We provide this privacy statement to inform you on how we may collect, use, share, and otherwise process your personal information. As a private customer, an employee of one of our corporate clients or other individual to whom we offer or provide our services – travel, (overnight) stays, meetings and events, and related products and services — via our websites, mobile applications, email communications or other online and offline means. We have a strong commitment to respecting our users’ concerns about privacy and process all personal information in compliance with the European and the Austrian data protection law. Personal information provided by you when making a request regarding data protection is used exclusively for the purpose of processing your request.
GBT travellers: If you are an employee or traveller of a corporate client of American Express Global Business Travel (GBT), we – as well as GBT – act as a separate controller with respect to the collection and processing of your personal information. Your information is furthermore governed by the GBT Privacy Statement. For questions about your personal information, you may contact GBT as directed in its Privacy Statement or here: email@example.com
Wo acts as Controller in respect of the processing of your data and where can you turn to?
The following entities act as Controllers with respect to the applicable data protection laws:
Verkehrsbüro Business Travel GmbH
AX Travel Management GmbH
(including the brands Austropa Interconvention, Verkehrsbüro MICE Services and BEasy)
Lassallestraße 3, A-1020 Wien (Telephone: +43/1/58800-752; e-mail: firstname.lastname@example.org)
What data categories do we process?
Due to our contractual obligations, we process:
Account Information – If you contact us, register with us or receive services from us, we collect general information about you in order to contact you regarding booking and additional travel information or service information in connection with your booking requests. This may include your name, email address, phone numbers, employer, and physical addresses, in some cases your gender and date of birth.
Guest and Travel Information – If you book a trip, stay or any other service, we collect directly or – if you do not book the stay or travel yourself – indirectly (via third parties f.e. via your employer, other intermediary travel agents, friends and family members or other organizers) the details of your trip or stay or other service (such as arrival and departure time and location, airline, hotel, car rental data) and other information required to complete your travel bookings. We may also collect special categories of information to provide accessibility, food preferences, or other desired services. If necessary, we also require the passport data from travellers. If we book trips for your escorts, we may collect the same data categories from them. Please forward this information to all those affected whose data you provide in a travel booking. Your customer data is stored in your travel or guest profile, where we collect the information required for your travel booking and the provision of our services. You can provide additional information in your travel or guest profile, including frequent flyer program credentials, regulatory identification numbers, and emergency contact information.
Payment Information – To pay for bookings and other transactions through our services, we collect payment card information and other details necessary to process payments.
Based on our legitimate interest to provide you with personalized information and to create statistics on user behaviour during the usage of our websites and mobile applications, we also process:
Device Data – We collect information about how you use our services, including your computer’s IP address and information that can be derived from it (such as internet provider and general geographic location), your device’s unique identifier and other technical information. We also collect information about how you use our websites and mobile applications. We collect some of this information using cookies and similar technologies, as described here.
How long do we process your data?
Your data will be stored at least as long and to the extent as it is required by our contractual basis. After termination of the contract, your data will be kept in accordance with our retention obligations. These retention requirements are usually 7 years. In addition, your information will be stored on the basis of our legitimate interest until we get a substantiated objection from you, or kept otherwise based on your explicit consent until you withdraw it.
For what purposes do we process your data?
Provide you with travel products and services – We use your information to book your travel and overnight stays, organize meetings and events, prepare itineraries and invoices, communicate with you about your travel or our products and services, provide customer service, and manage your account.
Provide our products and services to corporate clients – We use your information to comply with our agreements with your employer or travel sponsor, communicate about our products and services, and help them ensure compliance with their policies.
Process payments – We use your information to process transactions and provide you with related customer service.
Operate websites and mobile applications – We use device data to monitor and improve the performance and content of our services, provide updates, analyse trends and use in connection with our services, and measure whether our ads and offers are effective.
Operate and improve our business – We use your information for compliance with our company policies and procedures, for accounting and financial purposes, to detect or prevent fraud or criminal activity, to perform, analyse and improve our business and services, and otherwise as required by law.
Optimization of services and marketing
We use your data in you and our legitimate interest to optimize our services and future benefits, including:
- the usage of frequent flyer information and travel preferences
- the pre-filling of forms and payment data
- the usage of contact information
- for the transmission of performance and service changes
- to contact you and related parties in emergencies
- to obtain feedback on our services provided
- to send you information to our products and services electronically as well as by mail
If we falsely presume these interests, you can report to us by means of a contrary declaration.
During an event or congress, participant lists with your personal contact details may be – in your and our mutual interest – forwarded to other event participants for the purpose of informing all participants about present contact persons. Furthermore, your data will be processed – by companies commissioned for this processing – for documentation purposes, in particular video recordings, and your data may be processed for the purpose of sending electronic advertising to, based on our legitimate interest and in the legitimate interest of the organizer to inform you respectively. You have a right of objection to these processing operations – based on reasons that are in your personal situation – which you may address to the organizer.
With whom and how do we share your information?
Generally, we do not transmit your data to third parties without your consent, neither free of charge nor against payment. Exceptions to this are transfers that we make on the basis of a legal or contractual obligation or on the basis of our mutual and legitimate interests as mentioned above:
Your employer or travel sponsor – Our services to you may be provided under the terms of service agreements with your employer or travel sponsor. We share your information with them to allow them to manage their business travel needs and assure compliance with their company travel policies. At the request of your employer or travel sponsor, we may also share information with their vendors.
Travel suppliers and other travel service providers – We share information with travel suppliers (for example, airlines and hotels) and travel service providers (for example, ticket distribution systems and travel application providers), and the vendors for both, as necessary to book your travel and provide travel-related services to you and your related (third) parties.
Vendors, suppliers, processors – We share information with vendors that perform functions on our behalf, such as other travel agencies, meeting and event planners (other congress organizers and Housing Offices or Professional Congress Organizers commissioned during the event and, if applicable, future organizers of similar congresses to those you have booked), visa and passport service providers, mobile application and software developers, and vendors who provide IT support, data hosting, marketing and communications services, and collections.
Affiliates – We may share information within our corporate family to the extent permitted by law to allow them to provide, analyse and improve their and our products and services.