Privacy Policy | Heathrow

Updated: 21 September 2022

This privacy notice tells you what to expect when Heathrow Airport Limited (“Heathrow”) collects personal information about you when you use this website (URL: heathrow.com/boutique) branded as "Heathrow Reserve and Collect" (the "Website") and certain retail services offered by Heathrow on the Website including but not limited to:

• the reserve and collect retail service (the "Reserve & Collect Service") and

• the personal shopper retail service (the “Personal Shopper Service”),

collectively known as the “Retail Services”.

Heathrow is committed to protecting your personal information when you use the Website and the Retail Services. Whenever you provide such information, we are legally obliged to use your information in line with all applicable laws concerning the protection of personal data, including the Data Protection Act 2018 and the UK General Data Protection Regulation (UK GDPR). Your information will be kept in a secure environment and access to it will be restricted according to the 'need to know' principle.

WHAT INFORMATION WILL WE COLLECT ABOUT YOU?

When you use the Website and the Retail Services, we will collect the following information about you:

• Salutation

• First Name and last Name

• Address and postcode

• Email address

• Phone number

• Date of travel

• Flight number

• Preferred language

• Information of products reserved using the Retail Services

• Heathrow Rewards customer loyalty number

• Heathrow Marketing preference

Heathrow collects information about how you use the Website and the Retail Services via the Website and the device(s) you use to access the same. This includes collecting unique online identifiers such as IP addresses, which are numbers that uniquely identify a specific computer or other network device on the internet. For more information, see our section on ‘cookies’ below.

HOW WILL HEATHROW USE THE INFORMATION IT COLLECTS ABOUT ME?

Heathrow will use your personal data for a number of purposes including the following:

Use of data	Purpose	Justification
To provide the Reserve & Collect Service to you	Contract	We collect information to provide the Reserve & Collect Service to enable you to reserve products listed on the Website and to enable the delivery of the reserved products to you at either a retailer’s store at Heathrow Airport or to a Heathrow operated collection desk at Heathrow Airport for purchase from third party retailers and collection. For each third party retailer who concludes a sale of a reserved product at a Heathrow operated collection desk only (and has no physical retail store at Heathrow Airport), more information on each such retailer’s privacy policy can be found here: https://boutique.heathrow.com/en/retailer-privacy-policy.html
To provide the Heathrow Personal Shopper Service to you	Contract	We collect information to provide the Heathrow Personal Shopper Service to enable you to pre-book this service on the Website and to enable you to use this service in person in the designated lounges at Heathrow Airport to reserve products and services for purchase from third party retailers.
To send you marketing communications about the Website, the Retail Services and any other Heathrow services, as well as information, including products and services offered by our trusted third parties	Consent	Where you give us consent to send you marketing communications, we may inform you about the latest airport updates including exclusive offers and new services to improve your travel experience.
We may share your name and email address with selected partners at Heathrow Airport, including World Duty Free, who will use your personal data to send marketing communications to you.	Consent	We may share your name and email address with selected partners at Heathrow Airport, including World Duty Free, who will use your personal data to send marketing communications to you. We will only do this where you give us your clear consent to do so.
We may also match the data we collect with other data that we hold about you if you have used Heathrow products and services before.	Consent and Legitimate Interests	Where we have your consent or legitimate business interest for your personal data to be used for this specific purpose. We may match the data we collect with other data that we hold about you if you have used Heathrow products and services or where you have provided a Heathrow Rewards number when purchasing products and services from our retail partners. We may also analyse marketing communications for campaign and engagement effectiveness. We do this to build up a picture of your personal preferences and understand how you use Heathrow and our retail partners products and services

You are always in control of how we use your personal data and can opt out of marketing communications during and after the booking process. You can change your marketing preferences at any time or unsubscribe from Heathrow marketing communications by visiting ‘My Account’ or by clicking ‘Unsubscribe’ on the footer of a Heathrow marketing email. You have the right to object to this processing which you can exercise by contacting privacy@heathrow.com. Please note that if you object, this may affect our ability to send personalised marketing communications to you.

Your information may be handled and used by the following recipients (who may be third parties) in order to deliver the Retail Services:

• Heathrow staff delivering the Retail Services

• Reach Contact Ltd who (i) provide customer service agents who work on behalf of Heathrow to provide fulfilment and customer assistance services with respect to the Retail Services and (ii) who provide payment administration services on behalf of individual retailers to take payments from customers either pursuant to the Reserve & Collect Service where the collection is from a Heathrow operated collection desk or for purchase of reserved products and services by customers using the Personal Shopper Service

• Retailers from whom you purchase reserved products using the Reserve & Collect service or you purchase reserved products and services using the Personal Shopper Service

• Suppliers of technical services delivering the technical administration of the Retail Services

• Suppliers of payment processing services who take payment on behalf of individual retailers offering products and services for sale using the Retail Services

We will not transfer or disclose your personal information, other than: as identified in this privacy notice or otherwise except to our trusted third-party suppliers, to the police, tribunals, courts, regulators, or other authorities to assist them with their investigations or requests or for us to report security incidents or suspected or actual unlawful acts and/or as may be otherwise required by law.

HOW LONG WILL HEATHROW KEEP MY INFORMATION?

Your account information will be retained for a period of two years from the date of your last transaction after which point it will be anonymised. Where you tell us that you no longer wish to receive marketing communications about the Website or the Retail Services or other Heathrow products and services, we will keep this information about you until you tell us otherwise. Your information will be retained in a secure environment and access to it will be restricted according to the 'need to know' principle.

WHAT RIGHTS DO I HAVE OVER MY PERSONAL DATA?

You have the right to:

· Be informed of how we are processing your data

· Access your personal data by making a subject access request

· Rectification, erasure or restriction of your information where this is justified

· Object to the processing of your information where this is justified

· Data portability

To exercise your rights, please contact the Heathrow data protection officer using the following contact details:

Data Protection Officer

Heathrow Airport Limited

The Compass Centre

Nelson Road

Hounslow

Middlesex

TW6 2GW

Email: privacy@heathrow.com

What if I find your response unsatisfactory?

Should you find our response unsatisfactory, you have the right to lodge a complaint with the supervisory authority – the Information Commissioner’s Office (ICO). You can find more information on the ICO website at https://ico.org.uk/concerns/ regarding the complaints process.

EU Representative Contact Details

A new era has begun for the UK and EU now that the Brexit transition period is over. From time to time we may process personal data from EU residents. Whenever applicable, we have appointed an EU Representative to ensure that we continuously process your personal data in compliance with applicable laws and without undermining your statutory rights. You can contact our EU Representative at HeathrowEURepresentative@eversheds-sutherland.com and write EU Representative as subject matter. You may also contact our EU Representative per post mail at:

Eversheds Sutherland Netherlands B.V.

Attn. EU Representative Heathrow Airport

Fascinatio Boulevard 212

Floor 2A

3065 WB Rotterdam

PRIVACY & COOKIES

Cookies are small text files which are stored on your computer when you visit certain web pages. At Heathrow we use cookies to understand how our sites are used which helps us to improve your overall online experience. Some of the cookies we use are necessary for our sites to work whilst other cookies are used to provide tailored advertising by trusted third parties. To find out more about cookies, visit www.aboutcookies.org

Manage Cookie Preferences >

Heathrow use the following types of cookie on our websites:

Strictly necessary - These cookies are essential for our websites to work and without these cookies some services you have asked for cannot be provided.

Performance - These cookies are used to collect anonymous information about how you use our websites. This information is used to help us continually improve our websites and understand how effective our adverts are. You can opt out of these cookies by managing your preferences above.

Functionality - These cookies are used to provide services or remember settings to enhance your visit for example text size or other preferences. You can opt out of these cookies by managing your preferences above.

Targeting and Advertising - These cookies are used by trusted third parties to deliver adverts more relevant to you and your interests. They are also used to limit the number of times you see an advert as well as help measure the effectiveness of the advertising campaign. You can opt out of these cookies by managing your preferences above.

Personalisation - These cookies help us to show you the most relevant content based on your interaction with our website. You can opt out of these cookies by managing your preferences above.

Managing cookies - If you'd prefer to restrict, block or delete cookies from Heathrow and our third party advertisers, or any other website, you can use your browser to do this. Each browser is different, so check the 'Help' menu of your particular browser to learn how to change your cookie preferences. If you choose to disable all cookies we cannot guarantee the performance of our websites and some features may not work as expected. You can also opt out of cookies by managing your preferences above.

Links to other websites - This privacy notice does not cover the links within this site to third party websites. We encourage you to read the privacy statements on the other websites you visit.

Changes to this privacy notice - We will keep this privacy notice under regular review and we will place any updates here. At the start of this privacy notice, we will tell you when it was last updated.