World Travel, Inc. Privacy Policy for Products and Services

Privacy Matters

We understand how important travel is to you and your business. The heart of our business is booking and managing travel, which by its very nature means we collect, use, share, and store personal information. We are committed to providing all of our customers with top-notch service in a fully transparent manner. Put simply, privacy matters. The purpose of this policy is to provide you and Travelers with a comprehensive description of our online and offline practices regarding the collection, use, and disclosure of personal information and the rights individuals may have regarding their personal information.
 
This policy applies to anyone who uses any of our Services.
This policy does not apply to our website, www.worldtravelinc.com (it has a separate, site-specific policy).
You may view and print this policy anytime at:
 
We may change this policy and its related procedures at any time, without notice. Changes will apply to your use of Services as of the effective date of such changes.
If you have questions about the Services covered by this policy, or about how we process data, you may contact us by emailing privacy@worldtravelinc.com.
 
This policy is divided into the following topics:
1. Data We Collect
2. How We Protect Data
3. How We Use Your Data and Traveler Data
4. How We Share Information
5. Your Choices and Obligations and Traveler Choices and Obligations
6. State or Jurisdiction-Specific Rights and Notices
7. Other Important Information
8. Our Contact Information

Definitions

Personal data means any information relating to an identified or identifiable natural person (a “Data Subject”); one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, or an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person. In this policy, the terms personal data and personal information are used interchangeably.
Process is used in its broadest sense to mean any operation or set of operations performed upon data, such as collecting, using, sharing, storing, altering, retrieval and the like.
Products refers to software and applications, which may be owned by World Travel, Inc. or a third party, to which World Travel, Inc. grants User access.
Services means the combination of products (e.g., software, applications) and services (e.g., making travel reservations, other travel-related professional services) that we offer to clients, and which are in turn and also used by Travelers.
Traveler means any person who books travel using our Services. Most often, Travelers are a client’s employees.
Travel Supplier means an airline, railway, cruise line/ship, hotelier or place of lodging, provider of ground transportation, tour, or other provider of travel service that would be named in a traveler’s itinerary.
User means a individual authorized to use World Travel, Inc.’s Services. Users may be travelers, travel managers, or other individual authorized by a client to use World Travel, Inc.’s Services.
You and its derivations means a client, which is most often another business.

1. Data We Collect and Process

  • We process the data you give us.
  • We process the data Travelers give us.
We will collect data in a variety of ways, such as through the completion of forms (most often web-based), file transfers, by using one of our applications, through other means of registration, and through a communication channel such as telephony, email, or text.
 
We will sometimes use this information to create Traveler profiles, which is an electronic file that includes personal information and credit card or form of payment information. Certain information stored in a Traveler Profile is required by law and therefore cannot be changed. Likewise, if required information is missing, we may not provide Services until the information is complete.
 
Whenever possible we give clients and Travelers choices on what information to provide to us.
 
• We May Receive Data About You or About Travelers From Others
 
From time to time our Services require us to collect data from others. This is particularly true when, for example, a client has a vendor that will provide us with information that we will, in turn, use to provide Services.
 
• We Collect Data from Service Use
 
We log usage data when you or a Traveler uses our Services, such as when a user logs into an application or product, uses an application or product, or contacts us to book travel.
 

• You May Ask Us For a List of Variables We Process

If you would like to know exactly what variables (data fields) we process, please send an inquiry to privacy@worldtravelinc.com, along with a description of the services you are curious about, e.g., “I book corporate travel with you through my employer,” or “I used an online booking tool to book travel with you, or “WorldMobile,” or “I use an online booking tool to book travel though you,” or the product(s) you are interested in in, such as WorldAnalytics, WorldHub, WorldMobile, and so forth. Upon receipt, we will validate the request using information available to us, including contacting a client to assist us with validating the request.

• The Table Below is a General Summary of the Data We Collect and Process

Category

Source

Purpose

Personal Data

You and Travelers will provide us with personal data.

We must collect and process personal data in order to provide Services.

Geolocation Data

Travelers may provide us with geolocation data.

The mobile versions of some of our products allow for geolocation tracking. This is a feature that can be turned on or off by the end user (Traveler). We offer this as part of our Services to assist clients with fulfilling their duty of care.

Trip Data

Trip Data is any information about the travel booked by a Traveler.

Booking travel, and thereby collecting and processing data is our core Service offering.

Non-Personal Data

We will collect and process other information related to our Services, such as employment information, professional information.

Booking travel, and thereby collecting and processing data is our core Service offering.

Device-Specific Data

We will from time to time collect information about the device(s) used by individuals who use our Services.

We may use device-specific data to analyze Traveler interactions and transactions, to ensure our Services function as expected, and to improve Services.

Biometric Data

Some of our mobile applications allow users to open the application using device-specific biometric information, such as a fingerprint

End-user convenience and security

 


2. How We Protect Data

Taking into account the state of the art, the costs of implementation, and the nature, scope, context, and purposes of processing all data, as well as the risk of varying likelihood and severity for the rights and freedoms of Data Subjects (individuals), we will implement appropriate administrative, technical, and organizational measures to ensure a level of security appropriate to the risk, including among other things:

• De-identification and encryption of data and specifically personal data
• The ability to ensure the ongoing confidentiality, integrity, availability and resilience of processing systems and services
• The ability to restore the availability to access data in a timely manner in the event of any disruption
• A process for regularly testing, assessing, and evaluating the effectiveness of the measures we have implemented for ensuring the security of data processing.

Our efforts to protect data will take into account the risks that are presented by processing data, in particular the likelihood of accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to personal data transmitted, stored, or otherwise protected.

If you have questions about how we protect the data we process, please send an email to privacy@worldtravelinc.com.

3. How We Use Your Data and Traveler Data

We do not sell any data. We only use your data and Traveler data for the purpose of providing Services. In addition, we will use the data we process to audit interactions and transactions, to ensure Services are being provided as intended, and to improve our Services.

• We do not sell any data.

For that reason, we do not offer any options for individuals to opt-in or opt-out of selling their data, because it simply does not apply.

4. How We Share Information

We share information , including personal data, with:

Recipient

Reason
Travel Suppliers

Sharing information including personal data with Travel Suppliers is necessary in order for us to book travel reservations.
Partners

Sharing information including personal data with partners is necessary in order to provide Services. Partners include but are not limited to third party providers of products and services that are incidental to or incorporated in our Services. In some cases, Partners may include a travel management company or travel agency located outside of the United States.
Law Enforcement or Regulatory Agencies

We will share information including personal information with law enforcement, other government agencies, or regulatory authorities to comply with appliable laws, rules, or regulation, or in the course of managing a dispute or other litigation process.   We may share information (although not usually Traveler personal data) with our accountants, auditors, Trustee, agents, lawyers or other advisors.

For Security Purposes
We will share data with vendors and partners who assist us with data security.

 

  • Our travel consolers are prohibited from sharing a Traveler’s personal information with anyone unless expressly authorized by the Traveler to do so.

    5. Your Choices and Obligations and Traveler Choices and Obligations

  • Anyone Can Ask Us for More Details
You have a right to know about the personal data we process. Therefore, you or a Traveler may request details about this policy, or about how we process data (including personal data) or ask for a specific list of variables we process, by sending an email to privacy@worldtravelinc.com. Upon receipt, we will validate the request using information available to us, including contacting a client to assist us with validating the request.
  • Anyone Can Ask to Have Their Data Deleted
Clients or travelers may send requests to have their data deleted to privacy@worldtravelinc.com. Upon receipt, we will validate the request using information available to us, including contacting a client to ensure that the data should be deleted. We will use commercially reasonable efforts to promptly comply with any request to delete data. In some cases, we may not delete data and will instead de-identify it. We will inform the person who made the request to delete if their data will be deleted or de-identified.
  • Anyone Can Ask to Have Their Data Edited
You or a Traveler may ask to have their data edited by sending an email to privacy@worldtravelinc.com. Upon receipt, we will validate the request using information available to us, including contacting a client to ensure that the data should be edited. We will use commercially reasonable efforts to promptly comply with any request to edit data. In some cases, we may not edit the data, and if that circumstance arises, we will inform the person who asked to have the data edited.


6. State or Jurisdiction-Specific Rights and Notices


California Consumer Privacy Act – Notice for California Consumers

This section specifically addresses the rights of Californians under the California Privacy Rights Act (“CPRA”). The CPRA likely applies to World Travel, Inc. (even though we are headquartered in Pennsylvania) and requires us to provide certain information to California consumers in addition to what is already included in this policy. While our practices are fully described in this policy, we use this section to ensure that we meet CPRA’s requirements. As of the effective date of this policy, we do not have any metrics to report regarding anyone who has asked for detailed information CPRA.

  • We Do Not Sell Any Personal Data
And, because we do not sell any personal data, we do not need to implement an option for you to opt-out of sales.
  • We Share Personal Data but Not for Purposes of Advertising

We share Personal Data with our partners and Travel Suppliers. Sharing this information is necessary for us to provide Services. We do not share it for purposes of cross-context behavioral advertising. If you wish to opt-out of this at any time, please send an email to privacy@worldtravelinc.com. Please be aware that if you opt out, we may not be able to provide services to you.

  • Travelers May Request a Copy of Your Personal Data

Travelers may ask for a copy of their personal data by sending an email to privacy@worldtravelinc.com. We will likely inform our respective client, that a request has been made.

  • Travelers May Ask to Have Their Data Deleted or Corrected

Travelers may ask to have their personal data deleted or corrected if inaccurate by sending an email to privacy@worldtravelcinc.com. We will likely inform our client about the request. And, it may be that, in order to meet our business needs, we may de-identify a Traveler’s data rather than delete or correct it. If that is the case, we will inform the Traveler who submitted the request.

  • The CCPA Categories of Personal Data that We Collect and the Sources
CCPA Personal Information Category Sources of this Information
Identifiers and customer records information (e.g., name, alias, postal address, unique personal identifier, online identifier, Internal Protocol (IP) address, email address, account name, social security number, driver’s license number, passport number, or other similar identifiers).

Information provided to us by a client or Traveler so that we may make travel reservations and/or information provided to us by a Client so that we may provide travel reservation and management services to our client.
Biometric information

Some of our mobile applications allow users to open the application using device-specific biometric information, such as a fingerprint.
Characteristics of protected classifications under California or Federal Law (e.g., race, sex, gender, age).

From time to time, in the context of the booking process, we collect information that could reveal an individual’s protected classification or sensitive personal data, such as a request for a disability accommodation while traveling or a Kosher meal.
Commercial information (e.g., information regarding Services used by a Traveler).

Information clients or Travelers give directly to us by using our Services, such as making travel reservations or logging into an application, or interactions with our partners and Travel Suppliers.
Internet or Other Electronic Network Activity Information (e.g., browsing history, search history, and information regarding a Traveler’s interaction with our partners and Travel Suppliers).

A Traveler’s interaction with our online sites.
Geolocation data

Any Service that has geolocation permitted the Traveler has the option to opt of geolocation being permitted.
Professional or Employment-Related Information

Information Travelers provide directly to us by using our Services or information a client provides to us about their Travelers.
Inferences Information Travelers provide to us directly or through using our Services.
Personal information described in the CCPA

Information Travelers give directly to us by using our Services, such as making travel reservations or logging into an application, or interactions with our partners and Travel Suppliers.
Audio, electronic, visual or similar information.

Information Travelers give directly to us by using our Services, such as making travel reservations or logging into an application, or interactions with our partners and Travel Suppliers.

 

This information is retained for at least three (3) years unless a client terminates their agreement, in which case it is retained for ninety (90) days after such termination.

7. Other Important Information

  • This policy will be enforced by the Chief Information Officer, in consultation with corporate counsel and the Director, Information Security and the Director, Product Management. We have mechanisms in place to audit our own compliance with this policy.
  • None of our services are directed towards children and we do not knowingly solicit children or collect data from children under the age of 13. We however recognize that certain clients (sports leagues, educational institutions) may ask us to book travel for individuals who are under the age of 18. If such circumstances arise, we require a parent or guardian to make reservations on the minor’s behalf. We will take all reasonable measures to delete or promptly de-identify any data we collect from any individual under the age of 18.
  • Our employees shall not disclose Traveler personal data to any third party unless specifically authorized to do so. In general, our employees do not have access to personal data unless there is a “need to know.’
  • We will not discriminate against any individual who enforces their rights under this policy or pursuant to any applicable law, rule, or regulation.
  • An authorized agent may submit an inquiry on an individual’s behalf by emailing privacy@worldtravelinc.com. Upon receipt, we will validate the request using information available to us, including contacting a client to assist us with validating the request, or contacting the individual on whose behalf the request was made. Authorized agents must be able to verify their own identity or otherwise confirm that they have a valid power of attorney.
  • We will reply to any inquiry submitted to privacy@worldtravelinc.com within 45 days. We reserve the right to extend that deadline by an additional 45 days, if we also provide notice to the sender that the deadline has been extended.
  • We will keep records of inquires made under this policy and how we responded for at least 24 months. Thereafter records (including email messages) will be managed in accordance with the company’s then-current policies and procedures.

 8. Our Contact Information

Questions about this policy should be directed to privacy@worldtravelinc.com. You may find out more information about World Travel, Inc. at www.worldtravelinc.com.
Download Product and Services Privacy Policy