The Thomas Cook Group faces possible disciplinary action from the ABTA Code of Conduct Committee after one of its Going Places shops openly flouted the Data Protection Act.
Staff working in the Market Street branch of the travel agency in Manchester have been leaving documents with customers’ personal details – including names, phone numbers and credit card details – beside their desks and on the window sill in full view of passers-by.
Worse still, customers’ addresses and exact details of when they would be on holiday were on display for at least six weeks.
The negligent behaviour was brought to the attention of Travel Weekly this week by a tour operator employee, who has asked not be identified. She first photographed the evidence over the August bank holiday weekend and returned to take more photos last Saturday.
She said: “I couldn’t believe my eyes when I first saw it. I was astounded by the shop staff’s lack of attention to customer data protection practices.
“It was also possible to see documents detailing the store’s performance and targets for the coming month. It is a pity I don’t work for a local competitor as I could have used that information to my advantage.”
An ABTA spokesman said the situation clearly disregarded Data Protection Act guidelines concerning the privacy of clients, adding: “This is possibly a code of conduct violation and something we’ll be looking into with Going Places and, if necessary, referring the company to the committee.”
A Thomas Cook UK and Ireland spokesperson said: “Thomas Cook UK and Ireland has stringent data protection policies in place to ensure customers’ personal information is always treated in accordance with the requirements of the UK Data Protection Act 1988.
“Any breach of our data protection policy is taken seriously and the company has launched an immediate investigation into the store in question.”