We regard security of your personal data and protection of your privacy to be of the utmost importance. As the operator of this website, SENTIDO Hotels & Resorts (Cook's Club is a part of SENTIDO Hotels & Resort GmbH) would like to inform you on this page which personal data we collect, what your data is used for, and what it means for you when you use our personalised services. In order to provide the greatest possible protection of your privacy, we of course observe the data protection regulations in accordance with the German data protection law and other complementary laws.
Our websites may contain links to websites of other providers which are not covered by the data protection declaration. We have no influence whether their operators abide by the data protection regulations.
Which companies does this policy apply to:
The Thomas Cook Group includes a number of companies registered in the UK and overseas. This policy covers SENTIDO Hotels & Resorts GmbH hotel and travel agency DE businesses. Read on to find out more…..
What types of personal data do we collect about you and why do we collect it:
We collect certain personal data about you and about any other person you include on your booking. The sort of personal data we collect is information that you provide to us, that we collect from you or observe about you, or that we obtain from other sources. Read on to find out more……
Personal data you give to us:
To help us keep your information current, accurate and complete, please ensure you tell us if anything needs to be changed.
Personal data we collect and/or observe about you
Based on how you have used our Services in the past and your activity on our website, social media channels, or with our contact centre, we collect the following personal data about you:
Personal data obtained from other sources
We might also receive your personal data from third party sources who collect information about you on our behalf. This includes:
Where is your data stored and who it’s shared with:
Your personal data is held on a combination of our own systems and systems of the suppliers we use to provide our services. Read more here…..
When you give your personal data to us, some of the personal data you provide will need to be given to and processed and stored by relevant third parties. These third parties include:
Our technology and data management partners who help us to administer the services we provide (such as Busy Rooms Group who provide central reservation services; our travel partners, such as hoteliers andinsurance companies, so that they can provide you with the arrangements and assistance you require
Some of these third parties may be based outside of the UK, EU or European Economic Area (“EEA”). Organisations that are based outside of the UK, EU or EEA may not be subject to the same level of controls in regard to data protection as exist within the UK and the EEA. We aim only to transfer your data to third parties outside of the UK, EU or the EEA where either:
(a) Your personal information will be subject to one or more appropriate safeguards set out in the law, if you’d like more information about our safeguards, please contact us. These safeguards might be the use of standard contractual clauses in a form approved by regulators, or having our suppliers sign up to an independent privacy scheme approved by regulators (like the US ‘Privacy Shield’ scheme); or
(b) The transfer is necessary to enable your contract to be performed
Due to the decision of the UK leaving the EU, the way your data is transferred from the UK to other countries may change to ensure continuing compliance with data protection regulations but it will not change the security of your data. This will depend on the data protection rules in place for the international transfers of data outside of the UK once the UK left the EU.
In order for you to travel overseas, we may be required to disclose certain of your personal data to government bodies or other authorities in the UK and in other countries, such as those responsible for immigration, border control, law enforcement, security and anti-terrorism. Even if it is not mandatory for us to provide information to such authorities, we may exercise our discretion to assist them where appropriate in the interests of detecting and preventing criminal activity.
We may disclose your personal information to any member of our Group for business purposes, (those business purposes include holding your data on central/shared systems for administering bookings and supporting customers in destination countries). Our Group means our subsidiaries and our ultimate holding company and its subsidiaries. We may share your data with members of our Group who are in the UK or outside the UK.
We may pass your data to relevant third parties.
How do we use your information when providing our services to you:
In order to provide our services to you, we use the information we hold in a number of different ways. We process your information either because it is necessary for us to do so as part of a contract you enter into, or because we have a legitimate business reasons for doing so. Read more here……
The following activities are carried out by us using your personal data because it is necessary in relation to a contract which you have entered into or because you have asked for something to be done so you can enter into a contract;
We may use and process your personal information as set out below where it is necessary for us to carry out activities for which it is in our legitimate interests as a business to do so:
We use this information in two ways:
To support any potential company sale or acquisition:
We may use and process your personal information as set out below where we consider that it is in your vital interests that we do:
We may use and process your personal information as set out below where we have your consent to do so:
We and third parties acting on our instructions, such as external law firms and their employees, may use and process your personal information as set out below where there is a legal requirement for us to do so:
When and how do we use your information for marketing:
The type of products and services that can be booked/purchased through SENTIDO Hotels & Resorts are shown in the table below. You will only receive marketing communications about those which we think are relevant to you:
We will not pass your contact details to a third party that is not one of our business partners involved in providing Thomas Cook services or products for them to contact you or send you marketing communications unless you have expressly agreed that we may do so.
How do we personalise our marketing to you:
Using new technologies and with the help of our advertising agencies and marketing activation platforms, we may use your personal information in the following ways:
Our business partners and advertising networks may serve you with non-personalised adverts on our Sites via advertising technology Google Double Click for Publishers. Non-personalised adverts are targeted using contextual information regarding the pages visited on our site, rather than the past behaviour of a user. We allow third parties to collect information about your online activities using cookies and other technologies. The third parties may include other Thomas Cook companies, our suppliers/business partners who collect information when you view or interact with an advert on one of our Sites, and advertising networks. We also collect information about your online activities using cookies and other technologies when you use websites other than our Sites to provide advertising services on behalf of our business partners. This technology allows us to display an advert to you relating to a business partner on other websites based on your page visits and other behaviours whilst on our Sites.
Please see our Cookies Policy for more information.
What you need to do if you don’t want our marketing communications:
We understand you might no longer want to hear from us and that’s ok. It is easy to opt-out or unsubscribe, please read more here…..
You have the right at any time to ask us not to process your personal data for marketing purposes. You can exercise your right to prevent such processing by selecting the ‘no marketing’ option on the forms we use to collect your data. You can also exercise this right at any later time by using the unsubscribe link on any marketing e-mail you receive, by following the opt-out instructions on any direct marketing communication sent by post, or by sending an unsubscribe request to: email@example.com or Data Protection Officer SENTIDO Hotels & Resorts GmbH, Thomas-Cook-Platz 1, 61440 Oberursel, Germany.
Please note – when you unsubscribe from marketing in respect of holiday and travel services, this opt-out will apply only to the Thomas Cook company making the marketing communication. If you receive marketing directly from Thomas Cook company, and if you wish to opt-out from their direct marketing you will need to follow the instructions on their website or follow unsubscribe notices in their marketing communications.
Your rights in relation to any personal data we hold about you:
You have a number of rights in relation to your personal information under data protection law. To find out more, please read here…..
Your Right to Access Your Personal Information:
We may ask for proof of identity and sufficient information about your interactions with us that we can locate your personal information. That may include information about your previous booking(s) or other purchases. If someone is acting on your behalf they will need to provide written and signed confirmation from you that you have given your authority to that person/company for them to make the request. We will ask for this to be provided before we give you (or another person acting on your behalf) a copy of any of your personal information we may be holding. We may not provide you with a copy of your personal information if it includes the personal information of other individuals or we have another lawful reason to withhold that information.
Please see the section titled "How to Contact Us" if you need to make a Data Subject Access Request.
Correcting and updating your personal information:
Withdrawing your consent:
Objecting to our use of your personal information:
Erasing your personal information or restricting its processing:
Transferring your personal information in a structured data file:
How to contact us:
Any subject access request can be made in writing to:
UK Legal & Compliance Dept.
Thomas Cook UK Limited
Westpoint, Peterborough Business Park
Lynch Wood, Peterborough
Alternatively you can make a subject access request by e-mail to: firstname.lastname@example.org.
Once you have made your request and provided us with the information we need to begin a search for the data we hold on you (including proof of identity), we will have 30 days to respond.
Making a complaint
Keeping hold of your personal data:
If you want to find out more about our data retention policy, please read more here…..
What is our approach to data security:
We take data security very seriously, to find out our approach to this please read more here…..
The transmission of information via the internet is not completely secure, and although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our Sites, therefore any transmission is at your own risk. Once we have received your information, we will take all reasonable steps to keep your personal data secure and to try to prevent any unauthorised access, use or loss of your data, by putting in place appropriate security measures and limiting access to those who have a business need to know. All information you provide to us is stored on our secure servers. . We do not store customer card data on our internal systems. Where we have given you (or where you have chosen) a password which enables you to access certain parts of our Sites, you are responsible for keeping that password confidential. We ask you not to share a password with anyone.
We have a process to deal with any suspected personal data breach and will notify you and the ICO of a breach where legally required to do so.
What happens when you follow a link from our website to a third party website:
Our Sites include links to other websites which include privacy policies of their own. To learn more about this, please read here……
Our Sites contains links to and frames of websites of our principals, suppliers, advertisers and other third parties. You can tell when a third party is involved in supplying a product or service you have requested because their name will appear with ours. If you follow a link or otherwise use any of these other websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies or for these third party websites. Please check these policies before you submit any personal data to these websites.
Customer Experience Cookies (Analytics, Customisation & Tracking)
Third party adverts on our sites and social media: This type of advertising is intended to provide you with a selection of products/services that you’ve viewed on other third party websites, or social media channels, which are presented to you by our agency when you visit our Sites or social media channels. The adverts may feature variations on the products/services that might be considered relevant to your browsing history on these other third party websites.
We use advertising solutions delivered by Google DoubleClick for Publishers (DFP) to serve you these advertisements. Where we share data for the purposes mentioned above, it is encrypted and does not include your name.
*LINK TO EVIDON TOOL*
You can opt-out of third-party advertising networks using your information for interest-based advertising. Our sites participate in Google DoubleClick for Publishers (DFP) partner network, you can opt-out of this here: Google Double Click Opt Out
You will need to opt-out on each device you use to access our sites.
Your information will not be shared with our third party advertising network partners for the purpose interest-based advertising if you opt-out, however, you will continue to receive interest-based advertising from Thomas Cook and its business partners when using one of our Sites.
Please note these opt-out mechanisms use a cookie on your device, and if you clear the cookies from your browser it will "forget" the opt-out.
Alternatively you can review cookies by accessing the preference panels from your browser's main menu (usually found under "Edit", "Tools" or "Options"). Do not track (DNT) is a feature offered by some browsers, with some newer browsers offering it as default. If you enable it, it sends a signal to websites to request that your browsing isn't tracked, for example by third party advertisers or social networks, or analytic companies. No industry-wide agreed standard to determine how DNT requests should be managed has been put in place, so our Sites don’t currently support DNT requests. Until that standard is established, we'll continue to review DNT and other new technologies, but won't respond to DNT requests.
February 2019, Version 5