This United States Privacy Laws Notice replaces our previous Privacy Notice for California Residents which has now been updated to comply with other applicable US state privacy laws. Any previous references to our California Privacy Notice or our Privacy Notice for California Residents in other Travelport Privacy Notices or in any contractual documents should now be construed as a reference to this United States Privacy Laws Notice. This Notice will be updated as US state privacy laws, regulations and guidance evolve or as otherwise required.
United States Privacy Laws Notice
This Privacy Notice (the “Notice”) supplements our privacy notices available at www.travelport.com/privacy (“Travelport’s Privacy Notices”) with additional disclosures required by certain US state privacy laws and also serves as a Notice at Collection regarding our data processing practices over the past 12 months as required under the California Consumer Privacy Act of 2018 (CCPA) as amended by the California Privacy Rights Act, 2023 (collectively the “US Privacy Laws”).
The Notice applies to travelers, website users, and business contacts of our business partners and suppliers who are US residents (“you”). This Notice does not apply to personal information that we collect from job applicants, contractors, or employees. For job applicants and candidates please see our Careers Privacy Notice which can be found here . If you are an existing contractor or employee, please contact us if you would like to receive a copy of our Employee Privacy Notice which is also available on the staff intranet.
Travelport (Travelport, LP and its group companies) provides this Notice in order to explain how we collect, use and disclose your Personal Information.
For the purposes of this Notice, “Business Purpose”, “Collection”, “Personal Information / Personal Data”, “Process” or “Processing”, “Sensitive Personal Information/Personal Data”, a “Sale” or a “Share” of your Personal Information have the meanings as defined in the US Privacy Laws.
Personal Information we may collect
Under certain US Privacy Laws, you have the right to know the categories of Personal Information we collect and disclose, the purpose for collecting such Personal Information, and the categories of third parties to whom the Personal Information is disclosed for a Business Purpose or Sold or Shared. This information is set out below.
The categories of Personal Information are as established under the California Privacy Rights Act. The Personal Information that we collect and process about you as set out in the table below may vary depending on the nature of our relationship with you.
| Category of Personal Information | Collected | Disclosed to third parties |
| Identifiers (such as name, postal address, unique personal identifier, date of birth, online identifier, Internet Protocol (IP) address, email address, account name, cookie information or other similar identifiers) | Yes, when using our websites or accessing and using our products and services (not all examples listed are collected in all cases) | Yes |
| Personal Information as defined in the California Customer Records law (such as signature, physical characteristics or description, telephone number, passport number, driver’s license or state identification card number, credit/debit card number, billing address or any other financial information, employment information such as name of employer and job title) | Yes (not all examples listed are collected in all cases) | Yes (not all examples listed are disclosed in all cases) |
| Protected classification characteristics under California or US federal law (such as age, gender, nationality marital status, medical condition, physical or mental disability) | Yes, collected only from travelers. Travelport does not ask travel agents for information about your medical condition, physical or mental disability but this information may be provided by a travel agency submitting a special service request if requested by you. In these cases Travelport just passes this information onto the travel provider to fulfill the booking. (not all examples listed are collected in all cases) | Yes (not all examples listed are disclosed in all cases) |
| Internet or other similar network activity (such as browsing history, search history, information on a user’s interaction with a website/mobile application or advertisement) | Yes, when using our websites or accessing and using our products and services (not all examples listed are collected in all cases) | Yes (not all examples listed are disclosed in all cases) |
| Inferences drawn from other personal information (such as a profile reflecting a person’s preferences, characteristics, predispositions, behavior and attitudes) | Yes, sometimes when using our websites or accessing and using our products and services (not all examples listed are collected in all cases) | Yes (not all examples listed are disclosed in all cases) |
| Geolocation data, such as approximate device location | Yes, sometimes when using our websites or accessing and using our products and services | Yes |
| Audio, electronic, visual, and similar information, such as images and audio, video or call recordings created in connection with our business activities. | Yes, sometimes for purposes of customer ordering & support services | Yes |
| Sensitive Personal Information (Identifiers – such as state identification card or passport number, citizenship, login credentials, financial account information) | Yes, collected only from travelers (not all examples listed are collected in all cases) | Yes (not all examples listed are disclosed in all cases) |
We may collect your Personal Information from the following sources:
- directly from you. For example, when you request information or a service from us or register for a Travelport product.
- indirectly from you. For example, when we automatically collect usage details during your interaction with our products or our websites.
- from our business partners. For example, when a travel agency submits your Personal Information into our systems to process a travel booking.
- from our service providers that provide services on our behalf, such as payment service providers, analytics providers, search information providers and credit reference agencies.
How we use your Personal Information
We collect and use your Personal Information for the following Business Purposes:
Manage travel bookings: to process travel bookings on behalf of our travel agency users; enable our travel agency users to make and change travel reservations; provide our travel business partners (travel providers and travel agencies) with access to travel information; to issue tickets and other travel related documents on behalf of travelers; perform billing and accounting functions related to the travel.
Communication and customer support: to communicate with you to carry out our contractual obligations; provide you with product updates, product patches and fixes, provide you with product customizations and other similar operational communications; to send notices about changes to our terms, conditions and policies; to provide you with helpdesk and other customer support services, including monitoring and recording calls for quality, training and audit purposes.
Marketing: to communicate with you about new products and services, events, promotional and advertising materials that may be useful, relevant, or otherwise of interest to you; to administer surveys and questionnaires, or new competitions or sales promotions that you may enter.
Perform internal business processes: to conduct billing and accounting functions; quality assurance, testing, research, for analytics and statistical purposes (for example, using aggregated data to analyze travel trends); for product development and enhancement and for other internal business processes.
Operation of our websites and products: to operate and manage our websites and products; providing content to you; displaying advertising and other information to you; and communicating and interacting with you via our websites and products.
IT security: for the management of our systems (including login records and access details, where you access our systems); to conduct IT security audits; to detect and manage vulnerabilities and security incidents.
Risk management and fraud prevention: for audit, compliance vendor management and other risk management purposes; for loss prevention and anti-fraud activities.
Legal compliance and investigations: to detect, investigate and prevent breaches of internal policies or illegal or fraudulent activity in accordance with applicable law; to ensure compliance with our legal and regulatory obligations under applicable law; to establish, exercise and defend our legal rights; to comply with lawful requests received from law enforcement agencies, public and regulatory authorities or other organizations.
Corporate transactions: to carry out re-organizations, mergers, joint ventures, acquisitions, and other similar business operations.
Travelport will not collect additional categories of Personal Information or use the Personal Information we collected for materially different, unrelated, or incompatible purposes without providing you with notice.
Disclosure of your Personal Information
We may disclose your Personal Information to a third party for a Business Purpose as defined in the US Privacy Laws. When we do that, we enter into a contract that describes the purpose and requires the recipient to both keep the Personal Information confidential and to use it for performing the contract only.
We disclose your Personal Information for a Business Purpose to the following categories of third parties:
- to other Travelport group companies, as required for business administration purposes.
- to our business partners who are directly involved in the fulfillment of travel-related services for you, such as airlines, hotels, car rental companies, rail and cruise operators.
- to service providers who process your Personal Information on our behalf to help us provide our products and services, such as suppliers of software development services, business processing service providers, contact center service providers, training providers, computer maintenance providers.
- to law enforcement agencies, public and regulatory authorities or other organizations to answer their lawful requests; for credit card processing, authentication, and fraud prevention; or as otherwise required or permitted by law, subpoena, or regulation.
In the preceding twelve (12) months, we have not sold any personal information.
When we use de-identified information (as defined by the US Privacy Laws), we maintain it in de-identified form, and we do not attempt to re-identify the information.
Data Retention
We keep your Personal Information no longer than is necessary to fulfill the relevant purposes described in this Notice, or as otherwise communicated to you. In addition, we might keep the information for longer based on criteria such as applicable rules on statute of limitations, any legal requirements to retain your personal information in light of compliance obligations, pending litigation or regulatory investigations, and the duration of your use of our websites and services.
Your privacy rights
Depending on where you live and subject to certain exceptions, you may have some or all the following privacy rights:
Right to Know: the right to request, subject to certain exceptions under the US Privacy Laws, that we disclose what Personal Information we collect and from whom, and how we use it. You also have the right to request the specific pieces of Personal Information we have collected about you, as well as information about disclosure for business purposes of your Personal Information to third parties.
Right to Delete: the right to request that we delete any Personal Information about you that we have collected from you, subject to certain exceptions under the US Privacy Laws.
Right to Correct: the right to request that we correct any inaccurate Personal Information we maintain about you, and we will respond to you, taking into account the nature of the personal Information and the purposes of processing.
Right to Portability: Depending on where you live and subject to certain exceptions, you may have the right to obtain a copy of your Personal Information in a portable and, to the extent technically feasible, readily usable format that allows you to transmit the data to another entity without hindrance.
Right to non-discrimination: the right not to receive discriminatory treatment for exercising your privacy rights.
Right to Opt-Out: In certain circumstances, you may have the right to opt-out of the Sale and/or Sharing of your Personal Information. For purposes of the US Privacy Laws, a “Sale” is the disclosure of Personal Information to a third party for monetary or other valuable consideration, and a “Share” is the disclosure of Personal Information to a third party for cross-context behavioral advertising, whether for monetary or other valuable consideration. We do not Sell or Share your Personal Information.
Depending on where you live, under certain US Privacy Laws you may have the right to opt out of the processing of your Personal Information for the purposes of profiling in furtherance of decisions that produce legal or similarly significant effects concerning you. We do not carry on profiling activities concerning you in furtherance of automated decisions that produce legal or similarly significant effects, as those terms are defined under applicable US Privacy Laws.
Depending on where you live, under certain US Privacy Laws you may also have the right to opt out of the processing of your Personal Information for purposes of targeted advertising. You may choose to exercise this right as detailed below under section “How to exercise the right to opt-out”.
Right to Limit the Use and Disclosure of Your Sensitive Personal Information: In some circumstances, you may have the right to limit the use and disclosure of your Sensitive Personal Information to the purposes authorized by the CCPA. We do not use or disclose sensitive Personal Information for any purpose not expressly permitted by the CCPA.
Private Right of Action for Data Breaches: If you are a California resident, you have the right to institute a civil action against Travelport for unauthorized access, theft, or disclosure of nonencrypted and non-redacted personal information (as defined in the CCPA) due to the business failing to implement reasonable security practices and procedures appropriate for the particular type of Personal Information.
How to exercise your privacy rights
You may exercise your privacy rights by sending us an email to privacy@travelport.com or by calling us at 1-800-245-5214. Under certain US Privacy Laws, you may also authorize another person to make a data subject request on your behalf, and the authorized person may do so via the above listed submission methods.
We may ask you to provide information that will enable us to verify your identity to comply with your privacy request. Once we receive a verifiable request, we will respond to your request in compliance with the applicable US Privacy Laws. If we refuse to take action on your request, under certain US Privacy Laws you have the right to appeal this refusal within a reasonable period of time after your receipt of our decision, by submitting a request for appeal to privacy@travelport.com.
If you are a California resident and you choose to exercise any of your CCPA privacy rights, any disclosures we provide will only cover the 12-month period preceding the receipt of the request.
We do not charge a fee to process or respond to your request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.
How to exercise the right to opt out in relation to our Websites:
Depending on where you live, you may have the right to request you are opted-out of targeted advertising, sales and/or profiling of your Personal Information. You may do that by clicking the opt-out button on our cookie consent banner that shows on our websites, or by sending an opt-out preference signal supported by your device or browser.
Our websites recognize the Global Privacy Control (GPC) preference signal. GPC is a standardized signal that a user's web browser sends to websites to indicate that the user wants to opt out of certain data collection and sharing practices. If you have this right, when you visit and log in to our websites in a GPC-enabled browser, we will treat our initial receipt of the GPC signal as a valid request to opt out of targeted advertising, sales and/or profiling as defined by applicable US privacy laws granting this right. Please note that if you are logged out, our processing of the signal will be limited to the specific browser that you are using. You may need to renew your opt‑out choice if you use a different browser to access our websites. Other than the GPC, we do not recognize any other "do not track" signals.
Changes to our Notice
Travelport reserves the right to amend this Notice at our discretion and at any time. When we make changes to this Notice, we will post the updated notice on our Websites and update the notice’s effective date. Your continued use of our Websites or services (directly or indirectly) following the posting of changes constitutes your acceptance of such changes.
Effective Date: This Notice was published on 08th of September 2025.