Our secure server | Why travelocity.co.uk is so secure | Privacy statement | Still worried?

travelocity.co.uk is a completely safe and secure online environment. You can leave your worries at the door, and be confident that we’re taking care of all your security concerns. Just relax into our risk-free site and be assured that we’ve got you covered…



Every credit card purchase you make at travelocity.co.uk is done through our Secure Server Technology. This provides many security features, including:

Authentication: this assures your browser that your data is being sent to the correct computer server, and that the server is secure.

Encryption: this encodes the data, so that it cannot be read by anyone other than the secure server.

Data Integrity: this checks the data being transferred to ensure it has not been altered.

travelocity.co.uk accepts...



Why travelocity.co.uk is so secure

Please be assured that your credit card transaction is protected and secure. We are so confident that shopping on travelocity.co.uk is secure we offer this Guarantee…

In the extremely unlikely event that that your card is used fraudulently as a result of a transaction on the travelocity.co.uk site, we will reimburse any money lost.

You are only ever liable for up to £50 in a fraudulent transaction, the credit card company will pay the rest. We will pay this amount plus an extra £20 for the inconvenience!

We have utilised the most advanced security technology for all credit card transactions in order to create a safe and convenient shopping experience for you.



Technical terms explained

Our secure server software encrypts information, ensuring that Internet transaction stay private and protected. travelocity.co.uk uses a security protocol called "SSL3".

What is SSL?
Recent developments in browser/server technology have made it easy for people to use Web services without worrying about electronic fraud. Two examples are Secure Sockets Layer (SSL) developed by Netscape, and Secure Hypertext Transfer Protocol (S-HTTP) developed by Terisa Systems, Inc. Both of these security protocols have been submitted to the Internet Engineering Task Force (IETF) as an Internet-Drafts. Basically, these protocols allow the browser and server ends of a Web session to authenticate one another and secure information which subsequently flows between them. Through the use of cryptographic techniques such as encryption and digital signature, these protocols:

Allow Web browsers and servers to authenticate each other; Permit Web site owners to control access to particular servers, directories, files or services; Allow sensitive information (e.g., credit card numbers) to be shared between browser and server, yet remain inaccessible to third parties; and Ensure that data exchanged between browser and server cannot be corrupted - accidentally or deliberately - without detection.

Public key certificates
A key component in the establishment of secure Web sessions via the SSL or S-HTTP protocols is the public key certificate. Without authentic and trustworthy certificates, protocols like SSL and S-HTTP offer no security at all.

The credentials used to authenticate Web servers and their clients via protocols such as SSL and S-HTTP are called X.509 public key certificates. A public key certificate is analogous to a passport, in that it proves your identity and is authorized by a trusted third party known in the security world as a Certification Authority or CA (see below). In the passport analogy, the CA is similar to the Passport Office, which verifies your identification, creates a recognized and trusted document which certifies who you are, and issues the document to you.

CA's and third party trust
A Certification Authority (CA) is a trusted authority responsible for issuing certificates used to identify a community of individuals, systems or other entities which make use of a computer network.

By digitally signing the certificates it issues, the CA binds the identity of the certificate owner to the public key within the certificate, and thereby vouches for the trustworthiness of the certificate. Network users possess the CA's own public key certificate (sometimes referred to as the "root key"), and use it to verify others' certificates. In doing so, they have assurance that the public keys in those certificates are the authentic keys of the named subjects, and know that the CA (whom they recognize and trust) vouches for this binding. The CA plays a crucial role in Web security, since the CA makes a third-party trust relationship possible.

In a large, distributed and complex network such as the Web, the third-party trust model is necessary since there are many permutations of dynamic, client-server relationships. Servers and clients may not have an established mutual trust; yet both parties want to have secure sessions, which demands a foundation of trust. The CA is the missing link which makes trusted Web sessions a reality. Because each party in the session trusts the CA, and because the CA has vouched for each party's identification and trustworthiness by signing their certificates, each party recognizes and has implicit trust in the other, so the secure session can proceed without the risk of masquerading. Further, since the two authenticated parties exchange public key certificates, they can encrypt and digitally sign session data, removing the possibility that others may eavesdrop on the session or tamper with data.



Privacy statement
We are Last Minute Network Limited (trading as ‘travelocity.co.uk') and our registered address is 39 Victoria Street, London, SW1H 0EU. travelocity.co.uk takes the privacy of its customers data very seriously. Please read the following policy to understand how we will treat your personal data when you use our site. If this policy changes then we will let you know via our homepage but we assure you that we only use your data as specified here and for our legitimate business reasons.

When do we collect data?
We can collect data on you from a variety of different sources these include.
1. When you purchase products or services from the site or via our catalogue;
2. When you become a subscriber;
3. When you speak to our customer services personnel;
4. Via explicit data capture measures, for example by entering competitions and completing surveys; and
5. Via implicit data capture measures such as studying which pages you read the most and the use of cookies.

In any of the above cases the data we collect could be personal data.

What do we do with your personal information?
When you buy anything via the site, we may need to collect information about you to process the transaction, fulfil your order and provide you with the services you expect. This information may include, but is not limited to, details such as your name, your address and your credit card details.

Unless we have your express consent we will only disclose personal data to third parties if this is required for the purpose of completing your transaction with us. This is of course subject to the proviso that we may disclose your data to certain permitted third parties, such as members of our own group, our own professional advisers who are bound by confidentiality codes, and when we are legally obliged to disclose your data.

By becoming a subscriber you consent to receive from us by e-mail our e-newsletter and details of other special offers which we may think may be of interest to you.

travelocity.co.uk retains and uses your personal information to provide you with the best online e-commerce experience by providing you with a personalised service and to give you details of offers which we think will be of interest to you. We may also use the information to process any transactions you undertake with us and for internal administration and analysis.

We do not sell, rent or trade your personal information to third parties for marketing purposes without your express consent.

For any of the above purposes we may send your information internationally including to countries outside the EEA. Some of these jurisdictions offer differing levels of protection of personal information, not all of which may be as high as the UK.

Cookies are small files which are sent to your browser and stored on your computer's hard disc. If you have registered with travelocity.co.uk, then your computer will store an identifying code in the cookie which means you do not need to type in your email address each time you return to the site. Other than this, we do not store your password or any other information in the cookie, or use it for any other purpose. Our third-party advertiser may place or recognise a unique cookie on your browser.

Third Party Advertising
The ads appearing on this Web site are delivered to you, on our behalf, by our Web advertising partner. Information about your visit to this site, such as number of times you have viewed an ad (but not your name, address, or any other personal information), is used to serve ads.

In the UK we operate and are registered in accordance with applicable data protection legislation.

By disclosing your personal information to us using this website or over the telephone, you consent to the collection, storage and processing of your personal information by travelocity.co.uk in the manner set out in this Privacy Policy. Some information and e-mails sent to travelocity.co.uk may be used as testimonials but no e-mail address or contact details will be displayed.

Change/Modify Details

To change your membership details please log in to My Account. You can change your e-mail address or password using the Manage your account details feature

If you need to Modify or Change your personal details after you have made a purchase on the site please contact us as soon as possible.

If you have any questions or concerns about the information we hold about you, you can also contact us.



Still worried?

Please let us know your concerns via our
email web form.



  Our secure server | Why travelocity.co.uk is so secure | What the media have said
Technical terms explained | Privacy statement | Top of page