Privacy Policy

We have prepared this privacy policy to help you understand how we collect, use, and protect the Personal Information you provide to us through our website, e-mail contact, ­and through our partners.
By accessing our website, or providing information to us in connection with our website, you agree to the terms and conditions of this Privacy Policy.

Information we collect

We collect two types of information from you on our website, email, service providers, and tour operators:

  • Personal Information – all information that identifies you personally, such as your name and e-mail address
  • Other Information – all information that does not identify you personally, such as your gender and other demographic information

In order to purchase products through, it is necessary to disclose Personal Information, including your name, address, e-mail address, phone number, credit card information, and other Personal Information. That data is not stored by us, but by our partners TourDesk and Bókun. If you do not provide Personal Information when purchasing any products or services offered on, our partners cannot confirm your purchase or fulfil your booking.
All the data stored by TourDesk and Bókun is the respective companies’ responsibility and we cannot be held responsible for their use of it. For more information check the privacy policy of TourDesk and Bókun.


“Cookies” are pieces of information that are stored by your web browser on your computer’s hard disk, for record-keeping purposes. Cookies in and of themselves only identify your computer; they do not personally identify you.
First-Party Cookies: At What’s On we make use of cookies to store your preferences, record your session information, collect information on how you visit, and access our websites, and to tailor our web pages to your needs.
We use Google Analytics to better understand our customers through collection of standard internet log information and visitor behaviour information in an anonymous form. Note the deliberate emphasis of anonymous, as no personally identifiable information is collected about you unless you explicitly submit that information on this website.
The anonymous information generated by Google Analytics cookies about your use of this website is transmitted to Google. This information is processed to compile statistical reports on website activity for this website only. We use those reports to evaluate aggregate visitor usage so we can optimize the content to better meet your needs. In summary, your information is safe.
Third-Party Cookies: We also use third-party cookies from LiveChat which allows us to continue our conversations through multiple sessions. Third party cookies do not have access to the information we collect through What’s On cookies. LiveChat cookies do not collect any personal information.
The list of cookies we use:

What’s On Cookies
Cookie Name Provider Description Expiration Date
__cfduid CloudFlare Cookie set by CloudFlare, service offering CDN, DNS, DDoS protection and security. 1 year
PHPSESSID What’s On Cookie set as session indentifier for PHP. It contains no personal data. session
__livechat __livechat_lastvisit 3rdparty
LiveChat Used to provide livechat service, and personalise that service for users. More information… __lc.visitor_id.<id_of_the_visitor> – id of the visitor – expires in 32 months
__lc_vv – LiveChat version – during chatting session
__livechat – responsible for many things required for LiveChat to work properly, for example – last operator – expires in 3 years
__livechat_lastvisit – timestamp of last – expires in 3 years
__livechat_chat – id of the ongoing chat – expires in 32 months
chat_running – used to check if chat is pending – 24h
hide_eye_catcher – it is connected to LiveChat eye catcher – during chatting session
lc.<license_id>.secret_id – it is used by communication protocol – during chatting session
secret_token_<license_id> – it is used by communication protocol – 24h
lc_invitation_opened – keeps state of the LiveChat greeting – during chatting session
lc_sso<license_id> – it is used by communication protocol – expires in 3 years
lc_window_state – it tells if window is minimised or not – during chatting session
main_window_timestamp, main_window_timestamp_0 – used to track app state between different tabs – during chatting session
message_text – contains text typed by visitor before message is sent – during chatting session
recent_window – used to track app state between different tabs – during chatting session
autoinvite_callback – this cookie is used for proper handling JS Api and callback on_message – during chatting session
Notification[status ping] timestamp of the last ping, information about agent availability and state of the visitor – during chatting session
Variable – see description
_ga _gat
Google Analytics Our website employs cookies from Google Analytics. Google Analytics is a web analytics service provided by Google, Inc. Google Analytics cookies are used to collect information about how visitors use our website. The cookies collect information in an anonymous form, including the number of visitors to the website, where visitors have come to the website from and the pages they visited. A method called session stitching may be used to aggregate data from several visits to the site from a single user, and this is done by passing a User-ID to Google (but not your name, IP address, email, or other personally identifiable data). We use the information to compile reports and to help us improve our website. Google holds this information and provides us with access to it.
Find out more about Google Analytics at:
The Google Analytics privacy policy is at:
You can find out how to opt out of being tracked by Google Analytics by visiting
_ga expires 2 years after being set. _gat expires 10 minutes after being set.
_gid expires after 24 hour.
OTZ expires after 1 month. APISID,HSID,SAPISID,SID and SSID expire after two years.

How we use and Protect Your Personal Information

We use your personal information in the following ways:

  • to provide you with the information you request about the products offered through the website

We may also use or disclose Personal Information as we believe to be necessary or appropriate: (a) under applicable law, including laws outside your country of residence, (b) to comply with legal process, (c) to respond to requests from public or government authorities, including public or government authorities outside your country of residence, (d) to enforce our terms and conditions, (e) to protect our operations or those of any of our affiliates, (f) to protect our rights, privacy, safety or property, or that of our affiliates, you or others; or (g) to allow us to pursue available remedies or limit the damages that we may sustain.

Our Partners

Products offered through What’s On are made available through our third-party distribution partners and suppliers. Our distribution partners and suppliers may have privacy policies that differ from our own Privacy Policy.

Your Rights

Once you provide your personal data to, you have the right to:

  • request that data be deleted
  • refuse to allow such data to be processed for other purposes, e.g. marketing

If you provided your data to and believe that there has been a violation of personal data protection laws, you may report this to the supervisor authority in charge of personal data.
To request deletion or contact us about anything regarding GDPR, feel free to write an email to [email protected]

Changes to our Privacy Policy

We know that our business will continue to evolve as we introduce new products, and, as such, from time to time this Privacy Policy may be reviewed and revised. What’s On reserves the right to change this Privacy Policy by posting the changes on its website.
This Privacy Policy does not address, and we are not responsible for, the privacy policies, information, or other practices of any third party, including any third-party suppliers and tour operators, and any third party operating any site to which our website contains a link.