Tri-Pen Data Protection

Data Protection Statement

Tri-Pen Management is a safe harbor location.

Tri-Pen Management respects the individual privacy and vales and the confidence of its customers, vendors, business partners and others.  TPM strives to collect, use and disclose Personal Information in a manner consistent with the laws of the countries in which it does business, and has a tradition of upholding the highest ethical standards in its business practices.  TPM abides by the Safe Harbor Principals developed by the U.S. Department of Commerce and European Commission.  This TPM Safe Harbor Privacy Policy sets forth the privacy principles that TPM follows with respect to transfers of Personal Information from European Economic Area (EEA) (which includes the member states of the European Union (EU) plus Iceland, Liechtenstein, and Norway) to the U.S.  

For more information please go to the Tri-Pen Management website: http://tri-pen.com

Tri-Pen Management Data Protection Policy

Tri-Pen Management as a service provider to global corporate clients provides services in many countries around the world. TPM provides corporate travel management outsourcing services corporate clients and the employees of those companies with whom TPM signs service agreements. In doing so, TPM or our sub-contractors may receive individual data from employees of our client companies into systems overseen or owned by TPM or our sub-contractors.

Reasons for the TPM Policies

Data protection laws apply to information which may be received by TPM because sometimes that data can be used to identify an individual person.

The purpose of data protection is to protect an individual's rights by keeping personal data secure and by regulating use of the data, so that it may be used only for the purpose for which it was given/collected/intended. For examples of local country laws which TPM respects and upholds, please see the following web sites.

• http://ec.europa.eu/justice_home/fsj/privacy/index_en.htm  (for the European Directive on Data Protection),
• http://privacy.gov.au/law (for Australian privacy laws),
• http://www.priv.gc.ca/index_e.cfm (for Canadian privacy laws),
• http://www.export.gov/safeharbor/ (for information on Safe Harbor in the U.S.).

TPM’s policy and corresponding procedures take into account the national laws of the many countries where TPM may provide services to our clients and their employees.  In some cases our policies and procedures may surpass local regulations and laws.  It is our goal to standardize globally the way travel data is handled by TPM.

Information That May be Stored

The data that we store or is stored by our sub-contractors may include: name, address, email address, credit card reference/number, travel destinations, travel schedules, travel preferences and other related information, as well as passport details and other personal details.

When servicing a given employee of a client, a "Traveler Profile" with travel data for each traveler is created, which is kept on file as a reference document and consulted each time a reservation is to be made by TPM sub-contractors.

Based on the travel expenses incurred by travelers of each corporate client, TPM and our sub-contractors produce reports that summarize and analyze the travel trends of that company’s employees.

How Information May be Utilized

In addition to creating Traveler Profiles, TPM may use the travel data with the consent of the traveler for the following travel and other travel-related purposes.

Reservations: TPM or our sub-contractors may need to transfer travel data to various third party travel suppliers and computer reservation systems for the purposes of making reservations within the traveler's home country or to another TPM agency in another country where the traveler may be traveling.

Consolidation of Travel Data: At the request of the corporate client (the traveler's employer), TPM or our sub-contractors prepare information reports that summarize and analyze the travel expenditures per destination, per travel supplier, etc.

Compliance with Travel Policy: Also at the request of the corporate client, TPM or our sub-contractors may report on the compliance of the travelers with the travel policy of the client and identify exceptions to compliance.

Collecting Travel Payments: TPM or our sub-contractors may transfer travel data to third parties in the traveler's home country or in another country for the purpose of collecting payments related to travel reservations.

TPM Databases: In order to constantly improve the servicing of our clients around the world, the travel data is handled out of certain locations accessible by the travel agents of our sub-contractors around the world.

New Products and Services: Also with the goal of improving service and based on the data given to TPM, additional information may be sent to travelers if it applies to their trip. An example would be a list of restaurants near a specific hotel, in a specific city.

TPM as a Data Controller or a Data Processor

TPM serves various functions:

1. TPM or our sub-contractors are Data Controllers: TPM needs to collect the consent of each traveler (Data Protection Statement).

2. Client is Data Controller: TPM serves as a data processor while the Client manages the traveler consent process internally.

Measures We Take

TPM is has implemented, and is constantly improving, processes through which we standardize the way our company, its affiliates, and our sub-contractors handle data.

Data Protection Statement: TPM has established a Data Protection Statement to ensure consent to various uses of travel data given to TPM. The statements are signed by the traveler either in paper form or in electronic form where allowed by local law.

Sub-contractors and third party data transfer: TPM insures that our sub-contractors have in place processes which comply with or exceed applicable local country data protection laws. This will ensure that even if the laws governing the third party sub-contractor are less strict than our standards, the level of protection that the traveler's data receives will be consistent.  TPM is certified to Safe Harbor (see TPM's name under the Safe Harbor website at: https://www.export.gov/safehrbr/list.aspx).

Security: Pursuant to the various data protection laws, TPM has implemented appropriate technical and organizational measures to protect the personal travel data, obtained from our clients' travelers, against accidental or unlawful disclosure or destruction.

Destruction: Under many data protection laws, personal data must be destroyed after a certain period of time. TPM keeps travel data only as long as required by law, a period of time which may vary according to the requirements for various internal departments.