Privacy and Cookie Statement

This Privacy and Cookie Statement (“Statement”) applies to TravelJigsaw Limited (trading as and Rideways), 100 New Bridge Street, London, EC4V 6JA (“TravelJigsaw” or “we”). It describes how we collect and process personal data about (potential, existing or former) strategic partners, supply partners and other business partners ("Business Partners" or "you"), and therefore applies to personal data of owners, employees, representatives or other individuals acting on behalf of Business Partners.

Please see our separate Privacy Notice and Cookie Statement which describes (i) how we process personal data collected when using and making a booking on our platforms, and (ii) how we use cookies on customer facing platforms.

What kinds of information do we collect about you?

The information we collect about our Business Partners depends on the context of the business relationship and interaction with us, the choices made by a Business Partner and the products, services and features used. The information we collect about a Business Partner can include the following, and depending on the specific situation, not all of the following data items may be considered personal data because it may relate to a business instead of an individual.

Information that you give us

When you register as a Business Partner, we will need you to provide us with the following information: name, date of birth (as required), your contact details, telephone and fax number, company registration documents and the necessary details to be able to pay you (including your bank details: bank account number, VAT number, credit slips). We may also ask (representatives of) Business Partners to provide a copy of their ID card or passport, a photo, video or other relevant information to verify the authenticity of the Business Partner.

We also collect and process communications. During calls with our customer service team, live listening may be done and calls may be recorded for quality control and training purposes, which includes the usage of the recordings for the handling of claims and fraud detection purposes. Recordings are kept for a period of12 months and automatically deleted, unless we have a legitimate interest to keep such recordings for a longer period, including for fraud investigation and legal purposes.

Information we collect automatically

When using our online services, such as the online registration form, an online user account (e.g. our extranet or partner centre) or make use of our app (e.g. Pulse app), we also collect information automatically, some of which may be personal data. This includes data such as language settings, IP address, location, device settings, device OS, log information, time of usage, URL requested, status report, user agent (information about the browser type), operating system, browsing history, user ID, and type of data viewed.

Information you give us about others

By sharing other individual’s personal data in relation to your business (for example of your employees), you confirm that these individuals have been informed about the use of their personal data by us in accordance with this Privacy Statement and provided any necessary consents.

Information we receive from other sources

How and why do we collect, use and share personal data?

  1. Registration and account administration

    To register your services (including verification purposes) and to allow you and us to manage and administer your account.

  2. Relationship management and customer service

    To provide support services (e.g. respond to Business Partners’ requests, questions and concerns) engage with you about our ongoing relationship, including contractual and performance obligations, and any future initiatives by either party that may affect you and/or us.

  3. Bookings

    To send the necessary communications about bookings, including confirmations, cancellations, customer service issues and information about new features and services.

  4. Other activities, including marketing

    If you are making use of an online registration facility and you have not finalised your online registration, we may email you a reminder to do so. We see this as a useful additional service for our potential Business Partners because it allows you to carry on with the registration process without having to start again from scratch. If you don’t want any more reminders, just click the ‘unsubscribe’ link in the email reminder.

    We may invite Business Partners to attend and host events we believe may be of relevance to a Business Partner or use personal data to offer and host online forums to enable Business Partners to find answers to commonly asked questions on the usage of our services and the offering of their products and services.

    We also use personal data, such as contact details, to inform Business Partners about system/product updates, or for other marketing communications. When we use personal data for direct marketing messages in electronic form, we will include a link to unsubscribe.

  5. Analytics, improvements and research

    To send you surveys, including market research surveys and to help us improve the user experience, functionality and overall quality of our Dashboard and other services. Please consult the information provided when invited to participate in survey, market research or join the online platform to understand how personal data may be treated differently from this Privacy Statement.

  6. Security, fraud detection and prevention

    To investigate, prevent and detect fraud and other illegal activities. We may use personal data a Business Partner has provided to us, for example for verification purposes as part of the registration process, personal data collected automatically, or personal data obtained from third party sources (including from customers).

    We reserve the right to disclose your personal data to law enforcement authorities, investigative organisations and external advisors to facilitate prosecution where necessary and other entities within the Booking Holdings Inc group. We may also use personal data for risk assessment and security purposes, including the authentication of users.

  7. Legal and compliance purposes

    To handle and resolve legal disputes, for regulatory investigations and compliance purposes, or to enforce the agreement(s) with Business Partners or the terms of use of our online booking service or solve a complaint with a customer as reasonably expected. By sharing other people’s personal data in relation to your business, you are confirming that they have agreed to have their personal data shared with and used by us in accordance with this Statement. If we use automated means to process personal data which produces legal effects or significantly affects you, we will implement suitable measures to safeguard you rights and freedoms, including the right to obtain human intervention.

Legal Bases for Processing

In view of purposes A to C, we rely on the legal basis that the processing of the personal data is necessary for the performance of the agreement between us and the Business Partner. If the required information is not provided, we cannot register a Business Partner or otherwise work with a Business Partner, nor can we provide customer service. In view of purposes D to G, we rely on our legitimate commercial business interest to provide our services or obtain services from Business Partners, to prevent fraud and to improve our services. When using personal data to serve our or a third party's legitimate interest, we will always balance the Business Partners’ rights and interests in the protection of their information against our rights and interests or those of the third party.

For purposes F and G, we rely also where applicable on compliance with legal obligations (such as lawful law enforcement requests).

If you wish to object to the processing set out under D to E and no opt-out mechanism is available to you directly (for example, in your account settings or via our Data Subject Rights Portal), please contact

Data sharing

International data transfers

The transfer of personal data as described in this Statement may include overseas transfers to countries whose data protection laws are not as comprehensive as those of the countries within the European Union. In these situations, as may be required, we make contractual arrangements to ensure that your personal data is still protected in line with European standards.


What security procedures do we have in place to safeguard your personal data?

In accordance with UK and European data protection laws, we observe reasonable procedures to prevent unauthorised access to and misuse of personal data. We use appropriate business systems and procedures to protect and safeguard any personal information given to us. We also use security procedures and technical and physical restrictions on accessing and using the personal data on our servers. Only authorised personnel are permitted to access personal data in the course of their work.

Data retention

We will retain personal data for as long as we deem it necessary to manage the business relationship with a Business Partner, to provide our services to a Business Partner, to comply with applicable laws (including those regarding document retention), resolve disputes with any parties and otherwise as necessary to allow us to conduct our business. All personal data we retain will be subject to this Statement and our internal retention guidelines. If you have a question about a specific retention period for certain types of personal data we process about you, please contact us via the contact details included below.


What is a cookie?

A cookie is a small text file that is placed in your device’s browser. It lets a platform (such as a website or mobile app) recognise your device so it can provide a better, smoother experience. Most platforms use cookies to store useful bits of information for lots of different purposes. This information can include your sign-in name and your preferences (for example, your preferred language and currency). Cookies are not spyware or adware, and can’t deliver viruses or run programs on your device. To find out more about cookies, please visit

Why do we use cookies?

We use a variety of cookies to do different things:

It’s your choice: Opting in and opting out

The first time you visit one of our platforms, we will ask you to “opt in” (i.e. consent) to our use of cookies. If you choose not to opt in, this may affect our platforms’ functionality: you’ll still be able to use our platforms, but they won’t work as quickly or deliver such a smooth experience.

And you can opt out of Google Analytics and Hotjar at any time by visiting (for Google Analytics) and (for Hotjar).

You can also use your browser to control how cookies are used on your device. Check your browser’s Help menu to find out how. However:

Visit to learn more about cookies and find out how to manage or delete them.


How can you control the personal data you have given us?

You have the right, subject to some legal exceptions, to access, correct or delete any personal data we keep about you, and to object to your personal data being processed. We rely on you to ensure that your personal data is complete, accurate and current. Please do inform us promptly of any changes to or inaccuracies of your personal data. You can use our Data Subject Access Portal to enforce any of these rights. If you do, we will ask for further information to confirm your identity, to keep your information safe and we will handle your request in accordance with applicable UK data protection law. You can update or delete your user account at any time by signing in on our site.

Who is responsible for the processing of your personal data?

TravelJigsaw Limited controls the processing of your personal data. If you have any questions, concerns or comments about this Statement, or our processing of your personal data, please email, stating “Privacy” in the subject line, and we’ll get right back to you. When it comes to privacy, we’re always happy to talk. If you want to exercise any of your data subject rights, please visit our Data Subject Request Portal.

Changes to the Privacy Statement

Just as our business changes constantly, this Privacy and Cookie Statement may also change. If we make material changes or changes that will have an impact on you (e.g. if we start processing your personal data for other purposes than set out above), we will contact you prior to commencing that processing.