Carlson Wagonlit Travel: Discover Your Destination

 Find us on Facebook  
     
Macy's Travel Home Page Vacations Trip Request Events Group Travel Get E-Specials About Us Contact Us  
  Formerly Macy's Travel
     
  Vacations  
 
Hot Deals by City
 
 
Trip Request
 
  Events  
  Group Travel  
 
Our Own Tours
 
 
Musical Adventures
 
  Your Honeymoon  
  Get E-Specials  
  Spring Traveler  
  About Us  
  Travel Trivia  
  Contact Us  
     
  Virtuoso Member  
  We have received a prestigious appointment to the most powerful organization in luxury travel, Virtuoso. Our membership will provide you with many benefits.
Find out more.		  


data protection policy

Last updated 10 September 2009

Carlson Wagonlit Travel (CWT) has travel agency operations in many countries around the world. CWT's focus is to provide business travel services to the employees of businesses with whom CWT signs a corporate travel services agreement. In doing so, CWT receives individual data from the employees.

Why the laws apply to us and why CWT needs to obtain the consent of the traveler

The purpose of data protection is to protect an individual's rights by keeping personal data secure and by regulating its processing, so that it may be used only for the purpose for which it was given/collected. CWT is using the Data Protection Statement (see below) to request the consent of the traveler. For examples of such laws, please see the following web sites.

http://ec.europa.eu/justice_home/fsj/privacy/index_en.htm (for the European Directive on Data Protection)
http://privacy.gov.au/law (for Australian privacy laws)
http://www.priv.gc.ca/index_e.cfm (for Canadian privacy laws)
http://www.export.gov/safeharbor/ (for information on Safe Harbor in the U.S.)

CWT has always had internal confidentiality standards. Our policy and corresponding procedures take into account the national laws of the many countries where CWT has operations, and in some cases surpass these regulations. It is our goal to standardize globally the way travel data is handled and processed within CWT.

back to top

Information that we store

When servicing a given corporate client, CWT creates a "Traveler Profile" with travel data for each traveler, which is kept on file as a reference document and consulted each time a reservation is to be made. When a reservation is made, CWT creates a "passenger name record" (PNR), which contains all of the information needed to fulfill the travel request of each traveler.

Based on the travel expenses incurred by travelers of each corporate client, CWT produces reports that summarize and analyze the travel trends of that client.

back to top

What we do with the information

In addition to creating Traveler Profiles and PNRs, CWT uses the travel data with the consent of the traveler for the following travel and other travel-related purposes.

Reservations: CWT may need to transfer travel data to various third party travel suppliers and computer reservation systems for the purposes of making reservations within the traveler's home country or to another CWT agency in another country where the traveler may be traveling.

Consolidation of Travel Data: At the request of the corporate client (the traveler's employer), CWT or a third party prepares information reports that summarize and analyze the travel expenditures per destination, per travel supplier, etc.

Compliance with Travel Policy: Also at the request of the corporate client, CWT may report on the compliance of the travelers with the travel policy of the client and identify any exceptions to the compliance.

Collecting Travel Payments: CWT may transfer travel data to third parties in the traveler's home country or in another country for the purpose of collecting payments related to travel reservations.

New Products and Services: Also with the goal of improving service and based on the data given to CWT, we may send additional information to the traveler if it applies to his/her trip. An example would be a list of restaurants near a specific hotel, in a specific city.

back to top

CWT as a Data Controller or a Data Processor

CWT proposes two options:

1. CWT is Data Controller: CWT needs to collect the consent of each traveler (Data Protection Statement).

2. Client is Data Controller: CWT is data processor while the Client manages the traveler consent process internally.

back to top

Measures we are taking

CWT is implementing, step-by-step, a process through which we will standardize the way our company and its affiliates handle travel data.

back to top

Travelers' rights

The traveler's principal rights are to

amend his/her personal data, and upon written request and payment of a statutory fee or if none, a reasonable fee, to receive from CWT, within a reasonable amount of time, a copy of his/her Traveler Profile (see contacts at the bottom of this Policy) (for data held by third parties, please contact the third party),

know how his/her data is being processed, for what purpose and who is doing the processing,

choose whether or not to receive unsolicited services/direct marketing/information on other travel products and services,

revoke consent to the DPS (upon written request) or refuse to provide information.

Please note that if a traveler chooses not to sign, or to revoke consent to, the Data Protection Statement, CWT cannot accept his/her travel data and cannot service the traveler. If this is the case, we encourage the traveler to contact his/her employer.

back to top

Frequently Asked Questions:

What data is covered by data protection laws?

Personal data (what CWT calls travel data) is defined as data, which relates to a living individual who can be identified from the data. If the traveler data does not refer to or identify any individual employee then, the data can be processed by CWT without the traveler's consent. For instance, if the management reports do not include any references to specific individuals, then CWT would not have to obtain the traveler's consent to the delivery of reports to the traveler's employer.

Why is the travel agreement between CWT and the client not sufficient to protect the travelers' data?

The travel agreement is between the corporate client (employer of the traveler) and CWT, and not between the traveler and CWT. Data protection laws protect the rights of the individual traveler, and in processing the individual traveler's data, CWT has obligations under these laws which it has to fulfill itself and cannot pass onto the client.

What happens if CWT does not obtain the traveler's consent, and is therefore not in compliance with the data protection laws?

Practically speaking, it will be very difficult for CWT to provide travel services to an individual traveler who refuses to allow CWT to process his/her travel data. Included in the data protection laws are harsh penalties for non-compliance; in some countries it is a criminal offense.

What obligations do we have in processing the data within CWT?

CWT must ensure, at the very least, that the personal data:

is processed fairly and lawfully,
is obtained only for specific and lawful purposes and shall not be further processed in any manner incompatible with these purposes,
is not excessive (in terms of the type of data requested) in relation to the purposes for which it is collected and further processed,
is accurate,
is kept secure and not held for longer than necessary.

Can CWT use the data to carry out its own analyses?

CWT may not use the data for promotion and marketing purposes by third parties unless the traveler gives his/her consent. CWT may, for instance, use the data to analyze the travel trends of its corporate clients in order to propose other CWT services to the clients, such as CWT Solutions Group activities, without receiving the traveler's consent. If the traveler's consent is only given to his/her employer, the corporate client, if the client is Data Controller, then that consent cannot apply to CWT's use for purposes other than those directed by that Client.

back to top

Notes

The following notes are to detail certain points and country specifics.

"Carlson Wagonlit Travel" refers to the group of companies of which the parent company is CWT B.V., a Dutch company, and its affiliates in over 40 countries around the world. CWT values the protection of personal data of all our travelers wherever they are based around the world.

"24-hour travel assistance center." CWT is willing to provide travel services to its clients and their travelers on an emergency basis from its 24-hour travel assistance centers, outside normal business hours of their usual travel agency, without requiring a signed data protection statement. CWT believes that this is in the best interest of the individual traveler during an emergency. However, CWT will inform the traveler that the traveler is required to sign the statement as soon as the traveler is able to do so.

Australia. We will use and disclose personal data for the primary purpose for which it was collected. We may also use and disclose personal data for purposes related or ancillary to the main reasons we collect it. Some examples of the way we use and disclose personal data are provided in this CWT Privacy/Data Protection Policy, for example, see under the heading "What we do with the information".

Canada. Federal laws on data protection will apply to CWT's activities as of January 1, 2004. Quebec has existing data protection laws for commercial activity within that province. Other provinces have indicated that they may enact data protection laws for commercial activities within their respective jurisdictions and CWT will continue to evaluate its approach to ensure compliance with new laws as they are introduced.

European Union. The European Union has established a list of countries outside of the EU that it considers safe for the transfer of personal data. This list currently includes Canada, Hungary and Switzerland. See below for U.S. arrangement.

United States Safe Harbor. The European Commission has negotiated with the U.S. Department of Commerce certain principles and guidelines for the transfer of data. These Safe Harbor Principles guide U.S. entities in providing an adequate level of protection for personal data. The voluntary decision by a U.S. entity to enter the Safe Harbor means that the entity must comply with the Principles, publicly declare that it is doing so, and obtain certification from the U.S. Dept of Commerce. For more information on Safe Harbor, including a list of the seven Principles, please go to http://www.export.gov/safeharbor/ (click on Safe Harbor Overview to see the Principles). The CWT entities in the U.S. are either signed up to the Safe Harbor Principles or have entered into the EU standard contractual clauses for the transfer of personal data to processors established in third countries (under Directive 95/46/EC). As stated above, CWT's U.S. entities are certified to Safe Harbor (see CWT's name under the Safe Harbor website at: https://www.export.gov/safehrbr/list.aspx).

Other countries. Other countries are in the process of adopting data protection laws and we will be monitoring these laws and determining if we need to take any additional measures.

back to top

Contacts:

For any questions concerning your personal travel data, please contact your local CWT office.

This policy is subject to change. The changes will be posted on this web site, so please be sure to check the site regularly.

back to top
     
 
 
 
E-Specials:
 

Register for the easiest way to learn about current travel deals: E-Specials! Sign up and we'll send our Take Me Away travel offers right to your inbox.

Get E-Specials

Trust Us For Travel:
 
We have been serving the needs of discerning travelers for over 45 years. We've earned our customers’ trust by consistently delivering the best travel experiences available. Our expert travel consultants are up-to-date, experienced and committed to providing excellent value and quality services.

1-800-316-6166
 

 

Monday - Friday
10 am - 8 pm CT

Saturday
10 am - 6 pm CT

 
 

 

Carlson Wagonlit Travel: Discover Your Destination


 
 
 

Copyright © 2006-2012 CWT. Terms of Use | Data Protection Policy