Table of Contents
|When we Collect|
|Type of Personal|
Data we Collect
|Purposes of Processing the|
(How long we store
|Legal Basis under|
with Whom We
of not Providing
of not Providing
|1.1 When you access|
and use our Site
|For a period of two|
(2) years from the
date of your last
activity within the
Website , except
relating to disputes
or complaints which
will keep for a
period of seven (7)
|You and your|
|1.2 When you visit|
|Please see our|
|1.4 When you|
contact us (including
for support), or your
employer contacts us
on your behalf
|180 days after the|
request is answered
and closed.However, information
relating to complaints
will be kept for a
period of seven (7)
years after the
request is answered
or otherwise closed
(whichever is later).
|1.6 When you make|
a flight reservation
|As long as the|
corporate contract is
**Please see Section 2.7 below for more information about third parties listed in this column.
- Information your Employer Provides
- Account. In order to use certain features of the Services your employer will be required to create an account (“Account”). In order to do so your employer will be required to provide your full name, e-mail address, and mobile phone number. This information is used in order to book flights, contact you in connection with your tickets and upcoming flights, and respond to and process requests you or your employer We may also use this information to verify your identity and prevent fraud or illegal behavior. As part of the Account creation process you may also be asked to provide us with additional information such as destination preferences. We will use such information to display or contact you with information relevant to you. We will also use your Account information to automatically complete the Traveler Information (see Section 1.3 below), but you may modify this be asked to provide additional information.
- Traveler Information. When you or your employer reserves a product or service (such as a flight) using the Service your employer provides us information about the person or persons for whom you have made the reservation. This information includes each traveler’s name, mailing address (all such information, together, “Traveler Information”). We assume that your employer has the consent of the other travelers listed, or the parent or guardian of these travelers, to provide such information or that you are the travelers’ parent or guardian. If you or your employer does not have such consent or are not the parent or guardian of the traveler, then please do not provide Personal Data relating to these persons. We use this information to process the reservation and provide airfare reshopping services as well as business intelligence (insights) based on the data collected to the employer.
- Information your Employer Provides
- Flight Itinerary. We collect information about the flight your employer has requested to book or have booked, such as the airline with which you have made the booking, the flight number, the date and time of the flight, the points of origin and the destination to which you are traveling, requests regarding the flight, including meal request or special seating requests, and certain other information you provide (collectively, “Flight Itinerary”). We use this information to provide our travel insights and optimization services to your employer.
- Support Requests. If you contact us to request support in connection with your use of (or inability to use) the Services or to make a request relating to a product or service which you have reserved or purchased using the Services, then, in addition, to your contact information (such as an email address or phone number), you will be asked for your name, mailing address, information regarding the Service you have booked, and the details of the request itself. We will use this information to verify your identity, identify the Service which you have booked, process your request and contact you regarding your request (or to answer your question). We may also store the details of the request in order to present this information to you as part of your account history, in order to display and contact you with information that is relevant to you in the future. We may also use the details of your request (including information about you) for our own review of our customer support and communication practices.
- Contacting Us. If you contact us to make certain requests or to ask questions, we will use this information to respond to your requests or questions. We may also store the details of the request in order to present this information to you as part of your account history, in order to display and contact you with information that is relevant to you in the We may also use the details of your request (including information about you) for our own review of our customer support and communication practices.
- Newsletter or Marketing Sign Up. In the event you sign up to receive promotions, newsletters or other commercial or marketing communications from us, we will use the information you provide (such as your email address) to send you such You may contact us at any time to request that we stop sending you such communications or opt-out of such communications by using the “unsubscribe” link at the bottom of e-mails we send.
- Surveys & Feedback. If you complete a survey or feedback form we provide, you may be requested to provide your personal details or to log in to your Account. In such case the feedback you provide may be connected to your Account or we may contact you in order to resolve any problems you report as part of your Whether you are asked to provide personal details or not, we will use your feedback to improve our products and services, and compile statistical data.
- Business Contact Information. If you have provided us with your business card or contact card (including electronically), or you have sent us an e-mail which lists your contact information (for example as part of your signature), if you have signed up with us at a trade exhibition or at another event, or you have entered into an agreement with us and have provided contact information as part of the agreement, then we will use the information provided to contact you in the future either regarding products or services you have purchased from us (or which we have purchased from you, if you are a service provider or supplier of ours), or which may be of interest you (or which you have offered or may be able to provide to us, if you are a service provider or supplier, or a potential service provider or supplier of ours).
- Applying for a Position. When you apply for a position or make an inquiry regarding employment with Oversee or our affiliates, including by sending your resume or CV to us by email or by other means, or through a third party, or completing and submitting a form on the Services, we will (but are not obligated to) use the information you provide to contact you regarding your request or the position, to evaluate your experience, skills and candidacy for a position, and to verify your identity and conduct background checks (to the extent legally permissible). We may also share this information with affiliates as well as with third parties who provide personnel services for such purposes.
- Information we Automatically Collect and Receive from Other Sources
- Log Files. We use log files generated by your visits to and activity on our Services. Log files record information such as your internet protocol (IP) address, browser type, device type, Internet Service Provider (ISP) identity, a date/time stamp for user actions, the URLs referring/exit pages, the URL of clicked pages, error We will use this information to present relevant information to you and provide you with the Services, analyze activity on the Services, and improve our Services. [While this information may be used to automatically determine what is presented to you on the Services and the format of such content, we do not link this information to your Account.
- Device Information. We collect information about the device you use to access and use the Services, including the unique device identifier, MAC address, International Mobile Equipment Identity (“IMEI”), device dimensions, model, manufacturer, operating system, the application you use to access the Services (for example, your web browser), and your mobile network information. We use this information to adapt the Services to your device and to collect statistical information about how our Services are used and improve our Services.
- Information we Automatically Collect and Receive from Other Sources
- Geolocation Information. We collect information about your (or your device’s) location using your IP address or your mobile device’s GPS. We use this information to offer or present you with information and content that is relevant to you. Your mobile device may enable you to disable or turn off location sharing, though this may interfere with the functionality of our Services.
- Usage Data and Analytics Services. We collect and analyze information about how you use and access the Services using services and tools provided by third parties (collectively, “Analytics Services“), such as (but not limited to) Google Analytics, as described further below. Generally, Analytics Services collect information about user or visitor activities on our Services (such as our Site) using technologies like cookies and other tracking technologies (including some of those described above). The type of information collected by Analytics Services includes information about what users do on our Services, what elements of the Services they interact with and how they interact with the Services, how often users visit the Services, what pages or parts of the Services they visit, what other websites they may have visited prior to coming to the Services (“referring pages”), what search engine and search keywords they may have used to get to the Services, and information about users’ devices and We use this information to provide, maintain and improve our Services.
Browser Add-on, available at https://tools.google.com/dlpage/gaoptout/.
- What Security Measures Do We Use to Keep Your Personal Data Safe?
We use reasonable procedures to prevent unauthorized access to and the misuse of your Personal Data such as appropriate business systems and procedures to protect and safeguard your Personal Data.
Also, there are security procedures and technical and physical restrictions for accessing and using your Personal Data on our servers, we are only allowing authorized personnel to access Personal Data as part of their work.
We’ll only keep your personal data as long as we think necessary in order to let you use our services including accessing your Account or in order for us to provide your employer, our Services, unless otherwise shall be instructed by you or your employer.
- How (And With Whom) We Share Your Personal Data
In addition to the methods or the third parties with whom we may share your Personal Information described above (such as the providers of Analytics Services), we share Personal Data in the following manner:
- Your Employer. Your employer (and any person using your employer’s Account) may access your Account information and view your activity using the Services while logged into the corporate account.
Global Distribution System. In order to process your reservation, any requests you make, cancellations or resolve disputes with airlines and other third parties in connection with you and your flight, we receive the Traveler Information and Flight Itinerary from Global Distribution System following a consent from your employer.
- Law Enforcement or Other Government Entities. Where required by law or government or court order, we will disclose Personal Data relating to you, but only to the extent we are required to do so by law.
- With your Consent. In the event that you have requested or have consented to the transfer of Personal Data relating to you (such as by checking a box to signify your agreement) we will transfer Personal Data to the relevant third party.
- Disputes. In case of any dispute with or concerning you, we may disclose Personal Data relating to you with our legal counsel, professional advisors and service providers, the relevant court or other tribunal and other third parties as needed in order to resolve the dispute, defend ourselves against any claims, or enforce our rights.
- Mergers and Acquisitions. In the event that we, or a part of our business, are sold to a third party, or if we are merged with another entity, or in the event of bankruptcy or a similar event, we will transfer information about the relevant portions of our business as well as relevant customers and users, to the purchaser or the entity with which we are merged.
- Affiliates. We share Personal Data with our affiliates, such as our U.S. subsidiary, Oversee, Inc., who assist us in processing Personal Data and providing our Services.
- RIGHTS UNDER THE GDPR
Subject to certain exceptions and exclusions, the following rights apply to individuals who are protected by Regulation (EU) 2016/679, known as the General Data Protection Regulation (the “GDPR”). This includes, but may not be limited to, individuals who reside in, and who are citizens of, EU member states. If you are such a person, then:
- Right of Access. You may request that we confirm to you whether or not we store Personal Data about you and to provide you with a copy of the Personal Data we maintain about you and information about: (a) the purposes of the processing of the Personal Data; (b) the categories of Personal Data being processed; (c) the names of the recipients or the categories of recipients to whom the Personal Data have been or will be disclosed, in particular recipients in third countries or international organizations; (d) if possible, the period we believe we will store the Personal Data, or the criteria we use to determine that period; (e) the sources of the Personal Data, if not collected from you; and (f) whether we use automated decision-making, including profiling, and meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing for you.
- Right to Rectify. You may request that we rectify any Personal Data about you that we maintain that is incorrect. Depending on the purpose for which the data is used, this may also include the right to complete incomplete Personal Data.
- Right to Erasure (“Right to be Forgotten”). You may request that we erase or suppress Personal Data that relates to you in the following cases: the data is no longer needed by us; when the data is collected with your consent and you withdraw that consent; when you have a right to object to our use of the data (as described below under, “Right to Object”); we are not lawfully processing the data; or we are otherwise required by law to delete the However, there may be circumstances in which we may retain your data or we may refuse your request, for example when we review the data to defend ourselves or make legal claims or exercise are own rights. In addition, this right may not apply to the display or access of your Personal Data outside of the European Union.
- Right to Restrict Processing. You may request that we restrict our use or processing of your Personal Data if: you claim the Personal Data is inaccurate, during the time we investigate your claim; our processing of the Personal Data was unlawful; we no longer require the Personal Data; we processed the Personal Data for our legitimate interests and you object to this use (as you are permitted to do under Article 21(1) of the GDPR), during the time that we investigate whether our legitimate interests override your request. However, there may be circumstances in which we are legally entitled to refuse your request.
- Right to Data Portability. You may request that we provide you with your Personal Data that we process based on your consent or to fulfill a contract with you or that we process using automated means, in a structured, commonly used and machine-readable format, and to transfer your Personal Data to another entity or have us transfer it directly to such entity.
- Right to Object. You may, based on reasons specifically relating to you, to object to our processing of your Personal Data, when: (i) the data is used for our legitimate interests and our interests in processing the data does not override your interests, rights and freedoms and we do not require use of the data for the establishment, exercise or defense of our legal claims or rights; and (ii) we use the data for direct marketing purposes or profiling for direct marketing purposes.
- Right to Object to Automated Decision Making. You may request that you not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or significantly affects you.
- Right to Withdraw Consent. Where we process Personal Data relating to you based on your consent (such as by clicking a check box adjacent to a statement of consent), you may withdraw your consent and request that we cease using your Personal Data for the purpose for which you have your consent, or altogether, depending on the
- Right to Make a Complaint. You may file a complaint regarding our practices with the data protection authority in your place of habitual residence, place or work, or the place of the alleged infringement.
We may be permitted by law (including the GDPR and local national laws) to refuse or limit the extent to which we comply with your request. We may also require additional information in order to comply with your request, including information needed to locate the information requested or to verify your identity or the legality of your request. To the extent permitted by applicable law, we may charge an appropriate fee to comply with your request.
- Transfers of Personal Data to other Countries outside the EU or EEA
When we transfer Personal Data subject to the GDPR to recipients located in other countries outside the European Economic Area and which the European Commission has not determined adequately protect Personal Data, we enter into contractual agreements approved by the EU Commission with these recipients and receive assurances that the Personal Data will be protected.
In addition, in certain circumstances, as permitted by applicable law, we may transfer Personal Data to which the GDPR applies to countries outside the European Economic Area or which the European Commission has not determined to adequately protect Personal Data, such as where you have explicitly consented to the transfer, after having been informed of the possible risks, where the transfer is necessary to perform a contract with you or which is in your interest, i.e., process your flight reservation, or in other circumstances specified in Article 49 of the GDPR (Derogations for specific situations).
If you are an individual protected by the GDPR, you may contact us at [email protected] in order to obtain additional information regarding the basis for the transfer of Personal Data relating to you to countries outside the European Economic Area. Please note that information or copies of documents we may provide to you in connection with such requests may be limited or redacted in order to protect the rights of third parties or to comply with contractual obligations we may have (such as obligations of confidentiality).
- YOUR CALIFORNIA PRIVACY RIGHTS
If you are a California resident you have the right under California law to make certain requests in connection with our use of Personal Data relating to you, as described below. To make such a request, please contact us by email at pri[email protected]. Please note that certain exceptions may apply.
- Disclosure of Direct Marketing Practices. Under California Civil Code Section 1798.83, one time per year you may request the following information regarding our disclosure of your Personal Data to third parties for their direct marketing purposes: a list of the categories of the personal information disclosed to such parties during the preceding calendar year, the names and addresses of such third parties, and if the nature of the parties’ businesses is not clear from their names, examples of the products or services marketed by such third parties.
- Removal of Public Information. If you are under the age of 18 and have an Account, under California Business and Professions Code Section 22581, you may request the removal of content or information you have publicly posted that is identified with you or your Please be aware that certain exceptions may apply and we may not be able to completely remove all such information.
- CALIFORNIA DO NOT TRACK NOTICE.
We do not track individuals’ online activities over time and across third party Web sites or online services (though we do receive information about the webpage you visited prior to access the Services). However, we allow third parties (such as analytics service-providers Google) to collect personally identifiable information about an individual consumer’s online activities when a consumer uses the Services. We do not respond to Web browser “do not track” signals or similar mechanisms.
- Personal Data of
Our Services are not intended for, and we do not knowingly collect Personal Data from persons under the age of eighteen (18). If you believe that a person under the age of eighteen (18) has provided us with Personal Data, or if we have received the Personal Data of such person, please contact us at https://overseeprod.wpengine.com/privacy/
- UNSUBSCRIBING TO COMMERCIAL MESSAGES.
You may request that we stop sending you commercial messages by clicking the unsubscribe link located at the bottom of the email you receive. However, we may still send you messages in connection with your Account, requests or reservations you make, to resolve disputes, or as otherwise permitted by applicable law.
- ANONYMOUS INFORMATION.
We do not treat information we collect or receive which cannot be connected to any particular person or which is anonymized or aggregated such that it can no longer be connected to or used to identify any particular person as Personal Data even if it was originally linked to or stored with Personal Data. Such information cannot be used to identify you or any other person. We use anonymous information internally for a variety of purposes, may share it with third parties or even publish it for any reason.