top of page

Detonate Travel (“Detonate”, “we”, “our”, or “us”) respects your privacy and is committed to complying with this Global Privacy Policy in conjunction with our general Terms and Conditions and the Detonate Travel Data Protection Agreement, where applicable, which describes how Detonate, as a travel company, collects and uses the personal data you provide to us. This Global Privacy Policy describes what personal data we collect about you, how we collect it, how we use it, with whom we may share it, and what choices you have regarding our use of your personal data. We also describe the measures we take to protect the security of your personal data and how to contact us.


This Global Privacy Policy applies to Detonate Travel and related services provided to you, includingDetonate’s website, portals and applications that display or link you to this Global Privacy Policy (hereinafter referred to collectively as the “Services”). Once you leave such websites and applications for others, the privacy policies of the other websites or applications shall apply.


We encourage you to read this Global Privacy Policy carefully in its entirety, as it relates to your rights regarding the processing of your personal data. As a user of our Services, you understand and agree that we collect, use, and disclose your personal data in accordance with this Global Privacy Policy.


Our privacy practices vary (as they must amongst countries in which we operate), to reflect local legal requirements. Detonate complies with applicable laws in the jurisdictions in which it operates, including UK GDPR. It is in our legitimate business interests to provide you with the Services which use the personal data provided to us for the purposes described herein. Your agreement to the terms of this Global Privacy Policy is not intended to and does not constitute a “consent” to such terms for purposes of the GDPR.

1. Identification of the personal data that Detonate Travel collects

In the course of providing its Services, Detonate collects, uses, and discloses personal data. Personal data is information that can be used to identify you or with which Detonate can link to you. You, as a traveller or user of the Services, may be asked to provide certain personal data when you use our Services, such as:

  • Names and contact information (work and home/mobile phone, email, address);

  • Traveller and emergency contact names and information;

  • Traveller (e.g. routings, class of service, seat preferences, frequent flyer data, meal preferences, hotel/rail/car and other ground transportation membership data and preferences, special accommodation requests, other personal data supplied by you via your profiles, surveys, or other requests);

  • Travel documentation (e.g. passport/visa/driver’s license number, citizenship, date of birth, gender, photographs);

  • Payment data (corporate/personal credit cards) and bank information;

  • Logins, user ID’s, employee ID’s, passwords, IP addresses, and browsing information; and

  • Sensitive personal data such as data about, racial or ethnic origin and religious beliefs for visa applications (where required to be provided under law).


If you submit any personal data relating to other people in connection with the Services (e.g. if you make a reservation for another individual), you represent that you have the authority to do so and we will collect, use, and disclose such personal data in accordance with this Global Privacy Policy.


Detonate may collect personal information (including personally identifiable information or, where relevant, sensitive personal data) about you and/or the person on behalf of whom you are utilising the Services (“Your Data”) in the following ways:


Information you give us
This is information that you give us by filling in forms on our websites, online booking tools or other applications, or by corresponding with us by phone, email or otherwise. The information may include without limitation your and /or your travellers name, address, e-mail address, phone number or other contact details, marital status, age, occupation, role/title/area of responsibilities, financial and credit card information, personal description and photograph and other information (including as required by laws and regulations addressing insurance and related matters or as required to provide the Services).


Of course, you are not required to supply any of the information that we may request, notably sensitive data, although this might limit the Services we are able to offer you. While we make every effort to ensure that Your Data is accurate, complete and up to date, you can help us considerably in this by promptly notifying us if there are any changes to Your Data.


Information we collect about you.
We, our service providers and other business partners, collect certain information by using automated means, such as cookies, when you interact with our applications, or visit our websites. This information may include your IP address, browser type, operating system, the full URLs, referring URLs and information on actions taken or interaction with our digital assets. We may use third- party web analytics services on our websites and applications, to help us analyse how visitors use our websites and other digital platforms. We, our service providers and our business partners may also collect information about your activities on our websites and other digital platforms for use in providing you with content tailored to your individual interests. The information collected for these purposes may include details about things like the particular pages you view on our websites and the actions you take on our websites and or other digital assets.


Information we may receive from other sources.
We work closely with third parties (including Global Distribution Systems (GDSs) and other related travel suppliers for booking/ticketing purposes; industry reporting authorities, payment and delivery services, analytics providers, search information providers, credit reference agencies, financial institutions, financial advisers, disclosure and criminal check services, police forces and courts) and may receive information about you from them). These third parties may be based outside of the EEA (see the storage and transfer of Your Data section for more information).

2. Does Detonate disclose personal data across borders?


When sharing with or disclosing personal data to other parties, including to Detonate related companies, affiliates, subsidiaries, partners, subcontractors, and local travel agents who provide the Services and maintain facilities, your personal data may be transferred to countries with data protection laws providing a lower standard of protection for your personal data than your home country.


We will transfer Your Data in compliance with applicable data protection laws, including having adequate mechanisms in place to protect Your Data when it is transferred internationally (e.g. data protection agreements). If you have questions or wish to obtain more information about the international transfer of Your Data or the implemented safeguards, please contact us as provided in this Global Privacy Policy.

3. How does Detonate store and protect personal data?


Detonate has a number of systems and procedures in place which assist us in ensuring all our client information is safely stored as well as multiple layers of security in place which help manage all access to customer and company data globally.


All staff/user network access is managed via our Active Directory across Detonate's global domain. Our strict user permissions management policy covers all mandatory aspects such as password complexity, mandatory password resets, as well as control of “in and out” of network communication.


All connectivity between our operations, data centres as well as any external data feeds required by our clients, are managed by our global firewall solution. All data movement between the locations is also encrypted and transmitted via secure IPSec VPN tunnels.


In addition to adhering to vendor recommended best practices there are also ongoing efforts aimed at reducing the attack surface and proactively monitoring Active Directory for signs of compromise. Access and permissions for systems within our application layer such as our front, mid and back office tools are managed per application and in line with the user permissions management policies for the respective solutions, adding an extra layer of security/control.


Detonate has adapted our booking and other processes to align with the PCI DSS requirements, with all card numbers being masked and data only used for its intended purpose.


In a similar vein, Detonate only uses data for the intended purpose, we do not hand off data to any third party that is not part of the process.

4. How long does Detonate keep my personal data?


Detonate retains Your Data for the period necessary to fulfil the purposes outlined in this Global Privacy Policy read in conjunction with local applicable laws or unless a longer retention period is required or permitted by applicable laws. The general retention period as set out in the Detonate Retention Policy is 3 (three) years, however this is subject to variances, more fully set out the Retention Policy. When determining how long to retain Your Data, Detonate takes into account the necessity of the personal data for the provision of our Services, applicable laws and regulations, including data protection laws, and our legal obligations. We may retain records to investigate or defend against potential legal claims. When retention of the personal data is no longer necessary, the data will be deleted, masked, de-identified or aggregated for analytic purposes. Reference must also be made to the Detonate Retention Policy.

5. What about Detonate applications?

Detonate makes its online applications and online booking tools (mobile and web-based) available for download from various application marketplaces. Detonate collects usage information for it to improve the application and to deliver a better and more personalised experience. Detonate may follow information on your use of our applications (e.g. anonymised statistics on the daily number of visitors, the daily requests for specific usage elements, the countries from which applications and Services are accessed). We use these statistics exclusively for measuring activities and for improvement or adaptation of Services for your benefit.


Detonate uses such statistics for the analysis of activities, the improvement of Services, and for communicating findings and product improvements to you and other clients and prospective clients. Such statistics do not contain personal data and cannot be used for the collection of personal data. In accordance with the applications’ terms of use, certain information about you (which may include your email address, itinerary data, and other information you provide voluntarily) may be shared with third parties as stated in this Global Privacy Policy. TakeTwo is not in the business of selling and/or purchasing data and Detonate confirms that it shall not sell Your Data.


Some web pages created by Detonate use ‘cookies’, which are small text files that may be placed on your hard disk for record-keeping purposes. It is essentially your identification card and cannot be executed as code or deliver viruses. It is uniquely yours and can only be read by the server that gave it to you. A cookie’s purpose is to tell the server that you returned to that web page. Cookies in and of themselves do not personally identify users, although they do identify a user’s computer. Furthermore, a cookie in no way gives us access to your computer. The use of cookies is an industry standard. Many major web sites use cookies to provide useful features for their customers. Most browsers are initially set up to accept cookies. If you’d prefer, you can set yours to refuse cookies. However, you will not be able to take full advantage of a web site if you do so.


Detonate’s applications collect location data in order to display and relay real-time risk alerts and personalised assistance notification features to the application user. When the application is not in use, it will continue to collect location data to ensure accuracy of location notifications and alerts when the user opens the application. Should you as the user wish to change this default setting, you can edit the location data sharing by going into the device settings. However, should you as the user chose to change this default setting, the relevant product/s may not function as intended by design and your user experience may be impacted. Applications may from time to time action automatic updates/prompt you to authorise a scheduled update to apply enhancements and/or for any bug fixes or improvements.

6. Your rights


Under applicable data protection laws, you may have certain rights regarding the personal information we maintain about you. We also offer you certain choices about what personal information we collect from you, how we use that information, and how we communicate with you.


You can choose not to provide Your Data to us. You also may refrain from submitting information directly to us. However, if you do not provide Your Data when requested, or if you exercise your rights, you or your traveller may not be able to benefit from the Services (as applicable), and we may not be able to provide you with information about our products and services.


To the extent provided by applicable data protection laws, you may withdraw any consent you previously provided to us, or object at any time to the processing of Your Data. We will apply your preferences going forward. In some circumstances, withdrawing your consent to our use or disclosure of Your Data will mean that you cannot make use of certain Services.


Requests and access to Your Data. In addition you may have the right to: obtain confirmation that we hold personal information about you, request access to and receive information about the personal information we maintain about you, receive copies of the personal information we maintain about you, update and correct inaccuracies in your personal information, object to the processing of your personal information, and have the information blocked, anonymised or deleted, as appropriate. The right to access personal information may be limited in some circumstances by local law requirements including applicable data protection laws. To exercise these rights, please contact


You have the right to ask us not to process Your Data for marketing purposes. We will inform you (before collecting Your Data) and obtain your prior consent where required by the Applicable Data Protection Law if we intend to use Your Data for such purposes or if we intend to disclose Your Data to any third party for such purposes. You can exercise your right to prevent such processing by advising us of your preferences before we collect Your Data, including on the form that is used to collect Your Data. You can also exercise the right at any time by contacting us at


The rights above are likely to apply to you if you are based in Europe.


Our websites or other digital applications and platforms may, from time to time, contain links to and from the websites of our service providers. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.


If you provide us with any information or material relating to another individual, you should make sure that the sharing with us and our further use as described to you from time to time is in line with applicable laws, so for example you should duly inform that individual on the processing of her/his personal data and obtain her/his consent, as may be necessary under applicable data protection laws.

7. Changes to our Global Privacy Policy


Any changes we make to our Global Privacy Policy in the future will be posted on this page and, where appropriate, notified to you by e-mail. Please check back frequently to see any updates or changes to our Global Privacy Policy.

8. How can I exercise my rights or make complaints?


If you have any questions about this Global Privacy Policy or wish to exercise any of your rights as described in this Global Privacy Policy, please contact us as follows:

Attn: TakeTwo Legal Department

bottom of page