This website uses cookies

We use cookies to ensure you have an easy, quick and reliable experience whilst using the Virgin Holidays website. By continuing to browse the site you are agreeing to our use of cookies. For more details, see our cookie policy.

Privacy Statement

Flight + Hotel, Hotels and Car Hire
Are operated by Virgin Atlantic Holidays



Here at Virgin Holidays Limited (“Virgin Atlantic Holidays”, or “we”, “us”) we pride ourselves on our customer service. This includes how we handle your personal information. We try to be crystal clear about how we use your information, to give you choices about how we use it, and to ensure its security.
















1.                 POLICY OVERVIEW

1.1               Scope of this policy

This Privacy Policy concerns all the information that we collect, use and otherwise process about you as a customer, potential customer or just enquirer (whether as a direct booker, agent booker, site visitor, app user, enquirer to one of our retail stores or call centres, job applicants or otherwise).

We’re happy to provide any additional information or explanation needed and/or answer any questions you may have (please refer to the “ABOUT US” section below).

1.2               Policy updates

We keep this Privacy Policy under regular review to make sure we’re being transparent about how we use your personal information. Any changes to our Privacy Policy will be reflected at

2.                   ABOUT US

2.1               Who are we?

We are Virgin Holidays Limited, a company incorporated in England and Wales under company number 01873815. You’ll find our registered address below. Virgin Atlantic Holidays is the trading name of Virgin Holidays Limited.

2.2               Who’s the Data Controller?

For the purposes of data protection laws, we are the “data controller” of all personal information that we collect, use and/or otherwise process about you under this Privacy Policy. 

2.3               How to contact us

If you have any questions about this Privacy Policy or the ways in which we handle your personal information, please contact us as follows: 


The Data Protection Officer


Company Secretariat, The VHQ, Fleming Way, Crawley, West Sussex, United Kingdom, RH10 9DF




3.1          What types of information do we collect about you?

The type of information we collect about you depends on the nature of your interactions with us. Depending on the circumstances, we collect any of the following:

  • Details about you. Your name, email address, address, telephone number, date of birth, your hotel room preferences, loyalty membership details, frequent flyer membership details, payment details, your reasons for travel (such as for a wedding, birthday or anniversary), meal and other travel preferences or dietary requirements and, if necessary, information about your health to the extent that it’s relevant to your fitness to fly, your holiday itinerary or to provide you with special assistance;
  • Identification documents/information. If you are travelling on a route requiring Advance Passenger Information, your passport or identity card details including your passport number, the country in which your passport was issued and the expiry date. We will take a copy of your identification, national insurance number and proof of address if you attend a job interview; 
  • Details about the services you arrange with us. Your travel details, including details of your travel itinerary, where you are flying from and to, your booking information, any onward travel details if relevant (for example if you need our assistance for a connecting flight, if you’ve booked transportation or a tour with us), details of experiences or excursions booked through us, your baggage requirements, any upgrade information, your lounge visits, seat preferences, meal preferences or requirements, details of any special assistance you might need from us and any other information relevant to enable us to provide you with the travel or other services that you’ve arranged with us; 
  • Financial information. If you book services on our website, at one of our retail stores or by phone with us, your payment details, which may include billing addresses, credit/debit card details and bank account details;
  • Transactional data. We will collect information related to your transactions on the website, including the date and time, the amounts charged and other related transaction details;
  • Your interactions with us. Information about your interactions or conversations with us and our people, including when you make enquiries, comments, complaints or submit feedback to us (whether formally via email or our website, over the phone, or simply verbally to our people), when you get in touch via social media or when you attend any events we host; 
  • Job applications. If you apply for a job with us, your CV, work history, educational details, qualifications, skills, projects, references, proof of entitlement to work in the relevant country, national security number, your passport or other identity document details, the role you’re applying for, and any other similar information that you provide to us; and
  • Your use of our systems and services. Details of the way in which you use our site, app, retail stores, call centres and/or social media pages (please see the “OUR SITE, APP AND COOKIES” section below for further details).



How we collect information about you will depend on how you interact with us and what services you arrange with us. Depending on the circumstances, we collect information in any of the following ways: 

4.1       Information that you provide to us:

  • When you browse our site or mobile application;
  • When you use Manage My Booking on our site;
  • When you book or search for a holiday or other service (such as a flight, cruise, hotel lounge access, transportation or special assistance) via our site, Virgin Atlantic Holidays’ Cruise site, app, retail store, our call centre, Travel City Direct or Virgin Atlantic Flight+Hotel, Hotel or Car Hire booking on website;


  • When you fill in part of the booking information on our site but do not complete the booking;
  • When you apply for a job with us by email, via the site or via a recruitment agency;
  • When you attend a job interview;
  • When you contact us via our retail stores, call centres, press office, social media, post, email or instant messenger;
  • When you request a brochure, sign up to receive email updates, participate in any of our competitions, promotions (for example via any social media channels, email or our site), surveys or market research;
  • When you ‘follow’, ‘like’, post to or interact with our social media accounts, including Facebook, LinkedIn, Twitter, Pinterest, Instagram and YouTube;
  • When you provide us with information about an accident, illness or incident that occurred in connection with your holiday;
  • When you update your booking via a third party (such as an airline or hotel);
  • When you make a complaint via a third party (such as an airline or hotel); and/or
  • When you attend any events we host.

​4.2     Information that we get from third parties, including:

  • A person / company making a booking on your behalf. We will receive personal information in the form of booking details where, for instance, a family member or friend, travel agent or employer who may be based inside or outside the EU makes a booking on your behalf;
  • Employers, recruitment agencies and referees. If you are a job applicant we may contact your recruiter, current and former employers and/or referees, who may be based inside or outside the EU, to provide information about you and your application;
  • Service providers. We may collect personal information from ground handling agencies, our website developer, IT support provider and payment services provider (who may be based inside or outside the EU);
  • Website security. We will collect information from our website security service partners who are based [inside OR outside] the EU, about any misuse to the website, for instance, the introduction of viruses, Trojans, worms, logic bombs, website attacks or any other material or action that is malicious or harmful;
  • Social media plugins. We currently use social media plugins from the following service providers who are based both inside and outside the EU: Facebook, Twitter, LinkedIn Instagram and YouTube. By providing your social media account details you are authorising that third-party provider to share with us certain information about you; and
  • We might also receive information about you from third parties if you have indicated to such third party that you would like to hear from us.


5.1     In certain circumstances, we will collect information that is deemed sensitive or referred to as special categories of personal data. This is most likely to include information about:

  • Your health (for example if you ask us to provide you with special assistance during your holiday, or to determine your fitness to fly, or if you specify a meal preference that indicates a medical condition such as celiac disease);
  • Your religion (for example if you specify a meal preference that indicates a particular religion such as a kosher or halal meal);
  • Your race, ethnicity, religious or philosophical beliefs and sexual orientation for the purpose of our diversity and equal opportunities records;
  • Your health as necessary for the purpose of arranging your interview if you are an applicant or supporting your needs and access to our workplace; and
  • Your criminal record for the purposes of completing background checks necessary for you to be able to work with us.

5.2     We need to have further justification for collecting, storing and using this type of personal information. We process special categories of personal information in the following circumstances:

  • In limited circumstances, with your explicit written consent;
  • Where we need to carry out our legal obligations or exercise rights in connection with employment;
  • Where it is needed in the public interest, such as for equal opportunities monitoring;
  • Where it is needed in relation to legal claims or where it is needed to protect your interests (or someone else's interests) and you are not capable of giving your consent; or
  • Where you have already made the information public.


6.1    For what purposes do we use your information? 

We’ll use your information for a variety of different purposes, some of which will depend on the services that you engage us for. This includes:

  • To manage your booking with us. We will use your information to provide you with any services that you request or purchase from us. This includes booking your flight, cruise or hotel, arranging a tour,  transportation or car hire, and issuing you with your tickets (on the basis of performing our contract with you), and providing you with any special assistance (where you provide your consent); 
  • To send you service communications and support services. We will use your information to send you any communications relevant to the services you’ve requested or purchased from us. This includes sending you an email to notify you of changes to your itinerary, or providing you with a voucher, ticket or e-ticket. We will also provide you with customer service and support, deal with your enquiries, scheduling changes, complaints, comments or observations shared with us (on the basis of performing our contract with you or on the basis of our legitimate interests to provide you with customer service); 
  • To manage our relationship with you. This includes notifying you of changes to our terms of use or privacy policy, and asking you to leave a review or take a survey (on the basis of performing our contract with you, to comply with our legal obligations and on the basis of our legitimate interests to keep our records updated and study how our website and services are used);
  • To send you marketing communications. We will use your information to keep you up to date with the latest news, events, offers, sales, brochures, promotions and competitions that we think might be of interest or relevant to you (either on the basis of your consent where we have requested it, or our legitimate interests to provide you with marketing communications where we may lawfully do so) (please see the “MARKETING” section below for more information);
  • To provide assistance with online bookings. We  collect your information when you fill in the required fields of our online booking forms but do not complete your booking or transaction in order to offer our assistance in case you are experiencing difficulties with our website (where we have your consent to do so); 
  • To personalise your customer experience. We use your information to provide you with a more personalised service. For example tailoring the communications that we send to you with your preferred destinations, serving you only with advertising that we think you might like and/or enhancing your holiday experience (on the basis of our legitimate interests to present you with the right kinds of products and services);
  • To improve our customer service. We  record calls to our call centre and/or monitor calls for the purposes of improving our customer service, ensure quality assurance, training, security and for general business purposes (on the basis of our legitimate interest in improving our customer service);
  • To process your job applications. We will use your information to process any job applications that you submit to us, whether directly or via an agent or recruiter (speculatively or in response to any ad) (on the basis of our legitimate interest to recruit new employees or contractors);
  • To optimise our sites and app. If use our sites or apps, we will use your information to ensure that the content from our websites are presented in an effective manner for you and your device, to provide you with access to our site and app in a manner that is effective, convenient and optimal, and to provide you with content that is relevant to you, using site analytics and research and in certain circumstances combining that with other information we know about you (on the basis of our legitimate interests to operate and present an effective and convenient website to our website users);
  • To ensure security and protect our business interests. In certain circumstances, we use your information to ensure the security of our services, buildings, and people, including to protect against, investigate and deter fraud, unauthorised or illegal activities, systems testing, maintenance and development (on the basis of our legitimate interests to operate a safe and lawful business or where we have a legal obligation to do so);
  • To process and facilitate transactions with us. We will use your information to process transactions and payments for bookings or purchases online, and to collect and recover money owed to us (on the basis of performing our contract with you and on the basis of our legitimate interest to recover debts due);
  • To provide assistance with online bookings. We collect your information when you fill in the required fields of our online booking forms but do not complete your booking or transaction in order to offer our assistance in case you are experiencing difficulties with our website (where we have your consent to do so); 
  • To enable us to interact with you on social media platforms. These include Facebook, LinkedIn, Twitter, Instagram and YouTube, for example, posting status updates, responding to comments and messages, posting, ‘retweeting’ and ‘liking’ posts (on the basis of our legitimate interest in promoting our brand and communicating with interested individuals);
  • To detect fraud, terrorism and unlawful activities. To protect, investigate, and deter against fraudulent, unauthorised, or illegal activity, including identity fraud, terrorism and other types of unlawful conduct (on the basis of our legitimate interests to operate a safe and lawful business or where we have a legal obligation to do so);
  • To conduct research. We use your information to carry out aggregated and anonymised research about general engagement with our services and systems, or if you choose to participate in customer surveys, consumer focus groups and research (on the basis of our legitimate interests to improve our products, services and customer service); and
  • To comply with our legal obligations, policies and procedures. In certain circumstances, we will need to use your information to enable us to comply with our policies, procedures and legal obligations (for example to comply with any court orders or subpoenas), to enforce our legal rights, and to protect the rights, property and safety of staff, customers and others. This includes sharing your information with our lawyers, technical advisors, law enforcement and other regulatory bodies where necessary (on the basis of our legitimate interests or to comply with a legal obligation). 

6.2    On what grounds will we process your information? 

We will use your information for the purposes listed above, either:

  • For the performance of your contract with us and the provision of our services to you;
  • To comply with a legal obligation we have;
  • For our legitimate interests (we explain what we mean by this below);
  • To protect your vital interests;
  • With your consent;
  • For establishing, exercising or defending legal claims; and
  • For reasons of substantial public interest.

6.3    What do we mean by “legitimate interests”? 

As outlined above, in certain circumstances we may use your personal information to pursue legitimate interests of our own or those of third parties, but this is provided your interests and fundamental rights do not override those interests. By “legitimate interests” we mean our interests in conducting and managing our business activities and to ensure that we are guaranteeing the best service and experience for you and our customers. This involves: 

  • Providing you with customer service;
  • Determining the effectiveness of our site / tools / services and improving the security and optimisation of our network, sites and services;
  • Confirming information that you provide to us in a CV or application, by reference to past employers and/or publicly available employment or business profiles;
  • Personalising, enhancing, modifying or otherwise improving the services and/or communications that we provide to you, such as sending you marketing and serving you with advertising that is relevant and likely to be of interest to you; and/or
  • Detecting, monitoring and preventing fraud or other unlawful acts, and operating a safe and lawful business. 

Where we use your information for our legitimate interests, we make sure that we take into account any potential impact that such use may have on you. Our legitimate interests don’t automatically override yours, and we won’t use your information if we believe your interests should override ours unless we have other grounds to do so (such as when we have your consent, or we have a legal obligation to use your information in that way). If you have any concerns about our processing please refer to details of “YOUR RIGHTS” section below. 

As we outline in “YOUR RIGHTS” section below, from 25 May 2018 you will have the right to object to our using your information for our legitimate interests. However, please keep in mind that your objection to this sort of processing may affect our ability to carry out the tasks that we have set out above. 


7.1    In connection with the purposes and on the lawful grounds described above, we share your personal information with the following third parties: 

  • Third party suppliers that we work with to provide your booking and our other services to you. We may share your information with third party suppliers including the Virgin Travel Group (which consists of  Virgin Atlantic Holidays and Virgin Atlantic Airlines Limited) that provide us with services in connection the provision of our services to you. This includes for example:  airlines, hotels, tour operators, transport companies, excursion providers, airport authorities, insurance companies, car hire companies, ground handling agencies, and cruise companies;
  • Other third party suppliers that we work with in connection with our business. We share your information with third party suppliers that provide us with services in connection with our business and the provision of our services to you. This includes for example: marketing agencies and/or companies that run our marketing campaigns, IT developers, service providers and hosting providers, third parties that manage promotions or competitions that we may run, third party software companies that provide us with applications on a white label basis, advertising providers and networks, ground agents, site analytics providers, medical service providers and credit card screening companies;
  • Virgin Group companies. When you make a an enquiry or booking via Virgin Atlantic Flight+Hotel, Hotel or Car Hire on website, we pass your personal information to Virgin Atlantic Airways Limited to administer the relevant services to you, carry out statistical analysis, and market research;
  • Airports, immigration / border control and/or other government authorities. The majority of destinations require airlines, cruise lines and tour operators to provide “Advance Passenger Information” about you to the border/immigration authorities of the country of your travel destination. Advance Passenger Information comprises the basic information contained in your passport that you would be required to present on your arrival. In addition, laws in certain destinations in your itinerary such as the USA and countries your flight may fly over require airlines to provide certain additional advance information about you and your travel arrangements. We will provide this information where we are required to do so;
  • Third parties for marketing. We share your information with any selected third party that you consent to our sharing your information with for marketing purposes;
  • Regulators and governmental bodies. We share your information with HM Revenue & Customs, regulators, governmental bodies and other authorities acting as processors or joint controllers based in the United Kingdom who require reporting of processing activities in certain circumstances;
  • Courts or advisors. We share your information with other third parties (including legal, accountants or other advisors, regulatory authorities, courts and government agencies) where necessary to enable us to enforce our legal rights, or to protect the rights, property or safety of our employees or where such disclosure may be permitted or required by law; and
  • Third parties which are successors of the business. Your information may be disclosed to any successors of our business, in the event of a re-organisation, merger or sale, for them to use for the purposes as set out in this Privacy Policy.

Where we do share your information with third parties, we will require them to maintain appropriate security to protect your information from unauthorised access or processing, unless we have no ability to do so (for example, where we are sharing information with border agencies or enforcement authorities).


8.1    When you’ll hear from us

We will keep you up to date with our latest routes, offers, partnerships, sales, promotions, competitions (or those of our partners such as other members of the Virgin Travel Group) that we think might be of interest / relevant to you if you have indicated that you are happy to receive marketing communications from us – that is, if you have:

  • Purchased services such as a holiday from us and have not told us that you don’t want to hear from us; or
  • Signed up to receive marketing communications from us and have not later told us that you don’t want to hear from us.  

8.2    Opting out of or withdrawing your consent in relation to marketing

If you no longer want to hear from us, you can opt out or unsubscribe by:

  • Following the “unsubscribe” link contained in any marketing communications that you receive from us; or
  • By emailing us at
  • By contacting us using the details in the “ABOUT US” section above. 

8.3    Third parties and marketing

We might rely on third parties to help us manage our marketing communications, but we won’t share your information with any third parties for their marketing purposes unless you agree to our doing so. 


9.1    What we collect when you interact with our sites and apps

As you may already know, most sites and apps collect certain information automatically in log files about the way in which you interact with them. This might include your IP address, geographical location, device information (such as your hardware model, mobile network information, unique device identifiers) browser type, referral source, length of visit to the site or app, number of page views, the search queries you make, and similar information.

This information will be collected by us or by a third party site analytics service provider and will be collected using cookies.

As we’ve described above, we use this information to save your settings, such as the last holiday you searched for so you can find it easily the second time, give you access to more great features on our website, help improve our functionality and services, run diagnostics, analyse trends, track visitor movements, gather broad demographic information and personalise our services. 

9.2    What do we mean by “cookies”?

Cookies are small amounts of information in the form of text files that we store on the device you use to access our site or our marketing communications. Cookies allow us to monitor your use of our services and improve them. For example, a temporary cookie is also used to keep track of your "session". Without that temporary cookie you will not be able to purchase holidays or other services via our site.

We also use cookies for site analytics purposes and to monitor how customers interact with and receive our marketing communications (for example if you open the marketing communication and/or click on any of our offers). We use this information to try to improve the relevance and tone of our future communications to ensure we’re serving you as best as we can.

If you don’t want cookies to be installed on your device, you can change the settings on your browser or device to reject cookies. For more information about how to reject cookies using your internet browser settings, please consult the “Help” section of your internet browser or visit Please note that if you do set your Internet browser to reject cookies, you may not be able to access all of the functions of the site. 

For details of all of the cookies that we use and the purposes we use them for, please visit or for the Virgin Atlantic Flight+Hotel, Hotel or Car Hire website


10.1    Overview of your rights

You have certain rights in respect of the personal information that we hold about you, including:

  • The right to be informed of the ways in which we use your information, as we seek to do in this Privacy Policy;

  • The right to ask us not to process your information for marketing purposes;

  • The right to request access to the information that we hold about you;

  • The right to request that we correct or rectify any information that we hold about you which is out of date or incorrect;

  • In certain circumstances, the right to ask us to stop using information about you;

  • The right to withdraw consent that you have provided to us to use your personal information (refer to paragraph 6.1 to see when we are relying on your consent);

  • The right to object to our using your information on the basis of our legitimate interests (see paragraph 6 above to see when we are relying on our legitimate interests) (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground; and

  • The right to receive a copy of any information we hold about you (or request that we transfer this information to another service provider) in a structured, commonly-used, machine-readable format, in certain circumstances; and

  • The right to lodge a complaint about us to the UK Information Commissioner’s Office ( or the relevant authority in your country of work or residence.

Please note that we reserve the right to retain certain information for our own record-keeping (for example, to ensure that you do not receive marketing communications that you have opted-out of receiving) and to defend ourselves against any claims. We may also need to send you service-related communications relating to the services that we provide to you even when you have requested not to receive marketing communications. 

10.2    The right to ask us to limit or cease processing or erase information we hold about you in certain circumstances. 

10.3    How to exercise your rights

  • Contacting us. You can exercise your rights by contacting us using the details in the “ABOUT US” section above, or by checking the applicable boxes on forms that we use to collect your information, or to tell us that you don’t want to participate in marketing.
  • Updating your own details. Alternatively, if you’d prefer not to contact us, you may be able to do it yourself depending on the nature of your request. For example:
  1. You can update the details we hold about you by logging into your booking via the “Manage your booking” tab on our site and following the instructions to edit your details, or contact us to change details of your booking; and
  2. If you wish to remove your information from our marketing circulation lists, which include receiving marketing emails, you can unsubscribe by scrolling to the bottom of the email and clicking the ‘unsubscribe’ link.
  3. We will comply with your requests unless we have a lawful reason not to do so. 

10.4    What we need from you to process your requests

Please be aware that we may need you to provide additional information (such as to confirm your identity and/or to confirm what information you wish to access) in order to process your request. 


11.1    Our service providers and suppliers

We are based within the European Economic Area (EEA). However, in certain circumstances information that we collect about you will be sent to and held by us in countries outside of the EEA where we work with suppliers and service providers that are either based outside of the EEA or have servers based outside of the EEA. Countries outside of the EEA protect information differently, and so where we do transfer your information to suppliers based outside of the EEA, we will take all steps necessary to ensure that it is adequately protected and used in accordance with this Privacy Policy, including but not limited to relying on any appropriate cross-border transfer solutions such as the European Commission's Standard Contractual Clauses or the EU-US Privacy Shield Framework

11.2    Please contact us using the contact details at the top of this Privacy Notice if you want further information on the specific mechanism used by us when transferring your personal data out of the EEA. 

11.3    Destination territories

As we outline above, in certain circumstances, we are required to share information about you with immigration or other government authorities before we can deliver you to your destination. 


12.1    Our security measures

We strive to constantly keep our security practices under review to make sure that we’re keeping your information as safe as possible. We use a variety of different technical and operational security measures to protect your information against unauthorised access or unlawful use. For example we:

  • Ensure the physical security of our offices, warehouses and other sites;
  • Ensure the physical and digital security of our equipment, devices and systems by mandating appropriate password protection, encryption and access restrictions;
  • Are a “PCI DSS” compliant company, meaning that we apply certain high standards of security in respect of your payment information;
  • Ensure appropriate access controls so that access to your information is only granted to those of our people that need to use it in the course of their work;
  • Carry out regular penetration testing of our systems and third party reviews of our software; and
  • Maintain internal policies and deliver data protection and confidentiality training to make sure our people also understand their responsibilities in looking after your information and commit to taking appropriate measures to enforce these responsibilities. 

12.2    How you can help ensure the security of your information 

You can also play a part in helping to keep your information safe. Here are a few useful starting points:

  • Choose strong passwords and change them regularly;
  • Keep your booking references and passwords confidential, and avoid sharing them with anyone else or using your password for multiple accounts;
  • Log out of “Manage my booking” after each session if you are using a shared computer;
  • Inform us immediately if you know or suspect that your password or booking reference has been compromised or if someone may have accessed your account;
  • Keep your devices protected by ensuring that you’re using the latest version of your operating system and have suitable anti-virus software, if applicable; and
  • Be alert to any fraudulent emails that may appear to be from us, but aren’t. Any emails that we send will come from [*]

12.3    Links to other sites and resources

Our site contains content and links to other sites that are operated by third parties (including the Virgin Travel Group and / or any other third parties whom we believe you may be interested in). Please note that we do not control these third party sites or the cookies that such third parties operate and this Privacy Policy will not apply to them. Be sure to consult the Terms of Use and Privacy Policy of the relevant third party site to understand how that site collects and uses your information and to establish whether and for what purposes they use cookies. 


We keep your information for as long as is reasonably necessary to enable us to provide you with the services that you have requested from us, to comply with any legal obligations that require us to keep information, or for as long as we reasonably require for our legitimate interests, including for example for the purposes of exercising our legal rights or defending ourselves against claims. We operate a data retention policy and look to find ways to reduce the amount of information we hold and the length of time that we need to keep it. For example:

  • We try to adopt a paperless approach wherever possible and securely destroy any paper correspondence we receive on a regular basis unless we are required to retain it for evidential or legal purposes;

  • We retain a suppression list of individuals who no longer wish to be contacted by us indefinitely. We need to keep this information to comply with their wishes not to contact them;

  • We retain any unsuccessful CV’s or job applications that we receive for a period of up to 2 years in case we think you might be suited to another opportunity that becomes available in the near future.


14.1    Not happy? 

If you have any comments, questions or concerns about the contents of this Privacy Policy or the way in which we use your information, we encourage you to contact us using the details in the “ABOUT US” section above to see if we can help resolve the issue in the first instance. 

However, if you’d still like to make a formal complaint or have concerns regarding the ways in which we use your information, you can contact the Information Commissioner’s Office (also known as the “ICO”). The ICO is an independent authority and the UK’s supervisory authority for information rights. 

You can register your concerns on the ICO site by clicking here

LAST UPDATED: 28 March 2022