Select Country
United Kingdom Australia Austria Belgium China Denmark Finland France Germany Italy Netherlands North America Norway Poland Russia Singapore Sweden Switzerland

Privacy Policy

For travelers of HRG clients that have converted to a controller-to-controller relationship, please see Hogg Robinson Group Privacy Statement.

OVERVIEW

Hogg Robinson Ltd. and its affiliates (collectively referred to as “HRG“, “we“, “us“, and “our“) takes its data protection and privacy responsibilities seriously. This privacy notice explains how we collect, use and share personal information in the course of our business activities, including:

    • What personal information we collect and when and why we use it
    • How we share information within HRG and with our service providers, regulators and other third parties
    • Explaining more about cookies
    • Transferring personal information globally
    • How we protect and store personal information
    • Legal rights available to help manage your privacy
    • How you can contact us for more support

We are firmly committed to protecting and respecting your privacy.  We will only hold, process and transfer the personal information that we collect about you and which personally identifies you in accordance with applicable laws, this privacy policy and any terms set out at the point(s) at which personal information is collected (“Collection Terms”).  If there is any inconsistency between the Collection Terms and this privacy notice, the Collection Terms will prevail.

The HRG entity responsible for your personal information will be the member of HRG that originally collects information from or about you. This may be further explained in separate privacy notices made available when your personal information is first collected by that HRG entity, for example where you or the business you work for engages with us in relation to our services.

You can find out more about HRG, including geographic locations, at www.hrgworldwide.com or by contacting us using the information in the ‘Contact Us’ section.

Privacy Notice – Data Collected and Processed Through Our Website(s)

This privacy notice applies in relation to data that we collect and process through the website(s) that it appears on.  It does not apply to data collection and processing undertaken in connection with any travel services that HRG provides to you or the business you work for, where HRG’s rights and responsibilities are set out in the contract(s) entered for the provision of those services and/or privacy notices provided separately.

If you are a traveler of an HRG client that has converted to a controller-to-controller relationship and wish to know more about data collection and processing of your personal information undertaken in connection with any travel services that HRG provides to you or the business that you work for, please refer to the Hogg Robinson Group Privacy Statement below.

You might find external links to third party websites on our website. This privacy notice does not apply to your use of a third party site.

What Personal Information We Collect and When and Why We Use It

When we collect information
This privacy policy describes what personal information we collect about you if you:

  • Use one of our websites (including our Investor Relations website);
  • Contact us using the using the information in the ‘Contact Us’ section or fill in any enquiry or other forms on the site.

What information we collect
We may collect various types of personal information about you, including:

  • Information you provide when you use the ‘Contact Us’ facility or fill in any enquiry or other forms on the site (for example, your name, email address and telephone number);
  • If you contact us, we may keep a record of that correspondence.

You must always provide accurate personal information and you agree to update it as necessary in the manner specified below.  You also agree that, in the absence of any update, we can assume that the personal information you have provided is correct.

How we use your information
We use the personal information you provide to us in order to contact you and provide you with information or services that you have requested and deal with any matters arising as a result of that contact; and/or enable a member of the Hogg Robinson Group of companies and/or the HRG partner network to contact you and provide you with information or services that you have requested and deal with any matters arising as a result of that contact.

The legal basis for using your personal information
We will only collect, use and share your personal information where we are satisfied that we have an appropriate legal basis to do this. This may be because:

  • our use of your personal information is in our legitimate interest as a commercial organisation (for example,  in order to communicate with you where requested in relation to our services, and to make improvements to our websites and our services) – in these cases we will look after your information at all times in a way that is proportionate and respects your privacy rights and you have a right to object to processing as explained in the Legal Rights Available To Help Manage Your Privacy section below; and/or
  • our use of your personal information is necessary to comply with a relevant legal or regulatory obligation that we have, for example to make disclosures required by tax authorities, law enforcement and/or our regulatory bodies.
    If you would like to find out more about the legal basis for which we process personal information please contact us using the information in the ‘contact us’ section.

How We Share Your Information

We share your information in the manner and for the purposes described below:

  • within members of the Hogg Robinson Group of companies and/or the HRG partner network for the purposes set out in the section above, and otherwise as necessary to provide you with our services or to manage our business;
  • with third parties who manage our business and deliver services. These include data storage providers used in the operation of the site and/or the provision of any of the services provided through it (these providers do not have direct access to the personal information unless specified otherwise on the site);
  • where we are required to do so, with our regulators, to comply with all applicable laws, regulations and rules, and requests of law enforcement, regulatory and other governmental agencies;
  • a future purchaser of some or all of our assets or, where applicable, the assets of all or part of the Hogg Robinson Group of companies; and
  • in the unlikely event that we believe in good faith that we are required to do so, in order to protect our rights/property or those of our clients and/or their employees.

How We Protect and Store Your Information

Security
We have implemented and maintain appropriate technical and organisational security measures, policies and procedures designed to reduce the risk of accidental destruction or loss, or the unauthorised disclosure or access to such information appropriate to the nature of the information concerned. Measures we take include placing confidentiality requirements on our staff members and service providers, destroying or permanently anonymising personal information if it is no longer needed for the purposes for which it was collected and having in place appropriate network and system security measures.

Storing your information
We will store your personal information for as long as is reasonably necessary for the purposes for which it was collected, as explained in this notice. In some circumstances we may store your personal information for longer periods of time, for instance where we are required to do so in accordance with legal, regulatory, tax, accounting requirements.

In specific circumstances we may store your personal information for longer periods of time so that we have an accurate record of your dealings with us in the event of any complaints or challenges, or if we reasonably believe there is a prospect of litigation relating to your personal information or dealings.

Use of Cookies

Information about the use of cookies on this site is set out in the site’s Cookie Policy.

International Transfers

HRG operates on a global basis. Accordingly, your personal information may be transferred and stored in countries outside the EU, including the United States, that are subject to different standards of data protection. HRG will take appropriate steps ensure that transfers of personal information are in accordance with applicable law and carefully managed to protect your privacy rights and interests and transfers are limited to countries which are recognized as providing an adequate level of legal protection or where we can be satisfied that alternative arrangement are in place to protect your privacy rights. To this end, where we receive requests for information from law enforcement or regulators, we carefully validate these requests before any personal information are disclosed.
You have a right to contact us for more information about the safeguards we have put in place (including a copy of relevant contractual commitments) to ensure the adequate protection of your personal information when this is transferred as mentioned above.

Your Rights

Subject to certain exemptions, and in some cases dependent upon the processing activity we are undertaking, you have certain rights in relation to your personal information.

We may ask you for additional information to confirm your identity and for security purposes, before disclosing the personal information requested to you. We reserve the right to charge a fee where permitted by law, for instance if your request is manifestly unfounded or excessive.

You can exercise your rights by contacting us using the information in the ‘Contact Us’ section. Subject to legal and other permissible considerations, we will make every reasonable effort to honour your request promptly or inform you if we require further information in order to fulfil your request.

We may not always be able to fully address your request, for example if it would impact the duty of confidentiality we owe to others, or if we are legally entitled to deal with the request in a different way.

Right of access to personal information
You have a right to request that  we provide you with a copy of your personal information that we hold and you have the right to be informed of; (a) the source of your personal information; (b) the purposes, legal basis and methods of processing; (c) the data controller’s identity; and (d) the entities or categories of entities to whom your personal information  may be transferred.

Right to rectify or erase personal information
You have a right to request that we rectify inaccurate personal information. We may seek to verify the accuracy of the personal information before rectifying it.

You can also request that we erase your personal information in limited circumstances where:

  • it is no longer needed for the purposes for which it was collected; or
  • you have withdrawn your consent (where the data processing was based on consent); or
  • following a successful right to object (see ‘Right to object to the processing of your personal information’ below); or
  • it has been processed unlawfully; or
  • to comply with a legal obligation to which HRG is subject.

We are not required to comply with your request to erase personal information if the processing of your personal information is necessary:

  • for compliance with a legal obligation; or
  • for the establishment, exercise or defence of legal claims.

Right to restrict the processing of your personal information
You can ask us to restrict your personal information, but only where:

  • its accuracy is contested, to allow us to verify its accuracy; or
  • the processing is unlawful, but you do not want it erased; or
  • it is no longer needed for the purposes for which it was collected, but we still need it to establish, exercise or defend legal claims; or
  • you have exercised the right to object, and verification of overriding grounds is pending.

We can continue to use your personal information following a request for restriction, where:

  • we have your consent; or
  • to establish, exercise or defend legal claims; or
  • to protect the rights of another natural or legal person.

Right to object to the processing of your personal information
You can object to any processing of your personal information which has our legitimate interests as its legal basis, if you believe your fundamental rights and freedoms outweigh our legitimate interests.

If you raise an objection, we have an opportunity to demonstrate that we have compelling legitimate interests which override your rights and freedoms.

Right to obtain a copy of personal information safeguards used for transfers outside your jurisdiction
You can ask to obtain a copy of, or reference to, the safeguards under which your personal information is transferred outside of the European Union.

We may redact data transfer agreements to protect commercial terms.

Right to lodge a complaint with your local supervisory authority
You have a right to lodge a complaint with your local Supervisory Authority if you have concerns about how we are processing your personal information.

We ask that you please attempt to resolve any issues with us first, although you have a right to contact your supervisory authority at any time.

Changes

We may change this privacy statement from time to time as our business changes or legal requirements change. If we make material changes to this privacy statement, we will post a notice on our website before the changes go into effect, and where appropriate, send a direct communication to you about the change.

Contact Us

If you have questions or complaints about HRG and privacy, or to exercise your rights, please contact the data protection officer, at GBTPrivacy@amexgbt.com or at:

Global Privacy Team

American Express Global Business Travel
5 Churchill Place
Canary Wharf
London E14 5HU
UK

In most cases, we will ask that you put a complaint in writing. We will investigate your complaint and will generally respond to you in writing within 30 days of receipt. If we fail to respond or if you are otherwise dissatisfied with the response that you receive from us, you may have the right to make a complaint to your regulator.

Hogg Robinson Group Privacy Statement

Hogg Robinson Group (HRG), provides this privacy statement to describe how we may collect, use, share and otherwise process your personal information, as an employee of one of our corporate clients or other individual to whom we offer our services – travel, meetings and events, and related products and services – via our websites, mobile applications, communications channels or other online and offline means, in a controller-to-controller relationship.

If you are a traveler of an HRG client for which HRG acts as a data processor, your employer’s privacy statement governs how your data is collected and used, except in relation to data that we collect and process through our websites (see above for details).

For privacy information related to data that we collect and process through our website(s), please see Privacy Notice – Data Collected and Processed Through Our Website(s) above.

HRG is wholly-owned by American Express Global Business Travel (GBT). Where we share your personal information within GBT in accordance with this Privacy Statement, GBT will process it in accordance with the GBT Privacy Statement.

Summary of Key Points

What information we collectWe collect information about you in connection with your registration, use, purchase or inquiries about our services.
How we use your information :We use your information to provide our services, process payments, operate our websites and applications, market products and services, create business insights and comply with law.
How we share your information: We have a contract with your employer or travel sponsor, who is our corporate client, and we share your information with them, as well as with our affiliates, travel suppliers and vendors to book travel arrangements and provide our services. We do not sell or share information with third parties so that they can independently market their own products or services directly to you.
Marketing and your choices: We use your information for us to market to you, and respect your choices about how we communicate marketing to you.
International transfers:We transfer your information outside of your home country as permitted by law. Regardless of where your personal data is transferred, your personal data is protected in accordance with our Data Protection Principles.
Your rights:You have the right to be informed of whether we are processing your information and to access, correct, delete or object, upon request and free of charge, to our use of your information, to the extent required by law.
Changes:We will tell you about material changes to this privacy statement by posting it on our website before it goes into effect and, where appropriate, communicating directly to you about the change.
Contact us:If you have questions about this privacy statement, please contact us at GBTPrivacy@amexgbt.com or at:
Global Privacy Team
American Express Global Business Travel
5 Churchill Place
Canary Wharf
London E14 5HU
UK

What Information We Collect

Account Information – If you contact us, register with us or receive services from us, we collect information about you. You may give us the information, or your employer or travel sponsor may send it to us. This may include your name, email address, phone numbers, employer, and physical addresses. We may also require passport number, gender and date of birth for travellers. If we book travel for your travel companions, we may collect similar information about them. Account information goes into your traveller profile, which is where we store the information necessary to book your travel and provide you with our services. You may choose to provide more information in your traveller profile, including frequent traveller credentials, government identifiers and emergency contact information.

Travel Information – If you book travel with us, we collect the details of your travel (such as arrival and departure location, airline, hotel and car rental) and any other information needed to complete your bookings. We may also collect special categories of information to provide accessibility, meal preferences or other requested services.

Payment Information – To pay for bookings and other transactions through our services, we collect payment card information and other details necessary to process payments.

Precise Location – In addition to the broad location information we receive through travel itineraries or IP address, we may collect your precise location under some circumstances. We may receive it through our mobile applications, with your consent. In addition, if your employer has contracted with us for emergency location services, we may collect from American Express the location of your recent American Express corporate card transactions and share it with your employer in emergency situations (such as natural disasters) in accordance with their agreement with American Express.

European Law and Your Privacy

Learn more about your rights under EU law

Learn more about our justifications for processing personal information

Learn more about how long we keep personal information

How We Use Your Information

Provide you with our products and services – We use your information to book your travel, organize meetings and events, prepare itineraries and invoices, communicate with you about our products and services, provide customer service, manage your account, and provide you and your employer with emergency services.

Provide our products and services to corporate clients – We use your information to provide our travel, meetings and events, consulting, business insights, and other related services to your employer or travel sponsor, to comply with our agreements with them, to communicate about our products and services, and to help them ensure compliance with their policies.

Process payments – We use your information to process transactions and provide you with related customer service.
Operate websites and mobile applications – We use device data to monitor and improve the performance and content of our services, provide updates, analyze trends and usage in connection with our services, and measure whether our ads and offers are effective.

Operate and improve our business – We use your information for compliance with our company policies and procedures, for accounting and financial purposes, to detect or prevent fraud or criminal activity, to perform, analyze and improve our business and services, and otherwise as required by law.

Marketing and Your Choices

We may use personal information to tell you about our products and services or those from related businesses (such as restaurants, consumer products, tours and entertainment), to help us determine whether you may be interested in new products or services, and to present advertising content that is tailored to your interests, location or itinerary (with your consent or as permitted by law). To make choices about how we market to you, you can set preferences in your traveller profile. If you’d like us to stop sending you marketing messages, you can also follow the instructions in our communications to you.

We also send you messages that are essential for our services; for example, we communicate with you about your travel, to service your account, to fulfil your requests, or otherwise as required by law. Some of these service messages contain information presented to you as part of our service relationship with your employer or travel sponsor (for example, messages that help you comply with their travel policies). If you opt out of marketing messages, you will continue to receive these service messages.

How We Share Your Information

Your employer or travel sponsor – Our services to you are provided under the terms of our service agreements with your employer or travel sponsor. We share your information with them to allow them to manage their business travel needs, meet their duty of care to their employees, and assure compliance with their policies. At the request of your employer or travel sponsor, we may also share information with their vendors.

Within the American Express, GBT and HRG corporate families – We share information with American Express Company and its subsidiaries so that we and they may operate, analyze and improve the credit card and travel products and services provided to your employer or travel sponsor. We also share information within the combined GBT and HRG corporate family, to provide and improve the travel products and services that GBT and HRG offer. Sharing with American Express, GBT and within HRG is in accordance with the law and subject to appropriate contractual protections.

Within our travel partner network – If your travel takes you to countries serviced by one of our local travel agencies, they may have access to your account information, travel information and other information necessary to provide you with the travel services you or your employer or travel sponsor may request.

Travel suppliers and other travel service providers – We share information with travel suppliers (for example, airlines and hotels) and travel service providers (for example, ticket distribution systems and travel application providers), and the vendors for both, as necessary to book your travel and provide travel-related services to you and your employer. We do not sell information to third parties so that they can independently market their own products or services directly to you.

Vendors – We share information with vendors that perform functions on our behalf, such as our network of local travel agencies, meeting and event planners, visa and passport service providers, mobile application and software developers, and vendors who provide IT support, data hosting, marketing and communications services, and collections. These vendors access information only as necessary to perform their functions, as instructed in our contracts with them.

Business insights – We, working with GBT, combine data from many people to create aggregated statistics that do not identify you personally. We use this data to understand business trends and insights, and we may share them with third parties.

Business transfers – If we negotiate or complete a transaction involving all or part of the business (for example, a reorganization, merger, sale or acquisition), we may disclose information to third parties involved in the transaction to the extent permitted by law.

As required or permitted by law – We may disclose information to regulatory authorities, courts, and government agencies where we believe doing so would be permitted or required by law, regulation or legal process, or to defend the interests, rights or property of HRG or others.

We may also share personal information with other parties as directed by you or subject to your consent.

How We Protect and Store Your Information

We maintain reasonable administrative, technical, and physical security measures to protect your information from unauthorized access and use. We retain your information only as long as needed to provide our services and for legitimate business purposes, unless we are required by law or regulation or for litigation and regulatory investigations to keep it for longer periods of time.

International Transfers

We may transfer your information to jurisdictions outside of your home country as necessary for the purposes described here, including to countries that may not provide the same level of data protection as your home country. Recipients are likely to be located in countries where HRG and its affiliates are located and in any jurisdictions where you may travel. To protect such information, transfers will be made as permitted by applicable law, including where necessary being subject to appropriate contractual clauses. Regardless of where we process your information, we protect it in the manner described in this privacy statement and in accordance with applicable law and our Data Protection Principles.

Your Rights

If you have created an online account with us and would like to update the information you have provided to us, you can access your account to view and make changes or corrections to your information. You may also have the right to be informed of whether we are processing your information and to access, transfer, correct, delete or object, upon request and free of charge, to our use of your information. Please note that we may need to retain certain information for recordkeeping, to complete any transactions you began before your request, or for other purposes as permitted by law.

Changes

We may change this privacy statement from time to time as our business changes or legal requirements change. If we make material changes to this privacy statement, we will post a notice on our website before the changes go into effect, and where appropriate, send a direct communication to you about the change.

Contact Us

If you have questions or complaints about HRG and privacy, or to exercise your rights, please contact the data protection officer, at GBTPrivacy@amexgbt.com or at:

Global Privacy Team
American Express Global Business Travel
5 Churchill Place
Canary Wharf
London  E14 5HU
UK

In most cases, we will ask that you put a complaint in writing. We will investigate your complaint and will generally respond to you in writing within 30 days of receipt. If we fail to respond or if you are otherwise dissatisfied with the response that you receive from us, you may have the right to make a complaint to your regulator.