Visitor Privacy Statement
Last updated: 04/04/2025
1.We respect your right to privacy and take the protection of your personal data seriously. We are committed to protecting and securing any personal data you give us.
2.Data Controller. The data controller of your personal data is Expedia, Inc., Washington, USA. Our EU representative is EG Vacation Rentals Ireland Limited, Ireland.
3.Purposes. We collect and process your personal data for the following purposes: providing you with your visitor identification pass, access control and identity verification, facilitating your registration with us in case of future visits, assisting you in case of evacuation, notifying your arrival to your Host, visitor management, audit trail, analytics, reporting, and sending you an electronic copy of this Visitor Privacy Statement and any update.
4.Scope of information collected . We only process the personal data that you have directly provided to us when filling the registration form in the Zoom Workplace system (name, type of visitor, email address, phone number, company name, host, your photograph). We rely on our legitimate interest to collect and process such information.
5.Special categories of personal information. Where applicable, we may collect health-related information directly from you in order to provide appropriate accessibility to our premises or assistance in case of evacuation. The processing of this sensitive data is necessary to comply with our legal obligation (“Personal Emergency Evacuation Plan” or “PEEP” obligation).
6.Mandatory information. Please note that all the information we collect about you in this registration form is mandatory, otherwise we cannot provide you with your visitor identification pass and pursue the purposes set above.
7.Recipients We may disclose your personal data to the extent necessary to our staff within Expedia Group and our third-party service providers such as Zoom Workplace who collect your personal information. Please note they will only collect and process information as needed to perform their functions. They are not permitted to share or use the information for any other purpose. We may also disclose your personal data to enforce our policies, or where we are permitted (or believe in good faith that we are required) to do so by applicable law, such as in response to a request by a law enforcement or governmental authority, in connection with actual or proposed litigation, or to protect and defend our property, people, or other rights or interests. We may also share your personal data pursuant to a subpoena or other legal request.
8.International data transfers to the USA. Our service provider, Zoom Workplace, transfers your personal data to the US pursuant to Standard Contractual Clauses approved by a decision of the European Commission or pursuant to the EU-US Data Privacy Framework, the UK Extension to the EU-US Data Privacy Framework and/or Swiss-US Data Privacy Framework, as applicable.
9.Retention We will retain your personal data in accordance with all applicable laws, for as long as it
10.Your privacy rights. Where applicable and in accordance with the law, you may have the following rights: right to access, correct, update, port or erase your personal data as well as the right to restrict the processing of your personal data and/or object to certain processing of your personal information. Where applicable you may also have the right to withdraw your consent to the sharing of your personal data. If you would like to exercise any of these rights, please submit your request by email to Privacy@expediagroup.com.
11.Right to complain. You have the right to lodge any complaints you have regarding our processing of your personal data with a data protection authority (for more information, please contact your local data protection authority). However, we care about your privacy, and we would appreciate the chance to address your concerns before you reach out to your local data protection authority.
12.Changes to This Statement. Changes to this Visitor Privacy Statement will be made when required in response to changing legal, technical or business developments. When we update our Visitor Privacy Statement, we will take appropriate measures to inform you, consistent with the significance of the changes we make. We will obtain your consent to any material Privacy Statement changes if and where this is required by applicable data protection laws. If you have any questions about changes to this Visitor Privacy Statement, please contact us by email at Privacy@expediagroup.com.