Privacy Policy

Privacy Data Protection Policy

(1) INTRODUCTION

This privacy policy (“Policy”) sets out how ALS Private Limited, a company registered in England and Wales (Company Number: 08736039), whose registered office is at Lawford House, Albert Place, London, England, N3 1QA (“ALS”, “we”, “us” or “our”), collects, uses, and protects your personal data.

We are committed to protecting and respecting your privacy, and complying with all relevant data protection legislation, including the: (i) UK General Data Protection Regulation (“UK GDPR”); (ii) UK Data Protection Act 2018 (“DPA”); (iii) Privacy and Electronic Communications (EC Directive) Regulations 2003 (“PECR”); and (iv) General Data Protection Regulation (EU) 2016/679 (“EU GDPR”), as amended or updated from time to time (together “Data Protection Legislation”). 

This Policy gives you information about how we collect and use your personal data when you use our website at ("Website") including when you: (i) contact us via our online enquiry form; (ii) subscribe to our newsletters; (iii) communicate with us by phone, email, or in writing; or (iv) provide information through any other means, whether online or offline.

This Website is not intended for children and we do not knowingly collect data relating to children.

This Policy is provided in a layered format so you can click through to the specific areas set out above. Alternatively, you can download a copy of the policy here: [LINK TO PDF].

If we make any material changes to this Policy that affect your rights under the Data Protection Legislation, we will notify you pursuant to paragraph 11 of this Policy.

ALS is the data controller (“Controller”) responsible for your personal data. If you have any questions about this Policy, including any requests to exercise your legal rights outlined in this Policy, please contact us and ask for our Data Protection Officer using the information set out in the contact details section below at paragraph 13 of this Policy.

‍

(2) THE INFORMATION WE COLLECT

(“Personal Data”) means any information relating to an identified or identifiable individual. This includes information that can directly or indirectly identify you.

We collect, use, store, and transfer different types of Personal Data about you, which we have grouped into the following categories:

• (“Identity Data”) includes your first name, last name, date of birth, age, gender, and, where relevant, details about family members or emergency contacts.

• (“Contact Data”) includes your billing address, delivery address, email address, and telephone numbers.

• (“Special Category Data”) includes information such as dietary requirements, which may indirectly reveal health data or religious beliefs. We will only collect such data when necessary and where we have obtained your explicit consent.

• (“Emergency Contact Data”) includes names and contact details of individuals you nominate for use in emergencies. You must ensure that any individuals you provide have been informed of and have consented to this.

• (“Technical Data”) includes your internet protocol (IP) address, browser type and version, time zone setting and location, browser plug-in types and versions, operating system, platform, and other technology on the devices you use to access our Website.

• (“Usage Data”) includes information about how you use our Website, products, and services.

• (“Marketing and Communications Data”) includes your preferences in receiving marketing communications from us and your communication preferences.

We also collect, use, and share aggregated data such as statistical or demographic information. Aggregated data is not considered Personal Data in law as it does not directly or indirectly reveal your identity. However, if we combine or link aggregated data with your Personal Data so that it can identify you directly or indirectly, we treat the combined data as Personal Data.

Please note we do not collect or store any financial data, such as payment card or bank account details.

‍

(3) HOW WE COLLECT YOUR PERSONAL DATA

We use different methods to collect Personal Data from and about you, including:

‍

(a) Direct Interactions

You may provide us with your Personal Data by corresponding with us via our Website, by phone, email, letter, text message, or in person. This includes when you: (i) submit an enquiry via our online contact form; (ii) subscribe to our newsletters or marketing communications; (iii) book or express interest in our services; (iv) provide emergency contact information; or (v) give feedback or otherwise contact us. 

If you provide us with Personal Data relating to someone else (such as an emergency contact), you must ensure that you have obtained their prior consent to do so and that they have been informed that their information will be processed in accordance with this Policy.

‍

(b) Automated Technologies or Interactions

When you use our Website, we automatically collect Technical Data and Usage Data about your device and browsing activity through the use of cookies and other tracking technologies. For more information, please see our cookies policy at Cookies Policy.

We use Google Analytics to help us understand how users interact with our Website and improve its performance. This service collects anonymised data such as device type, referring websites, and time spent on pages. You can find more details in Google’s privacy policy at https://policies.google.com/privacy/update.

‍

(4) HOW WE MAY USE YOUR PERSONAL DATA

‍

We process your Personal Data to provide the products, services, and information you request from us. This includes managing bookings, responding to enquiries, and sending service-related communications such as confirmations and updates. This is done under the lawful basis of contractual necessity.

We also use your data to maintain accurate records and for internal administrative, compliance, and auditing purposes, where required either by legal obligation or under our legitimate interests in running an efficient and compliant business.

With your consent, or where otherwise permitted under Data Protection Legislation, we may use your Contact and Marketing Data to send you newsletters, promotional materials, and other marketing communications. You can set your preferences at the point of data collection and update or withdraw your consent at any time without affecting the lawfulness of prior processing.

To do so, use the unsubscribe links in our emails or contact us at hello@alsprivate.com.

We may also process your data to improve our services and user experience, including analysing how our Website is used, based on our legitimate interests, provided these do not override your rights.

‍

(5) DISCLOSURE OF YOUR PERSONAL DATA

‍

(a) Categories of Recipients

In order to deliver our services effectively and optimise your experience, we may share your Personal Data with carefully selected third-party recipients who act as our partners, such as:

• (“Accommodation Providers”) – including chalet owners, operators, and hotels.

• (“Travel and Transport Providers”) – including travel companies, airport transfer providers, private jet providers, yacht providers and intermediaries.

• (“Ski Service Providers”) – including ski hire shops, lift pass offices, ski schools, and other related recreational services.

• (“Childcare Providers”) – including local nanny agencies.

• (“Restaurant Partners”) – where reservations are made on your behalf.

• (“Analytics and Website Optimisation Services”) – including providers such as Google Analytics and search engine providers.

We take steps to ensure that any data sharing is limited to what is necessary and that all recipients are subject to contractual obligations that comply with applicable Data Protection Legislation.

All third-party service providers are required to process your Personal Data strictly in accordance with our documented instructions. They must ensure that their personnel are under duties of confidentiality and that appropriate technical and organisational measures are in place to provide a level of security appropriate to the risk. They are also required to notify us without undue delay in the event of a Personal Data breach, and are required to obtain our prior written consent before engaging any sub-processors.

‍

(b) External Websites

Our Website may contain links to third-party websites. If you access these links, please be aware that you will leave our Website and that we do not control how those third-parties handle your Personal Data. We encourage you to review their respective privacy policies before submitting any Personal Data to them.

‍

(c) Data Sales and Transfers

We do not sell your Personal Data under any circumstances. However, in the event of a sale, merger, reorganisation, or transfer of some or all of our business or assets, we reserve the right to transfer Personal Data, provided that such transfer is carried out in compliance with applicable Data Protection Legislation and subject to appropriate safeguards.

‍

(d) Your Rights

Under Data Protection Legislation, you have the right to request access to the Personal Data we hold about you, request correction or erasure of your Personal Data, object to or request restrictions on our processing of your Personal Data, and request the transfer of your Personal Data to you or to a third-party (known as the right to data portability). You also have the right to withdraw your consent at any time, where we are relying on consent to process your Personal Data. This does not affect the lawfulness of any processing carried out prior to the withdrawal of consent. For further information on your legal rights, please see paragraph 10 of this Policy.

To exercise any of these rights, please contact us and ask for our Data Protection Officer using the information set out in the contact details section below at paragraph 13 of this Policy.

You may also unsubscribe from our marketing communications at any time by using the unsubscribe link included in our emails or by contacting us at hello@alsprivate.com.

‍

(6) INTERNATIONAL TRANSFERS OF PERSONAL DATA

‍

We may transfer your Personal Data outside the United Kingdom. Specifically, your Personal Data may be transferred to and processed in countries within the European Economic Area (“EEA”), which the UK government has recognised as providing an adequate level of protection under the UK GDPR.

We may also transfer your Personal Data to service providers located in countries outside the UK and the EEA that have not been deemed adequate by the UK government. In such cases, we ensure that appropriate safeguards are in place to protect your Personal Data in accordance with UK Data Protection Legislation.

Where your Personal Data is transferred outside the UK to such service providers, we use standard contractual terms approved for use in the UK, namely the International Data Transfer Agreement or the International Data Transfer Addendum to the European Commission’s standard contractual clauses for international data transfers. These contractual safeguards ensure that your Personal Data receives the same level of protection as it would within the UK.

By submitting your Personal Data to us, you consent to the transfer, storage, and processing of your Personal Data in accordance with this Policy. You have the right to request further information about the safeguards we have implemented and to obtain a copy of the relevant data protection clauses or agreements. To do so, please contact us and ask for our Data Protection Officer using the information set out in the contact details section below at paragraph 13 of this Policy.

‍

(7) ADVANCED PASSENGER INFORMATION

Certain countries require Advanced Passenger Information (“API”) to be provided prior to travel. This information may include your name, passport details, visa information, nationality, and transit and destination data.

Transport companies are legally required to transmit this information to the relevant authorities. We collect and share this information with transport providers as part of your booking to comply with these legal obligations.

‍

(8) DATA SECURITY

‍

We take appropriate technical and organisational measures to protect your Personal Data against unauthorised or unlawful access, loss, alteration, or disclosure. Access to your Personal Data is limited to employees, agents, contractors, and third-parties who need it to provide services on our behalf. They are bound by confidentiality obligations and must process your data only in accordance with our instructions and applicable Data Protection Legislation.

‍

(9) DATA RETENTION

‍

We will retain your Personal Data only for as long as reasonably necessary to fulfil the purposes for which we collected it, including to comply with any applicable legal, regulatory, tax, accounting, or reporting obligations.

In determining the appropriate retention period, we consider factors such as the amount, nature, and sensitivity of the Personal Data, the potential risk of harm from unauthorised use or disclosure, the purposes for which we process your Personal Data and whether those purposes can be achieved by other means, and any applicable legal and regulatory requirements.

By law, we are required to keep basic information about our customers, including Contact Data, Identity Data, and any information related to transactions necessary for tax purposes, for six years after the customer relationship has ended.

In certain circumstances, you may have the right to request the deletion of your Personal Data. However, we may be unable to comply with such requests if retention of your data is necessary to comply with a legal obligation or for the establishment, exercise, or defence of legal claims. Please see this paragraph for further information on your rights in this regard.

Where appropriate and lawful, we may anonymise your Personal Data so that it can no longer be associated with you. Anonymised data may be retained indefinitely and used for research, statistical analysis, or other legitimate purposes without further notice.

If you wish to request deletion of your data or have any questions about how long we retain your Personal Data, please contact our Data Protection Officer using the contact details section below at paragraph 13 of this Policy.

‍

(10) YOUR LEGAL RIGHTS

‍

You have a number of rights under Data Protection Legislation in relation to your Personal Data. These include the right to request access to your Personal Data, commonly known as a “subject access request,” which enables you to receive a copy of the Personal Data we hold about you and to verify that we are lawfully processing it. You also have the right to request correction of any Personal Data we hold about you that is incomplete or inaccurate; however, we may need to verify the accuracy of any new information you provide.

Under certain circumstances, you may request the erasure of your Personal Data, which allows you to ask us to delete or remove your Personal Data where there is no lawful reason for us to continue processing it. This right also applies if you have successfully exercised your right to object to processing, if we have processed your data unlawfully, or if we are required to erase your Personal Data to comply with applicable law. Please note that there may be specific legal reasons why we are unable to comply with a request for erasure, and if so, we will inform you at the time of your request.

You have the right to object to the processing of your Personal Data where we rely on legitimate interests (including those of a third-party) as the legal basis for processing, such as profiling based on legitimate interests. In some cases, we may demonstrate compelling legitimate grounds for processing that override your rights. Additionally, you have the absolute right to object at any time to the processing of your Personal Data for direct marketing purposes. For further details on how to object to marketing communications, please see paragraph 4 of this Policy.

You may also request the transfer of your Personal Data to yourself or a third-party in a structured, commonly used, and machine-readable format, where the processing is based on consent or contract and is carried out by automated means.

Where we rely on your consent to process your Personal Data, you have the right to withdraw this consent at any time. Withdrawing consent will not affect the lawfulness of any processing carried out before your withdrawal, but it may impact our ability to provide certain products or services to you, and we will inform you accordingly at the time of withdrawal.

You have the right to request the restriction of processing of your Personal Data in certain situations, including where you contest the accuracy of the data, where the processing is unlawful but you do not want us to erase the data, where we no longer need the data but you require it to establish, exercise, or defend legal claims, or where you have objected to processing and we are verifying whether our legitimate grounds override your objection.

To exercise any of your rights, please contact us and ask for our Data Protection Officer using the contact details section below at paragraph 13 of this Policy.

We will not usually charge a fee for responding to your requests. However, if your request is clearly unfounded, repetitive, or excessive, we may charge a reasonable fee or refuse to comply with your request. To protect your Personal Data, we may need to verify your identity before responding to any request and may ask you for additional information to help us deal with your request promptly.

We endeavour to respond to all legitimate requests within one month. In some cases, particularly if your request is complex or you have made multiple requests, it may take us longer, but we will notify you if this occurs and keep you informed of our progress.

‍

(11) CHANGES TO OUR PRIVACY POLICY

‍

We may update this Policy from time to time to ensure compliance with applicable law or to reflect changes in our practices. Any such updates will be posted on this page of our Website.

If we make any material changes to this Policy that affect your rights under the Data Protection Legislation, we will notify you by placing a prominent notice on our Website in accordance with this paragraph 11. Additionally, where appropriate, we may notify you by email.

Please check this Policy regularly to stay informed of any updates. This Policy has been effective since 2025.

By continuing to use our Website, you confirm your acceptance of the then-current Policy. Any Personal Data you provide to us is processed in accordance with this Policy and solely for the purposes set out herein.

‍

(12) COMPLAINTS

You have the right to make a complaint to the Information Commissioner’s Office (“ICO”), the UK regulator for data protection issues (www.ico.org.uk). However, before doing so please make sure you have first made your complaint to us or asked us for clarification if there is something you do not understand. To do this, please email us at hello@alsprivate.com including “Data Protection and Privacy” in the subject line, write to us at First Floor Offices, Bellamy House, Winton Road, Petersfield, Hampshire, GU32 3HA or call us at +44 208 191 3770.

‍

(13) CONTACT

If you would like to contact us in regard to any questions or requests regarding this Policy, as well as any incorrect or incomplete information, please email us at: hello@alsprivate.com, write to us at First Floor Offices, Bellamy House, Winton Road, Petersfield, Hampshire, GU32 3HA, or call us at +44 208 191 3770 and ask for our Data Protection Officer.