LAST UPDATE 03/03/2023

Hello. We are TravelPerk S.L.U. (known by humans as TravelPerk). Here's how we protect your personal data and respect your privacy.

🔏 Our role in your privacy

If you are a TravelPerk user, prospective customer, tester, attendee to a TravelPerk event, or just visiting our website, this policy applies to you.

Our responsibilities

If you are in one of the categories above, we act as the ‘data controller’ of personal data about you when we process your information for the reasons mentioned in the “How and why we use your data” section below.

When we process your information for such reasons, if you are a TravelPerk user:

• 🇺🇲 Related to a company located in the United States of America or Canada (including foreign affiliates), TravelPerk America, Inc will be a joint controller of your data;
• 🇬🇧 Related to a company located in the United Kingdom (including foreign affiliates), TravelPerk UK IRL Limited will be a joint controller of your data;

If you’re looking for a job at TravelPerk, check out the recruitment privacy policy. This isn’t the privacy policy you’re looking for.

You can reach our data protection officer via dpo@travelperk.com.

Your responsibilities

• Read this Privacy Policy.
• If you are our customer, please also check the contracts between us (including our Data Processing Agreement): they may contain the details on how we collect and process your data as a ‘data processor’ on behalf of your employer.
• If you share personal information about someone else, or if someone else shares your information with us, we promise to only use that information for the reasons mentioned here. When you give us this information, you confirm that you have the right to let us use it according to this Privacy Policy.

📂 When and how we collect data

From the first moment you interact with TravelPerk, we are collecting data. Sometimes you provide us with data, sometimes we collect data about you automatically.

Here’s when and how we do this:

When and how we do this

Data you give

Data we collect

You browse any page of our website

You download our app

You use TravelPerk

We identify you as a potential customer

You receive emails from us

You request a demo of TravelPerk

We receive emails about you from travel suppliers

You ask to attend an event organized by TravelPerk

You opt-in to marketing messages

🏷️ Types of data we collect

✉️ Contact details

Your name, email address, role in your company, and any other contact details you may share with us.

💼 Professional information

Details on the company, entity or organization you work for, collaborate with, or represent.

🪪 Data that identifies you

Your identity document, IP address, login information, browser details (such as type and version), time zone settings, browser plug-ins, geolocation information, and operating system details (such as version).

👆 Data on how you use TravelPerk

Your app usage, including your clickstreams (the path you take through our app), the products/services you view, page response times, any download errors you encounter, how long you stay on our pages, what you do on those pages, how often you do it, and other actions you take.

🗣️ Image and voice

Your image or voice may be recorded in specific interactions with the TravelPerk team (e.g.: calls with sales representatives and customer care agents, or product research sessions). 

👍 Feedback data

Additional personal data you share during customer feedback sessions (e.g.: via screen sharing, direct interviews, etc.) or in response to feedback surveys.

🙂 Other information

Any other information you provide in your requests for information or that is generated during the contractual relationship between your company, organization, or entity and TravelPerk.

⚠️ What about sensitive data?

We don’t collect any “sensitive data” about you (like racial or ethnic origin, political opinions, religious/philosophical beliefs, trade union membership, genetic data, biometric data, health data, data about your sexual life or orientation, and offences or alleged offences) except when you consent to it by voluntarily disclosing your sensitive data with us to ask for a service. 

🧒 What about children’s data?

TravelPerk is a business-to-business service directed to and intended for use only by those who are 16 years of age or over. We do not target TravelPerk at children, and we do not authorize people under 16 years of age to create a TravelPerk account or directly request our services.

In some exceptional cases, users who travel with their children can provide the personal data of those minors to use our services. This is only allowed if it's necessary to use the services. For children under 16, the authorized adult must have legal permission to give consent on behalf of the child. For children between 16 and 18, the authorized adult must obtain and provide proof of the consent given by the child.

⚙️ How and why we use your data

We can only use your data for specific reasons and if we have a legal basis to do so. These reasons are:

Managing our contractual relationship

Executing, fulfilling, monitoring and enforcing compliance of contracts; issuing invoices and cost reports to customers and collecting payments. This includes personal data of individuals who sign contracts with TravelPerk or are authorized to hire our services on behalf of the customer.

Legal basis: Contract
Data categories: Contact details, Professional information, Other information

Prospective contractual relationship

Handling information requests about our company or services, processing requests for TravelPerk services on behalf of your company, entity, or organization, and managing potential contractual relationships between TravelPerk and your company, entity, or organization.

Legal basis: Pre-contractual processing
Data categories: Contact details, Professional information, Data that identifies you

Marketing communications

Sending you commercial and promotional communications related to TravelPerk’s services or products that are similar to those you have requested or shown interest in. This may include electronic or telephone communications. If applicable regulations allow, we may also send you commercial communications about products or services that could be relevant to your company.

If you don't want to receive such communications, you can object at any time by clicking the unsubscribe link on the message.

Legal basis: Consent (where legally required), Legitimate interest - developing and growing our business with our clients. You can request to unsubscribe from receiving commercial communications at any time and no cost.
Data categories: Contact details, Professional information

Marketplace & Integrations

Sharing your contact with our Integrated Partners if you give us your consent.

Legal basis: Consent
Data categories: Contact details, Professional information

Improving TravelPerk

Managing landing pages and heat mapping our website, testing features, optimizing traffic; collecting your feedback via platforms, questionnaires and live sessions; anonymizing data for development, testing and analytics; recording and reviewing calls with the TravelPerk team for quality assurance; analyzing data, including using artificial intelligence and other techniques, and in some cases, using third parties to do this.

Legal basis: Legitimate interests - (i) having tools to improve customer service and be in a position to defend from and minimize claims from our clients, and (ii) analyzing our business practices so that we can make informed decisions and define our strategies for developing and growing our business.
Data categories: Contact details, Professional information, Data that identifies you, Data on how you use TravelPerk, Image and voice, Feedback data

Customer support

Sending you notifications of any changes to our services and solving issues with our platform through email, phone or chat.

Legal basis: Legitimate interests - i) fulfilling our contractual obligations towards our clients, and (ii) developing and strengthening our brand reputation and protecting and growing our business.
Data categories: Contact details, Professional information, Data that identifies you, Other information

Maintaining security of the TravelPerk services and website

Ensuring that our services and website are not being used in an unauthorized or abusive way by detecting, investigating or preventing activities that go against TravelPerk policies or laws.

Legal basis: Legitimate interest - protecting our assets and clients from cyberattacks and similar malicious actions.
Data categories: Contact details, Professional information, Data that identifies you, Other information

Event registration and attendance

Planning and hosting events that you have registered for or are attending, including sending communications related to these events.

Legal basis: Contract
Data categories: Contact details, professional information

Fraud prevention

Detecting and preventing potentially prohibited or illegal activities, and comply with legal obligations and requirements. This includes issuing invoices to customers and fulfilling applicable fraud prevention laws.

Legal basis: Legitimate interest - protecting our business and clients from fraudulent actions with both internal and external sources.
Data categories: Contact details, Professional information, Data that identifies you, Other information

Complying with legal obligations

Fulfilling valid requests from authorities and complying with applicable regulation on terrorism prevention and other legal requirements.

Legal basis: Legal obligation
Data categories: Contact details, Professional information, Data that identifies you, Other information

Recording building access controls and visitor logs

Granting access to TravelPerk’s premises, managing and keeping track of all visitors, issuing access cards, and keeping visitors and the TravelPerk staff safe while on our physical sites.

Legal basis: Legitimate interest, public interest
Data categories: Contact details, Professional information, Data that identifies you, Other information

⚖️ Your privacy choices and rights

Your choices

⛔ You can choose not to provide us with personal data

If you choose to do this, some website functionalities may not work as intended, and you will be unable to access our app.

🍪 You can turn off cookies

You have the option to block cookies by changing your browser settings or using the cookie banner on our website. Additionally, you may delete cookies via your browser settings. Certain services may not function properly if cookies are turned off.

🫴 You can ask us not to use your data for marketing

Unless we rely on your consent, which you can also withdraw at any time, we will notify you if we plan to utilize your information for marketing purposes and whether any third parties will be involved. If you wish to opt out of marketing, you can object at any time by clicking the unsubscribe link on the message.

Your rights

If you are a TravelPerk user: you may exercise your privacy rights by contacting your company’s designated TravelPerk account admins, who can act on behalf of the data controller (your company). Your company's admins can manage your data deletion (refer to instructions here) and update your personal data directly from the TravelPerk platform. In case they require additional information, they can request it from us as necessary.

If you are a prospective customer, product tester, TravelPerk event attendee, or a TravelPerk website visitor: you can exercise your rights by sending your request to privacy@travelperk.com.

🔑 You have the right to access information we hold about you

You have the right to request additional information about:

• The categories of data we process
• The purposes of data processing
• The categories of third parties to whom the data may be shared
• The length of time the data will be stored (or the criteria used to determine this)
• Your other rights relating to our use of your data

We will respond to your request with the requested information within one month, unless providing such information would harm the rights and freedoms of others, such as another person's confidentiality or intellectual property rights. If we cannot provide the information for this reason, we will inform you of our inability to do so.

✏️ You have the right to make us correct any inaccurate personal data about you

If the data we hold about you is incorrect, please correct it on your TravelPerk account. If you are not a TravelPerk user or admin, please send your request to privacy@travelperk.com.

📇 You can object to us using your data for profiling you or making automated decisions about you

We don't adopt any decisions that could affect you significantly based solely on automated processing of your data. Our decision-making processes related to your requests are conducted with human intervention. 

↪️ You have the right to port your data to another service

We can give you a copy of your data in a commonly used digital format that can be shared with another service. However, we cannot share data about another person without their consent.

🗑️ You have the right to be ‘forgotten’ by us

You can ask us to delete any personal information we have about you if we no longer need it for your use of TravelPerk. This may not always be possible (for example, if we have a contract with you), but we will let you know if we cannot delete your data.

If you are a TravelPerk user and want to delete your user account: please send your request to an admin of your company's TravelPerk account. Company admins can delete user accounts from the TravelPerk platform by following the steps provided in this article (under the "Delete user" section).

😡 You have the right to lodge a complaint regarding our use of your data

If you have any concerns, please let us know first so we can address them. If we are unable to resolve your concern, you can file a complaint with the Agencia Española de Protección de Datos (AEPD). You can do this by following the instructions on their website at https://www.aepd.es/.

🔒 How secure is the data we collect?

We have a comprehensive security program designed to keep your personal data safe.

• ISO 27001, ISO 27017, ISO 27018, SOC 1, SOC 2, SOC 3, PCI DSS Level 1, and BSI’s C5 certified data center (AWS).
• Encryption in transit and at rest with both the platform and at the TravelPerk endpoint.
• Firewalls on Network and Application Layer.
• Data pseudonymization where necessary.

Check our Trust Center for more information. for more information. And please remember:

• You provide personal data at your own risk: unfortunately, no data transmission is guaranteed to be 100% secure
• You are responsible of your username and password: keep them secret and safe!
• If you believe your privacy has been breached, please contact us immediately on privacy@travelperk.com.
• Our content may include links to third-party websites and apps. Please note that this privacy policy does not apply to any third-party website or app. We are not responsible or liable for the privacy policies or practices of any third-party websites or apps. Before submitting any personal data to these websites, please review their policies.

📍 Where do we store the data?

We store the personal data we collect on our Amazon Web Services servers, which are located in Ireland (EEA). We process the personal data we collect at our offices in Barcelona, Berlin, London, Birmingham, Edinburgh, Chicago, Boston and Miami. We also have third party suppliers which may process personal data outside the EEA and UK.

If we process your data outside of the EEA or UK, we will follow the necessary legal steps to make sure your privacy rights are still protected as outlined in this Privacy Policy. This involves us assessing the risk of transferring data and requiring our suppliers to sign the latest version of the European Commission's standard contractual clauses. More information can be found in our International Data Transfers Whitepaper. For more information on the safeguards adopted, please check our Trust Center and Security page.

⏳ How long do we store your data?

We will keep your personal data as long as you are in a relationship with TravelPerk. If the relationship ends, for any reason, we will block your personal data for the entire duration of any and all statutory limitation periods that apply to the processing. This is to prove that we are complying with our legal and contractual obligations. Once these periods have passed, we will either delete or anonymize your personal data.

🙋 Third parties who process your data

We may share your data with different companies or organizations for the following reasons:

• Data processors: We may share your data with service providers who help us provide our services well. These providers include tools for customer service, marketing, operational optimization, cybersecurity, financial services, and TravelPerk's affiliates. We sign agreements with these providers to protect your privacy.
• Professional advisors: We may need to share your information with professional advisors, such as accountants, auditors, insurers, and law firms, in relation to the professional services provided by them.
• Integration partners: If you have shown interest in one of our integration partner's products or services, we may share your contact information so they can contact you as your company's representative. This disclosure is necessary in order to fulfill your request.
• Public bodies: We may share your data with government and law-enforcement agencies, courts and tribunals if we are required to by law or to make or defend legal claims to protect our rights or the rights of others, including you.

If we ever need to share your data with any other category of third parties in the future, we will let you know.

🍪 Cookies

We use cookies to enhance your interaction with TravelPerk. These cookies may be 'session' cookies, which are deleted when you leave our website or app, or 'persistent' cookies, which remain on your device and allow us to recognize you when you return, providing a tailored service.

Please check our Cookies Policy for more information on how we use cookies.

How can I block cookies?

To block cookies, activate a setting on your browser that allows you to refuse their setting. You can also manage your preferences with our cookie banner, or delete cookies through your browser settings. However, if you use your browser settings to disable, reject, or block cookies (including essential cookies), certain parts of our website or app may not function fully. In some cases, our website or app may not be accessible at all. Please note that we have no control over how third parties use cookies when they are used.

💙 Making this policy great

Thanks for reading our policy. This privacy notice is based on an open-sourced design from Juro and Stefania Passera - get your own free privacy policy template.