Terms & Conditions

Terms & Conditions

DATE: Nov 08, 2025 | Posted_by: tad sørensen

The NEST Global OTA

Terms of Service

Comprehensive Policy Suite

Last updated: 05 November 2025

Important notice:. These policies serve as comprehensive, industry-grade governance guidelines for The NEST, an Online Travel Agency (OTA) platform. They are designed in accordance with internationally recognized standards and regulatory frameworks, ensuring compliance with EU and EEA legislation,  including the General Data Protection Regulation (GDPR) and the ePrivacy Directive as well as equivalent global standards applicable in other jurisdictions.

In addition to the policies outlined herein, The NEST maintains a structured framework of supplementary internal policies, audit practices, and governance protocols. These cover areas such as data protection, consumer rights, vendor accountability, ethical business conduct, and financial transparency. Regular internal and external audits are conducted to assess compliance, strengthen operational integrity, and ensure ongoing adherence to best practices.

Our commitment is to operate with transparency, fairness, and due diligence, safeguarding the interests of all users, partners, vendors, and other stakeholders connected to our platform.

Table of Contents

  1. About The NEST Global OTA
  2. Master Terms & Conditions (Customer Terms of Use)
  3. Booking Terms (Travel Services Specific)
  4. Refunds, Cancellations & Changes Policy
  5. Complaints, Chargebacks & Dispute Resolution
  6. Supplier Terms (B2B Partners)
  7. Privacy Policy (GDPR-compliant)
  8. Cookie & Tracking Technologies Policy
  9. Data Processing Agreement (Controller–Processor Addendum)
  10. Ethics, Anti-Bribery & Sanctions Compliance Policy
  11. Modern Slavery & Human Trafficking Statement
  12. Accessibility Statement
  13. Security Statement & Incident Response
  14. Intellectual Property & User-Generated Content (UGC) Policy
  15. Marketing & Communications Policy
  16. Children’s Privacy & Minor Travelers
  17. Retention, Archiving & Deletion Policy
  18. Record of Processing Activities (RoPA) – Summary
  19. Contact Information & Legal Notices
  20. Jurisdictional Addenda

About The NEST Global OTA

Legal name: The NEST Global OTA AS (the “Company”, “we”, “us”, “our”).
Registered address: Valen 5, 4070 Randaberg, Norway.
Contact: +47-94080625; Email: support@thenestglobal.com
Data Protection Officer (DPO): IT@thenestglobal.com (if appointed; otherwise “privacy@thenestglobal.com”).
Corporate website & platform: https://thenestglobal.com (and related subdomains, apps, and APIs).
Business model: Online travel agency and marketplace facilitating bookings for airlines, hotels & B&Bs, rental cars & boats, tours & activities, and visa services (“Travel Services”).
Role: We primarily act as agent/intermediary for suppliers (the “Suppliers”) except where explicitly stated that we act as principal or organizer (e.g., certain bundled/package offerings).

Master Terms & Conditions (Customer Terms of Use)

1. Acceptance of Terms

By accessing or using our platform, creating an account, or making a booking, you agree to these Master Terms & Conditions and all referenced policies (“Terms”). If you do not agree, do not use the platform.

2. Eligibility

You must be at least 18 years old and have legal capacity to enter into contracts. You represent that information you submit is accurate and complete.

3. Our Role & Contracting Parties

Most Travel Services displayed on our platform are provided by independent Suppliers (airlines, hoteliers, B&B hosts, car/boat rental firms, tour operators, visa facilitators). For these bookings, your contract for the Travel Service is with the Supplier, and we act as an agent facilitating your booking and payment. Our responsibilities are limited to the agency services described herein. Where we act as principal (clearly marked), your contract is with us.

4. Platform Use & Acceptable Use

You agree not to: (a) misuse, interfere with, or reverse engineer the platform; (b) make speculative, false, or fraudulent bookings; (c) scrape content without permission; (d) infringe IP rights; (e) upload unlawful or harmful content; (f) circumvent security or rate limits; (g) use bots except as permitted by API terms.

5. Account, Security & Authentication

You are responsible for maintaining account confidentiality and for activities under your account. You must promptly notify us of suspected compromise. We may require MFA and may suspend accounts for security reasons.

6. Pricing, Fees & Taxes

Displayed prices may include or exclude taxes, surcharges, or fees (e.g., resort fees, local city taxes, fuel surcharges, baggage fees, one-way fees, insurance, cleaning fees). We aim to show the total price before purchase where feasible. Prices can change until booking confirmation is issued. Currency conversions are provided for convenience; your card issuer may apply different rates/fees.

7. Payment Processing

We may use payment processors and acquire funds as an agent on behalf of Suppliers. You authorize charges for the full amount, including applicable fees and taxes. For some bookings, the Supplier will charge you directly. We reserve the right to verify payment methods, pre-authorize cards, and cancel bookings for suspected fraud.

8. Confirmation & Travel Documents

A booking is confirmed when you receive a confirmation email/itinerary or booking page confirmation. You must check all details (names, dates, times, locations, fare rules). You are responsible for obtaining valid passports, visas, health documents, and compliance with entry restrictions.

9. Changes, Cancellations & Refunds

Change and cancellation terms depend on the Supplier’s fare/rate rules and the product type. Our Refunds, Cancellations & Changes Policy (below) applies in addition to Supplier terms.

10. Overbooking, Schedule Changes & Force Majeure

Suppliers may overbook or modify schedules. We will assist with re-accommodation per Supplier policies. We are not liable for losses from events beyond our reasonable control (force majeure), including but not limited to pandemics, extreme weather, strikes, governmental actions, or technical outages.

11. Travel Risks & Advisories

Travel involves risks. You should review official travel advisories and health guidance relevant to your destinations. We are not responsible for your failure to comply with such advisories.

12. Visa & Consular Services

Where visa services are offered, we (or appointed visa facilitators) process applications based on information you provide. Issuance decisions rest solely with the relevant authorities. Fees are generally non-refundable once submitted.

13. Reviews & UGC

You may submit reviews or content subject to our UGC Policy. You grant us a non-exclusive, worldwide license to host, display, adapt, and promote such content. We may moderate or remove content at our discretion.

14. Intellectual Property

All platform content and technology are owned by us or our licensors. No rights are granted except as necessary to use the platform under these Terms.

15. Limitation of Liability

To the maximum extent permitted by law, we are not liable for: (a) acts/omissions of Suppliers; (b) indirect or consequential losses; (c) loss of profits, business, goodwill, or data. Our aggregate liability in connection with the platform and agency services shall not exceed the greater of: (i) the total service fees you paid to us for the relevant booking; or (ii) EUR 100. Nothing limits liability for death or personal injury caused by negligence, fraud, or other non-excludable obligations under applicable law.

16. Indemnity

You agree to indemnify us (and our directors, employees, and affiliates) against claims arising from your breach of these Terms or misuse of the platform.

17. Privacy & Cookies

Our processing of personal data is described in our Privacy Policy and Cookie Policy.

18. Governing Law & Venue

Unless mandatory consumer laws require otherwise, these Terms are governed by the laws of Norway, and disputes are subject to the exclusive jurisdiction of the courts of Oslo, Norway. Consumers in the EEA retain rights to bring claims in their country of residence as required by law.

19. Changes to Terms

We may update these Terms to reflect platform changes, legal requirements, or security needs. Material changes will be notified in advance where required. Continued use after the effective date constitutes acceptance.

Booking Terms (Travel Services Specific)

A. Flights (Air Tickets)

  1. Names, Passports: Names must match passports exactly; changes may be impossible or incur fees.
  2. Schedule Changes: Airlines may change schedules; your contract is with the airline. We will notify you when we receive airline notices.
  3. Ancillaries: Baggage, seating, meals, and other ancillaries may involve extra charges and different terms.
  4. Refundability: Many fares are non-refundable/non-changeable; refundable fares may carry penalties.
  5. No-flight/No-show: Failure to check in or to complete a flight segment may cancel remaining segments.
  6. Denied Boarding/EC261: EU/EEA compensation and assistance may apply; claims must be made to the airline. We can assist with documentation.

B. Accommodation (Hotels, B&Bs)

  1. Local Taxes & Resort Fees: Payable on-site unless included.
  2. Check-in Requirements: ID, deposit/credit card hold may be required.
  3. Overbooking: Property may re-accommodate to a comparable property, subject to availability.
  4. House Rules: Smoking, pets, parties, and occupancy limits as per property rules.

C. Car & Boat Rentals

  1. Driver Requirements: Valid license, age restrictions, international permit if applicable.
  2. Deposits & Insurance: Excess/security deposit may apply; review CDW/LDW/TP coverage and exclusions.
  3. Fuel & Mileage: Fuel and mileage policies vary.
  4. Late Returns: Late fees may apply; vehicle condition assessments at return.

D. Tours, Activities & Packages

  1. Minimum Numbers & Changes: Operators may cancel if the minimum participants are not met; alternative dates/refunds per Supplier policy.
  2. Health & Fitness: Disclose medical conditions; comply with safety instructions.
  3. Package Travel: Where we combine at least two different types of Travel Services under a single contract/price, we may act as organizer, subject to package travel laws; additional rights and disclosures apply.

E. Visa Services

  1. Accuracy: You are responsible for accurate forms and supporting documents.
  2. Non-guarantee: Issuance is at the sole discretion of authorities; timelines are not guaranteed.
  3. Fees: Government and service fees may be non-refundable once submitted.

Refunds, Cancellations & Changes Policy

1. General Principles

  • Each booking is subject to the Supplier’s fare/rate rules.
  • Our service fees (where charged) are non-refundable unless the cancellation is due to our error.
  • Where we act as agents and collect funds for the Supplier, we process refunds after receiving Supplier authorization.
  • Refunds are returned to the original payment method only.

2. Customer-Initiated Cancellations/Changes

  • If your fare/rate permits cancellation or change, we will facilitate it; Supplier penalties and any fare/rate differences apply.
  • If your fare/rate is non-refundable/non-changeable, we will seek waivers only where Supplier policy allows (e.g., documented emergencies) — waivers are discretionary.
  • Administrative processing fees may apply (disclosed before you confirm a change).

3. Supplier-Initiated Changes, Cancellations & Force Majeure

  • If a Supplier cancels or significantly changes your booking, remedies (refund, rebooking, credit/voucher) follow Supplier policy and applicable law.
  • Force majeure events may limit available remedies.
  • For EEA flights, EC261 rules may apply; claims must be made with the airline.

4. No-Show

  • No-show generally forfeits refund rights; some Suppliers allow rebooking at a fee, subject to availability.

5. Timelines

  • Once a refund is approved by the Supplier, we submit it within 5–10 business days; your bank/card issuer may take additional time to post funds.
  • Some airlines/refunds may take longer due to BSP/ARC settlement cycles.

6. Partial Use / Unused Services

  • Partial refunds for unused segments depend on the Supplier’s rules and whether the fare/rate permits it.

7. Chargebacks

  • Chargebacks should be used only when you cannot obtain a remedy through us or the Supplier. Filing unfounded chargebacks may result in account limitations. See Complaints & Dispute Resolution.

Complaints, Chargebacks & Dispute Resolution

1. Complaints

Please contact support@thenestglobal.com with your booking reference, evidence, and desired resolution. We aim to acknowledge within 48 hours and provide a substantive response within 15 days.

2. Escalation

If unresolved, you may escalate to our Customer Relations team and, where applicable, to alternative dispute resolution (ADR) entities recognized in your country of residence.

3. Chargebacks

You agree to first allow us a reasonable opportunity to resolve your issue. Initiating a chargeback for a legitimate, used service or for a non-refundable fare may be contested with your card issuer. We provide records to the acquirer if necessary.

4. Court Proceedings

As per the Governing Law & Venue clause, disputes may be brought in Oslo, Norway, unless consumer protection laws grant you rights in your home forum.

Supplier Terms (B2B Partners)

1. Scope

These terms apply to airlines, hoteliers, B&B hosts, car/boat rental companies, tour operators, and visa facilitators (“Supplier”, collectively “Suppliers”) listing inventory or services via our platform or APIs.

2. Supplier Obligations

  • Licenses/Compliance: Maintain required licenses, permits, insurance, and compliance with applicable laws (consumer, health & safety, accessibility, anti-discrimination, sanctions).
  • Inventory & Rates: Provide accurate availability, rates, fees, taxes, and restrictions; honor confirmed bookings.
  • Accuracy & Content: Ensure descriptions, photos, amenities, and policies are accurate and non-infringing.
  • Customer Service: Provide 24/7 emergency contact for in-trip issues where reasonable; resolve service failures promptly.
  • Overbooking & Changes: Manage re-accommodation/alternatives at equal or higher value where feasible.
  • Refunds: Process eligible refunds in a timely manner and honor mandatory legal remedies.
  • Data Protection: Comply with Privacy, DPA, and security standards; use personal data only for booking fulfillment.
  • Prohibited Practices: No deceptive pricing, bait-and-switch, unfair surcharges, discrimination, or unlawful minimum price parity clauses.

3. Our Role & Fees

We may act as agent, distributor, or payment collector. Commission/service fees and settlement terms are governed by the Supplier Agreement or onboarding order form.

4. Content License

Supplier grants us a non-exclusive, royalty-free, worldwide license to use content (including trademarks) for display, distribution, marketing, and SEO, solely to promote the Supplier’s listings and our platform.

5. Indemnities & Insurance

Supplier indemnifies us for claims arising out of Supplier’s services, content, or legal non-compliance. Maintain appropriate insurance and provide certificates upon request.

6. Reviews & Moderation

We may collect and publish verified guest reviews. Supplier may respond but cannot manipulate, incentivize, or suppress reviews unlawfully.

7. Termination & Delisting

We may delist Suppliers for material breach, safety concerns, fraud, or repeated guest complaints. Outstanding confirmed bookings must be honored or adequately re-accommodated.

Privacy Policy (GDPR-compliant)

1. Who We Are

Controller: The NEST Global OTA AS for platform operations, marketing, and customer accounts. For individual bookings where we act purely as agent, Suppliers are independent controllers for their own processing.

2. Contact & DPO

Email: privacy@thenestglobal.com
DPO (if appointed): IT@thenestglobal.com

3. Personal Data We Process

  • Identity & Contact: name, date of birth, gender (optional), passport/ID, contact details.
  • Booking Data: itineraries, PNRs, fare/rate details, loyalty numbers, special requests (e.g., accessibility, dietary).
  • Payment Data: tokenized card details via PSP, billing info (we do not store full PANs).
  • Technical Data: device IDs, IP address, log data, cookies/SDK data.
  • Communications & UGC: emails, chat logs, reviews.
  • Sensitive Data: only when strictly necessary and with your explicit consent (e.g., medical/ accessibility needs) – minimized and protected.

4. Purposes & Legal Bases (GDPR Art. 6)

  • Booking & Fulfillment: performance of a contract (Art. 6(1)(b)).
  • Account Management: legitimate interests and contract.
  • Customer Support & Safety: legitimate interests; vital interests in emergencies.
  • Payments & Fraud Prevention: legitimate interests; legal obligations.
  • Marketing: consent for electronic direct marketing where required; legitimate interests for similar products to existing customers, subject to opt-out.
  • Analytics & Service Improvement: legitimate interests with appropriate safeguards (e.g., IP truncation, aggregation).
  • Legal & Compliance: legal obligations (tax, accounting, sanctions screening).
  • Consent-Based Processing: for cookies, special-category data (Art. 9), and certain marketing.

5. Sharing & International Transfers

We share data with Suppliers, payment processors, fraud/identity verification providers, IT/hosting vendors, and customer support tools, strictly under contracts. International transfers outside the EEA/UK occur under adequacy decisions or appropriate safeguards (e.g., SCCs, IDTA/UK Addendum) with supplementary measures.

6. Retention

We keep booking and transactional data for 7–10 years to comply with accounting/tax and legal claims. Marketing data is kept until you withdraw consent or opt out, and logs for a shorter period as per our Retention Policy.

7. Your Rights

Access, rectification, erasure, restriction, portability, objection, and withdrawal of consent at any time. You may lodge a complaint with your supervisory authority (e.g., Datatilsynet in Norway). Contact us at privacy@thenestglobal.com.

8. Children

Our services are not directed to children under 16; bookings for minors must be made by adults or with guardian consent.

9. Security

We implement organizational and technical measures (encryption in transit/at rest, role-based access, MFA, least privilege, monitoring, vulnerability management, secure SDLC). See Security Statement.

10. Automated Decision-Making

We may use automated fraud screening and risk scoring; you can request human review and contest decisions.

11. Changes

We will notify you of material changes and obtain consent where required (e.g., new purposes).

Cookie & Tracking Technologies Policy

1. Scope

Applies to cookies, pixels, SDKs, local storage, and similar technologies on our websites and apps.

2. Consent & Preference Management

  • We use a Consent Management Platform (CMP) to capture, log, and honor your choices.
  • Strictly necessary cookies do not require consent.
  • Analytics, performance, functional, and marketing cookies require opt-in consent in the EEA/UK.
  • You can change preferences anytime via the “Cookie Settings” link.

3. Categories

  • Strictly Necessary: load balancing, session, authentication, security.
  • Preferences/Functional: language, currency, saved searches.
  • Analytics: usage statistics, error diagnostics (with IP anonymization where applicable).
  • Marketing/Advertising: personalized offers, retargeting; disabled unless/ until you consent.

4. Retention & Third Parties

We provide a dynamic cookie table listing name, provider, purpose, duration, and type (1st/3rd party). Third-party cookies are subject to their own policies.

5. Do Not Track & Global Privacy Control

We honor applicable signals where feasible (e.g., GPC) and provide equivalent controls.

Data Processing Agreement (Controller–Processor Addendum)

Applies when we process personal data on behalf of a Supplier (as a processor) or when Suppliers process on our behalf.

1. Roles & Instructions

Processor shall process personal data only on documented instructions from Controller and for the permitted purposes (booking, fulfillment, support, fraud prevention).

2. Confidentiality & Security

Processor ensures confidentiality, trains personnel, and implements appropriate technical and organizational measures aligned with risk.

3. Sub-Processors

Use of sub-processors is permitted with prior general authorization; maintain an up-to-date list and provide notice of changes. The controller may object on reasonable grounds.

4. International Transfers

Use SCCs/IDTA or equivalent safeguards; document transfer impact assessments where required.

5. Assistance & Rights

Assist the Controller with data subject requests, DPIAs, and breach notifications without undue delay.

6. Breach Notification

Notify Controller without undue delay and provide required details as they become available.

7. Audits

Allow audits or provide independent audit reports (e.g., SOC 2/ISO 27001) under confidentiality.

8. Return/Deletion

Upon termination, delete or return personal data, unless retention is required by law.

9. Liability & Indemnity

Each party remains liable for its own breaches, subject to limitations in the main agreement, except where prohibited by law.

Annex 1 – Data Details

  • Categories of Data: identity/contact, booking details, communications, technical data.
  • Data Subjects: customers, travelers, and account users.
  • Purpose: booking, support, fraud prevention, analytics (as instructed).
  • Retention: as per the Controller’s instructions and law.

Ethics, Anti-Bribery & Sanctions Compliance Policy

1. Zero Tolerance

Prohibits bribery, kickbacks, facilitation payments, or improper advantages. Comply with EU/EEA, UK Bribery Act, U.S. FCPA, and local anti-corruption laws.

2. Gifts & Hospitality

Modest, transparent, and infrequent gifts/hospitality may be allowed if not intended to influence. Cash equivalents are prohibited. Record all gifts over a set threshold (e.g., EUR 75).

3. Conflicts of Interest

Employees and Suppliers must disclose actual or potential conflicts and refrain from making decisions where conflicts exist.

4. Sanctions & AML

Screen business partners and transactions against applicable sanctions lists (EU, UN, UK, OFAC). Report suspicious activity per AML guidelines as applicable.

5. Whistleblowing

Confidential reporting channel: ethics@thenestglobal.com. Retaliation is prohibited.

Modern Slavery & Human Trafficking Statement

We oppose all forms of modern slavery and human trafficking. Suppliers must uphold fair labor, freedom of movement, safe working conditions, and legal pay practices. We conduct risk-based due diligence and may audit or terminate relationships for violations.

Accessibility Statement

We strive to meet WCAG 2.1 AA standards. If you encounter barriers, contact accessibility@thenestglobal.com. We work with Suppliers to surface accessibility attributes (e.g., step-free access, visual alarms) but cannot guarantee their accuracy unless verified.

Security Statement & Incident Response

  • Controls: encryption, network segmentation, EDR, backups, vulnerability scanning, penetration testing, secure coding, dependency scanning, and vendor risk management.
  • Payments: Card data handled via PCI DSS-compliant PSPs; we do not store full card PANs.
  • Incident Response: 24/7 monitoring; defined playbooks; notify affected parties and authorities per legal timelines (e.g., GDPR 72-hour rule).

Intellectual Property & User-Generated Content (UGC) Policy

  • License: You grant us a non-exclusive, royalty-free license to use submitted UGC for platform operations and marketing.
  • Prohibited Content: illegal, infringing, defamatory, hateful, obscene, or deceptive content; personal data of third parties without consent.
  • Moderation: We may remove or edit UGC; repeat violators may be suspended.
  • Notice & Takedown: Report alleged infringement to ip@thenestglobal.com with sufficient detail; we may disable content pending review.

Marketing & Communications Policy

  • Consent: We obtain opt-in consent for electronic marketing where required (EEA/UK).
  • Preferences: Manage in account or via unsubscribe links.
  • Profiling: We may personalize offers; you may object.
  • Third-Party Marketing: We do not sell personal data; we may partner with Suppliers for co-marketing with consent.

Children’s Privacy & Minor Travelers

  • Services are for adults.
  • Minors may travel only under adult bookings and applicable Supplier rules.
  • We process minor traveler data only as necessary for the booking and in the child’s best interests.

Retention, Archiving & Deletion Policy

Data Category

Typical Retention

Rationale

Booking & invoices

7–10 years

Tax/accounting, legal claims

Support communications

3 years

Service quality, dispute evidence

Account data

Life of account + 2 years

Re-engagement, fraud defense

Marketing consents/logs

5 years

Compliance evidence

Cookie consent logs

2 years

ePrivacy/GDPR evidence

Security logs

6–12 months

Security operations

Deletion is carried out securely; backups roll off on a defined schedule. We may anonymize data for analytics.

Record of Processing Activities (RoPA) – Summary

  • Processing: account creation, browsing analytics, booking, payments, customer support, and marketing.
  • Recipients: Suppliers, PSPs, IT vendors, support tools, analytics providers.
  • Transfers: safeguarded via SCCs/adequacy.
  • Security: as per the Security Statement.
  • DPIAs: performed for high-risk processing (e.g., fraud profiling, new tracking tech).

Contact Information & Legal Notices

Jurisdictional Addenda

Norway & EEA (GDPR/ePrivacy)

  • We rely on consent for non-essential cookies; legitimate interests for certain analytics, only with safeguards.
  • Consumers retain mandatory rights under Norwegian/EU law (including ADR/ODR access).

United Kingdom (UK GDPR/PECR)

  • Data transfers to the EEA/adequate countries as per UK adequacy; SCCs + UK Addendum as needed.
  • PECR consent rules for cookies/marketing apply.

United States (State Privacy Laws)

  • We provide opt-out rights for targeted advertising and sale/share of personal information where applicable (e.g., California).
  • We honor authorized agent requests under state laws.
  • Do not collect sensitive personal information for inferring characteristics.

Other Regions

  • We adapt to local consumer and privacy laws, including Canada (PIPEDA), Australia (Privacy Act), and Singapore (PDPA). Local addenda may supplement these policies.

Versioning & Change Log

  • v1.0 (2025-11-05): Initial comprehensive suite published.

Related Policies & Further Information

This Policy forms an integral part of The NEST Global OTA’s Terms & Conditions. For more details, please refer to our respective dedicated policies:

For detailed information on our governance, data protection, marketing, and supplier obligations, please review our extended policies available on The NEST Legal Hub:

·        Privacy Policy

·        Cookie Policy

·        Ethics & Anti-Bribery Policy

·        Security & Data Protection Policy

·        Business Continuity & Disaster Recovery Policy

·        Security & Incident Response Policy

·        Marketing & Communication Policy

·        Supplier Data Processing Agreement (DPA)

·        Vendor Risk Management & Third-Party Compliance Policy

·        Modern Slavery & Human Rights Policy

Search for the best prices...