|
Basic information about the processing of Personal Data |
|
|
Amadeus IT Group, S.A. (“Amadeus”) |
|
|
To provide Amadeus Mobile Messenger services (the “Amadeus Mobile Messenger Services”) to Amadeus Customers in accordance with a contract that has been entered between Amadeus and an Amadeus customer. Amadeus Mobile Messenger is an incident and risk management solution that enables Amadeus Customers to monitor the safety and wellbeing of travelers throughout a trip including sending notifications to travelers. |
|
|
Performance of a contract Legitimate business interest Consent |
|
|
Amadeus Affiliates and Third-Party Service Providers |
|
|
Under certain circumstances, you have rights to access, review and restrict processing of Personal Data as well as the right to lodge a complaint with a supervisory authority. |
|
Amadeus is committed to protecting the privacy of its customers and end users Personal Data it collects and processes and will adhere to the policies and practices described in this Amadeus Mobile Messenger Privacy Notice (the “Privacy Notice”), as well as any applicable customer agreement as it relates to the processing of Personal Data.
This Privacy Notice describes how Amadeus collects and processes Personal Data when providing Amadeus Mobile Messenger Services through the Amadeus Mobile Messenger App (the "App"). Amadeus process Personal Data to provide the Amadeus Mobile Messenger Services, as agreed in the contract between Amadeus and the Amadeus Customer. The Amadeus Mobile Messenger Services monitor the safety and wellbeing of a traveler (end user), including sending communications at the request of an Amadeus Customer. The use of the App is subject to the Amadeus Customers policies and the App Terms of Use https://mobilemessenger.amadeus.com/terms-and-conditions.html.
This Privacy Notice only addresses the processing of Personal Data directly collected by Amadeus through the Mobile Messenger Web Interface and the Mobile App. This Privacy Notice does not apply to the Personal Data that may be collected or processed by Amadeus for other purposes, such as through Amadeus websites, or the Personal Data of travelers included in the travel information processed in the Amadeus GDS or Personal Data transferred from an Amadeus Customer to Amadeus in order to provide the Amadeus Mobile Messenger Services to you. Where Personal Data is collected for other purposes, the relevant privacy notice will be provided explaining the purposes the Personal Data is being processed for.
Use of the Amadeus Mobile Messenger Services by travelers is subject to the policies of the Amadeus Customer who has contracted with Amadeus for the Amadeus Mobile Messenger Services. Amadeus is not responsible for the privacy or security practices of Amadeus Customers and these may differ from the practices of Amadeus. If you wish to make any changes to your Personal Data that is processed through the Amadeus Mobile Messenger Services, this request should be made to the Amadeus Customer directly.
Who is collecting and processing the Personal Data?
This Amadeus Mobile Messenger Privacy Notice applies to Personal Data that Amadeus collects when providing access to the Mobile Messenger Web Interface or App pursuant to a contract with an Amadeus Customer.
What Personal Data is processed?
Amadeus collects and process Personal Data through the use of the Mobile Messenger Web Interface and Mobile App. The types of Personal Data that are processed may include:
What purpose is the Personal Data used for?
Amadeus process the Personal Data collected from you via the Mobile Messenger Web Interface or App for the purposes of:
In addition to this Privacy Notice, processing of Personal Data is subject to any applicable agreements with the Amadeus Customer.
What is the legal basis for the processing of the Personal Data?
Amadeus rely on a variety of legal grounds to process Personal Data through the Mobile Messenger Web Interface and App, including necessary for the performance of a contract, legitimate interest of Amadeus and consent.
Performance of a contract
The processing of your Personal Data is necessary for the performance of the contract you enter by accessing the App and accepting the App Terms of Use.
Legitimate interest
Amadeus require your data to pursue the legitimate interests of Amadeus in a way that might be reasonably be expected provided this does not materially impact an individual’s rights freedoms or interests, this would include Amadeus performance of the contract with the Amadeus Customer for the Amadeus Mobile Messenger Services.
Consent
Amadeus may collect and process Personal Data with consent, this would include access to location data.
Who are the Personal Data shared with?
Amadeus may share Personal Data with its affiliates, agents, and third-party service providers such as suppliers of information technology services, security services, and legal, financial/accounting service providers, and other similar professional advisers. Amadeus may also share Personal Data with third parties, if Amadeus choose to sell, transfer, or merge parts of the business or assets. If there is a change of control of the business those who purchase the business or part of may use Personal Data in the same way as set out under this Privacy Notice.
Where such disclosure takes place, Amadeus requires the appropriate technical and organizational security measures to be in place to protect Personal Data, and for Personal Data to be processed lawfully. Amadeus only allows affiliates and third-party service providers to process Personal Data on behalf of Amadeus for specified purposes and in accordance with Amadeus’ instructions.
Further information on the affiliates and third-party service providers that Amadeus uses to process Personal Data on their behalf can be requested through using the contact details found in the “Contacting Us” section of this Privacy Notice. When requesting this information please refer to information about affiliates and third-party service providers so that the relevant information can be provided.
Amadeus may also disclose Personal Data as required by law, subpoena, or regulation, or when requested by a government, law enforcement authority, or as otherwise required or permitted by law.
International Transfer of Personal Data
When Amadeus share your Personal Data with its affiliates and third-party service providers who process Personal Data on behalf of Amadeus this will involve transferring Personal Data outside the European Economic Area (EEA). When Personal Data is transferred to another country it will continue to receive adequate protection through contractual or other arrangements put in place with Affiliates and third-party service providers. For these transfers at least one of the following appropriate safeguards will be implemented;
Further information on the appropriate safeguards used when transferring Personal Data outside the EEA can be requested through the contact details set out below in the “Contacting Us” section. When requesting this information please make a reference to the transfer of personal data outside the EEA.
Security and Integrity of Personal Data
Amadeus has taken the appropriate technical and organizational security measures to protect Personal Data from loss or unlawful processing. When Personal Data is processed on behalf of Amadeus, access is limited to those who require access on a business need-to-know basis. Personal Data will be processed in accordance with the instructions of Amadeus and those who have access are subject to a duty of confidentiality.
Amadeus has in place procedures to deal with any suspected Personal Data breach and will notify individuals and any applicable regulator of a breach where they are legally required to do so.
Third Party Sites
This Privacy Notice does not address how other organizations process Personal Data. In providing the Amadeus Mobile Messenger Services links may be provided to other organizations including social media platforms. Processing of Personal Data by third parties will be subject to the relevant third-party terms of use and privacy notices.
Retention of Personal Data
Amadeus will retain Personal Data provided by you for as long as necessary to fulfil the purposes it was collected for including for the purposes of satisfying any legal, accounting or reporting requirements.
At the end of that retention period Personal Data will either be deleted completely or anonymized, for example by aggregation with other data so that it can be used in a non-identifiable way for statistical analysis and business planning.
Legal rights
Individuals should contact the relevant Amadeus Customer providing the incident and risk management services with any issues or requests they may have relating to Personal Data processed in the delivery of Amadeus Mobile Messenger Services. If you are a traveler, end user of the App and you wish to make any changes to your contact information or communication preferences, you will need to do so by contacting the Amadeus Customer providing access to the services.
Under certain circumstances individuals can exercise their rights under data protection laws to access, review, correct, update, or otherwise limit use of Personal Data that has been provided to Amadeus. Individuals may exercise these rights relating to their own Personal Data or contact Amadeus for other data protection related questions by emailing dataprotection@amadeus.com or writing to our Chief Privacy Officer at Amadeus IT Group, S.A. C/Salvador de Madariaga 1, 28027 Madrid, Spain.
Amadeus will require authentication of the identity of the individual wishing to exercise their rights under data protection laws and may require additional information to assist in responding to requests.
Individuals rights
Amadeus intends to carefully address any request and/or claim from individuals. You are entitled to file any claim or complaint before the relevant data protection authorities, if the answer provided by Amadeus does not meet your expectations.
Additional Privacy Disclosures for the United States California and Nevada
If you are a California or Nevada (United States) resident, please see our Additional Privacy Disclosures for the United States California and Nevada here https://amadeus.com/en/policies/additional-privacy-disclosures-us-california-nevada, which is incorporated by reference into this Privacy Notice.
Updates
This Privacy Notice is published by Amadeus IT Group S.A. and may be changed at any time. The date it was updated is shown here: 5th May 2020.
Contacting Us
If you have any questions regarding this Privacy Notice, please contact us by e-mail at dataprotection@amadeus.com