Tripkicks Privacy Policy

Tripkicks, Inc. provides technology solutions that make business travel better.  This document (“Privacy Policy” or “Policy”) summarizes how Tripkicks, Inc. and its affiliated or related companies (“Tripkicks,” “we,” “us,” or “our”) use, disclose, and protect the information provided when users access our online sites and applications, owned and operated by Tripkicks.  By accessing our sites and applications, or through use, implementation, exploring the potential use of our applications, or engaging in other correspondence with Tripkicks (together, the “Services”), certain information including both personal data and non-personal data, may be disclosed to Tripkicks. 

We are committed to protecting the privacy of our users, and take commercially reasonable steps to reduce the risk that any of their data is lost, damaged, or misused.  This Policy provides a summary of the processes and controls for how we handle personal and non-personal information.  Use of any part of the Services will constitute your notice and acceptance of this Policy, including how it describes our use, retention, transfer, disclosure and deletion of data.  If you do not agree with this Privacy Policy, you should not use our Services or otherwise communicate with us.

Changes to This Policy. We may, in our sole discretion, change this Policy from time to time to revise as necessary to include updates and remove outdated information.  Updates can be found within this Policy, and the “Effective Date” can be found above.  Unless stated otherwise, our current Policy applies to all information that we have about you and your account.  Users should regularly check this page for any changes to this Policy.  We will always post new versions of the Policy on https://www.tripkicks.com/privacy-policy/.  However, we may, as determined in our discretion, decide to notify users of material changes made to this Policy via email or otherwise.  Accordingly, it is important that you always maintain and update your contact information.

Your continued use of the Services or communication with us after the updated Policy has been posted (or any other indication of your consent) will constitute your acceptance of the updated Policy.

Information Collected.  To use our Services, you must provide personal information (“Personal Information”), which can include your first name, last name, email address, and other professional attributes such as employee identification number, and organizational structure identifiers (e.g., department), often provided directly by your employer.  By the nature of our Services, we will collect additional Personal Information pertaining to your past, future, or current business and/or personal travel, and/or related expenses.  This data may be provided directly by users of our Services, or collected via third party applications (e.g., via API) made accessible directly by the users or by means of your employer.  If we combine or associate information from other sources with information that we collect through our Services, we treat the combined information in accordance with this Policy.      

We will not ask for or request sensitive information such as government identifiers, medical information, or financial information.  Please do not provide this information to us through e-mails, feedback forms or in any other way unless specifically requested.

When you access the Services or open our emails, some information may be automatically collected, including without limitation your computer’s operating system, Internet Protocol (IP) address, Device Identifier, access times, browser type, device type, domain name, access times, duration of visit, referring URL, platform, new and repeat information, time stamp and language, and referring Web site addresses (“Non-Personal Information”).  “Non-Personal Information,” shall also include other data derived from your use of the Services, unless it is combined with Personal Information, or unless otherwise required by applicable law.

Additionally, we may send one or more cookies to your computer and uniquely identify your browser session.  Users who disable their web browsers’ ability to accept cookies may not be able to utilize some or part of the Services.  In addition, as with any website usage, third parties that are unaffiliated with us may also collect information about you, including tracking your browsing history, when you use our Services.  We do not have control over these third party collection practices.  If you wish to minimize these third-party collections, and you can adjust the settings of your browsers or install plug-ins and add-ins.

Google Inc. (“Google”) is one example of a service provider that uses cookies or similar technologies to collect information about your browsing activities over time and across different websites following your visit to our Services.  Google Analytics is a web analytics service provided by Google that uses first-party cookies to track users’ interactions and collect other information about how you use our Services.  Google Analytics collects information anonymously.  We then use the information to compile reports, including usage trends, to help us improve our Services.  You can opt out of Google Analytics without affecting how you use the Services.  For more information on how Google uses this data, go to www.google.com/policies/privacy/partners/, or review the Google Analytics Terms of Service at https://www.google.com/analytics/terms/us.html.  For more information about opting out of being tracked by Google Analytics across all websites you use, please visit https://tools.google.com/dlpage/gaoptout/.

If you operate outside of the United States, the transfer of your information to the United States is necessary for use of our Services.  We take steps reasonably necessary (e.g., encryption) to help ensure that this information is treated securely during such transfer, and at rest.

Use of Information Collected.

We use Personal Information to provide our Services, and execute the primary functions of our business.  The list below includes examples of how this information is used to:

·        Create and manage user accounts;

·        Provide information specific to the travel search of that user

·        Allow rewards fulfillment partners to participate in the rewards issuance process;

·        Allow your employer to track your earned rewards for tax purposes;

·        Respond to comments, questions and provide other aspects of customer service;

·       Enforce security, prevent activities that are potentially prohibited by law, relevant industry standards, or our policies, and to protect the safety, rights or property of Tripkicks or any third party;

·        Operate and improve the Services;

·        Send information to you regarding our products and services, inform you of relevant updates that we believe, in our sole discretion, may be of interest to you;

·        Generate reporting regarding the use of our Services by users to their respective employers;

·        Personalize or customize our Services to more closely match the interests of user(s);

·        Create new Service features and functionality;

·        Operate, evaluate and improve our business, including conducting surveys and market research, developing new products, services, and promotions (such as, for example, special events, programs, offers, contests), analyzing and enhancing existing products, services, and promotions, managing our communications; performing accounting, auditing, and other internal functions;

·        Provide customized third party advertisements, content, and information;

·        Facilitate corporate transactions, such as divestiture, merger, consolidation, sale of company assets, financing or acquisition of all or a portion of our business to another company; and

·        Comply with laws or to respond to lawful requests and legal processes, to enforce our rights arising under a contract, and to use as evidence in litigation.  Whenever commercially possible and legally permissible, we will attempt to notify our corporate clients and users of an obligation to supply data to any third party in this respect. 

In addition, we may use your information as described in any notice provided at the time you provide the information; and for any other purpose for which you may provide consent.

In addition to the uses described above, we may also use Non-Personal Information to: (a) aggregate and/or analyze usage patterns; (b) understand trends and preferences of our users (c) monitor and analyze the effectiveness of the Services and third party marketing activities; and (d) monitor aggregate site usage metrics.

How We Safeguard Your Data

While no method of transmission over the Internet or method of electronic storage is 100% secure, we strive to use commercially acceptable means to protect your Personal Information in an effort to prevent loss, misuse and unauthorized access, disclosure, alteration and destruction. We cannot guarantee its absolute security.  We take industry appropriate physical, technology and organizational measures to protect all information.  Examples of these techniques and practices include applying principles of least privilege in regards to who has access to information, using encryption methods when storing or transmitting Personal Information, and maintaining firewalls to prevent unauthorized persons from gaining access to information.  

You are responsible for protecting your login information and applicable password(s) and for the security of information that you transmit to us over the internet.

Corporate clients are responsible for maintaining the security and integrity of both administrator account and individual subaccount login information.

Sharing of Information

Our safeguards, processes and policies are designed to promote the confidentiality and security of all Personal Information.  As part of our Services, Personal Information may be disclosed to third party companies and people that enable us to provide the Services (together our “Service Providers”).  Tripkicks requires all of our Service Providers who have access to Personal Information to conform to this Policy, or policies with equivalent or more stringent standards.  These Service Providers may reside in locations outside of the United States.  Our Service Providers do not have any right to use Personal Information beyond what is necessary to fulfill the Services.  We may also share your Personal Information with (i) the organizations or entities on behalf of which we are providing the Services to you and/or on behalf of which you access or use the Services; (ii) your employer; (iii) our subsidiaries and affiliates; (iv) a buyer or other successor in the event of a merger, divestiture, restructuring, reorganization, dissolution, liquidation, or other sale or transfer of some or all of our assets, whether as a going concern or as part of bankruptcy, liquidation or similar proceeding, in which Personal Information held by us about our users is among the assets transferred; and (v) other third parties with your express consent for any purpose disclosed by us when you provide the information. Personal Information may also be disclosed to other third parties with your express consent. We do not sell your Personal Information to or share it with third parties for their own direct marketing purposes. 

We do not permit these third parties to use any Personal Information we share for any purpose other than (i) as described in this Privacy Policy, and (ii) to comply with their own legal requirements.

We may also disclose Personal Information with law enforcement agencies, government officials, or other third parties as necessary for the purpose of:

  • complying with any court order, law or legal process, including to respond to any government or regulatory request;
  • investigating potential unauthorized access or misuse of our Services, fraud or other breach of our service terms, or other agreements;
  • protecting the assets or property, and enforcing the rights of Tripkicks, including for billing and collection purposes; and
  • protecting the rights, property, or safety of our users or others.

In the event that we receive a request from a governmental entity to provide it with your Personal Information, we will make reasonable attempts to notify you of such request, to the extent reasonably possible and legally permissible.

Notice to California Residents / Your California Privacy Rights

California Civil Code permits California residents to request that we not share your Personal Information with third parties for their direct marketing purposes.  If you are a California resident, you may contact security@tripkicks.com to request information regarding how we share Personal Information with third parties for their direct marketing purposes and/or to request that such information not be shared with third parties for such purposes.

In addition, we may share Non-Personal Information, including aggregated or anonymized data: 

  • to our business partners about how our users, collectively, use our Services, so that our partners may also understand how often people use their services and our Services;
  • with analytics, search engine, or other service providers that help us improve our Services;
  • to report to our affiliates, licensors and service providers, advertising partners and ad networks about the use of various aspects of the Services;
  • with other users or prospective users of the Services; and
  • to advertisers and advertising networks to select and serve relevant advertisements.

Retention and Deletion of Data

Tripkicks retains client information for the purpose of, and as long as is necessary for us to provide the Services.  In addition, we will permanently and securely delete all live (online or network accessible) instances of client information within 90 days after the termination or expiration of any agreements with corporate clients for the provision of Services, or otherwise, if the client agreement specifies.  If law requires us to retain archival copies of client data for tax or similar regulatory/legal purposes, this archived data will be stored in a secure manner. 

Choice and Consent

By use of our Services, you are granting your voluntary consent for use of your data in terms described in this Policy.  You have the right to withdraw your consent in at any time.  If you withdraw your consent you may be unable to use some or all of our Services.  In some cases you can limit the information you provide to us.  You may send requests about your preferences and changes to your information, or withdraw consent by emailing the contact below. Additionally, if you are participating in our Services through your employer, your employer may make changes to information on your behalf.

·        Email Communications: You may have the opportunity to receive certain communications from us related to our Services.  If you provide us with your e-mail address in order to receive communications, you can opt out of marketing e-mails at any time by following the instructions at the bottom of our e-mails and adjusting your e-mail preferences.  Please note that certain e-mails may be necessary for the operation of our Services.  You will continue to receive these e-mails, if appropriate, even if you unsubscribe from our optional communications.

·        Cookies/Beacons: If you wish to minimize information collected by cookie or beacon, you can adjust the settings of your browsers to notify you when you receive a cookie, which lets you choose whether or not to accept it.  You can also set your browser to automatically reject any cookies.  You may also be able to install plug-ins and add-ins that serve similar functions.  However, please be aware that some features and services on our Services may not work properly if [we are not able to recognize and associate you with your account].  In addition, the offers we provide when you visit us may not be as relevant to you or tailored to your interests. 

·        Do Not Track: Some browsers support a “Do Not Track” (or, DNT) feature, a privacy preference that users can set in certain web browsers, which is intended to be a signal to websites and services that you do not wish to be tracked across different websites or online services you visit.  Our Services do not currently recognize or respond to DNT signals, so DNT settings do not change the way the Services operates.  Please note that we cannot control how third party websites or online services you visit through our Services respond to Do Not Track signals.  Check the privacy policies of those third parties for information on their privacy practices.

·      Network Advertising Initiative:  Certain websites you visit may provide options regarding advertisements you receive.  If you wish to minimize the amount of targeted advertising you receive, you can opt out of certain network advertising programs through the Network Advertising Initiative (NAI) Opt–Out Page.  Please note that even if you choose to remove your information (opt out) you will still see advertisements while you’re browsing online.  However, the advertisements you see may be less relevant to you.  For more information or to opt out of certain online behavioral advertising, please visit http://www.aboutads.info.  Additionally, many advertising network programs allow you to view and manage the interest categories that they have compiled from your online browsing activities.  These interest categories help determine the types of targeted advertisements you may receive.  The NAI Opt–Out Page provides a tool that identifies its member companies that have cookies on your browser and provides links to those companies.

Tripkicks, Inc. acknowledges that EU and Swiss individuals have the right to access the personal information that we maintain about them. An EU or Swiss individual who seeks access, or who seeks to correct, amend, or delete inaccurate data, should direct their query by emailing the contact below. If requested to remove data, we will respond within a reasonable timeframe.

Protecting Children’s Privacy:

We do not allow children under 13 years-of-age to use our Services or knowingly collect or maintain personally identifiable information from persons under 13 years-of-age.  If you are under 13 years-of-age, then please do not use or access Services at any time or in any manner.  If we learn that personally identifiable information has been collected on the Service from persons under 13 years-of-age and without verifiable parental consent, then we will take the appropriate steps to delete this information.

Links to Third Party Websites

Our Services may contain links to third party websites and services, including those of our partner networks and advertisers.  Please note that these links are provided your convenience and information, and the websites and services may operate independently from us and have their own privacy policies or notices, which we strongly suggest you review.  This Privacy Policy applies to Tripkicks and our Services only.  We do not accept any responsibility or liability for the policies or practices of any third parties.  If you chose to access any websites or services linked from our Services, please check the applicable policies before you use or submit any Personal Information to such website or service.

Data Privacy Framework

Tripkicks complies with the EU-U.S. Data Privacy Framework (EU-U.S. DPF) and the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF) as set forth by the U.S. Department of Commerce. 

Tripkicks has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) with regard to the processing of personal data received from the European Union in reliance on the EU-U.S. DPF and from the United Kingdom (and Gibraltar) in reliance on the UK Extension to the EU-U.S. DPF.

Tripkicks has certified to the U.S. Department of Commerce that it adheres to the Swiss-U.S. Data Privacy Framework Principles (Swiss-U.S. DPF Principles) with regard to the processing of personal data received from Switzerland in reliance on the Swiss-U.S. DPF. If there is any conflict between the terms in this privacy policy and the EU-U.S. DPF Principles and/or the Swiss-U.S. DPF Principles, the Principles shall govern. To learn more about the Data Privacy Framework (DPF) program, and to view our certification, please visit https://www.dataprivacyframework.gov/

In compliance with the EU-U.S. Data Privacy Framework (EU-U.S. DPF), the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF), Tripkicks commits to resolve complaints about our collection or use of your personal information transferred to the U.S. pursuant to the EU-U.S. DPF, the UK extension to the EU-U.S. DPF, and the Swiss-U.S. DPF. EU, UK, and Swiss individuals with inquiries or complaints should first contact Tripkicks at security@tripkicks.com.

Tripkicks has further committed to refer unresolved DPF Principles-related complaints to a U.S.-based independent dispute resolution mechanism, BBB NATIONAL PROGRAMS. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit www.bbbprograms.org/dpf-complaints for more information and to file a complaint. This service is provided free of charge to you.

 If your DPF complaint cannot be resolved through the above channels, under certain conditions, you may invoke binding arbitration for some residual claims not resolved by other redress mechanisms. See https://www.dataprivacyframework.gov/s/article/ANNEX-I-introduction-dpf 

Additionally, we commit to cooperate with EU data protection authorities (DPAs) and the Swiss Federal Data Protection and Information Commissioner (FDPIC) and comply with the advice given by such authorities with regard to human resources data transferred from the EU and Switzerland in the context of the employment relationship.

Tripkicks’ accountability for personal data that it receives in the United States under the Data Privacy Frameworks and subsequently transfers to a third party is described in the Data Privacy Framework Principles. In particular, Tripkicks remains responsible and liable under the Data Privacy Framework Principles if third-party agents that it engages to process personal data on its behalf do so in a manner inconsistent with the Principles, unless we prove that we are not responsible for the event giving rise to the damage.

With respect to personal data received or transferred pursuant to the Data Privacy Frameworks, Tripkicks is subject to the investigatory and enforcement powers of the U.S. Federal Trade Commission.

In certain situations, we may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.

Contact Information

If you have any questions about this Policy or to file any complaint regarding this Policy, please contact us at the following address:

Tripkicks, Inc.

299 Broadway, Suite 1200

New York, NY 10007

Attention: security@tripkicks.com

Telephone: (212) 609-2744

See Tripkicks in Action

Schedule a time that works best for you, and a Tripkicks specialist will join you for a demo.