Last updated: March 2019
For individuals based in the European Economic Area (“EEA“), and Switzerland this policy also describes your EEA data protection rights, including a right to object to some of the processing that TravelClick carries out. For more information see ‘More information for individuals from the EEA and Switzerland’ below.
TravelClick adheres to the Internet Advertising Bureau (“IAB“) UK’s Good Practise Principals for Online Behavioural Advertising as well as the European Interactive Digital Advertising Alliance’s (“EDAA”) principles.
What information do we collect?
- Names and contact information from our customers and business partners and, in some cases, directly from individuals when we act as a contractor for our customers and partners in providing our Services; and from individuals who voluntarily submit it to us by requesting products, services or other information through this website, by participating in surveys or promotions or by engaging in other communications with TravelClick.
- When individuals visit this website and the websites of our customers, we utilize cookies, tracking pixels, web beacons and other technologies to collect data that allows us to customize and improve user experience with our website and our Services. For example, these technologies allow us to identify whether an individual is a first time or return visitor and to provide faster data retrieval for return visitors. When an individual voluntarily submits information to us or one of our customers or business partners, we may associate this personal information with information gathered through these technologies so that we can offer increased personalization and functionality services to our customers or business partners.
What information do we receive from third parties?
The information above may be combined with information that we receive from other sources, including from third party business partners. For example, we may use third party information to confirm contact information or to better understand your interests by associating demographic information with the information you have provided.
How do we use this information, and what is the legal basis for this use?
We process this personal information for the following purposes:
- To fulfill a contract, or take steps linked to a contract: this is relevant where you use our Services. This includes:
- taking payments;
- communicating with you;
- providing customer services and provision of the Services. This includes reserving hotel accommodations and providing related Services to our customers and to individuals on behalf of our customers.
- As required by TravelClick to conduct our business and pursue our legitimate interests, in particular:
- we will use your information to provide the Services you have requested, and respond to any comments or complaints you may send us;
- we monitor use of our website and online services, and use your information to help us monitor, improve and protect our products, content, Services and website, both online and offline;
- we use information you provide to personalise our website and Services for you;
- to maintain and improve our Services, for example for testing and development purposes;
- we monitor customer accounts to prevent, investigate and/or report fraud, terrorism, misrepresentation, security incidents or crime, in accordance with applicable law;
- we provide industry-related analysis, reporting and marketing Services to our customers and other third parties in the hospitality industry;
- we use information you provide to investigate any complaints received from you or from others, about our website or our Services; and
- we will use data in connection with legal claims, compliance, regulatory and investigative purposes as necessary (including disclosure of such information in connection with legal process or litigation);
- Where you give us consent:
- where required by law to send you direct marketing in relation to our relevant Services;
- on other occasions where we ask you for consent, we will use the data for the purpose which we explain at that time.
- For purposes which are required by law:
- in response to requests by government or law enforcement authorities conducting an investigation.
Notice to California Residents
Under California law, California residents may request a list of all third parties to whom we have disclosed certain personal information (as defined by California law) during the preceding year for those third parties’ direct marketing purposes. If you are a California resident and would like to receive such a list, please contact us at 55 W 46th Street, NY, NY 10036. For any such request, include the statement “Your California Privacy Rights” in the body of your request, as well as your name, street address, city, state, and zip code. Please provide enough information for us to determine if this applies to you. You must also attest to the fact that you are a California resident and provide a current California address for our response. Please note that we will not accept requests via the telephone, email, or by facsimile, and we are not responsible for notices that are not labeled or sent properly or that do not have complete information.
No security program is impenetrable and criminals have proven adept at circumventing widely-adopted security safeguards, so we cannot guarantee the security of personal information. Accordingly, you acknowledge that you provide personal information to us at your own risk.
Any customer, hotel property, reseller, user or other third party accessing TravelClick’s website or Services is responsible for its own use of the website and the Services. TravelClick is not responsible for any third party’s actions or their security controls with respect to information that third parties may collect or process via the website, Services or otherwise.
We will share your personal information between the TravelClick family of companies for the purposes identified above.
We may utilize third party service providers to help us manage our business and provide goods and services to our customers and business partners. In particular, we use third party providers of website hosting, technology support and maintenance, call center operation, and marketing.
We may also share personal information with our customers and business partners for their own marketing and internal business purposes. If we share personal information with third parties, we require that they only use such information received from us for their intended purpose.
TravelClick also may disclose any personal information as required by law, court order or other valid legal processes or in connection with a merger, acquisition, reorganization or sale of TravelClick, any of TravelClick’s business lines, or all or substantially all of TravelClick’s assets or a TravelClick business line’s assets.
Should you sign up for our email list and then change your mind and no longer wish to receive e-mail or periodic mailings from us in the future, please let us know by sending an e-mail to Unsubscribe@travelclick.com with your email address in the subject line. If you no longer wish to receive communications from our customers, business partners or affiliates, please contact them directly.
In addition, we deploy cookies, tracking pixels, web beacons and other technologies on our websites and those of our customers (in desktop and on mobile devices). These tools may be used by us, our customers, and third parties to collect information about you and your internet activity, even if you have turned on DNT.
The cookies we set include retargeting cookies that collect information about your browsing habits in order to make advertising more relevant to you and your interests. They are also used to limit the number of times you see an advert as well as help measure the effectiveness of an advertising campaign. For example, we use third party companies such as DoubleClick (from Google) to provide you with more personalized adverts when visiting other websites. You can manage your preferences and opt-out of Google’s interest-based ads in your Google Ads Setting.
Alternatively, you may wish to visit www.aboutcookies.org, which contains comprehensive information on how to do this on a wide variety of desktop. However, please note that if you select such settings you may be unable to assess certain parts of our site, or certain content or functionality may not be available. If you are in the EEA and would like to opt out of third party cookies relating to behavioural advertising, please go to www.youronlinechoices.eu.
Do Not Track
In addition, we deploy cookies, tracking pixels, web beacons and other technologies on our websites and those of our customers. Those tools may be used by us, our customers, and third parties to collect information about you and your internet activity, even if you have turned on DNT.
We do not knowingly collect personal information from children under the age of 13.
We will investigate all complaints promptly and diligently to address your concerns and resolve any disputes quickly. You can communicate them to the following address: email@example.com. If a complaint or dispute cannot be resolved through our internal process, we agree to independent dispute resolution procedures administered by the American Arbitration Association.
MORE INFORMATION FOR INDIVIDUALS FROM THE EEA AND SWITZERLAND
a. Transfers of personal information outside the EEA
We may transfer some of your information to TravelClick, Inc. in the United States in order to process booking reservations and other transactions. Because the United States does not have equivalent data protection legislation protecting the use of your personal information, we comply with European Union law by using EU Commission approved standard contractual clauses or by adopting other means to ensure that adequate safeguards are applied.
Where information is transferred outside the EEA, and where this is to a stakeholder or vendor in a country that is not subject to an adequacy decision by the EU Commission, data is adequately protected by EU Commission approved standard contractual clauses, an appropriate Privacy Shield certification or a vendor’s Processor Binding Corporate Rules. A copy of the relevant mechanism can be provided for your review on request to firstname.lastname@example.org.
b. Legitimate Interests
We have carried out balancing tests for all the data processing we carry out on the basis of our legitimate interests, which we have described above. You can obtain information on any of our balancing tests by contacting us using the details below.
c. How long will you retain my personal information?
Where we process personal information for marketing purposes or with your consent, we process the information until you ask us to stop and for a short period after this (to allow us to implement your requests). We also keep a record of the fact that you have asked us not to send you direct marketing or to process your information indefinitely so that we can respect your request in future.
Where we process personal information for website security purposes, we retain it for 30 days.
Where we process personal information in connection with performing a contract, we keep the personal information in line with the contractual limitation period or as directed by the data controller for that personal information when we are the data processor.
d. Your rights
You have the right to ask us for a copy of your personal information; to correct, delete or restrict (stop any active) processing of your personal information; and to obtain the personal information you provide to us for a contract or with your consent in a structured, machine readable format, and to ask us to share (port) this information to another controller.
In addition, you can object to the processing of your personal information in some circumstances (in particular, where we don’t have to process the information to meet a contractual or other legal requirement, or where we are using the personal information for direct marketing).
If you have unresolved concerns, you have the right to complain to an EU data protection authority where you live, work or where you believe a breach may have occurred.
These rights may be limited, for example if fulfilling your request would reveal personal information about another person, where they would infringe the rights of a third party (including our rights) or if you ask us to delete information which we are required by law to keep or have compelling legitimate interests in keeping. We will inform you of relevant exemptions we rely upon when responding to any request you make.
e. Withdrawing consent or otherwise objecting to direct marketing
Wherever we rely on your consent, you will always be able to withdraw that consent, although we may have other legal grounds for processing your personal information for other purposes, such as those set out above. You have an absolute right to opt-out of direct marketing, or profiling we carry out for direct marketing, at any time. You can do this by following the instructions in the communication where this is an electronic message, or by contacting us using the details set out below.
f. How do I get in touch with TravelClick?
We hope that we can satisfy queries you may have about the way we process your information. If you have any concerns about how we process your information, want more information on who is considered the data controller in connection with the collection of your personal information or if you would like to opt out of direct marketing, you can get in touch at email@example.com or by writing to Via Augusta, 117, 08006 Barcelona, Spain Attn: Data Protection Officer. You can also get in touch with TravelClick’s data protection officer at firstname.lastname@example.org.