1. Overview
Woodspring Travel respects privacy and supports reasonable requests to delete personal information that we control. A deletion request asks us to remove, de-identify, aggregate, or otherwise make unavailable personal information associated with you, subject to applicable law and operational limitations.
Because Woodspring Travel is a travel agency and booking intermediary, some information may be needed to research, quote, reserve, service, document, insure, modify, cancel, or defend travel arrangements. We may also be required to maintain certain business records even after we delete other information.
This policy is intended to work together with our Privacy Policy, Cookie Policy, Terms and Conditions, Disclaimers, and any supplier, host-agency, booking-platform, payment, insurance, or travel-service terms that apply to a specific trip or transaction.
2. What this policy covers
This policy applies to personal information that Woodspring Travel reasonably controls, including information collected through:
- website forms, quote requests, contact requests, and newsletter subscriptions;
- travel-planning communications with Woodspring Travel;
- account or login features operated by Woodspring Travel, if enabled;
- saved website preferences, language preferences, travel interests, deal filters, and similar local or account-based preferences;
- analytics, logs, campaign attribution, and website-security records that can reasonably be associated with you;
- mobile app, account, or authenticated-user data associated with Woodspring Travel services, where applicable; and
- records generated when we evaluate, process, or respond to a privacy request.
This policy does not control the independent records of third-party travel suppliers, host agencies, booking platforms, payment processors, analytics providers, social media platforms, app stores, email service providers, travel insurers, cruise lines, airlines, hotels, tour operators, or other third parties that Woodspring Travel does not own or control.
3. Who may submit a request
You may submit a deletion request for yourself. You may also submit a request on behalf of another person if you are legally authorized to act for that person, such as a parent or guardian, executor, attorney-in-fact, or authorized agent. We may ask for proof of authority before processing the request.
If you submit information about another traveler, you represent that you have authority to act for that traveler and that your request is truthful, accurate, and submitted in good faith.
4. How to submit a deletion request
You may submit a request by using the form on this page or by emailing contact@woodspringtravel.com with the subject line “Delete My Data Request.”
To help us find the right records, include the minimum information necessary to identify you, such as your name, email address, account email if different, phone number if relevant, approximate date of your inquiry or trip, and the scope of the request. Do not send passwords, full payment card numbers, passport images, Social Security numbers, or government identification numbers through this public webpage or ordinary email.
If you want us to delete only a specific category of information, such as newsletter records or app account records, please say so clearly. If you ask us to delete all personal information that can be deleted, we will evaluate all categories that we reasonably control and can locate using the identifiers you provide.
5. Verification and authorized agents
Before deleting information, we may need to verify your identity and confirm that the personal information relates to you. Verification helps prevent unauthorized deletion, account takeover, fraud, harassment, and privacy harm to other travelers.
Verification may include confirming control of an email address, matching information you provide to records we maintain, requesting additional limited information, or confirming authority for an agent or representative. We will try to request only the information reasonably necessary to verify and process the request.
We may decline, delay, narrow, or ask for more information if we cannot reasonably verify your identity or authority, if the request is fraudulent or abusive, or if deletion would harm the rights, safety, privacy, or records of another person.
6. Information we may delete
Depending on the records we hold and the request you submit, deletion may include removing, de-identifying, aggregating, or suppressing personal information from active systems that Woodspring Travel reasonably controls. Examples may include:
- newsletter subscription records and marketing preferences;
- contact-form or quote-request records that are no longer needed;
- saved preferences, filters, or nonessential account settings;
- website account profile information, if account features are enabled;
- mobile app profile or account information, where applicable and controlled by Woodspring Travel;
- nonessential analytics identifiers that we can reasonably associate with you;
- lead records, inquiry notes, and nonessential customer-service records no longer needed for active travel, legal, accounting, security, or dispute purposes; and
- records in service-provider systems where Woodspring Travel can instruct deletion and no exception applies.
Deletion from backups, archives, logs, and disaster-recovery systems may not occur immediately. Those records may be overwritten or deleted according to normal backup and retention cycles, unless earlier deletion is technically feasible and legally required.
7. Information we may retain
We may retain information when retention is required or permitted by law or is reasonably necessary for legitimate business, security, or travel-service purposes. Examples include information needed to:
- complete, service, document, modify, cancel, insure, or defend a travel booking;
- communicate with travel suppliers, host-agency systems, booking platforms, payment processors, insurers, or other travel-service providers;
- meet tax, accounting, seller-of-travel, consumer-protection, audit, recordkeeping, or legal obligations;
- process refunds, credits, chargebacks, disputes, complaints, claims, commissions, or fraud investigations;
- protect website, API, account, payment, and customer security;
- enforce agreements, Supplier terms, payment obligations, and legal rights;
- preserve evidence, comply with lawful requests, or exercise or defend legal claims;
- respect your opt-out, suppression, unsubscribe, or do-not-contact request; and
- document that we received, verified, responded to, or completed your privacy request.
| Record category | Typical deletion approach | Possible retention reason |
|---|
| Newsletter and marketing records | Unsubscribe, suppress, or delete where appropriate | Suppression list needed to honor opt-out and prevent re-subscription without consent |
| Website inquiries and quote requests | Delete or de-identify when no longer needed | Customer service, dispute handling, fraud prevention, business records |
| Active or past booking records | Deletion may be limited or delayed | Supplier servicing, tax/accounting, refunds, chargebacks, legal claims, travel documentation |
| Payment-related records | Delete only where we control the data and no exception applies | Payments are often processed by suppliers or processors; accounting, fraud, and dispute obligations may require retention |
| Security and authentication logs | Delete or rotate under security-retention schedules | Cybersecurity, abuse prevention, account protection, audit trails |
| Backups and archives | Overwritten or deleted under normal backup cycles | Disaster recovery, integrity, security, legal preservation |
8. Travel suppliers, host agency systems, and third parties
Woodspring Travel may share information with independent third parties when needed to quote, book, service, insure, or support travel. These parties may include cruise lines, airlines, hotels, resorts, tour operators, transportation providers, travel insurers, payment processors, host-agency systems, booking platforms, email providers, analytics providers, advertising platforms, social media platforms, and other service providers.
If we have provided information to a service provider that processes information for Woodspring Travel, we will take reasonable steps to communicate a valid deletion request where required and feasible. If a third party independently controls your information, you may need to contact that third party directly to request deletion under its privacy policy and applicable law.
Deletion from Woodspring Travel records does not automatically cancel a booking, refund a charge, delete records maintained by a supplier, delete loyalty-program records, remove third-party analytics records, remove data from a social media platform, or erase information already provided to government authorities or travel suppliers.
9. Cookies, analytics, advertising, and marketing preferences
You may request deletion of certain marketing, analytics, or preference data that Woodspring Travel controls or can reasonably associate with you. You may also unsubscribe from marketing emails by using the unsubscribe link in the email or by contacting us.
Browser cookies, local storage, and device identifiers may also need to be managed from your own browser or device. Clearing cookies or local storage may remove local preferences, consent choices, and analytics identifiers stored on your device. It may also cause a cookie banner or consent prompt to appear again.
Third-party analytics or advertising providers may maintain their own records and opt-out tools. If you interact with Google, Meta, TikTok, Pinterest, LinkedIn, social sharing tools, booking engines, app stores, or supplier websites, those providers’ privacy and deletion tools may also apply.
10. Accounts, app data, and authentication tokens
If Woodspring Travel provides an account, app, or login feature, deleting account data may disable access to saved preferences, saved trips, inquiry history, login history, app features, personalized recommendations, or other account functionality. Deleting account data does not necessarily delete transaction records, travel booking records, security logs, or supplier records where retention is permitted or required.
Authentication tokens, session cookies, refresh tokens, JSON Web Tokens (JWTs), and similar login technologies should be invalidated or allowed to expire when an account is deleted or access is revoked, where technically feasible. Some security logs showing that a token existed, was used, was revoked, or expired may be retained for account protection and audit purposes.
11. Response timing
We will review and respond to deletion requests within the timeframe required by applicable privacy law. If a specific privacy law applies to your request, that law may provide a response period, extension rights, appeal rights, or verification requirements. If no specific law applies, we will still make reasonable efforts to respond within a commercially reasonable time.
When a request is complex, when we need additional verification, or when records involve suppliers, host-agency systems, payment processors, backups, or archived systems, additional time may be needed. If an extension or limitation is permitted or required, we may notify you using the contact information you provided.
12. Effects of deletion
Deletion may affect your ability to use certain services or receive support. Depending on the scope of your request, deletion may result in:
- loss of access to a website or app account;
- loss of saved preferences, filters, saved trips, or account history;
- reduced ability to retrieve past communications, quotes, or service notes;
- loss of personalized travel recommendations or marketing preferences;
- the need to provide information again if you later request travel services; and
- limitations on our ability to assist with past inquiries or bookings, except where records are retained for permitted purposes.
A deletion request does not by itself cancel a trip, booking, supplier reservation, payment obligation, refund request, insurance policy, or contract. If you want to cancel or change travel, contact Woodspring Travel and the applicable supplier separately before any supplier deadline.
13. Appeals and unresolved requests
If we deny or limit your deletion request, we will try to explain the reason unless doing so would create a security, legal, or privacy risk. Depending on applicable law, you may have the right to appeal our decision or submit a complaint to a privacy regulator or attorney general.
To appeal a decision, email contact@woodspringtravel.com with the subject line “Privacy Request Appeal” and include the email address used for your original request, the date of the original request, and why you believe the decision should be reconsidered.
14. Security safeguards and sensitive information
We use reasonable administrative, technical, and organizational safeguards designed to protect personal information and deletion requests. No method of transmission, storage, or deletion is perfectly secure, and we cannot guarantee absolute security.
For your protection, do not submit passwords, payment card numbers, passport images, Social Security numbers, medical records, or government identification numbers through the public form on this page. If additional verification is needed, we will request only the minimum information reasonably necessary and will provide instructions for how to supply it.
