Skibookers

Get Early Access

Privacy Policy

We respect your privacy and are committed to protecting it through our compliance with this privacy policy (“Policy”). This Policy describes the types of information we may collect from you or that you may provide (“Personal Information”) on the skibookers.com website (“Website” or “Service”) and any of its related products and services (collectively, “Services”), and our practices for collecting, using, maintaining, protecting, and disclosing that Personal Information. It also describes the choices available to you regarding our use of your Personal Information and how you can access and update it.

This Policy is a legally binding agreement between you (“User”, “you” or “your”) and Skibookers B.V. (“Skibookers B.V.”, “we”, “us” or “our”). If you are entering into this Policy on behalf of a business or other legal entity, you represent that you have the authority to bind such entity to this Policy, in which case the terms “User”, “you” or “your” shall refer to such entity. If you do not have such authority, or if you do not agree with the terms of this Policy, you must not accept this Policy and may not access and use the Website and Services. By accessing and using the Website and Services, you acknowledge that you have read, understood, and agree to be bound by the terms of this Policy. This Policy does not apply to the practices of companies that we do not own or control, or to individuals that we do not employ or manage.

Automatic collection of information

When you open the Website, our servers automatically record information that your browser sends. This data may include IP address, browser type/version, operating system, language preferences, the page you visited before coming to the Website, pages you visit, time spent, searches, access times and dates, and other statistics. We use this information to identify potential abuse and compile aggregate statistics about usage and traffic. These statistics are not combined in a way that identifies any particular User.

Collection of personal information

You can access and use the Website and Services without telling us who you are. To use certain features, you may be asked to provide Personal Information (e.g., name, email). We receive and store information you knowingly provide when you create an account, make a purchase, or fill forms. When required, this may include:

Account details (username, user ID, password)
Contact information (email, phone)
Basic personal information (name, country of residence)
Payment information (card or bank details)
Geolocation data (when enabled)
Information about other individuals in your booking (e.g., family members)

Use and processing of collected information

We act as a data controller when we determine purposes and means of processing (e.g., account creation, checkout). We act as a data processor where we process Personal Information on your instructions (e.g., content you submit for bookings).

We may need to collect and use certain Personal Information to provide the Services or meet legal obligations. If you do not provide requested information, we may be unable to deliver the requested Services. We may use information to:

Create and manage user accounts
Fulfill and manage orders and bookings
Deliver products or services and customer support
Send administrative information, service updates, and marketing (where permitted)
Request feedback and improve user experience
Post customer testimonials (with consent)
Deliver targeted advertising (where permitted)
Run prize draws and competitions
Enforce terms and policies; prevent abuse and fraud
Respond to legal requests and prevent harm
Operate, maintain, and improve the Website and Services

Legal bases (EU/UK GDPR): consent; performance of a contract or pre-contract steps; compliance with legal obligations; legitimate interests (e.g., service security, improvements, fraud prevention, direct marketing where allowed). Where we rely on consent, you can withdraw it at any time.

We may aggregate or de-identify Personal Information for analytics and improvements.

Legal Bases for Processing and Retention Periods

In accordance with Article 6 of the GDPR, we process personal data only when there is a valid legal basis. The following table summarises the purposes of processing, applicable legal bases, and retention periods:

Purpose	Legal Basis	Retention Period
Booking management and service delivery	Contract performance	10 years (as required by Dutch tax law)
Payment processing and accounting	Legal obligation	10 years
Customer communication and support	Legitimate interest	5 years after case closure
Marketing and promotional communications	Consent	Until consent is withdrawn
Analytics and website improvement	Legitimate interest	Up to 24 months

Payment processing

For paid Services, you may need to provide payment details used solely to process payments. We use third-party payment processors (“Payment Processors”) that adhere to PCI security standards. Sensitive data is transmitted over SSL and protected with industry security controls. We share payment data with Payment Processors only as needed to process payments/refunds and resolve related issues. Their use of your data is governed by their privacy policies, which we recommend you review.

Managing information

You may delete certain Personal Information via your account or by contacting us. We may retain unrevised copies as required for legal, contractual, or operational reasons (see “Retention of information”).

Disclosure of information

We may share information with trusted subsidiaries, joint venture partners, contracted companies, and service providers (“Service Providers”) who support our operations (e.g., cloud hosting, analytics, payments, communications, user authentication, sales & marketing). These parties act under contract, are limited to necessary use, and must protect Personal Information. We do not share with unaffiliated third parties for their own marketing.

We may disclose Personal Information as required by law or to protect rights, safety, investigate fraud, respond to authorities, or in connection with a merger, acquisition, or sale of assets.

Retention of information

We retain Personal Information for as long as necessary to provide Services, comply with legal obligations, resolve disputes, and enforce agreements, up to a maximum of 120 months unless a longer period is required by law. Aggregated/de-identified data may be retained. After the retention period, Personal Information will be deleted or anonymized.

Financial and transactional data (including invoices, payment records, and accounting documentation) are retained for 10 years to comply with statutory obligations under Dutch law.

Transfer of information

Depending on your location, data transfers may involve storing your Personal Information outside your country, including within the EU/EEA and the UK. Where required, we rely on appropriate safeguards (e.g., Standard Contractual Clauses, adequacy decisions) or your explicit consent. You can contact us for details of applicable safeguards.

Region specific notices

EU/EEA and UK residents

If you are a resident of the EU/EEA or UK, you have rights under GDPR/UK GDPR, including:

Withdraw consent at any time (without affecting prior lawful processing)
Access your Personal Information
Rectify inaccurate or incomplete data
Object to processing based on legitimate interests and to direct marketing
Restrict processing in certain cases
Erase data in certain cases
Data portability where technically feasible

Lodge a complaint with a supervisory authority

We generally respond within one month (extendable where permitted). See “How to exercise your rights” below.

Other countries

Where local laws grant similar rights (access, correction, deletion, restriction, objection, portability, opt-out of targeted ads/data “sales”), we will honor those rights in accordance with applicable law.

How to exercise your rights

Submit a request using our data access form (if available) or contact us using the details below. We may need to verify your identity or authority (e.g., power of attorney for an authorized representative) before responding. Please include sufficient detail to allow us to identify you and your request.

We use cookies to personalize your experience, secure the Service, and compile statistics. You can accept or decline cookies via browser settings and our cookie banner/preferences center. For more information, see our Cookie Policy.

Data analytics

We may use third-party analytics tools that use cookies or similar technologies to collect standard internet activity and usage information. We use aggregated reports to monitor performance and improve the Services. We do not use analytics tools to identify you personally, nor do we combine analytics reports with directly identifying information.

Privacy of children

We do not knowingly collect Personal Information from children under 13. If you believe a child under 13 has provided Personal Information, contact us to delete it. Parents/guardians should supervise children’s online activity. (Where local law sets a higher age of consent for online services, we comply with that requirement.)

Do Not Track signals

Our Services do not track users over time and across third-party sites for the purpose of targeted advertising. Some third parties may track your browsing when they serve content. To learn about browser/device DNT settings, visit internetcookies.com.