TRAVELDOC PRIVACY POLICY
Last Review :
16 September 2023
ICTS Europe Systems provide TravelDoc, an automated document service which allows organisations to check the travel requirements of every country around the world and determine if the travel documents held by an individual will allow them to travel to a given destination. ICTS Europe Systems cares about the security and privacy of Personal Information that we process.
This privacy notice describes the Personal Information that we collect, how we use it, how we share it, your rights and choices and how you can contact us about our privacy practices. This policy also outlines the rights of individuals who’s data has been processed by ICTS Europe Systems.
IMPORTANT TERMS OF REFERENCE
“ICTS Europe Systems”, “we”, “our” or “us” refers to the ICTS Europe Systems, the legal entity that is responsible for the processing of your data.
“Personal Data” means any information that relates to an identified or identifiable individual and can include information about how you engage with our services (e.g. IP address)
“Services” means the services that ICTS Europe Systems provide as part of it’s TravelDoc service. Our “Corporate Services” are Services provided by ICTS Europe Systems to entities (“Corporate Users”) who directly and indirectly provide us with “End Customer” Personal Information in connection with those Business Users own business and activities. Our “End User Services” are those Services which ICTS Europe Systems directs to individuals (rather than entities) so that those individuals interact with ICTS Europe Systems directly. “Sites” means traveldoc.aero and associated sites provided under a vanity URL (e.g. airlinename.traveldoc.aero). Collectively we refer to Sites, Business Services and End User Services as “Services”.
“You” means, depending on the context, either End Customer, End User or Representative:
·
When
you directly use and End User Service (such as when you visit a Site in your
personal capacity), for your personal use, we refer to you as an “End User”.
·
When
you are a customer, or otherwise interact with, a Corporate User (typically a
company using TravelDoc to provide automated document check services e.g. to
check if you require a visa to travel to a given destination) but are not
interacting directly with ICTS Europe Systems, we refer to you as an “End
Customer”.
·
When
you are acting on behalf of an existing or potential Corporate User (e.g. you
work on behalf of a company using TravelDoc) we refer to you as a “Representative”.
Depending on the activity, ICTS Europe Systems acts a “data controller” or “data processor”:
·
When
the activities are related to End Users or Representatives, ICTS Europe Systems
acts as a data controller.
·
When
the activities are related to End Customers ICTS Europe Systems acts a data
processor.
INFORMATION THAT WE COLLECT, HOW WE USE IT AND SHARE IT, AND HOW LONG WE RETAIN THE DATA
END USERS
We design and develop our TravelDoc site with the intention of minimising the amount of information we collect about you to ensure we only collect data required for us to provide and improve our services to you, and no more.
INFORMATION THAT WE COLLECT ABOUT END USERS
When you visit one of our Sites we can collect and process the following information,
·
your
computer’s Internet Protocol (IP) address
·
your
browser type and version
·
the
pages you visit on the site*
·
the
time and date of your visit*
·
the
time spent on each page*
* This information is not mandatory to supply and the collection of this information is based on
your acceptance of our analytics cookies.
When you use an End User Service (i.e. to view the TravelDoc website), we ask you for the following information, which is the minimum required to provide the service,
·
Details
of your journey
o Departure airport / country
o Arrival airport / country
·
Details
about your travel documentation
o Travel document type
o Travel document issuing country
o
Nationality
HOW WE USE AND SHARE PERSONAL INFORMATION OF END USERS
We use your Personal Information to provide the End User Services to
you including security, delivery and support. We do not share End User
Information with any entity or third party.
HOW LONG WE RETAIN PERSONAL INFORMATION OF END USERS
Personal Information collected about End Users is retained for a period of up to 12 months.
END CUSTOMERS
When we provide our Services to our Corporate Users, we act as a data processor. We will process Personal Information in accordance with the terms of our agreement with the Corporate User and the Corporate Users lawful instructions. For example, an airline (the Corporate User) collects Personal Information of a passenger (the End Customer) and uses that data to perform a TravelDoc check (Service).
Corporate Users are responsible for making sure that their End Customers privacy rights are respected, including appropriate disclosures about data collections and the use of data that happens in connection with their services.
If you are an End Customer (e.g. a customer of an airline that is a Corporate User of our Services) please refer to the privacy policy / notice of the Corporate User for information regarding the Corporate Users privacy practices, choices and controls or contact the Corporate User directly.
Personal Information that we process about End Customers
When you use our Services as an End Customer, the Corporate User with whom you have a relationship collects your data from you.
Our Services have the ability to process the following Personal Information of End Customers. However, it is the Corporate User who has control over what Personal Information is processed by our Service.
·
Details
about your travel documentation
o Travel document type
o Travel document issuing country
o Nationality
o Travel document expiry date
·
Information
about the End Customer
o Full Name
o Date of Birth or Age
o Country of Residence
o Gender
·
Booking
/ Transactional Identifiers
o Booking Identifier (PNR)
o
Unique
Identifiers of a Transaction (reference numbers)
How we use and share Personal Information of End Customers
We use Personal Information of End Customers to provide our Services, namely to conduct TravelDoc checks. We also use Personal
Information of End Customers for the purpose of assisting Corporate Users in
the investigation of technical or operational issues related to the Services
provided.
We share the Personal Information of End Customers with the Corporate
User with whom the End Customer has a direct relationship with. Personal
Information of End Customers is not shared with unrelated Corporate Users,
entities or third parties.
How long we retain Personal Information of End Customers
Personal Information collected about End Customers is
retained for a period of time defined by the Corporate
User in the data processing agreement between us and the Corporate User.
REPRESENTATIVES
When we provide our Corporate Services to our Corporate Users, we collect and process Personal Information from Representatives of our Corporate Users.
Personal Information that we process about Representatives
We collect and process the following information.
· Registration and Contact Information
o Name
o Email address
How we use and share Personal Information of Representatives
We use Personal Information of Representatives to provide our Services,
namely allow access to Services which require a user account to access (such as
administrative and reporting services).
We share the Personal Information of Representatives with their
Corporate Users. Personal Information of Representatives is not shared with
unrelated Corporate Users, entities or third parties.
How long we retain Personal Information of Representatives
Personal Information collected about Representatives is
retained for a period of time defined by the Corporate
User in the data processing agreement between us and the Corporate User.
MORE WAYS WE COLLECT USE AND SHARE PERSONAL DATA
In addition to the ways we collect, use and share Personal Information that are described above, we also process your Personal Information as follows,
PERSONAL INFORMATION COLLECTION
COMMUNICATION INFORMATION
We will collect any information you choose to provide to us, for example, through support tickets or emails. When you respond to our communications, we collect your email address, name and any other information you choose to include in the body of your responses.
PERSONAL INFORMATION USAGE
IMPROVING AND DEVELOPING OUR SERVICES
We use analytics on our Sites to help us analyse your use of our Sites and Services and diagnose technical issues. To learn more about the cookies that may be served through our Sites and how you can control our use of cookies and third-party analytics, please see our Cookie Policy. We also collect and process Personal Information through our different Services, whether you are an End User, End Customer or Representative, to improve our Services, develop new Services and support our efforts to make our Services more relevant and more useful to you.
OUR LEGAL BASIS FOR PROCESSING
When we act as a Data Controller, we rely on a number of legal bases to enable our collection and processing of your Personal Data.
CONSENT
We rely on your consent to process data related to Google Analytics. Your consent is managed using a third party system called Cookiebot. You may revoke your consent at any time by using the cookie consent option on our website. For more information about our use of cookies, please refer to the Our Use of Cookies section.
LEGITIMATE INTEREST
To collect and process other types of data, we use legitimate interest as a legal basis as the data collected and processed is used by use to monitor the health and security of our website as well as provide the functionality of the site itself.
YOUR DATA PROTECTION RIGHTS
Depending on your location and subject to applicable law, you may have the following rights with regards to Personal Information we control about you.
·
The
right to request confirmation of whether we processes
Personal Information relating to you, and if so, to request a copy of that
Personal Information;
·
The
right to request that we rectify or update your Personal Information that is
inaccurate, incomplete or outdated;
·
The
right to request that we erase your Personal Information in certain
circumstances provided by law.
·
The
right to request that we restrict the use of your Personal Information in
certain circumstances, such as while we considers
another request that you have submitted (including a request that we make an
update to your Personal Information);
·
The
right to request that we export your Personal Information that we hold to
another company, where technically feasible;
·
Where
the processing of your Personal Information is based on your previously given
consent, you have the right to withdraw your consent at any time; and/or
·
Where
we process your information based on our legitimate interests, you may also
have the right to object to the processing of your Personal Information. Unless
we have compelling legitimate grounds or where it is needed for legal reasons,
we will cease processing your information when you object.
EXERCISING YOUR DATA PROTECTION RIGHTS
AS AN END USER
As an end user (i.e. someone who uses traveldoc.aero) you can exercise your data protection rights by contacting us using the contact information in the Contact Us section.
AS AN END CUSTOMER OR REPRESENTATIVE
As an End Customer (i.e. an individual who has interacted with a Corporate User) or Representative, you should refer to the Corporate Users privacy policy or contact the Corporate User directly.
DISCLOSURE OF INFORMATION TO THIRD PARTIES
We do not trade, sell or rent your information to any third parties.
We will comply with government and law enforcement requests for data, as required by law, in connection with any actual or prospective legal proceedings, or in order to establish, exercise or defend our legal rights.
Our Sites are supported by third-party providers to facilitate the provision of services. These include web hosting providers and Google Analytics. We require such service providers to contractually commit to protect the security and confidentiality of information they process on our behalf.
INTERNATIONAL TRANSFERS OF PERSONAL INFORMATION
The information we process may be processed in a number of locations. The location the processing takes place depends on a number of factors, such as your proximity to our processing locations, the current state of our internal systems and the policies of our Corporate Users.
Some of our locations are outside of the European Economic Area. No matter where your data is collected, processed or stored, the same levels of security and data protection are maintained at all times.
LINKS TO THIRD PARTY WEBSITES
Our Sites may link to external sites that are not operated by us. Please be aware that we have no control over the content and policies of those sites and cannot accept responsibility or liability for their respective privacy practices.
ABOUT THIS POLICY
At our discretion, we may update this policy to reflect current acceptable practices. We will take reasonable steps to let users know about significant changes via our website. Your continued use of this site after any changes to this policy will be regarded as acceptance of our practices around data and personal information.
If you have any concerns or questions about how we handle your data and personal information, feel free to contact us at info@ies.aero