European Law and Your Privacy
Hogg Robinson Group (HRG), provides this privacy statement to describe how we may collect, use, share and otherwise process your personal information, as an employee of one of our corporate clients or other individual to whom we offer our services – travel, meetings and events, and related products and services – via our websites, mobile applications, communications channels or other online and offline means, in a controller-to-controller relationship.
If you are a traveler of an HRG client for which HRG acts as a data processor, your employer’s privacy statement governs how your data is collected and used, except in relation to data that we collect and process through our websites (see above for details).
For privacy information related to data that we collect and process through our website(s), please see Privacy Notice – Data Collected and Processed Through Our Website(s) above.
HRG is wholly-owned by American Express Global Business Travel (GBT). Where we share your personal information within GBT in accordance with this Privacy Statement, GBT will process it in accordance with the GBT Privacy Statement.
|What information we collect||We collect information about you in connection with your registration, use, purchase or inquiries about our services.|
|How we use your information :||We use your information to provide our services, process payments, operate our websites and applications, market products and services, create business insights and comply with law.|
|How we share your information:||We have a contract with your employer or travel sponsor, who is our corporate client, and we share your information with them, as well as with our affiliates, travel suppliers and vendors to book travel arrangements and provide our services. We do not sell or share information with third parties so that they can independently market their own products or services directly to you.|
|Marketing and your choices:||We use your information for us to market to you, and respect your choices about how we communicate marketing to you.|
|International transfers:||We transfer your information outside of your home country as permitted by law. Regardless of where your personal data is transferred, your personal data is protected in accordance with our Data Protection Principles.|
|Your rights:||You have the right to be informed of whether we are processing your information and to access, correct, delete or object, upon request and free of charge, to our use of your information, to the extent required by law.|
|Changes:||We will tell you about material changes to this privacy statement by posting it on our website before it goes into effect and, where appropriate, communicating directly to you about the change.|
|Contact us:||If you have questions about this privacy statement, please contact us at GBTPrivacy@amexgbt.com or at:
Global Privacy Team
American Express Global Business Travel
5 Churchill Place
London E14 5HU
Account Information – If you contact us, register with us or receive services from us, we collect information about you. You may give us the information, or your employer or travel sponsor may send it to us. This may include your name, email address, phone numbers, employer, and physical addresses. We may also require passport number, gender and date of birth for travellers. If we book travel for your travel companions, we may collect similar information about them. Account information goes into your traveller profile, which is where we store the information necessary to book your travel and provide you with our services. You may choose to provide more information in your traveller profile, including frequent traveller credentials, government identifiers and emergency contact information.
Travel Information – If you book travel with us, we collect the details of your travel (such as arrival and departure location, airline, hotel and car rental) and any other information needed to complete your bookings. We may also collect special categories of information to provide accessibility, meal preferences or other requested services.
Payment Information – To pay for bookings and other transactions through our services, we collect payment card information and other details necessary to process payments.
Precise Location – In addition to the broad location information we receive through travel itineraries or IP address, we may collect your precise location under some circumstances. We may receive it through our mobile applications, with your consent. In addition, if your employer has contracted with us for emergency location services, we may collect from American Express the location of your recent American Express corporate card transactions and share it with your employer in emergency situations (such as natural disasters) in accordance with their agreement with American Express.
Provide you with our products and services – We use your information to book your travel, organize meetings and events, prepare itineraries and invoices, communicate with you about our products and services, provide customer service, manage your account, and provide you and your employer with emergency services.
Provide our products and services to corporate clients – We use your information to provide our travel, meetings and events, consulting, business insights, and other related services to your employer or travel sponsor, to comply with our agreements with them, to communicate about our products and services, and to help them ensure compliance with their policies.
Process payments – We use your information to process transactions and provide you with related customer service.
Operate websites and mobile applications – We use device data to monitor and improve the performance and content of our services, provide updates, analyze trends and usage in connection with our services, and measure whether our ads and offers are effective.
Operate and improve our business – We use your information for compliance with our company policies and procedures, for accounting and financial purposes, to detect or prevent fraud or criminal activity, to perform, analyze and improve our business and services, and otherwise as required by law.
We may use personal information to tell you about our products and services or those from related businesses (such as restaurants, consumer products, tours and entertainment), to help us determine whether you may be interested in new products or services, and to present advertising content that is tailored to your interests, location or itinerary (with your consent or as permitted by law). To make choices about how we market to you, you can set preferences in your traveller profile. If you’d like us to stop sending you marketing messages, you can also follow the instructions in our communications to you.
We also send you messages that are essential for our services; for example, we communicate with you about your travel, to service your account, to fulfil your requests, or otherwise as required by law. Some of these service messages contain information presented to you as part of our service relationship with your employer or travel sponsor (for example, messages that help you comply with their travel policies). If you opt out of marketing messages, you will continue to receive these service messages.
Your employer or travel sponsor – Our services to you are provided under the terms of our service agreements with your employer or travel sponsor. We share your information with them to allow them to manage their business travel needs, meet their duty of care to their employees, and assure compliance with their policies. At the request of your employer or travel sponsor, we may also share information with their vendors.
Within the American Express, GBT and HRG corporate families – We share information with American Express Company and its subsidiaries so that we and they may operate, analyze and improve the credit card and travel products and services provided to your employer or travel sponsor. We also share information within the combined GBT and HRG corporate family, to provide and improve the travel products and services that GBT and HRG offer. Sharing with American Express, GBT and within HRG is in accordance with the law and subject to appropriate contractual protections.
Within our travel partner network – If your travel takes you to countries serviced by one of our local travel agencies, they may have access to your account information, travel information and other information necessary to provide you with the travel services you or your employer or travel sponsor may request.
Travel suppliers and other travel service providers – We share information with travel suppliers (for example, airlines and hotels) and travel service providers (for example, ticket distribution systems and travel application providers), and the vendors for both, as necessary to book your travel and provide travel-related services to you and your employer. We do not sell information to third parties so that they can independently market their own products or services directly to you.
Vendors – We share information with vendors that perform functions on our behalf, such as our network of local travel agencies, meeting and event planners, visa and passport service providers, mobile application and software developers, and vendors who provide IT support, data hosting, marketing and communications services, and collections. These vendors access information only as necessary to perform their functions, as instructed in our contracts with them.
Business insights – We, working with GBT, combine data from many people to create aggregated statistics that do not identify you personally. We use this data to understand business trends and insights, and we may share them with third parties.
Business transfers – If we negotiate or complete a transaction involving all or part of the business (for example, a reorganization, merger, sale or acquisition), we may disclose information to third parties involved in the transaction to the extent permitted by law.
As required or permitted by law – We may disclose information to regulatory authorities, courts, and government agencies where we believe doing so would be permitted or required by law, regulation or legal process, or to defend the interests, rights or property of HRG or others.
We may also share personal information with other parties as directed by you or subject to your consent.
We maintain reasonable administrative, technical, and physical security measures to protect your information from unauthorized access and use. We retain your information only as long as needed to provide our services and for legitimate business purposes, unless we are required by law or regulation or for litigation and regulatory investigations to keep it for longer periods of time.
We may transfer your information to jurisdictions outside of your home country as necessary for the purposes described here, including to countries that may not provide the same level of data protection as your home country. Recipients are likely to be located in countries where HRG and its affiliates are located and in any jurisdictions where you may travel. To protect such information, transfers will be made as permitted by applicable law, including where necessary being subject to appropriate contractual clauses. Regardless of where we process your information, we protect it in the manner described in this privacy statement and in accordance with applicable law and our Data Protection Principles.
If you have created an online account with us and would like to update the information you have provided to us, you can access your account to view and make changes or corrections to your information. You may also have the right to be informed of whether we are processing your information and to access, transfer, correct, delete or object, upon request and free of charge, to our use of your information. Please note that we may need to retain certain information for recordkeeping, to complete any transactions you began before your request, or for other purposes as permitted by law.
We may change this privacy statement from time to time as our business changes or legal requirements change. If we make material changes to this privacy statement, we will post a notice on our website before the changes go into effect, and where appropriate, send a direct communication to you about the change.
Global Privacy Team
American Express Global Business Travel
5 Churchill Place
London E14 5HU
In most cases, we will ask that you put a complaint in writing. We will investigate your complaint and will generally respond to you in writing within 30 days of receipt. If we fail to respond or if you are otherwise dissatisfied with the response that you receive from us, you may have the right to make a complaint to your regulator.