Updated: September 2021

This privacy notice tells you what to expect when Heathrow Airport Limited (Heathrow) collects personal information about you when you use Reserve & Collect Website. Heathrow is committed to protecting your personal information when you use Heathrow services. Whenever you provide such information, we are legally obliged to use your information in line with all applicable laws concerning the protection of personal data, including the Data Protection Act 2018 which incorporates the General Data Protection Regulation (GDPR). Your information will be kept in a secure environment and access to it will be restricted according to the 'need to know' principle.

What information will we collect about you?

When you use Reserve & Collect Website, we will collect the following information about you:

Salutation
Name
Email address
Phone number
Date of travel
Flight number

Heathrow collects information about how you use Reserve & Collect Website via our website and the device(s) you use to access the service. This includes collecting unique online identifiers such as IP addresses, which are numbers that uniquely identify a specific computer or other network device on the internet. For more information, see our section on ‘cookies’ below.

How will Heathrow use the information it collects about me?

Heathrow will use your personal data for a number of purposes including the following:

Use of data	Purpose	Justification
To provide the Reserve & Collect service, Personal Shopper service and In-lounge Shopping service to you	Contract	We will be unable to deal with your requests and enquiries related to the Reserve & Collect, Personal Shopper Service and In-lounge Shopping Service. Failure to provide mandatory data fields denoted by a ‘*’ will mean that we will not be able to complete your order and deliver the Heathrow Reserve & Collect, Personal Shopper service to you. Failure to provide your name and the location of your table number within the Airport lounge will mean that we will not be able to deliver the In-lounge Shopping service.
To send you marketing communications about Reserve & Collect and other Heathrow services, as well as information, including products and services offered by our trusted third parties	Consent	Where you give us consent to send you marketing communications, we will inform you about the latest airport updates including exclusive offers and new services to improve your travel experience.
We will share your name and email address with selected Airport Partners who will use your personal data to send marketing communications to you.	Consent	We will share your name and email address with Airport Partners who will use your personal data to send marketing communications to you. We will only do this where you give us your clear consent to do so.
We may also match the data we collect with other data that we hold about you if you have used Heathrow products and services before.	Legitimate Interests	We have a legitimate business interest for your personal data to be used for this specific purpose. We may also match the data we collect with other data that we hold about you if you have used Heathrow products and services before. We do this to build up a picture of your personal preferences and understand how you use Heathrow products and services. This enables us to deliver a richer customer experience and ensures we only send relevant communications to you.

You are always in control of how we use your personal data and can opt out of marketing communications during and after the booking process. You can unsubscribe from Heathrow Airport marketing communications by clicking ‘Unsubscribe’ on the footer of a Heathrow Airport marketing email. You have the right to object to this processing which you can exercise by contacting privacy@heathrow.com. Please note that if you object, this may affect our ability to send personalised marketing communications to you.

Your information will be handled and used by the following recipients in order to deliver the Personal Shopper and Reserve & Collect services:

• Heathrow staff delivering the Reserve & Collect service

• Capgemini staff delivering the technical administration of the Reserve & Collect system

• Reach Contact Ltd who employ Customer service agents who work on behalf of Heathrow

• Retailers where you reserve products or when you use Heathrow Mobile Payments

• Braintree a PayPal service are the merchant for the Heathrow Mobile Payment service when you use our Personal Shopper service

• Indigo 102 operate the mobile payment web software for and on behalf of Heathrow Airport Ltd and its suppliers when you use our Personal Shopper service

We will keep your information within Heathrow and our trusted third parties except where disclosure is required by law, for example to government bodies and law enforcement agencies. Your information is processed within the European Economic Area.

How long will Heathrow keep my Information?

Your account information will be retained for a period of two years from the date of your last transaction after which point it will be anonymised. Where you tell us that you no longer wish to receive marketing communications about Reserve & Collect or other Heathrow products and services, we will keep this information about you until you tell us otherwise. Your information will be retained in a secure environment and access to it will be restricted according to the 'need to know' principle.

What rights do I have over my personal data?

You have the right to:

Access your personal data by making a subject access request
Rectification, erasure or restriction of your information where this is justified
Object to the processing of your information where this is justified
Data portability

To exercise your rights, please contact the Heathrow Data Protection Officer using the following contact details:

Data Protection Officer

Heathrow Airport Limited

The Compass Centre

Nelson Road

Hounslow

Middlesex

TW6 2GW

Email: privacy@heathrow.com

What if I find your response unsatisfactory?

Should you find our response unsatisfactory, you have the right to lodge a complaint with the supervisory authority – the Information Commissioner’s Office (ICO). You can find more information on the ICO website at https://ico.org.uk/concerns/ regarding the complaints process.

A new era has begun for the UK and EU now that the Brexit transition period is over. From time to time we may process personal data from EU residents. Whenever applicable, we have appointed an EU Representative to ensure that we continuously process your personal data in compliance with applicable laws and without undermining your statutory rights. You can contact our EU Representative at HeathrowEURepresentative@eversheds-sutherland.com and write EU Representative as subject matter. You may also contact our EU Representative per post mail at:

Eversheds Sutherland Netherlands B.V.

Attn. EU Representative Heathrow Airport

Fascinatio Boulevard 212

Floor 2A

3065 WB Rotterdam

Privacy & Cookies

Cookies are small text files which are stored on your computer when you visit certain web pages. At Heathrow we use cookies to understand how our sites are used which helps us to improve your overall online experience. Some of the cookies we use are necessary for some of our sites to work whilst other cookies are used to provide tailored advertising by trusted third parties. To find out more about cookies, visit www.aboutcookies.org

The different types of cookies we use

Heathrow use the following categories of cookies on our websites:

Strictly necessary – These cookies are essential for certain features of our websites to work for example when you make payments for car parking. These cookies do not record identifiable personal information and we do not need your consent to place these cookies on your device. Without these cookies some services you have asked for cannot be provided.

Performance – These cookies are used to collect anonymous information about how you use our websites. This information is used to help us improve our websites and understand how effective our adverts are. In some case we use trusted third parties to collect this information for us but they only use the information for the purposes explained. By using our websites, you agree that we can place these types of cookies on your device.

Functionality – These cookies are used to provide services or remember settings to enhance your visit for example text size or other preferences. The information these cookies collect is anonymous and does not enable us to track your browsing activity on other websites. By using our websites, you agree that we can place these types of cookies on your device.

Targeting and Advertising – These cookies are used by trusted third parties to deliver adverts more relevant to you and your interests. They are also used to limit the number of times you see an advertisement as well as help measure the effectiveness of the advertising campaign. Information contained in these cookies is anonymous and doesn't contain your personal information. To find out more about cookies used for targeting and advertising follow www.youronlinechoices.com and www.networkadvertising.org or contact us at website_feedback@baa.com for further information about the trusted third parties we use.

Managing Cookies

If you'd prefer to restrict, block or delete cookies from Heathrow and our third-party advertisers, or any other website, you can use your browser to do this. Each browser is different, so check the 'Help' menu of your browser to learn how to change your cookie preferences. If you choose to disable all cookies we cannot guarantee the performance of our websites and some features may not work as expected.

Changes to this Privacy Promise

We will keep this privacy promise under regular review and we will place any updates here. At the start of this privacy promise, we will tell you when it was last updated.

September 2021 -Updates to - HOW WILL HEATHROW USE THE INFORMATION IT COLLECTS ABOUT ME