FDFamily Deal Finder

Privacy Policy

Last updated: 14 June 2026

Family Deal Finder (“we”, “us”) is the data controller for personal data you share with us through familydealfinder.co.uk. We comply with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

1. Who we are

Family Deal Finder is an independent holiday research service based in the United Kingdom. We are not a travel agent and do not take commission from operators. Contact: hello@familydealfinder.co.uk.

2. Data we collect

  • Account data: name, email address, password (hashed), authentication provider (Google or email).
  • Order data: the product you bought, amount paid, currency, Stripe customer and session identifiers.
  • Intake data: destination, travel dates, party size, children’s ages, budget, preferences and any special requirements you share so we can produce your report.
  • Communications: emails you send us and our replies.
  • Technical data: IP address, browser, device type, pages visited, referrer. Collected via essential cookies and analytics.

3. Why we use your data (lawful basis)

  • Contract: to deliver the report or service you ordered, take payment and provide customer support.
  • Legitimate interests: to operate, secure and improve the website, prevent fraud and respond to enquiries.
  • Consent: for non-essential cookies and any optional marketing email you opt in to. You can withdraw consent at any time.
  • Legal obligation: tax, accounting and consumer-protection records.

4. Who we share data with

We share the minimum necessary data with trusted processors who help us run the service:

  • Stripe Payments UK Ltd — payment processing.
  • Supabase / Lovable Cloud — secure database, authentication and email hosting (EU/UK regions where available).
  • Email infrastructure providers — sending transactional emails from notify.familydealfinder.co.uk.
  • Analytics providers (where enabled) — aggregated usage statistics.

We never sell your personal data. We do not share it with travel operators.

5. International transfers

Some processors operate outside the UK. Where this happens we rely on UK adequacy regulations, the EU–US Data Privacy Framework, or Standard Contractual Clauses with appropriate safeguards.

6. How long we keep your data

  • Order and tax records: 6 years (UK accounting requirement).
  • Account data: while your account is active, then deleted on request.
  • Intake data: 24 months after delivery, then anonymised.
  • Marketing email opt-ins: until you unsubscribe.

7. Your rights

Under UK GDPR you have the right to:

  • Access the personal data we hold about you.
  • Have inaccurate data corrected.
  • Have your data erased (subject to legal retention).
  • Restrict or object to processing.
  • Data portability.
  • Withdraw consent at any time.
  • Complain to the Information Commissioner’s Office (ico.org.uk).

To exercise any of these rights, email hello@familydealfinder.co.uk. We respond within 30 days.

8. Security

Passwords are hashed. Payments are processed by Stripe and we never see your card details. All traffic is encrypted in transit. Access to customer data is restricted to authorised staff.

9. Children

Our service is for adults planning family holidays. We do not knowingly collect personal data from anyone under 16. Children’s ages submitted in intake forms are used only to size the report and are not linked to a child’s identity.

10. Changes

We’ll update this policy if our practices change. Material changes will be announced on the site and, where relevant, by email.

See also: Cookie Policy · Terms & Conditions · Refund Policy.