GDPR Information | Bigmedia24 Dynamics Ltd.

Read how Bigmedia24 Dynamics Ltd. applies the EU GDPR to the processing of personal data for travellers, properties, OTAs, affiliates and partners, including roles, legal bases, data subject rights, international transfers and supervisory authority details.

Bigmedia24 Dynamics Ltd. (“Bigmedia24”, “we”, “us”, “our”) is an Irish travel technology company subject to the EU General Data Protection Regulation (“GDPR”).

This page provides a GDPR-focused overview of:

– how we qualify as controller, joint controller or processor
– which categories of personal data we process and for what purposes
– the main legal bases we rely on
– the rights individuals have under the GDPR and how to exercise them
– how we handle international data transfers, records and supervisory authority matters

This page complements our Privacy Policy, Data Protection & Security page and Subprocessor List. It is intended as a transparent information overview and does not replace individual legal advice or any specific contractual agreements you may have with Bigmedia24.

For most data processing activities described in our Privacy Policy, the primary controller is:

Bigmedia24 Dynamics Ltd.
Registered in Ireland with the Companies Registration Office
Company Number: 673777
VAT Number: IE3698062AH

Registered Office Address:
51 Bracken Road
Sandyford, D18 CV48
Dublin, Ireland

Email (general & privacy-related requests):
support@bigmedia24.com

Phone (Ireland): +353 1 578 8066
Phone (USA): +1 306 261 9933

You can also contact us via the chat icon in the bottom-right corner of our websites.

Depending on the specific product, integration or contractual arrangement, Bigmedia24 may act as:

– controller
– joint controller (together with certain partners)
– processor on behalf of a business customer

These roles are clarified in our contracts, data processing agreements (DPAs) and related documentation.

Bigmedia24 operates globally, but as an Irish company our core data protection framework is based on:

– EU General Data Protection Regulation (GDPR)
– Irish data protection legislation implementing and complementing the GDPR
– other applicable data protection and privacy laws in countries where we operate or target services

This GDPR Information page applies in particular to:

– travellers and guests located in the EU/EEA
– property owners, managers and partner representatives located in the EU/EEA
– processing activities that are subject to the GDPR due to our establishment in Ireland and/or targeting of EU data subjects

For users in other jurisdictions, local laws may grant additional or different rights, which are addressed in our Privacy Policy and contractually where relevant.

Bigmedia24 may assume different roles under the GDPR depending on the context:

Controller:
– for our own booking portals and travel websites
– for user accounts, communication, analytics and marketing related to our platforms
– for managing relationships with properties, partners, affiliates and suppliers

Joint Controller:
– in specific constellations where we and another party jointly determine the purposes and means of processing, for example in certain white-label OTA configurations

Processor:
– where we process personal data strictly on behalf of a business customer based on their instructions, for example in defined API or white-label use cases

When Bigmedia24 acts as a processor:

– a Data Processing Agreement (DPA) or data protection clause is concluded with the relevant controller
– our Subprocessor List and Data Protection & Security measures become part of the agreed framework
– we support the controller in meeting their GDPR obligations (for example in relation to data subject rights and breach notifications), as specified in the DPA

Under the GDPR, Bigmedia24 processes various categories of personal data, including:

Traveller & Guest Data:
– identification and contact details (name, email, phone)
– booking details (travel dates, destination, property, room type, number of guests)
– preferences and special requests (where provided)

Property & Partner Data:
– professional contact details of hotel and partner staff
– account information for access to our platforms and tools
– configuration and business data related to properties and partner accounts

Technical & Usage Data:
– IP address, device identifiers, browser type, log files
– interactions with our websites, portals and APIs
– cookie IDs and analytics data (see /cookie-policy/)

We process this data for purposes such as:

– operating and improving our websites, booking portals and B2B platforms
– managing bookings, reservations and related customer support
– onboarding and supporting properties, OTAs, affiliates and other partners
– ensuring security, fraud prevention and platform stability
– fulfilling legal obligations (for example tax, accounting, regulatory)
– conducting analytics and service optimisation
– carrying out marketing and communication activities where permitted by law

Detailed information is provided in our Privacy Policy: /privacy-policy/

Where the GDPR applies, we rely on one or more of the following legal bases:

Performance of a Contract (Art. 6(1)(b) GDPR):
– processing necessary to perform a contract with you (for example handling your booking, managing your account)
– processing necessary to take steps at your request before entering into a contract (for example responding to enquiries from hotels or partners)

Legal Obligation (Art. 6(1)(c) GDPR):
– processing required to comply with legal duties, e.g. tax, accounting, financial regulations or certain record-keeping obligations

Legitimate Interests (Art. 6(1)(f) GDPR):
– operating and securing our platforms and infrastructure
– preventing abuse, fraud and security incidents
– conducting business analytics and product development
– communicating with existing customers and partners about related services, where permitted

Consent (Art. 6(1)(a) GDPR):
– certain marketing activities, where consent is required
– the use of non-essential cookies and similar technologies, where local law requires consent
– specific optional processing activities going beyond what is necessary for contract performance or legitimate interests

Special Category Data (Art. 9 GDPR):
– as a rule, we do not aim to collect special categories of data (for example health data) via our booking platforms
– if you voluntarily provide such data in special requests (for example accessibility needs), this will be processed only as necessary and in line with applicable legal requirements

More detailed explanations can be found in our Privacy Policy.

Under the GDPR, individuals have various rights in relation to their personal data, including:

Right of Access (Art. 15):
– to obtain confirmation whether we process your data and to receive a copy

Right to Rectification (Art. 16):
– to request correction of inaccurate or incomplete personal data

Right to Erasure (Art. 17):
– to request deletion of personal data in certain circumstances (“right to be forgotten”)

Right to Restriction of Processing (Art. 18):
– to request restricted processing under specific conditions

Right to Data Portability (Art. 20):
– to receive personal data you provided to us in a structured, commonly used and machine-readable format and to transmit it to another controller, where technically feasible

Right to Object (Art. 21):
– to object to processing based on legitimate interests, including profiling
– to object at any time to processing for direct marketing purposes

Right to Withdraw Consent (Art. 7(3)):
– where processing is based on consent, you can withdraw it at any time with effect for the future

To exercise your rights, you can contact us using:

Email:
support@bigmedia24.com

Or via the chat icon in the bottom-right corner of our websites (please mention “GDPR Request”).

We may need to verify your identity before responding. Legal limitations and exceptions may apply, for example where we must retain certain data due to legal obligations or overriding interests.

Because we work with partners and infrastructure providers in multiple regions, personal data may be transferred to countries outside the European Economic Area (EEA) and the UK.

Where such transfers occur and the destination country does not benefit from an adequacy decision under the GDPR, we implement appropriate safeguards, such as:

– standard contractual clauses (SCCs) approved by the European Commission
– equivalent legal instruments and measures where required
– additional technical and organisational measures, depending on the risk

We assess relevant transfers and document the safeguards applied. Further details are provided in:

– Privacy Policy: /privacy-policy/
– Data Protection & Security: /data-protection/
– Subprocessor List: /subprocessor-list/

In accordance with Articles 30 and 35 GDPR, Bigmedia24:

– maintains records of processing activities for relevant processing operations
– evaluates whether Data Protection Impact Assessments (DPIAs) are required for higher-risk activities
– conducts DPIAs where necessary, particularly for new or significantly changed processing operations that may pose a high risk to individuals’ rights and freedoms

These activities support our accountability obligations and help ensure that risks are identified and mitigated in a structured way.

As an Irish company, our primary supervisory authority under the GDPR is:

Irish Data Protection Commission (DPC)
(official contact details available on the DPC’s website)

If you believe that we have not handled your personal data in accordance with applicable law, you have the right to lodge a complaint with:

– the Data Protection Commission in Ireland, or
– your local supervisory authority in the EU/EEA, especially in the country of your habitual residence, your place of work or the place of the alleged infringement

We would, however, appreciate the opportunity to address your concerns directly first. You can contact us via:

Email:
support@bigmedia24.com

Or via the chat icon in the bottom-right corner of our websites.

This GDPR Information page should be read together with:

Privacy Policy:
/privacy-policy/

Data Protection & Security:
/data-protection/

Subprocessor List:
/subprocessor-list/

Terms of Use & Booking Conditions:
/terms/

This page may be updated from time to time to reflect changes in our processing activities, legal requirements or guidance from supervisory authorities.

Last updated: 28/12/2025