Carlson Wagonlit Travel (CWT Global B.V. and its affiliates, together CWT) is a travel management company with operations in many countries around the world. We provide business travel and hospitality, as well as meetings and events, services to our corporate clients.
CWT is committed to transparency and respecting your online privacy, and recognises the need for appropriate protection and management of the personal data you share with us.
This Global Privacy Notice and Policy describes the personal data we collect, how we used it and with whom we share it, in the context of the provision of our services and when you visit our websites and online tools.
Why do we collect personal data?
Personal data is information that enables us to identify you when providing our services. The use, processing or transfer of your personal data is regulated by applicable data protection and privacy laws and regulations.
CWT collects personal information from (i) corporate clients, their travelers and meetings and events attendees, for the performance of the commercial agreements concluded with our clients, and (ii) the visitors and users of CWT websites. The purposes for which we collect your personal information is related to the provision of business travel, hospitality and meetings and events services, such as:
Travel and hospitality booking;
Visa application assistance;
Account administration and billing;
Travel client policy compliance and expenses consolidation reporting;
Communication of essential travel information including itineraries and alerts, as well as updates on CWT products and services including customer satisfaction surveys;
Fraud detection and prevention including, where relevant, security and sanctions screenings as prescribed by local applicable laws;
Internal market analysis.
The personal data we collect is therefore necessary for the performance of our contract with our corporate clients and without which, we wouldn’t be able to fulfil their travel, hospitality or meetings and events’ needs and requirements.
We also collect business contact information for the purposes of direct- marketing (described under Direct-Marketing Communications’ Notice).
What personal information do we collect?
The personal data that we collect for the above purposes may include: name, surname, phone number, email and address, company name, gender, date of birth, form of payment and card numbers, travel preferences where expressed (seat, meal, smoking, special services, etc.), passport and visa details, Passenger Name Record (PNR) as well as next of kin information.
CWT also collects contact information from visitors to CWT websites via “Contact Us” online forms, whose fields contain name, surname, phone number, email and address, company name.
How do we collect or receive your personal information?
When servicing our corporate clients for their travel and hospitality needs, an electronic ‘Traveler Profile’ is created in CWT’s proprietary tool called CWT Portrait. The personal information is entered through feeds from the corporate clients, and/or by the traveler or authorized travel manager. The profile information can also be received from an online booking tool service provider (OBT) where such provider’s services are requested by our clients.
When organizing meetings and events for our corporate clients, CWT processes list of attendee names and attendee information directly received from clients or indirectly through online management providers that may be selected by the client.
How do we use your personal data?
We use your personal data to provide our services as described under our commercial agreements.
For example, when a reservation is made, CWT processes a PNR containing the personal data that we have received, along with the reservation information that is needed to fulfil the travel request, and,, in some cases with further information required for compliance with local travel regulations such as the Secure Flight Program in the United States and the Advanced Passenger Information System prevalent in several countries such as the United Kingdom and China.
How long do we keep your personal data?
We retain your personal data as needed to perform our agreements and provide our services, respond to inquiries from our corporate clients on past travel and other business activities, and to comply with our legal obligations, meet our regulatory requirements such as financial reporting laws, resolve disputes or address claims or litigation.
With whom do we share your personal information?
To make travel and hospitality reservations, and in line with travel industry practices, CWT needs to share personal information that is has collected and processed (usually the PNR) with various third-party travel suppliers such as:
Travel industry service providers, i.e., the airlines, hotels, car rental companies;
Safety and security service providers;
General Distribution Systems (GDS), which are computerized network systems that enable travel and hospitality transactions between travel industry service providers and travel management companies like CWT, via aggregating real-time inventory (of number of hotel rooms, flight seats and cars available, etc.);
Computer reservation systems, which are is reservation systems used by the service providers (airlines, hotels, etc.) and which hold the inventory (of number of hotel rooms, flight seats and cars available, etc.);
Card payment companies; and
From time to time in accordance with regulatory requirements, government bodies such as the Department of Homeland Services in the US.
Without sharing personal information among such travel industry parties, travel will not be possible.
To arrange and manage our clients’ meetings and events, and in line with industry practices, CWT needs to share personal information with various third-party suppliers such as:
Transportation providers (cars, bus and coaches);
Service providers of badges and stationary;
Catering providers (for dietary requirements);
Audio-visual services companies (for presentations and conferences).
Furthermore, CWT uses certain authorized third-party processors (i.e. sub-contractors) for the management of certain administrative and information technology tools and platforms. Such subcontractors may access your personal data but only for, on behalf of, and under the instructions of CWT, and are required to adhere to CWT policies, procedures and processes and comply with applicable privacy laws.
We reserve the right to disclose personal data if required to do so by law or in the good faith belief that such action is reasonably necessary to comply with all applicable laws.
Is your personal data transferred outside the EU/EEA?
Given the international nature of CWT services, international personal data transfers are made throughout CWT, its affiliates, joint ventures and global partner network to support travel-related services such as airline ticket issuance and technical help-desk requests, as well as management of meetings and events.
In circumstances where personal data is transferred to, or centrally stored in, countries in which there is not a similar level of protection as in your country, CWT has, where relevant, taken steps to ensure an adequate level of protection of the transferred data by entering into appropriate inter-company data transfer agreements based on the European Standard Contractual Clauses (also known as EU Model Clauses).
How do we ensure your personal data is safe?
We continuously implement and maintain, appropriate administrative, organizational, technical and physical security measures to ensure confidentiality, integrity, availability and resilience of our systems that process your personal data. These measures are monitored to prevent the accidental or unlawful destruction, alteration or any unauthorized disclosure or access to your personal data, or other unlawful forms of processing.
Compliance with this Policy and data protection laws
Direct Marketing Communications’ Notice
When you visit CWT websites and online tools, you can always elect not to provide us with certain information. If you choose not to provide the contact data we request, you can still visit most of CWT’s web pages but you may be unable to access certain services that involve our interaction with you.
Where you have received a communication from us on our products and services, it is either because you or your company have requested such communication or because we believe the communication is of interest to you or your company. In some cases, we will have collected your contact details from publicly available sources or through a third-party with whom you or your company have agreed onward sharing. We rely on our legitimate interest to keep you informed of our products and services however if you no longer wish to receive further marketing communications, please click on the ‘unsubscribe’ link at the bottom of the communication and your contact details will no longer be used in that regard.
Where we engage third-party sub-contractors to manage our marketing campaigns, they do so on our behalf and under our instructions, and we ensure they commit to complying with our policies and applicable privacy laws and do not use your data for any other purposes than the agreed purposes.
As a global travel management service provider, we may transfer your personal data outside of the European Union and European Economic Area. Where we do so to any country not deemed a country of adequate protection by European Commissioners, we make sure such transfers are validated via the recognised European Standard Clauses (also known as ‘European Model Clauses’) so that your rights are safeguarded.
CWT shall retain your information only so long as you wish to receive/keep receiving our marketing communications and/or to comply with legal obligations, a Court order or regulatory requirements, and to fulfil your request to ‘unsubscribe’ from marketing communications.
You are entitled to several rights in relation to your personal data, such as a right of access to the data CWT collects about you, a right of rectification, a right of deletion, a right to object to the processing of your personal data on legitimate grounds.
We are at your disposal for any query that you may have (please use our contact email below), any request or issue, including complaints. We will handle such with the level of care that you are entitled to expect from us. However, should you not be satisfied with the way in which we have handled such topics, and depending on the country in which you reside, you may also have a right to lodge a complaint with the supervisory data protection authority.