Travelport’s Travel Commerce Platform
As illustrated in the graphic below, our Travel Commerce Platform is a technology infrastructure used for the distribution of travel services. Many travelers engage traditional or online travel agencies, known in our industry as Subscribers, for assistance in managing their travel. Subscribers use the GDS component of our Travel Commerce Platform to identify and price travel alternatives and to purchase the traveler’s selection. We then advise the relevant Travel Providers about the sale of their services.
International transfers of GDS personal information
Travelport does most of its processing of GDS Personal Information in Travelport data centers located in the United States of America, a country whose legal system has not received an adequacy decision from the European Commission. We recognize that the European Union (EU) and Switzerland have data protection laws that restrict the transfer to the United States of Personal Information about European Travelers, unless there is “adequate protection” for such information when it is received in the United States.
To address this restriction as applied to GDS Personal Information about European Travelers, Travelport has implemented the European Commission’s model contracts within the Travelport group. For these purposes, a “European Traveler” is a traveler whose personal data is entered by a Travelport GDS Subscriber located in the EEA or Switzerland, regardless of the traveler’s nationality, residence, or location.
Although we take seriously the personal data of all travelers, our model contract implementation benefits European Travelers and does not cover travelers using a Subscriber located outside of the EEA and Switzerland, nor does it cover travelers who select Travel Providers located outside of the EEA and Switzerland. In each situation, any transfer of GDS Personal Information will rely on safeguards put into place by the Travel Provider and Subscriber, each of whom can provide more information on their respective safeguards.
To learn more about model contracts, please visit http://ec.europa.eu/justice/data-protection/international-transfers/transfer/index_en.htm.
Collection, use and disclosure
Travelport obtains GDS Personal Information when a Travel Provider or a Subscriber submits such data to a Travelport GDS. We also receive GDS Personal Information when an individual traveler submits data to us directly; however, this occurs only in limited circumstances. The types of GDS Personal Information that we obtain is the typical information that you provide when you travel.
- date of birth,
- postal address,
- e-mail address,
- telephone number,
- credit card and payment information,
- travel and accommodation details,
- passport information, and
- special travel requests, such as a request for a wheelchair or a special meal.
We use GDS Personal Information to:
- process travel bookings,
- provide Subscribers and Travel Suppliers with access to travel information,
- make and change travel reservations,
- perform billing and accounting functions related to the travel,
- perform internal business processes (such as testing and quality assurance), and
- issue tickets and other travel-related documents on behalf of travelers.
We disclose GDS Personal Information to Travel Providers and Subscribers, as well as to the processors that act on their behalf, to carry out these activities and to help perform the underlying contracts with travelers.
We also disclose GDS Personal Information to vendors that perform functions on our behalf, including suppliers of software development services, business processing service providers, contact center service providers, and computer maintenance providers. We contractually require these vendors to maintain appropriate protections for GDS Personal Information and to only process such data in accordance with our instructions.
We may also process and disclose GDS Personal Information when lawfully requested by public authorities, including requests based on national security or law enforcement requirements; for credit card processing, authentication, and fraud prevention; or as otherwise required or permitted by law, subpoena, or regulation. We do not sell GDS Personal Information for purposes of allowing third parties to conduct direct marketing for their own products or services.
Data security and integrity
Travelport maintains reasonable measures to protect GDS Personal Information from loss, misuse, and unauthorized access, disclosure, alteration and destruction. Travelport also takes reasonable steps – to the extent reasonably possible in the context of our role as an intermediary between Travel Providers and Subscribers – to keep GDS Personal Information accurate, current, complete, and reliable for its intended use.
Travelport retains GDS Personal Information no longer than is necessary to comply with legal obligations and to fulfill legitimate business and compliance purposes. GDS Personal Information is destroyed no more than 13 months after the completion of the last travel transaction in the reservation.
Travelport analyzes, uses, discloses, and processes statistical and other data in de-personalized form that Travelport obtains or generates in connection with its Travelport GDS business. This data is used to identify trends and other activities in the travel industry.
Information from minors
Travelport GDS services are not intended for use by minors. We do not knowingly collect GDS Personal Information from any minor child.
Data access and correction requests and other questions
European data privacy laws grant European Travelers certain rights with respect to the:
- portability; and
- restriction or objection to processing of their own GDS Personal Information.
As a practical matter, travelers may first wish to contact their Travel Providers or Subscriber as the most efficient means of addressing any issues in these areas. Travelers may direct any other requests (including requests for applicable model clauses), questions or complaints relating to their own GDS Personal Information to Travelport at firstname.lastname@example.org or to the Privacy Officer at the addresses specified below. Travelport retains the right to use reasonable measures to authenticate the identity of any Traveler who requests access to their GDS Personal Information or otherwise raises any questions.
If you do not consent to the data use described in this policy, you may choose not to use a Subscriber's services. If you change your scope of consent regarding the data use described in this policy, such a change may disrupt, delay, cancel or increase the cost of your travel.
Privacy-related communications may be directed to:
One Axis Park, 10 Hurricane Way
Langley, Berkshire SL3 8AG
Attention: Privacy Officer/Legal Dept
T: +44 (0) 1753 288000
F: +44 (0) 1753 288001
300 Galleria Parkway
Atlanta, Georgia 30339
Attention: Privacy Officer/Legal Dept
T: +1 770-563-7400
F: +1 770-563-7878
Once we receive your inquiry we will investigate the matter and respond to you promptly. We will endeavor to do this within 10 days. If this is not possible, we will endeavor to contact you and let you know about a revised timeframe.
If any European Traveler experiences an issue regarding GDS Personal Information that the European Traveler cannot resolve directly with Travelport, such traveler has a right to lodge a complaint with the governing Data Protection Authority.
Publication and effective date
This policy is published by Travelport, LP on behalf of the Travelport group companies. Travelport, LP is a Delaware USA limited partnership with its principal place of business located at 300 Galleria Parkway, Atlanta, Georgia 30339, USA, T: +1 770-563-7400, F: +1 770-563-7878. We may update this policy from time to time and will post a prominent notice to inform users about significant changes.
Effective Date: This policy was last updated on 30 September, 2016. Click here to view prior versions.