GBT Global Privacy Statement
Effective date: 06 March 2024
American Express Global Business Travel (GBT) provides this privacy statement to describe how we may collect, use, share and otherwise process your personal information, as an employee of one of our corporate clients or other individual to whom we offer our services – travel, meetings and events, and related products and services – via our websites, mobile applications, communications channels or other online and offline means.
To contact the Data Protection Officer, click here.
SUMMARY OF KEY POINTS
| What information we collect | We collect information about you in connection with your registration, use, purchase or inquiries about our services. |
|---|---|
| How we use your information | We use your information to provide our services, process payments, operate our websites and applications, market products and services, create business insights and comply with law. |
| How we share your information | We have a contract with your employer or travel sponsor, who is our corporate client, and we share your information with them, as well as with our affiliates, travel suppliers and vendors to book travel arrangements and provide our services. We do not sell or share information with third parties so that they can independently market their own products or services directly to you. |
| Marketing and your choices | We use your information for us to market to you, and respect your choices about how we communicate marketing to you. |
| International transfers | We transfer your information outside of your home country as permitted by law. Regardless of where your personal data is transferred, your personal data is protected in accordance with our Global Privacy Rules. |
| Your rights | You have the right to be informed of whether we are processing your information and to access, correct, delete, or transfer your information to another provider, or object to or restrict our use of your information. You can exercise these rights upon request and free of charge, to the extent permitted by law. |
| Changes | We will tell you about material changes to this privacy statement by posting it on our website before it goes into effect and, where appropriate, communicating directly to you about the change. |
| Contact us | If you have questions about this privacy statement, please contact us at
[email protected] or at:
Global Privacy Team American Express Global Business Travel 5 Churchill Place Canary Wharf London E14 5HU UK |
WHAT INFORMATION WE COLLECT
European law and your privacy
Learn more about your rights under EU law.Learn more about our justifications for processing personal information.
Learn more about how long we keep personal information.
Account Information
If you contact us, register with us or receive services from us, we collect information about you. You may give us the information, or your employer or travel sponsor may send it to us. This may include your name, email address, phone numbers, employer, and physical addresses. We may also require passport number, gender and date of birth for travellers. If we book travel for your travel companions, we may collect similar information about them. Account information goes into your traveller profile, which is where we store the information necessary to book your travel and provide you with our services. You may choose to provide more information in your traveller profile, including frequent traveller credentials, government identifiers and emergency contact information.Travel Information
If you book travel with us, we collect the details of your travel (such as arrival and departure location, airline, hotel and car rental) and any other information needed to complete your bookings. We may also collect special categories of information to provide accessibility, meal preferences or other requested services.Payment Information
To pay for bookings and other transactions through our services, we collect payment card information and other details necessary to process payments.Precise Location
In addition to the broad location information we receive through travel itineraries or IP address, we may collect your precise location under some circumstances. We may receive it through our mobile applications, with your consent. In addition, if your employer has contracted with us for emergency location services, we may collect from American Express the location of your recent American Express corporate card transactions and share it with your employer in emergency situations (such as natural disasters) in accordance with their agreement with American Express.
HOW WE USE YOUR INFORMATION
Provide you with our products and services
We use your information to book your travel, organize meetings and events, prepare itineraries and invoices, communicate with you about our products and services, provide customer service, manage your account, and provide you and your employer with emergency services.Provide our products and services to corporate clients
We use your information to provide our travel, meetings and events, consulting, business insights, and other related services to your employer or travel sponsor, to comply with our agreements with them, to communicate about our products and services, and to help them ensure compliance with their policies.Process payments
We use your information to process transactions and provide you with related customer service.Operate websites and mobile applications
We use device data to monitor and improve the performance and content of our services, provide updates, analyze trends and usage in connection with our services, and measure whether our ads and offers are effective.Operate and improve our business
We use your information for compliance with our company policies and procedures, for accounting and financial purposes, to detect or prevent fraud or criminal activity, to perform, analyze and improve our business and services, and otherwise as required by law.
MARKETING AND YOUR CHOICES
We may use personal information to tell you about our products and services or those from related businesses (such as restaurants, consumer products, tours and entertainment), to help us determine whether you may be interested in new products or services, and to present advertising content that is tailored to your interests, location or itinerary (with your consent or as permitted by law). To make choices about how we market to you, you can set preferences here. If you’d like us to stop sending you marketing messages, you can also follow the instructions in our communications to you.
We also send you messages that are essential for our services; for example, we communicate with you about your travel, to service your account, to fulfil your requests, or otherwise as required by law. Some of these service messages contain information presented to you as part of our service relationship with your employer or travel sponsor (for example, messages that help you comply with their travel policies). If you opt out of marketing messages, you will continue to receive these service messages.
HOW WE SHARE YOUR INFORMATION
Your employer or travel sponsor
Our services to you are provided under the terms of our service agreements with your employer or travel sponsor. We share your information with them to allow them to manage their business travel needs, meet their duty of care to their employees, and assure compliance with their policies. At the request of your employer or travel sponsor, we may also share information with their vendors.Within the GBT corporate families and American Express
We share information within the GBT corporate family, to provide and improve our products and services. Sharing within GBT is in accordance with our Global Privacy Rules , which mandate privacy and security measures for the transfer of information within the group of GBT companies subject to such rules wherever they might be located. We also share information with American Express Company and its subsidiaries so that we and they may operate, analyze and improve the travel and credit card products and services provided to your employer or travel sponsor. Appropriate measures and safeguards are implemented to enable this.Within our travel partner network
If your travel takes you to countries serviced by one of our local travel agencies, they may have access to your account information, travel information and other information necessary to provide you with the travel services you or your employer or travel sponsor may request.Travel suppliers and other travel service providers
We share information with travel suppliers (for example, airlines and hotels) and travel service providers (for example, ticket distribution systems and travel application providers), and the vendors for both, as necessary to book your travel and provide travel-related services to you and your employer. We do not sell information to third parties so that they can independently market their own products or services directly to you.Vendors
We share information with vendors that perform functions on our behalf, such as our network of local travel agencies, meeting and event planners, visa and passport service providers, mobile application and software developers, and vendors who provide IT support, data hosting, marketing and communications services, and collections. These vendors access information only as necessary to perform their functions, as instructed in our contracts with them.Business insights
We combine data from many people to create aggregated statistics that do not identify you personally. We use this data to understand business trends and insights, and we may share them with third parties.Business transfers
If we negotiate or complete a transaction involving all or part of the business (for example, a reorganization, merger, sale or acquisition), we may disclose information to third parties involved in the transaction to the extent permitted by law.As required or permitted by law
We may disclose information to regulatory authorities, courts, and government agencies where we believe doing so would be permitted or required by law, regulation or legal process, or to defend the interests, rights or property of GBT or others.We may also share personal information with other parties as directed by you or subject to your consent.
HOW WE PROTECT AND STORE YOUR INFORMATION
We maintain reasonable administrative, technical, and physical security measures to protect your information from unauthorized access and use. We retain your information only as long as needed to provide our services and for legitimate business purposes, unless we are required by law or regulation or for litigation and regulatory investigations to keep it for longer periods of time.
INTERNATIONAL TRANSFERS
We may transfer your information to jurisdictions outside of your home country as necessary for the purposes described here, including to countries that may not provide the same level of data protection as your home country. Recipients are likely to be located in countries where GBT and its affiliates are located and in any jurisdictions where you may travel. To protect such information, transfers will be made as permitted by applicable law, including where necessary being subject to appropriate contractual clauses or in accordance with our Global Privacy Rules, which form the basis of our EU-approved Binding Corporate Rules. Regardless of where we process your information, we protect it in the manner described in this privacy statement and in accordance with applicable law and our Global Privacy Rules.
YOUR RIGHTS
If you have created an online account with us and would like to update the information you have provided to us, you can access your account to view and make changes or corrections to your information. You may also have the right to be informed of whether we are processing your information and to access, transfer, correct, delete or object, upon request and free of charge, to our use of your information. Please note that we may need to retain certain information for recordkeeping, to complete any transactions you began before your request, or for other purposes as permitted by law.
CHANGES
We may change this privacy statement from time to time as our business changes or legal requirements change. If we make material changes to this privacy statement, we will post a notice on our website before the changes go into effect, and where appropriate, send a direct communication to you about the change.
CONTACT US
If you have questions or complaints about GBT and privacy, or to exercise your rights, please contact the data protection office here or at:
Global Privacy TeamAmerican Express Global Business Travel
5 Churchill Place
Canary Wharf
London E14 5HU
UK
In most cases, we will ask that you put a complaint in writing. We will investigate your complaint and will generally respond to you in writing within 30 days of receipt. If we fail to respond or if you are otherwise dissatisfied with the response that you receive from us, you may have the right to make a complaint to your regulator.