Privacy Policy
Purpose
The purpose of this Privacy Statement is to advise users of our services about our collection, use and disclosure policies relating to personal information displayed within this product. It is not intended to serve as a legally binding warranty or representation. Specific warranties and representations relating data protection, security and use are set detailed within our customer contracts.This statement covers the following items:
- When we collect personally identifiable information and use?
- Why do we collect information?
- Security
- Accessing, modifying, updating or deleting your personal information.
- How to Contact Sabs Travel Technology.
1. Information Collection and Uses
SABS Travel Technology hosts online services for Travel management companies (TMCs). It provides access to this data to assigned internal employees, contractors and end users for their business needs. In this respect, Sabs Travel Technology is a Data Processor for the Travel Management Company, and a Sub-Processor for the end user company. Becoming an authorised user enables you to both make travel arrangements and to review your personal information, held within the system. Personal user information is needed to make and confirm travel bookings and this data is stored in a user Profile in a database stored at one of our data centres. This information is either gathered from the end users, the Travel Management Company, or via other departments such as the HR department of the end users company.
1.2 Where your information goes
We communicate appropriate personal data to travel providers and booking hubs. Obviously, for foreign travel some of this information must go abroad, some of it to outside the European Economic Area (EEA). In particular, we are contracted with the Travel Management Companies to use Sabre’s Global Distribution System based in the United States.
1.3 How long we keep your data
As a Data Processor, Sabs Travel Technology does not decide the retention period for your data, this is determined by the end user company as the Data Controller. Please contact your employer for details of their retention policy.
2. Why we collect personal information
Profile data is needed in order to book travel reservation within the host systems including, but not exclusively, GDS, Hotel Reservation Systems, Rail Reservation Systems, Taxi Reservation systems. The Travel Management Company must already have accounts setup with these suppliers in order for Personal Information to be supplied to them during the bookings process. We may collect and use booking information data for billing and internal reporting purposes, and to provide information to our clients to assist them in managing their travelers’ booking activities. Our legal justification for processing this data is “Performance of Contract”.
We agree in all of our customer contracts not to sell, share or otherwise disclose such data to third parties except as necessary to provide our services. We retain the option to disclose aggregate data regarding some or all of our customers, for example, for marketing purposes, but will not use personal data or specific traveler or company information without prior agreement.
Your legal rights are as laid out in Chapter III of the General Data Protection Regulation (GDPR). You have the right of access to any and all of your data, the right to have it corrected or erased (the “Right To Be Forgotten”), the right to stop most processing or block it altogether in most circumstances, and finally, the right to take away or download a copy.
2.1 Other
We and our clients have the ability to include hyperlinks to third party web sites that are not operated by Sabs Travel Technology but we do not accept responsibility for these sites nor do we necessarily endorse them.
3. Security
SABS Corporate has undergone and continues to undergo a number of security checks and processes which include a review of system architecture by external, independent experts and high-level penetration testing by said independent experts. The system is run from secure Microsoft Azure Cloud hosting and is load balanced across multiple sites. In addition all staff with access to data have been security checked and vetted and cleared, using standard UK Security vetting services from the Disclosure and Barring Service
4. Accessing, modifying, updating or deleting your personal information
You have the right to access your personal data and to modify or delete it if you find inaccuracies, or wish to make amendments within the limitations of the data accessible to either the end users or the Travel Management Company.
5. How to Contact Us
SABS Travel Technologies
Shire House
2 Humboldt Street
Bradford
BD1 5HQ
Telephone ++44(0)161 941 1307
Our Data Protection Officer (DPO) may be contacted at privacy@sabstt.com
Should you have a complaint about the usage of your personal detail please contact your employer or our DPO, or take your complaint directly to the Information Commissioner’s Office (ico.org.uk).