Introduction 

The Privacy Policy of Expedia outlines the types, uses, and sharing of personal information they collect. They gather information provided by you, automatically via technology like cookies, and from third parties. 

This data aids in service provision like booking assistance, communication, and legal compliance. You have rights over your data, including opting out of marketing, and you can contact Expedia for more queries on data handling​. 

Expedia’s privacy practices

Expedia Group's privacy practices encompass a range of measures to ensure the confidentiality, integrity, and availability of personal data. Below is a detailed description of their practices:

• Information Collection:

Expedia collects and stores any information users enter on their website or provide in any other way. This includes personal information such as names, telephone numbers, and email addresses​. Automatic information collection also occurs, logging details like users' IP addresses, browser software, and referring websites. The aim is to customize user experiences and prevent fraud​.

• Information Usage:

The collected information is used for various purposes including providing requested products/services, communication, responding to queries, improving products/services, dispute resolution, preventing illegal activities, and other business-related activities​.

• Information Sharing:

Information may be shared within Expedia's corporate family, with third-party vendors for services like credit card processing, in response to legal processes, to investigate or prevent illegal activities, and in connection with corporate transactions. Users are notified and given a choice when their information is shared with third parties, except for certain predefined scenarios​.

• Cookies and Other Technologies:

Cookies help recognize returning users and measure the effectiveness of website features. They may also use web beacons to monitor traffic patterns and improve site performance​.

• Disaster Recovery and Power Backup:

Expedia has detailed disaster recovery plans, including re-establishing IT environments post-unplanned events, crisis management plans, and power backup systems ensuring uninterrupted power for a minimum of 72 hours. These systems are tested regularly to ensure operational adequacy​.

• Processor Data Processing Agreement:

When personal data is processed on behalf of Expedia, a global data processing agreement (DPA) is applied, setting out terms, requirements, and conditions for data processing. This includes compliance with applicable data protection laws, restrictions on international data transfers, and ensuring appropriate safeguards for cross-border data transfers​. 

• Compliance with Data Protection Laws:

Both Expedia and its partners comply with obligations under applicable data protection laws. For instance, there's a lawful basis for transferring and processing personal data, and in cases where EU-U.S. Data Protection Framework (DPF) applies, certain data protection requirements are flowed down to the processing company​​.

• Key Privacy Principles:

Expedia Group is committed to the privacy, confidentiality, and security of personal information, focusing on key privacy principles for collecting, using, disclosing, storing, securing, and transferring personal data​.

These practices reflect Expedia's commitment to safeguarding user data while ensuring compliance with legal and regulatory requirements.

How to contact Expedia's privacy department? 

To contact Expedia's privacy department, you have several options:

• Email: You can email your privacy concerns to privacy@expedia.com, as mentioned on the official Expedia Group website​.

• Customer Service and Feedback Form: If you have questions about the use of cookies or other technologies, you may use the customer service and feedback form on the Expedia website, as indicated on the Expedia-AARP Travel Center page​.

• Physical Mail or Phone: You could also consider contacting Expedia's headquarters directly, either by sending a letter to 1111 Expedia Group Way West, Seattle, WA 98119, or by calling 1-206-481-7200​.

These various contact options should provide a pathway to get in touch with Expedia's privacy department regarding any concerns or inquiries you might have.

How to delete your data from Expedia?

According to their privacy policy, you can email Expedia at privacy@expedia.com to make delete requests. PrivacyHawk can also help identify companies that have your personal data and makes it easy to mass delete yourself to reduce your digital footprint and reduce your risk of being targeted by scams, fraud, and identity theft. You can try it for free on the App Store today.