Travelner Travel Agency L.L.C - European Supplemental Privacy Notice
Travelner Travel Agency L.L.C maintains a global privacy and data protection program as described in our Global Privacy Notice.
This European Data Protection Notice supplements our Global Privacy Notice by providing additional disclosures required by law in the European Union/European Economic Area (EU/EEA), Switzerland, and the United Kingdom.
Controller
When you use services offered by Travelner Insurance in the EU/EEA, Switzerland, or the United Kingdom, the data controller will be as follows:
Travelner Travel Agency L.L.C
Legal Basis for Individual Processing Activities
We use personal data (called PII in our Global Privacy Notice) primarily to provide you the services you request. We also use personal data to comply with our legal obligations and protect our legitimate interests, including providing you personalized services, communicating with you, improving our services, and detecting fraudulent and illegal activity. With your prior consent, we also may use your personal data to send you marketing materials and offers.
Cookies and Other Online Identifiers
We use cookies and other online identifiers as part of our services. Please see our Global Privacy Notice section on online identifiers for more information on our use of cookies and other identifiers. Please note that in cases where our cookies process personal data of data subjects in the EU/EEA, Switzerland, and the UK, we collect your consent before using those cookies.
International Data Transfers
We operate a global business and personal data you provide may be transferred from your country to the United States or to another country where we do business. We make these transfers when necessary to provide our services, to perform our contract with you, or when we have your consent to transfer your personal data to another country.
We transfer personal data outside the EU/EEA, Switzerland, and the UK to countries that have been determined by the European Commission to offer an adequate level of data protection.
For transfers from the EU/EEA and Switzerland to countries that have not been deemed to offer an adequate level of data protection, we transfer personal data pursuant to a data protection addendum with standard contractual clauses and appropriate supplementary measures including, appropriate technical and organizational measures.
For transfers from the UK to countries that have not been deemed to offer an adequate level of data protection, we transfer personal data pursuant to a data protection addendum consistent with the requirements of the UK International Data Transfer Agreement issued by the UK Information Commissioner, Version B1.0.
Transfers to the United States
For transfers to the United States, we transfer data pursuant to the EU-U.S. Data Privacy Framework (“EU-U.S. DPF”), the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (“Swiss-U.S. DPF”) as set forth by the U.S. Department of Commerce.
We have certified to the U.S. Department of Commerce that we adhere to the EU-U.S. Data Privacy Framework Principles (“EU-U.S. DPF Principles”) with regard to the processing of personal data received from the European Union in reliance on the EU-U.S. DPF and from the United Kingdom (and Gibraltar) in reliance on the UK Extension to the EU-U.S. DPF. We have certified to the U.S. Department of Commerce that we adhere to the Swiss-U.S. Data Privacy Framework Principles (“Swiss-U.S. DPF Principles”) with regard to the processing of personal data received from Switzerland in reliance on the Swiss-U.S. DPF. If there is any conflict between the terms in our privacy notices and the EU-U.S. DPF Principles and/or the Swiss-U.S. DPF Principles, the Principles shall govern.
For transfers to the United States in situations where transfers via the DPF not available (for example, between Switzerland and the United States while approval of the DPF is pending), we transfer personal data pursuant to a data protection addendum with standard contractual clauses and appropriate supplementary measures including, appropriate technical and organizational measures.
Complaints to Data Protection Authorities
In the EU/EEA, you have the right to lodge a complaint with your local data protection supervisory authority.
In Switzerland, you have the right to lodge a complaint with the Federal Data Protection Information Commissioner.
In the UK, you have the right to lodge a complaint with the Information Commissioner's Office.