withdraw from further processing.

We may also capture personal data when you attend an event hosted by us via photograph, video or audio footage taken.

How we use “cookies”

Our website uses “cookies” to distinguish you from other users of our website. This helps us to provide you with a good experience when you browse our website and also allows us to improve our website.

We will ask you to consent to our use of cookies in accordance with the terms of this policy when you first visit our website and when you re-visit the website after clearing your browsing history.

A cookie is a small file of letters and numbers that we store on your browser or the hard drive of your computer if you agree. Cookies contain information that is transferred to your computer's hard drive.

We use the following cookies:

• Strictly necessary cookies. These are cookies that are required for the operation of our website.
• Analytical/performance cookies. They allow us to recognise and count the number of visitors and to see how visitors move around our website when they are using it. This helps us to improve the way our website works, for example, by ensuring that users are finding what they are looking for easily.

You can find more information about the individual cookies we use by right clicking within our website, clicking inspect and selecting application from the menu.

Our website also uses third party requests to gather analytics and usage data for the website or to allow you to share certain pieces of our content on your social media accounts.

• Other than third party requests generated by Google Analytics, we use the “Facebook Connect” application to allow you to log in to your Facebook account and share certain pieces of our content.
• Third party requests do not generate cookies but they can still transfer personal information to third parties. Please refer to our analytics service provider's privacy policy which can be found at: https://www.google.com/policies/privacy/ and Facebook’s privacy policy which can be found at: https://www.facebook.com/policy.php.

Most browsers allow you to refuse to accept cookies by adjusting your browser settings. For example:

• In Google Chrome: Click the “three line” Chrome menu (usually in the top right hand corner of the browser). Select Settings. Click Privacy and Security. Click Site Settings. Under Content click Third Party Cookies. You can toggle the various settings to allow or block cookies in this section. Please follow the instructions of other internet browsers accordingly

Please keep in mind that blocking cookies may have a negative impact upon the usability of many websites and if you block cookies, you may not be able to use all the features on the website.

You can delete cookies already stored on your computer by clearing your browsing data. For example:

• In Google Chrome: Click the “three line” Chrome menu (usually in the top right hand corner of the browser). Select Settings. Click Privacy and Security. Click Site Settings. Under Content click Third Party Cookies. You can toggle the various settings to allow or block cookies in this section. Please follow the instructions of other internet browsers accordingly

Our use of collected information

We use information held about you in the following ways:

1. Information collected from you. We will use this information:

• To administer our Membership scheme;
• To carry out our obligations arising from any contracts entered into between you and us and to provide you with the information, products and services that you request from us;
• To provide you with information about the services we provide;
• To notify you about changes to our service; and
• To respond to inquiries or to process requests.

2. Information we collect about you. We will use this information:

• To provide you with information about the services we provide;
• To administer our website and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes;
• To improve our website to ensure that content is presented in the most effective manner for you and for your computer;
• To allow you to participate in features of our service, when you choose to do so; and
• As part of our efforts to keep our website safe and secure.

In summary, where we collect your personal data, we process it:

• To perform a contract with you, or
• Where we have legitimate interests to process the personal data and they’re not overridden by your rights, or
• In accordance with a legal obligation, or
• Where we have your consent.

Marketing

We would love to keep in touch with you. When you provide us with your details or where we have collected your data lawfully or where you have opted in to receive marketing, we will send you marketing emails to keep in touch and keep you updated on our activities. We will also display customised advertising when you log in to your social media profiles.

These messages will be specific to WTTC; we do not sell your data or share it with other companies for advertising purposes; your data is used only to promote our initiatives in this instance.

Our marketing messages are sent via a specialist marketing tool. You can opt-out of marketing at any time by clicking the unsubscribe link in your emails or by contacting us directly.

There will be occasions when we send administrative messages. These messages are not deemed marketing and cannot be opted out of.

Marketing and administration emails you receive from us contain a tracking pixel. This pixel lets us know things such as our email campaigns' open rates and click rates.

The pixel also lets us know if an email has not been delivered to update our records and keep them current.

When we analyse the data, we do so from an aggregated perspective, meaning that we report upon an overall number of open rates and click rates.

How long do we keep your information?

We review our retention periods for personal information on a regular basis. We are legally required to hold some types of information to fulfil our statutory obligations. We will hold your personal information on our systems for as long as is necessary for the relevant activity, or as long as is set out in any relevant contract you hold with us.

To understand this further or to enquire about having your data deleted please contact us at dpo@wttc.org, by telephone at +44 (0) 20 7481 8007, or in writing to the WTTC company registered address.

Who has access to your information?

We will not sell or rent your information to third parties unless it is necessary to do so to provide you with the service you have requested.

Where you are part of our marketing audience we share your data with Mail Chimp or Active Campaign, both are specialist marketing tools designed to keep your data safe and offer a better marketing experience.

We may communicate your information to selected third parties including:

• Suppliers and sub-contractors for the performance of any contract we enter into with them or you;
• Analytics and search engine providers that assist us in the improvement and optimisation of our website; or
• If we are under a duty to disclose or share your personal data in order to comply with any legal obligation, or in order to enforce or apply our terms of use and other agreements; or to protect the rights, property, or safety of our Members, or others.
• Event partners who assist us in running events such as our Global Summit
• Social media advertising via cookies and pixels
• Audience segmentation via Active Campaign to understand behaviours and track campaigns
• Membership organisations

We also partner with various organisations to collaborate to offer you various services such as;

• Together in Travel to offer access to webinars and articles
• Research Hub where you can search for and download reports on various travel & tourism initiatives
• Travel Hub to offer travel tips and articles
• Joint partnerships via our ESR Microsite
• Content collaborators to create videos and articles etc. where you will have an opportunity to opt in to marketing

Where we store your personal data

The data that we collect from you may be transferred to countries other than the country you live in, where it may be processed by staff who work for us or for one of our suppliers. These countries may have laws different to what you’re used to. However, when we disclose personal data to a third party in another country, we put safeguards in place to ensure your personal data remains protected.

For individuals in the European Economic Area (EEA) or the UK, this means that your data may be transferred outside of the EEA or the UK. Where your personal data is transferred outside the EEA or the UK, it will only be transferred to countries that have been identified as providing adequate protection or to a third party where we have approved transfer mechanisms in place to protect your personal data – i.e., by entering into the European Commission’s Standard Contractual Clauses.

We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this privacy policy.

How do we secure your information?

World Travel & Tourism Council maintains strict physical, electronic and administrative safeguards for the protection of users’ personal information from unauthorised or inappropriate access. Employees, business partners and affiliates who misuse a user’s personal information are subject to disciplinary actions.

Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our website; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.

Your rights

In addition to the WTTC policies explained above, as a data subject you could, under the prevailing regulations, choose to exercise the following rights, if applicable:

• To request from WTTC access to and rectification or erasure of your personal data or restriction of processing and to object to processing;
• To have personal data sent to you or another Data Controller in a commonly used machine-readable format (data portability);
• Where the basis for processing is consent, the right to withdraw consent at any time;
• To lodge a complaint with a supervisory authority; and
• To be informed:
  - whether the provision of personal data is part of a statutory or contractual requirement or obligation and the possible consequences of failing to provide the personal data;
  - the categories of personal data sourced from third parties or publicly accessible sources;
  - the existence of automated decision making, including profiling and information about how decisions are made, the significance and the consequences;
  - the identity of any recipient or categories of recipients of the personal data;
  - and, if WTTC intends to process your personal information for a purpose other than that for which it was collected, what that purpose is and any relevant further information.

Breaches

Should a breach of your data occur that is likely to result in harm to the rights and freedoms of you as an individual or group of individuals, we will notify you within 72 hours along with the ICO, where applicable.

Additional information

We have not appointed a statutory Data Protection Officer as we are not required to by law. However, we have committed resources to manage our compliance with all applicable Data Protection laws.

A Record of Processing Activities (ROPA), in which the lawful basis for processing all of our data is maintained. Wherever Legitimate Interests is relied upon, an impact assessment has been created, available upon demand to those whose data is included.

As of January 1st, 2021, the UK is no longer be part of the European Economic Area (EEA). As we ,maintain offices in the EEA we are not required to appoint a European representative to comply with Article 27 of the GDPR.

Questions, comments and requests regarding this privacy policy are welcomed and should be addressed to dpo@wttc.org, by telephone at +44 (0) 20 7481 8007, or in writing to the WTTC company registered address.