By clicking OK or continuing to use our website, you consent to our use of cookies.
  1. Home
  2. Data protection

Data protection declaration

Trusted. Unique. Inspiring. At TUI we create unforgettable moments for our customers worldwide and make your dreams come true. The responsible use of the personal information you share with us is an important part of what we do. We want you to rest assured that your data are safe in our hands and that you know how we use the data to deliver you a better, unique and inspiring experience. You can find more information about us at the TUI Group website.

Scope of this privacy notice

The responsible party for this content is TUI Deutschland GmbH (referred to in this data privacy notice as "we" or "us"), a member of the TUI Group.

We are committed to doing the right thing when it comes to how we collect, use and protect your personal information. Your privacy is important to us, so please take the time to read our privacy notice. This explains:

  • What kinds of personal data we collect and why we collect them
  • When and how we may share personal information within the TUI Group and with other organisations
  • Your options for, inter alia, viewing and updating your personal information

We have made every effort to make this notice as easy to understand as possible. If you are unfamiliar with terms such as "Responsible party" or "Specific categories of personal information," you can read more in the Key terms section.

The personal data we collect

When you sign up for our services, you may be sending us:

  • Your personal details, such as your address, email address, telephone number and date of birth
  • Your account login information, such as your username and the password you decide on

When you book travel or other products from our range of offerings, we collect data for fulfilling the contract you have made with us:

  • Your personal details, such as your address, email address, telephone number and date of birth
  • The personal details of your fellow travellers
  • Payment details (e.g. credit card details, account information, billing address)
  • Your booked products or services

When you browse our websites or use our mobile apps, we may collect:

  • Your travel preferences,
  • Information about your browsing activity on our websites and mobile apps
  • Information about when you click on any of our advertisements, including those shown on websites of other organisations
  • Information about the way you access our digital services, including operating system, IP address, online identification and browser details
  • Your social preferences, interests and activities

When you buy our products in our stores or online, we may collect:

  • Information about the traveller, passport details, other identification information
  • Insurance data,
  • Relevant medical data as well as any special dietary requirements or other requirements for religious reasons or reasons of physical impairment
  • Information about your purchases, e.g. what you bought, when and where you bought it, how you paid, and credit or other payment information
  • Information about your browsing activity on our websites and mobile apps
  • Information about when you click on any of our advertisements, including those shown on websites of other organisations
  • Information about the way you access our digital services, including operating system, IP address, online identification and browser details
  • Your social preferences, interests and activities

When you contact us or we contact you or if you participate in advertising campaigns, promotions, competitions, surveys about our services, we may collect:

  • Personal information you provide when you contact us, including by email, post and telephone or through social media, such as your name, username, and your contact information
  • Details about emails and other digital communications that we send to you and that you open, including any links contained therein that you click
  • Your responses and contributions to customer surveys

Other sources of personal information

  • We may use personal information from other sources, such as, from companies providing information and data, trading partners and public registers.
  • Your insurance company and its agents as well as medical employees may exchange relevant personal information and special categories of personal information with us in circumstances where we must act on your behalf or in the interests of other customers or in an emergency.
  • When you log in with your social networking credentials to interact with our platforms and online services, such as using your Facebook, Google+ or Twitter accounts, you are consenting to share your user information with us, for example, your name, your email address, your date of birth, your location and other information.
  • We may use surveillance camera recordings and records of IP address and browser data collected in or near our shops, business premises, other buildings and cruise ships.

Personal information about other persons you submit to us

  • We use personally identifiable information you provide about others, such as additional information on your booking.
  • When submitting personal information on other people you must be sure that they agree and that you may submit their data. If necessary, you should also ensure that these people know how we could use their personal information.

The use of your personal details

We use your personal information in a variety of ways, as explained below.

To deliver the products and services you request

We need to process your personal information so that we can manage your account or booking, provide you with the products and services you need, and assist you with orders and any refunds you may require.

To manage and improve our products, services and day-to-day operations

We use personal information to manage and improve our products, websites, mobile apps, loyalty and customer management programmes as well as other services.

To protect your personal information and to detect and prevent fraud, other crimes and the misuse of services we monitor how our services are used. This helps us ensure that you can safely use our services.

We may use personal information to respond to and manage security incidents, disruptions or other similar occurrences. These may, inter alia, be medical or insurance-related in nature.

We may use personal information to conduct market research and internal development, as well as develop and improve our product range, services, shops and IT systems, security, know-how and methods of communication with you.

We use surveillance camera records to maintain the safety of anyone working or visiting our stores, business premises, and other buildings, as well as to detect, prevent, and prosecute offences. We may also rely on the images to exercise and defend our legal rights.

To contact and interact with you

We want to better serve you as a customer. So if you contact us, for example, by email, mail, telephone or social media, we may use personal information on you to understand and address your concerns as quickly as possible.

We have to process your personal information in order to manage advertising campaigns, promotions and competitions you choose to participate in. These include those that we organise together with our suppliers and trading partners, for example, if you win a prize.

Sometimes we may wish to invite you to participate in customer surveys and other market research activities performed by the TUI Group and other organisations for your benefit.

To help us better understand you as a customer and provide you with services and marketing communications (including online advertising tailored to your interests), we may collect the personal information we obtain when you make purchases in a store and combine them with personal information collected through our web pages, mobile apps, and other sources.

We do not sell your personal data to third parties.

Marketing measures with your consent

From time to time we may wish to send you offers and news about our products and services in various ways, such as by email, by Messenger or by phone. Also, we may wish to send you information about products and services of other companies that we believe could be of interest to you. We will only do so if you have previously agreed to receive such marketing communications.

When you book or sign up with us, we ask you if and through which channel you would like to receive marketing communications.
We also ask you if you would like to receive marketing communications from other companies in the TUI Group and if we may pass the data on to the companies in the TUI Group.
We re-verify your contact information provided to us online. To do so we ask you, for example when registering for email marketing, to confirm the information using the double opt-in procedure. This means that we will not send you email marketing communications until you activate the link sent. A similar procedure is used for advertising via SMS or Messenger.
You may revoke your consent to marketing communications at any time, online, over the phone, or using a link that activates your cancellation of a subscription, for example, for newsletters in our marketing emails, or by using the STOP option in the speed dial number in our marketing SMS or by writing to us (e.g. by email to Datenschutz@tui.de). You may withdraw your consent in whole or in part. If you no longer wish to receive advertisements for a specific channel (e.g. telephone), you can notify us, and you can issue a revocation for all granted consents for marketing purposes. You can also separately revoke a separate consent to marketing communications by companies in the TUI Group. Of course, the choice is entirely up to you. If you tell us that you do not want to receive marketing information, you will be missing out on great offers and deals.

However, you might still receive service-related communications from us. For example, confirmation of bookings you make with us and important information about the use of our products and services.

Product recommendations by email

As a customer of TUI Deutschland GmbH you will receive regular product recommendations from us by email. You will receive these product recommendations regardless of whether you have subscribed to a newsletter or consented to email marketing communications or not. In this way we want, on the basis of your recent purchases from us, to provide you with information about products from our offering that you may be interested in. We comply strictly with all legal requirements. If you no longer wish to receive product recommendations by email from us, you can cancel this at any time. A message in writing to Datenschutz@tui.de (e.g. by email, fax, letter) is sufficient. Of course, you will also find an unsubscribe link in every email.

To personalise your experience

We want to ensure that marketing communications (including online advertising) related to our products and services as well as those of our suppliers, trading partners and the TUI Group are tailored to your interests.

We use the personally identifiable information you provide to better understand your interests so that we can try to predict which other products, services and information you might be most interested in. This allows us to tailor our communications to make them more relevant to you. We use existing information such as email receipt and read confirmation, computer and Internet connection information, operating system and platform, your order history, your service history, the date and time you visited the homepage, products that you viewed. We use this information exclusively in a pseudonymised form. This analysis and evaluation of the data help us to better understand you as a customer and allows us to offer you personalised offers and services. Our goal is to make our advertising more useful and interesting for you, in other words, offer you products and services that best meet your needs as a customer.

If you do not wish to receive a personalised service, for example, if you do not wish to receive a personalised newsletter from us, you can cancel personalised advertising any time you wish, e.g. over the phone, in writing or by email (e.g. to Datenschutz@tui.de). In this case, you will continue to receive non-personalised standard advertising. You can of course also cancel/revoke your consent to our marketing communications as a whole at any time. We will update your information as soon as possible.

Market research

We highly value your opinion. To improve our products and services we may contact you for market research purposes. You always have the choice as to whether to participate in our market research or not.

Sharing personal information with suppliers and trading partners

To provide you with the products and services you require we have to share personal information about your booked travel services with providers, including airlines, hotels and transport companies.

We also work with carefully selected providers who perform specific functions for you. For example, with companies that help us with IT services, data storage and linking, marketing, market research, payment processing and the provision of products and services.

We may need to share personal information to safeguard or defend our legal rights; this includes the transfer of personal data to third parties in order, e.g. to prevent fraud and reduce the risk of default.

When we share personal information with other organisations we require them to keep the information secure. They may not use your personal information for their own marketing purposes.

We only share the minimum amount of personal information necessary that enables our suppliers and trading partners to provide their services to you and us.

Sharing personal information with government agencies

To be able to travel it is sometimes mandatory (required by law in the country of departure and/or in the destination country) to disclose and process your personal information for immigration, border control, security and counter-terrorism purposes, or any other purpose we deem reasonable.

Some countries only issue travel authorisation if you provide enhanced passenger information (for example, Caricom APIS data and US Secure Flight Data). These requirements may vary depending on your destination and we recommend that you check this on a case-by-case basis. Even if it is not mandatory, we are happy to assist you.

We may share the necessary minimum amount of personal information with other authorities if the law requires us to do so or if we are legally permitted to do so.

Sharing personal data within the TUI Group

With the exception of services with their own privacy notices that do not refer to this privacy notice our privacy notice applies to all services offered by the TUI Group. We may share the necessary minimum amount of personally identifiable information with other TUI Group companies, for example, to provide the products and services you request, manage and improve our products, services and day-to-day operations; if necessary, personalise your travel experience, contact you and interact with you and, if permitted and appropriate, for marketing or market research purposes.

We may also share personal information with other companies if there are contractual agreements with them. In such cases we dispose of or transfer our services or our rights and obligations we may have with you under a contractual agreement. If such transfer or disposal occurs, the company receiving your personal information may use your information in accordance with this privacy notice.

Protecting your personal data

We know how important it is to protect and manage your personal information. We take appropriate security measures to help protect your personal information from accidental loss and unauthorised access, use, alteration and disclosure.

However, the security of your data also depends on you. For example, if we have given you a password to access certain services or you have chosen one, you are responsible for keeping this password secret.

The personal data we collect from you may possibly be transferred to and stored in a country outside the European Economic Area (EEA). Your personal data may also be processed by companies operating outside the EEA that work for us or one of our suppliers. We take appropriate precautions to ensure that your personal information is adequately protected and that it is treated in accordance with this privacy notice. As a rule these protections include corresponding contractual clauses, e.g. standard contractual clauses approved by the European Commission, as well as appropriate security measures.

Data storage

We store your personal data only for as long as it is necessary for the purposes set out in this privacy notice and/or to comply with statutory retention requirements. After this period we will delete personal information in a secure manner. If data are needed after this period for analytical, historical or other legitimate business purposes, we will take appropriate measures to anonymise that data.

About cookies and similar technologies

Cookies are small data files that allow a website to collect and store a range of data on your desktop, laptop or mobile device. Cookies help us provide important features and functionality on our websites and mobile apps, and we use them to improve your customer experience. Please also note our separate Cookie Notice.

Links to other websites

Our websites or mobile apps may contain links to websites of other organisations that have their own privacy notices. Please be sure to carefully read the terms of service and privacy notice before posting personal information to any other organisation's website, as we assume no responsibility or liability for the websites of other organisations.

Retrieving and updating your personal information; complaints

You have the right to request a copy of the personal information we hold about you, although you may also be able to view and update the information associated with your customer account and your booking online. You can of course still write to us and ask for a copy of other personal information stored about you.

Please include details that help us to identify and locate your personal information. If we can provide data access, we will do so for free, unless further copies are requested. In this case, we may charge a reasonable fee based on administrative costs.

We want to make sure that the personal information we store about you is accurate and up-to-date. If any information we hold about you is incorrect, please let us know.

You may also have your personal information corrected or deleted, object to the processing of your personal information and, as far as technically feasible, request that personally identifiable information that you submit to us be shared with another organisation.

We will update or delete your information unless we have to keep it for legitimate business or legal purposes.

You can also contact us if you would like to complain about how we collect, store and use your personal information. It is our goal to provide the best possible solution to your complaints. However, if you are not satisfied with our answer, you can also contact your local data protection office or commissioner. The example given here is of the data protection commissioner for the state of Lower Saxony in Germany: https://www.lfd.niedersachsen.de/startseite/.

Please note that we may ask you to confirm your identity before we process your request or complaint. We may also ask you for more information to help us ensure that you have the right to make this request or complaint to us when you contact us on behalf of someone else.

For questions, requests or comments on data protection, please contact the Data Protection Officer at TUI Deutschland GmbH by email: Datenschutz@tui.de.

Legal basis for processing personal data

We collect and use your personal information only if at least one of the following conditions is met:

  • • We have your consent
    Example: customer account
    You give us permission to process your personal information when you sign up for a customer account.
  • • It is necessary to take certain actions to contact you or, at your request, before entering into a contract
    Example: providing the products and services you want
    We have to process your personal information to be able to manage your customer account or booking, offer you the products and services you wish to purchase, and assist you with orders or refunds.
  • • It is necessary to comply with a legal obligation
    Example: sharing personal data with authorities
    In order for you to travel it may be compulsory (required by law in the country of departure and/or in the destination country) to disclose and process your personal information for immigration, border control, security, counter-terrorism or other purposes deemed reasonable by the authorities.
  • • It is necessary to protect your vital interests or those of another person
    Example: in an emergency
    Your insurance company, its agents and medical personnel may exchange relevant personal information and special types of personal information with us. This is the case if we or those kinds of person mentioned above act on your behalf, in the interests of other customers or in an emergency.
  • • Processing is in the public interest or exercised on behalf of an authorised public office
    Example: security measures
    We may use personal information to implement security measures or respond to disruptions or other similar occurrences, including those of a medical and insurance nature.
  • • It is in our or a third party's legitimate interests unless your own interests or rights outweigh
    Example: personalise your travel experience
    We may use your personal information to better understand your interests so that we can try to predict what other products, services and information you might be most interested in. This allows us to tailor our communications to make them more relevant to you.

If we need to process special categories of personal information, such as medical records for medical reasons, this will only happen if one or more additional requirements are met, i.e. we have your explicit consent; it is necessary to protect your vital interests or those of another person and you are physically or legally unable to give consent; it is necessary to substantiate, assert or defend legal claims; it is necessary for reasons of considerable public interest.

Changes to our privacy notice

This Privacy Notice supersedes all previous versions. We may change the notice at any time, so please check regularly on our website(s) for any updates. If the changes are substantial, we will provide clearly identifiable notification on our website(s). In addition, if we deem it appropriate, we will send you an electronic notification of changes to our Privacy Notice.

Last update: May 2018

Key terms

Responsible party: The responsible party determines the purpose and the way personal data are used.

European Economic Area (EEA): EU member states plus Norway, Iceland and Liechtenstein.

Online advertising: Marketing messages that you can see on the internet.

Specific categories of personal data: Specific categories of personal data: These are categories of personal data that indicate ethnic origin, political opinions, religious or philosophical beliefs or trade union affiliation; genetic data, biometric data for the purpose of unambiguous identification of a natural person; medical data as well as data on the sexual life or sexual orientation of a natural person.

Caricom APIS data: Some or all of the Caricom states have entered into an agreement with the United States to allow extended passenger data required by and provided by Caricom States for border security purposes to be transferred to and processed by the US Department of Homeland Security on behalf of these Caricom States. For more information please visit the Caricom-Webseite.

US Secure Flight Data: The Transportation Security Authority (TSA) requires you to provide your full name, date of birth, and gender for the purpose of processing passenger lists. You can also specify your redress number, if any. If this information is not provided, you may be denied carriage or authorisation to enter the boarding area. The TSA may share the information you provide with law enforcement or intelligence agencies or with others in accordance with its published notification system. Visit the TSA website for more information.

Here you can download the text above as a PDF file.