GBT DATA PROTECTION AND PRIVACY PRINCIPLES
American Express Global Business Travel values and respects your privacy. Data protection and information security are one of the top priorities for our company. As a multinational organization, we are committed to protecting personal information, regardless of where it is used, and that all personal information that American Express Global Business Travel collects is managed in accordance with our Data Protection and Privacy Principles. American Express’ Binding Corporate Rules – or BCRs – are a means of transferring personal data internationally within the American Express Group (which includes American Express Global Business Travel) in compliance with applicable data protection legislation in the European Economic Area (EEA) & United Kingdom (UK). The BCRs were approved by the Information Commissioner’s Office, the local Data Protection Authority in the United Kingdom, and have been in effect as of 28 January 2013 and the EU version are overseen by the Spanish Agency for Data Protection (AEPD). The BCRs are our privacy commitment framework and promote a company-wide culture of compliance. They also govern transfers of personal data through American Express Global Business Travel in accordance with our Data Protection and Privacy Principles, thereby ensuring that personal data is always adequately protected without prejudice to where it is transferred. American Express Binding Corporate Rules.
The following Data Protection and Privacy Principles (“Principles”) set out the way that American Express Global Business Travel and its wholly owned direct and indirect subsidiaries (“American Express Global Business Travel”) will collect, use, store, share, transmit, delete or otherwise process (collectively “process”) your personal data. Personal data means any information that relates to an identified or identifiable individual. The standard of personal data protection set out in these Principles will be used by American Express Global Business Travel globally, providing adequate and consistent protection for the processing of your personal data. In these Principles, “you” and “your” means any individual customer or employee of American Express Global Business Travel and any other individual whose personal data we process and “we”, “us”, “our” and “American Express Global Business Travel Group” means American Express Global Business Travel.
These Principles emphasize our commitment to protect your personal data. They are binding on all companies in the American Express Global Business Travel Group, demonstrating our commitment to privacy.
If you have questions or comments about these Principles, please contact us.