Privacy Policy
Introduction
At Traveo , we understand the needs of privacy and safety. We consider our travelers’ trust as one of our most valuable assets. Therefore, we want to do the utmost for your data to ensure it’s safe with us.
This document describes how we collect and use the data concerning the use of our services. We keep it simple and easy to understand, as our company has been built on openness and our services on trust. Here you will also find our contact information in case you would need any further assistance.
Traveo Soft Pvt. Ltd. and their local subsidiaries provide business process outsourcing services in the areas of travel and expense management using modern technology solutions.
Our expense management services allow the client to capture, track and store his business expenditure receipts, as well as to generate and submit for approval the expense reports derived from those receipts, which are uploaded via either web, e-mail, Gmail and Outlook Add-on and/or mobile applications, Mobile camera also.
Our travel management services allow the client to use our web pages, mobile applications, call center, integrated partner applications, instant messaging and social media platforms. This policy applies to all the platforms you can use to get access to our services and all the data we collect using those platforms.
This policy may change when the applicable legislation changes or if we decide to extend our services. Please visit this page regularly to be kept up-to-date.
If you do not agree with this Privacy Policy, we kindly advise you to stop using our services.
What kind of information we collect
Information provided by you or your employer
Depending on the services you or your employer has selected, we collect some specific information about you.
To provide you with the best available accommodation, flight or rail ticket we need to know certain things about you, like your first name, last name, ID document number, contact details, other travelers’ data; sometimes also your date of birth can be asked, in order to process the booking.
In order to perform our expense management services, we may also receive and store the following information about you: your bank account number, scanned expense receipts and credit card statements, which may include personal data such as name, address and bank account information.
Use of our services does not always require users to fill in or upload sensitive personal data. In order to avoid unnecessary exposure, we ask you to make sure that sensitive personal data are not filled in or uploaded to your account (intentionally or accidentally) in any form as photos, notes or other if it is not necessary.
Information we collect automatically when you use our services
When you use our services we also collect certain information automatically like your IP address, browser type and version or mobile device data and local settings, e.g. language; activity on our website, including the pages you visited and searches you made.
Information from other sources
If you use a third party payment provider, if you link your profile with social media or instant messaging profile or if you use our platform via third party integrated software we can collect information from those sources.
All our accommodation and transport services providers may also share with us information about you and your trip.
Refer a friend
In case we would enable a refer-a-friend functionality, you must always seek your friend’s consent to our use of your friend’s name and e-mail address to contact them about our services. By providing us with your friend’s name and email address, you warrant that your friend consents to such contact.
What is the purpose of data collection
We need our users and travelers’ data to provide our services to them: searching for hotels and rates available, booking rooms or tickets, managing expenses, creating and transmitting expense reports or any other service we provide and to improve our services for our clients.
We also use your contact information to inform you about any changes to trip itineraries, any actions waiting for you in the system or any new features and services available.
How long do we store your data
Personal data is gathered for a specific purpose and stored also for a specific purpose. The overall rule we apply is that we will delete all the data within 6 months after the end of the year when the data is no longer needed for any purpose.
Please be aware that there are various purposes for which we gather and later process your personal data. We take into consideration all those purposes and have defined a data retention period for each category of the personal data.
Why do we put the deadline on 6 months after the end of the year of termination of the purpose? Because, even though we regularly delete the data that is not needed anymore from our system, this deleted data may stay in the system or the infrastructure logs and backups. These logs and backups are deleted within a period of 6 months.
With whom do we share your data
Traveo provides users with the platform that gives you access to multiple different service providers e.g. hotels, airlines, rail companies, Bus or Cab providers financial institutions. We need to share your data with them for the purpose of managing your expenses or your trip bookings.
We may share your information with any other company within our group for the purposes stated in this privacy policy. We may also share it with hired consultants or vendors working on our behalf, in line with all Indian regulations.
Of course, we might have to share the information with the competent authorities if the applicable legislation so requires.
Our website(s) and/or web and mobile application include links to third party sites. Traveo does not control these third-party sites, and we encourage you to read the privacy policy of every site you visit.
Where is your personal data processed
We mainly process your personal data within the Asia Pacific Region (APAC). Being the data processor, Traveo relies on a limited number of sub-processors to perform well-defined elements of its services. Some of these sub-processors may be located outside of the APAC. They have been selected carefully and all have adequate privacy guarantees in place.
How we secure the data
We use appropriate technical and operational measures (e.g. data encryption, security audits,, hashing, etc.) to secure information collected by Traveo to be compliant with all applicable regulations regarding personal data protection and our contractual obligations. We built our information security based on the ISO 27001 standard.
When providing our services, we only engage subcontractors, parent or subsidiary companies which adhere to equivalent rules on the protection of personal data in line with Indian regulations.
Personal data of a child
Traveo services are meant to be used by adult users. Underage persons’ data will be collected only with parents / legal guardians’ permission.
Your rights
You have a right to review the information we collect about you. It is available in your profile and you can always ask for a proper data record by emailing us.
You can always contact us if you believe that we are no longer entitled to use your personal data, or if you have any other questions about how your personal information is used. Please email or write to us using the contact details below. We will handle your request in accordance with all applicable national data protection laws.
Contact: sameer@Traveosoft.com
Who is responsible for data processing
As part of the business unit Tarveo - Travel & Expense:
Data Protection Officer
We have appointed a Data Protection Officer: Sameer Kakar
in case of any request related to data privacy you might reach our DPO or local point of contact by e-mail: sameer@Traveosoft.com.
What we will do if there is an update to this policy
From time to time we may change our privacy practices. We will notify you of any changes to this Policy as required by law. We will also post an updated copy on our website. It will have a different date and version number from the one set out below. Please check our site periodically for updates.
Cookies Notice
In common with many online businesses, we use cookies. Cookies and other tracking technologies can be used on our websites and apps in various ways, such as to analyse traffic or to offer a better personal experience. Those technologies are either used by us directly, or by our business partners, including third party service providers and advertisers we work with. If you want to learn more about what a cookie is and how they are used, click on the read more link below.
Collected information
Information you provide us or your employer provides us
Traveo needs a set of data to perform their services for you i.e. your first name, last name, e-mail address, sometimes date of birth, and payment methods. We also encourage you to provide us with contact details, document details, loyalty cards and the information about your special rates and benefit programs you want to use, as well as your trip preferences.
According to the contract between Traveo Soft Pvt. Ltd. (Trvaeo) and your employer or travel management company (TMC) that serves you, your employer or a TMC can provide part or all of this information.
Information collected automatically
All contacts with Traveo ’s platform or with its Customer Service via phone, e-mail, chat, messaging platform or any other channel will be a source of information about you and your preferences. We collect all the communication between you and Traveo as well as automatically registered data about your contacts with the Traveo platform and services like IP address, web browser used, device used, and localisation or language settings, third party applications you use to contact us.
For the purpose of administration and maintenance works, we collect logs of operations on the Traveo platform especially all incidents and technical errors that might occur. We might also use collected user operations data to prevent fraud and misuse of our services.
We might also ask you for an opinion about our services or your trip to help us understand your needs and provide better services for you and other our clients.
Information collected from other sources
We receive personal data about you from business partners that distribute our services by way of a co-branded or private-labeled website, business partners that offer their products and/or services via our services, or business partners that provide services in connection with our services (e.g. payment processing services).
Traveo services are available through our own platforms and applications and through integrated third party software web pages, online booking tools, instant messaging systems, social media platforms. We will collect information about travellers and users provided by integrated third party software to perform and improve our services.
Traveo is also integrated with multiple services providers, with hotels, airlines, travel management companies, rail operators, financial institutions, security services etc. Those third parties take part in whole trip management service and share the data about the trip with the Traveo platform, which manages it all.
Purpose of data processing
We use the information collected about users and travellers for providing and improving the travel management services we offer. We can use it for:
We collect and process your personal data based on:
With whom we can share your data
We share the information we collect about you according to the purpose of data collection.
Solely for purposes of service level assurance we may use third party providers (e.g. our hotel, airline, railway providers, financial institutions, etc.) – who supply us with their specialized service.
In the framework of their service provision, our partners may process application and personal data, but they can never get or link it to any customer details which are not included in those items. We may cooperate with our partners based within or outside the APAC, however, all of them without any exception have appropriate technical and organizational measures in place to protect your personal data and they have provided us with adequate contractual guarantees in this regard.
Data shared to manage business travel
For managing your business travel, we may share your data with:
Data shared to manage expenses
For managing your expenses, we may share your data with:
We can also share your data with:
3 With involved parties in the case of an actual or proposed (including negotiations) sale or merger or business combination involving of all or the relevant part of our business.
4 Other services users (or groups of users) or public, but only the content you provide on such a forum.
Where we process your personal data
Your personal data may be stored, used and otherwise processed within India, and/or any other countries of the APAC.
We may also store, use or otherwise process personal data outside the APAC. We will always take steps to ensure that any international transfer of information is carefully managed to protect your rights and interests.
Personal data will not be transferred to a country outside the APAC unless:
Social media
Traveo uses social media and instant messaging platforms in several ways. We promote our services and products or services and products of our partners. We share information about our work and we gather feedback and marketing data. We also use social media and instant messaging platforms to support online usage of our services.
We are offering services through social media and instant messaging platforms. You can connect your account in the Traveo system to your existing account on one of supported social media platforms and take advantage of this channel of communication with us. Our system will be able to send you some notifications and you will be able to perform actions, as you would do in our system. Any time you can disconnect accounts using our or native social media or instant messaging platform functionality.
You can also allow us to use some of the social media platform data, available on your profile like photo, email address or name.
On our pages and in our application we can place social media plugins (i.e. like or share buttons). If you will use it, some of the data will be shared with social media platform and it can be shared with larger audience according to your own social media privacy settings. We advise you to read also privacy policies of your social media platform.
Cookies and other tracking tools
What are cookies and how do they work?
Cookies are small bits of text that are downloaded to your computer or other device when you visit a website. Your browser sends these cookies back to the website every time you visit the site again, so it can recognise you and can then tailor what you see on the screen.
What do we use cookies for?
Cookies are used for different purposes. They allow you to be recognized as the same user across the pages of a website, between websites or when you use an app.
Our website and apps use cookies for different purposes:
Technical cookies
We try to give our visitors an advanced, user-friendly website and apps that adapt automatically to their needs and wishes. To achieve this, we use technical cookies to show you our website, to make them function correctly, to create your user account, to sign you in and to manage your bookings. These technical cookies are absolutely necessary for our website to function properly.
Functional cookies
We also use functional cookies to remember your preferences and to help you to use our website and apps efficiently and effectively. For example, these cookies remember your preferred currency, language, your searches. We may also use cookies to remember your registration information so that you don’t have to retype your login credentials each time you visit our site. Your password will, however, always be encrypted. These functional cookies are not strictly necessary for the functioning of our website, but they add functionality.
Analytics cookies
We use these cookies to gain insight into how our visitors use our website and apps. This means we can find out what works and what doesn’t, optimize and improve our websites or apps, understand the effectiveness of advertisements and communications, and ensure we continue to be interesting and relevant. The data we gather can include which web pages you have viewed, which referring/exit pages you have entered and left from, which platform type you have used, which emails you have opened and acted upon, and date and time stamp information.
It also means we can use details about how you’ve interacted with the site, such as the number of clicks you make on a given page, your mouse movements and scrolling activity, the search words you use and the text you enter into various fields. We make use of analytics cookies as part of our online advertising campaigns to learn how users interact with our website or apps after they have been shown an online advertisement. This may include advertisements on third-party websites.
Commercial cookies
We can use third-party cookies as well as our own to display personalized advertisements on our websites and on other websites. This is called “retargeting,” and it is based on browsing activities.
How you can control cookies.
To learn more about cookies and how to manage or delete them, simply visit allaboutcookies.org and the help section of your browser. In the settings for browsers such as Internet Explorer, Safari, Firefox or Chrome, you can set which cookies to accept and which to reject. Where you find these settings depends on which browser you use. Use the “Help” function in your browser to locate the settings you need.
If you choose not to accept certain technical and/or functional cookies, you may not be able to use some functions on our website. We currently do not support “Do Not Track” browser settings.
How long do we store data
Data retention schedule for our application users
Data Category |
Explanation |
Retention period |
Identification data |
||
PII |
Name, login, title, email address, IDs assigned by the controller. |
Account deactivation + 10 years |
Contact data |
Address (work and home), other addresses, telephone number (work and home). |
Data deleted, account deactivated or requested to stop processing/delete data |
Identification information assigned by government institutions |
ID card number, passport number, drivers license number, license plate number, etc. |
Data deleted, account deactivated or requested to stop processing/delete data |
Electronic identification data |
IP addresses, cookies, connection moments, etc. |
Account deactivation + 10 years |
Electronic localization data |
Cell tower data, GPS data, etc. |
Account deactivation or consent withdrawn |
Special financial data |
||
Financial transactions |
Amounts paid and payable by the data subject, awarded credit lines, sureties, payment method, payment overview, deposits and other guarantees. |
Moment of transaction related invoice payment recognized + 10 years |
Personal characteristics |
||
Personal details |
Age, sex, date of birth, place of birth, nationality. |
Data deleted, account deactivated or requested to stop processing/delete data |
Habits |
||
Travel details |
Information regarding business travel habits and preferences |
Data deleted, account deactivated or requested to stop processing/delete data |
Leisure pursuits and interests |
||
Leisure activities and interests |
Hobbies, sports, other interests. |
Data deleted, account deactivated or requested to stop processing/delete data |
Memberships |
||
Memberships (other than professional, political, or in trade unions) – only if required to manage business travel or expenses |
Memberships in loyalty programs, organizations, clubs, partnerships, unions, groups, etc. – if used for business travel management or expense management. |
Account deactivation + 10 years |
Consumption habits |
||
Travel data |
Details regarding the goods and services provided to the data subject. |
Moment of transaction related invoice payment recognized + 10 years |
Business expense data |
Details regarding the goods and services reported as expenses by the data subject. |
Contract end |
Application usage |
Details regarding usage of the application by the data subject. |
Account deactivation |
Requests, complaints, incidents or accidents |
Information regarding a request, accident, incident, or complaint in which the data subject is involved, the nature of the request, damage, involved persons, witnesses. |
Closing the case + 10 years |
Profession and employment |
||
Current employment |
Employer, title and role description, seniority, work location, specialization or company type, work modes and conditions. |
Account deactivation + 10 years |
Photographs recordings |
||
Images |
Camera recording, photographic recording, digital photos or scans of receipts uploaded, etc. |
Data deleted, Contract end, Request to delete data / stop processing |
Sound recordings |
||
Sound recordings |
Phone recordings regarding requests or issues, etc. |
Closing the case + 10 years |
Electronic activity logs |
||
Application and infrastructure logs |
Logs of user actions and technical requests registered |
Account deactivation |
Users login logs |
Recorded user login attempts |
Account deactivation + 10 years |
Your rights
Right of access
You can request access to your Personal data. You may also request rectification of inaccurate Personal data, or to have incomplete Personal data completed.
You can request any available information as to the source of the Personal data, and you may also request a copy of your Personal data being processed by us.
Right to be forgotten
Your right to be forgotten entitles you to request the erasure of your Personal data in cases where:
Right to restriction of processing
You may request that processing of your Personal data be restricted in the cases where:
Right to data portability
You can request, where applicable, the portability of your Personal data that you have provided to us, in a structured, commonly used, and machine-readable format you have the right to transmit this data to another Controller without hindrance from us where:
You can also request that your Personal data be transmitted to a third party of your choice (where technically feasible).
Right to object to processing for the purposes of direct marketing
You may object (i.e. exercise your right to “opt-out”) to the processing of your Personal data particularly in relation to profiling or to marketing communications. When we process your Personal data on the basis of your consent, you can withdraw your consent at any time.
Right not to be subject to automated decisions
You have the right not to be subject to a decision based solely on automated processing, including profiling, which has a legal effect upon you or significantly affects you.
Right to lodge a complaint to the competent Supervisory Authority
If you have a privacy-related complaint against us, you should complete and submit the Complaint/Data Subjects’ Request Form or make your complaint by email or by letter in accordance with our Global Complaints/Requests Handling Policy. If you are dissatisfied with our response, you may then seek further recourse by contacting the relevant Supervisory Authority
For any issue, please contact
Sameer Kakar
sameer@traveosoft.com
Security
The security of your personal information is important to us. When you enter sensitive information (such as credit card number) on our order forms, we encrypt the transmission of that information using secure socket layer technology (SSL). We follow generally accepted industry standards to protect the personal information submitted to us, both during transmission and once we receive it. No method of transmission over the Internet, or method of electronic storage, is 100% secure, however. Therefore, we cannot guarantee its absolute security. While we strive to protect such information, we cannot ensure or warrant or guarantee that your information or private communications you transmit to us will always remain private or confidential, and you do so at your own risk. We are committed to address your concerns with respect to processing of your Information including personal information and Sensitive Personal Data or Information. If you have any questions about security on our Platforms, you can contact us at sameer@traveosoft.com
Retention
We will retain your information for as long as your or your organization account is active or as needed to provide you services. If you wish to cancel your account or request that we no longer use your information to provide you services, contact us at sameer@traveosoft.com. We will retain and use your information as necessary to fulfil business needs and to comply with our legal obligations, resolve disputes, and enforce our agreements.