Last Updated December 30, 2019

TripActions, Inc. and its affiliates (collectively, “TripActions,” “we,” “us” and "our) respect your privacy. We are a travel management platform that helps companies manage all of their corporate travel in one place as described in our Terms of Service. “You” may be a visitor to one of our Websites, a customer of one or more of our Services (“Customer”), or an employee, traveler or guest of a Customer (“Traveler”).

This Privacy Policy describes the types of Personal Information we collect through our main website at tripactions.com (“Website”) and through our travel products and services that we provide to Customers (“Services”). This Privacy Policy also describes how we use Personal Information, with whom we share it, your rights and choices, and how you can contact us about our privacy practices.



Overview

TripActions obtains Personal Information about you from various sources to manage our Website and provide our Services. There are two primary ways you may interact with TripActions online.

Website Visitors

Our Website at tripactions.com is publicly available and allows visitors to learn more about TripActions, request a demo, and contact us. Personal Information may be collected through webforms where you type in your information or automatically using tracking technologies, like cookies.

TripActions Services

Our Services include our web application at app.tripactions.com and TripActions mobile application made available by us. The web application and our mobile applications (collectively, our “Apps”) provide the ability to search for and book travel, track and submit travel expenses, and access traveler support, as well corporate administrative functionality including real-time reporting, traveler tracking, spend reconciliation, and traveler customer support. Our Services are offered through a corporate subscription.

When you use our Services on behalf of one of our Customers (e.g., your employer), we collect, use, and disclose Personal Information about Travelers acting in our capacity as a “processor” or “service provider” to our Customers. As a result, your Personal Information will be governed by our Customer’s privacy policy, not this Privacy Policy. TripActions’ Customers are responsible for making sure that the Traveler’s privacy rights are respected, including ensuring appropriate disclosures about third-party data collection and use are made. When we act as a “processor” or “service provider” to our Customers, we process Personal Information in accordance with the terms of the agreement we have with the TripActions Customer, our Customer’s lawful instructions, and consistent with this Privacy Policy.

As a travel management platform, our Services may share your booking information with other parties to fulfill your travel reservations, including third-party websites, services or applications. This Privacy Policy does not apply to third-party websites, services, or applications, even if they are accessible through our Services, and you should consider the privacy practices of those third parties carefully.


Personal Information

Personal Information” is information that identifies you as an individual or relates to an identifiable individual. The types of Personal Information we collect vary according to your interactions with us, for example, depending on whether you are a visitor to our website, a Customer of TripActions, or a Traveler.


How We Collect Personal Information

Information You Provide to Us

Website Visitors. If you visit or use our Website, you can fill out web forms to ask for a demo, sign-up for a newsletter, register for a TripActions event, or take a survey. The specific Personal Information requested on these forms will vary based on the purpose of the form. For example, when you respond to TripActions emails or surveys, we collect your email address, name, and any other information you choose to include in your email or response.

TripActions Services. When you use our Services, the Personal Information that you provide directly to us through our Services will be apparent from the context in which you provide the data. The Personal Information may be provided to us directly by you or others, such as our Customer (e.g., your employer), a designated travel admin, or a traveling companion, on your behalf.

When you use TripActions to register an account (“Account”) on our Services, we collect Personal Information, such as name, email, postal address, telephone number, financial data (payment card information and billing address), date of birth, gender, and emergency contact information. You may customize your travel profile by providing additional Personal Information, such as passport data, marital status, travel preferences, Known Traveler Number, TSA-Pre number, special meal preference, and travel loyalty programs.

When you contact us for travel support through our chat feature on our Apps or by telephone, we may collect Personal Information to verify your identification and help with your travel issue. In addition, we may record telephone calls between you and our representatives for training and quality assurance purposes. To the extent you may choose to provide Personal Information with feedback, suggestions, or recommendations about your experience, we collect that information.

Other Methods. You may also choose to submit information to us via other methods, including in response to marketing, through social media or online forums, through participation in an offer or promotion, or by giving us your business card or contact details at trade shows or other events.

Information Automatically Collected

In addition to the information you provide, when you visit our Website and use our Services, we automatically collect certain information about how you access and interact with our Website and Services. This information is a key part of how we improve your experience on TripActions and provide you with personalized insights, recommendations, and travel notices. These may include things like cookies, browser web storage, web beacons, and similar technologies. These technologies record information about your use of our Website and Services.

  • Browser and Device Information. Certain information is collected by most browsers or automatically through your device, such as your Media Access Control (MAC) address, IP address, computer type (Windows or Mac), screen resolution, operating system name and version, device manufacturer and model, language, Internet browser type, add-ons, and version and the name of the website or app you are using. We use this information to ensure that our Website and Services function properly.

  • Log Information. When you use our Website, certain information is automatically collected in system logs about how you interact with our Website, such as your online activity, search terms, pages you visit, date and time of access, and cookie information. When you use our Services, we also may collect information about your online activity, such as trips viewed, travel reservations made, and other actions within our App. When you download and use one of our Apps, we and our service providers may track and collect App usage data, such as the date and time the App on your device accesses our servers and what information and files have been downloaded to the App based on your mobile device's identifier.

  • Cookies. Cookies are pieces of information stored directly on the computer that you are using. We use cookies on our Website and Services to better understand how people use our websites and ensure that they function properly. Cookies allow us to collect information such as browser type, time spent on the Website, pages visited, language preferences, and other traffic data. We use the information for security purposes, to facilitate navigation, to display information more effectively, and to personalize your experience. We also gather statistical information about use of the Website(s) in order to continually improve their design and functionality, understand how they are used, and assist us with resolving questions regarding them.

    We use cookies on our Website to allow us to select which of our advertisements (“ads”) or offers are most likely to appeal to you and display them while you are on our Website. We may also use cookies or other technologies in online advertising to track responses to our ads.

    We do not currently respond to browser do-not-track signals. If you do not want information collected through the use of cookies, most browsers allow you to automatically decline cookies or be given the choice of declining or accepting a particular cookie (or cookies) from a particular website. You may also wish to refer to http://www.allaboutcookies.org/manage-cookies/index.html. If, however, you do not accept cookies, you may experience some inconvenience in your use of our Website as some features may not operate as intended.

  • Pixel tags. Pixel tags (also known as web beacons and clear GIFs) may be used to, among other things, track the actions of users of the Website and Services, measure the success of our marketing campaigns, and compile statistics about usage and response rates.

  • Analytics. We use Google Analytics, which uses cookies and similar technologies to, collect and analyze information about use of our Website and Services, and report on activities and trends. This service may also collect information regarding the use of other websites, apps and online resources. You can learn about Google’s practices by going to www.google.com/policies/privacy/partners, and exercise the opt-out provided by Google by downloading the Google Analytics opt-out browser add-on, available at https://tools.google.com/dlpage/gaoptout.

  • Geolocation. When you use certain features of the Services, we may collect certain information like IP address, device information, or log information to estimate your location (e.g., city or state) and to offer you an improved user experience and provide you with personalized location-based services, such as identifying nearby hotels or airports. Most mobile devices allow you to control or disable the use of location services for applications in device settings menu.


Information From Third Parties

We may obtain and rely on Personal Information about you from third parties and other sources, such as our business partners, Customers, and other users of our Services. For example, TripActions Customers may provide Personal Information about Travelers when they create new Accounts for their employees or guests. Organizers of meetings and events may share Personal Information when they are organizing travel for attendees. We may also work with different third-party partners to supplement information we collect directly from you.

As a travel management platform, when we conduct fraud monitoring, prevention and detection activities, we may also receive Personal Information about you from our business partners, financial service providers, identity verification services, and publicly available sources as necessary to confirm your identity and prevent fraud.

If you disclose any Personal Information relating to other people to us or to our service providers in connection with our Services, you represent and warrant that you have the authority to do so and to permit us to use the information in accordance with this Privacy Policy and/or any other agreements we may have with you.


How We Use Personal Information

We use the information we collect from you and third parties to operate our Website and Services, communicate with you, conduct research and development to improve our Website and Services, promote our Services.

TripActions Services. We use Personal Information for the purpose of providing our Services and fulfilling your requests. We engage in these activities to manage our contractual obligations under the contracts we have with our Customers or where we have a legitimate interest. Some examples include:

  • Create, maintain, and secure your account, customize your travel profile, and provide Services to you.
  • Complete travel bookings, process your payments, provide travel confirmations, provide notifications and updates, and verify your information.
  • Communicate with you regarding travel interruptions, flight changes, delays, and cancellations; respond to inquiries and questions; and notify you of updates to our Services, announcements, and promotions. Communications may be sent via email, push notifications, browser notifications, SMS, and postal mail.
  • Provide customer support when you contact us via chat, telephone, or email. We use Personal Information to verify your identity and retrieve travel records related to your inquiries.

Marketing and Events-Related Communications. When you use our Website and Services, we may send you marketing communications about our Services, new products, features, functionalities, and other news about TripActions. Marketing communications may invite you to participate in our events or surveys. We will engage in marketing activities with your consent or where we have a legitimate interest.

Providing Personalized Services. We use Personal Information to analyze and/or predict preferences in order to prepare aggregated trend reports on how our Website and Services are used, so we can improve our Website and Services. We also use Personal Information to personalize your experience on our Website and Services, such as to curate booking recommendations, identify nearby hotels and airports, record travel meal and seating preferences, submit expense reports, and optimize search results. We provide these personalized services based on our legitimate interests, and with your consent to the extent required by applicable law, or where permitted by the contract with our Customer.

TripActions Events. When we collect your business contact details through participation at trade shows or other events, we may use this information to follow-up with you regarding an event, offer a demo of our Services, send you information that you requested, and, with your permission, include you on our marketing campaigns.

Accomplishing Our Business Purposes. We use Personal Information to provide Services to you (i.e., to perform our contract with you or our Customer), to comply with our legal obligations, and to pursue our legitimate interests. Our business purposes include:

  • Data analysis to improve the efficiency of our Services, develop new products and services, enhance, modify, and maintain our current products and Services, as well as undertaking quality and safety assurance measures;
  • The security of our Website and Services to protect the safety, integrity of our Customers, including monitoring, detecting, and preventing fraud, cyberattacks, attempts to commit identity theft, and unauthorized or illegal use of our Website or Services;
  • Identification of usage trends, for example, understanding which parts of our Services are of most interest to users;
  • Determine the effectiveness of our promotional campaigns, so that we can adapt our campaigns to the needs and interests of our users;
  • Operate and expand our business activities, for example, understanding which parts of our Services are of most interest to our users so we can focus our energies on meeting our users’ interests;
  • Audits to verify that our internal processes function as intended and to address legal, regulatory, or contractual requirements;
  • Improve, enhance, and develop our Website and Services, including to perform analytics, conduct research, identify trends, improve our algorithms, develop and improve the content, design, usability and quality of our Website and Services.

Consent. We may use Personal Information for other purposes that are clearly disclosed to you at the time you provide Personal Information or with your consent.

Aggregated and De-Identified Personal Information. We may aggregate and/or de-identify Personal Information such that it is no longer considered Personal Information. We do so to generate other data for our use, which we may use and disclose for any purpose, as it no longer identifies you or any other individual. We engage in these activities based on our legitimate interest.


How We Disclose Personal Information

We disclose your Personal Information in connection with providing our Services and the operation of our business.

TripActions. We share Personal Information with other TripActions entities in order to provide our Services and for internal administration purposes. These entities are TripActions Labs BV (Netherlands), TripActions BV (Netherlands), and TripActions Pty Limited (Australia).

TripActions Customers. As a corporate travel management platform, we share Traveler Personal Information with the Customer who has made our Services available to the Traveler (i.e., the Traveler’s employer). Information may include travel bookings and details, travel status, travel expenses, profiles, current locations (based on itinerary), travel preferences, payments and transactions history. Travel bookings designated as business purpose are accessible by the Traveler’s employer. If you are a member of a TripActions Rewards Program, information related to your bookings will be shared with your employer, such as traveler, booking, destination, travel dates, and pricing information. Please note that the information we provide will be subject to the receiving Customer's privacy policy. We are not responsible for the privacy and security practices of our Customers.

Service Providers. We share Personal Information with a limited number of our service providers. We have service providers that provide services on our behalf, such as website hosting, data analysis, credit card payment processors, billing services, business analytics, distribution of surveys or sweepstakes programs, information technology and related infrastructure, customer service, email delivery, identity verification, auditing, and fraud protection.

Business Partners and Providers of Travel Services. We share Personal Information with third-party business partners when this is necessary to provide our Services. Examples of third parties to whom we may disclose Personal Information for this purpose are airlines, hotels, rail, rental car companies, travel networks and agencies in order to make the travel bookings you requested. Other third parties include payment processing services. Please note that the information we provide may be subject to the receiving third party's privacy policy. We are not responsible for the privacy and security practices of these third parties.

Legal Compliance and Obligations. We share Personal Information as necessary or appropriate (i) to comply with applicable laws and regulation which may include laws outside your country of residence; (ii) to protect the rights, privacy, safety, and property of our Customers, you, others, or TripActions and to enforce our Terms of Service; (iii) to collect amounts owed to us, and (iv) to respond to requests from courts, law enforcement agencies, regulatory agencies, and other public and government authorities (including national security requests) which may include authorities outside your country of residence.

Corporate Transactions. We may disclose or transfer Personal Information to a third party in the event we enter into, or intend to enter into, a transaction that alters the structure of our business, such as a reorganization, merger, sale, joint venture, assignment, transfer, or disposition of all or any portion of our business, assets, or stock (including in connection with any bankruptcy or similar proceedings).


Your Rights and Choices

You have choices regarding our use and disclosure of your Personal Information. You may opt out from:

  • Receiving marketing-related emails from us. If you no longer want to receive marketing-related emails from us, you may opt-out via the “unsubscribe” link included in such emails. Please note that if you opt-out of receiving marketing-related emails from us, we may still send you important administrative messages that are required to provide you with our Services, from which you cannot opt-out. We will try to comply with your request(s) as soon as reasonably practicable.

  • Receiving Travel Alerts from Us. You can manage your communication preferences by visiting your Account Profile and then Settings. You can choose which types of travel alerts to receive and the method for receiving the alerts. You may also opt-out of SMS alerts in your Account Settings.

Accessing and Changing Your Personal Information. You may access, update, correct, or delete your profile information and preferences at any time by logging in to your Account through our Apps.

Your Data Protection Rights. In accordance with applicable law and depending on where you reside, you may have the right to: (i) request confirmation of whether we are processing your Personal Information; (ii) obtain access to or a copy of your Personal Information; (iii) receive an electronic copy of Personal Information that you have provided to us, or ask us to send that information to another company (the “right of data portability”); (iv) object to or restrict our uses of your Personal Information; (v) seek correction or amendment of inaccurate, untrue, incomplete, or improperly processed Personal Information; (vi) withdraw your consent and (vii) request erasure of Personal Information held about you by us, subject to certain exceptions prescribed by law.

If you would like to exercise any of these rights, please email us at [email protected] or contact us as specified in Contact Us section below. We will respond to your request consistent with applicable law and as soon as reasonably practicable. To protect your privacy, we will verify your request using the information associated with your account, including email address.

Please note that if you use our Services on behalf of an organization that is our Customer (e.g., your employer), that Customer may be responsible for fulfilling the rights listed above.

California Privacy Rights. The California Consumer Privacy Act (CCPA) affords California residents certain rights regarding categories of personal information that we collect, use, and disclose acting in our capacity as a "business."

Subject to certain limitations, CCPA provides California residents the right (i) to request to know more details about the categories or specific pieces of personal information we collected, including how we use the information and the categories of third parties to whom we disclose this information; (ii) to request the categories of sources from which we collect personal information; (iii) to access or delete their personal information; (iv) to opt out of any “sales” of personal information that may be occurring; and (v) to not be discriminated against for exercising these rights.

In the preceding 12 months, we may have collected and disclosed the following categories of personal information for one or more business purposes: identifiers, personal information (as defined in the California customer records law), characteristics of classifications protected by California or federal law, commercial information, internet or electronic network activity information, geolocation data, audio, electronic, or similar information, such as call recording, professional or employment information, and inferences drawn from other personal information to create a profile.

For a more detailed explanation of the Personal Information we have collected about you, please refer to “Information You Provide to Us,” “Information Automatically Collected,” and “Information From Third Parties” sections of this Privacy Policy. We use and disclose the information we collect for the business purposes described in this policy, please refer to “How We Use Personal Information” section above.

For purposes of the California Consumer Privacy Act, we do not "sell" (as such term is defined in the CCPA) the personal information we collect. California residents may make a request pursuant to their rights under the CCPA by contacting us as set forth below. We will verify your request using the information associated with your account, including email address. Government identification may be required.

If you are a resident of California, under 18, and have an Account on our Services, you may ask us to remove content or information that you have posted to our Services by writing to [email protected]. Please note that your request does not ensure complete or comprehensive removal of the content or information, as, for example, some of your content may have been reposted by another user.


Security and Retention

We maintain commercially reasonable technical and organizational measures designed to protect Personal Information within our organization. Unfortunately, no data transmission or storage system can be guaranteed to be 100% secure. If you have reason to believe that your interaction with us is no longer secure, please Contact Us immediately.

We retain Personal Information for as long as needed or permitted in light of the purpose(s) for which it was obtained and consistent with applicable law. If you are a Customer or Traveler, we retain your Personal Information as long as we are providing Services to you. We may retain Personal Information and certain records of your transactions to the extent necessary to comply with our legal and regulatory obligations. We may also retain Personal Information in light of our legal position such as in regard to applicable statute of limitations, litigation, or regulatory investigations.


Links to Other Websites

The Website and Services may provide the ability to connect to third-party websites or other online services. These third-party websites and services operate independently from us. This Privacy Policy does not address, and we are not responsible for, the privacy, information, or other practices of any third parties, including any third party operating any website or service to which the Website and Services link. The inclusion of a link does not imply endorsement of the linked site or service by us or by our affiliates.

Our Apps use Google Maps/Earth services, including the Google Maps API(s). Use of Google Maps/Earth is subject to Google Maps/Earth Additional Terms of Use and the Google Privacy Policy.

In addition, we are not responsible for the information collection, use, disclosure, or security policies or practices of other organizations, such as Facebook, Apple, Google, Microsoft, or any other app developer, app provider, social media platform provider, operating system provider, wireless service provider, or device manufacturer, including with respect to any Personal Information you disclose to other organizations through or in connection with our Apps or social media pages.


Interest-Based Advertisement Practices

When you visit our Website, we and certain third-party advertising companies engaged by us collect information about your online activities over time to provide you with advertising about products and services tailored to your individual interests. You may see TripActions ads or promotions on other websites or mobile apps based on information related to your visit to our Website, as well as information received from third parties, because we participate in advertising networks. These advertising networks may place or recognize a unique cookie on your browser (including through the use of pixel tags). They also use these technologies, along with information they collect about your online use, to recognize you across the devices you use, such as a mobile phone and a laptop. If you would like more information about this practice, and to learn how to opt out of some personalized advertising in desktop and mobile browsers on the particular device on which you are accessing this Privacy Policy, please visit http://optout.aboutads.info/# , http://optout.networkadvertising.org/#, and http://www.youronlinechoices.eu.


Use of Services and Website by Minors

Our Website and Services are not directed to individuals under the age of sixteen (16), and we do not knowingly collect Personal Information from individuals under 16.


Sensitive Information

Unless we request it, we ask that you not send us, and you not disclose, any sensitive Personal Information (e.g., social security numbers, information related to racial or ethnic origin, political opinions, religion or other beliefs, health, biometrics or genetic characteristics, criminal background, or trade union membership) on or through the Services or Website, or otherwise to us.


Jurisdiction and Cross-Border Transfer

Your Personal Information may be stored and processed in any country where we have facilities or in which we engage service providers, and by using our Website or Services you understand that your information may be transferred to countries outside of your country of residence, including the United States, which may have data protection laws that are different from those of your country. In certain circumstances, courts, law enforcement agencies, regulatory agencies or security authorities in those other countries may be entitled to access your Personal Information.


International Privacy Practices

European Economic Area. Some non-EEA countries are recognized by the European Commission as providing adequate level of data protection according to EEA standards (the full list of these countries is available here. For transfers from the EEA to countries not considered adequate by the European Commission, we have put in place adequate measures, such as certification to the EU-US Privacy Shield, to protect your Personal Information (please see our EU-US Privacy Shield Statement below). You may obtain more information by contacting us in accordance with the “Contact Us” section below.

You may contact our Data Protection Officer at [email protected]. You may also lodge a complaint with the EU/EEA data protection authority for your country or region where you have your residence, place of work, or where an alleged infringement of applicable data protection law occurs.

EU-U.S. Privacy Shield Statement. TripActions, Inc. complies with the EU-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information from European Union member countries. TripActions, Inc. has certified that it adheres to the Privacy Shield Principles of Notice, Choice, Onward Transfer, Security, Data Integrity and Purpose Limitation, Access, and Recourse, Enforcement and Liability. If there is any conflict between the policies in this privacy policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view our certification pages, please visit: privacyshield.gov.

In compliance with the Privacy Shield Principles, TripActions commits to resolve complaints about our collection or use of your personal information. Individuals located in the European Union with inquiries or complaints regarding our Privacy Shield practices should first contact [email protected].

TripActions has further committed to refer unresolved Privacy Shield complaints to BBB EU Privacy Shield, an alternative dispute resolution provider located in the United States. If you do not receive timely acknowledgment of your complaint from us, or if we have not addressed your complaint to your satisfaction, please visit www.bbb.org/EU-privacy-shield/for-eu-consumers for more information or to file a complaint. The services of BBB EU PRIVACY SHIELD are provided at no cost to you.

As part of our participation in Privacy Shield, we are subject to the investigatory and enforcement powers of U.S. The Federal Trade Commission and other authorized statutory bodies. Under certain conditions, more fully described on the Privacy Shield website, you may be entitled to invoke binding arbitration when other dispute resolution options do not satisfactorily resolve your concerns.


Updates to This Privacy Policy

We reserve the right to change this Privacy Policy at any time to reflect new services, changes in our Personal Information practices or relevant laws. If we make material changes, we will notify you as required by applicable law. The “Last Updated” legend at the top of this Privacy Policy indicates when this Privacy Policy was last revised. Any changes will become effective when we post the revised Privacy Policy.


Contact Us

TripActions, Inc., located at 1501 Page Mill Road, Building 1, Palo Alto, CA 94304, USA, is the company responsible for collection, use, and disclosure of your Personal Information under this Privacy Policy.

If you have any questions about this Privacy Policy, please contact us at [email protected], or write to us at TripActions, Inc., 1501 Page Mill Road, Building 1, Palo Alto, CA 94304 USA.

Because email communications are not always secure, please do not include credit card or other sensitive information in your emails to us.