WELCOME TO ITN’S PRIVACY POLICY

PURPOSE OF THIS PRIVACY POLICY

This privacy policy aims to give you information on how ITN collects and processes your PI, including any PI you may provide through the Platforms, when you purchase a product or service or sign up to our newsletter. It is important that you read this privacy policy together with any other privacy policy, notice or fair processing policy we may provide on specific occasions, when we are collecting or processing PI about you, so that you are fully aware of how and why we are using your PI. This privacy policy supplements other notices and privacy policies and is not intended to override them.

CONTACT DETAILS

TN is the company (business) responsible for your PI.
We have appointed a Data Protection Officer (DPO) who is responsible for overseeing questions in relation to this privacy policy. If you have any questions about this privacy policy, please contact the DPO using the details set out below.
Full name of legal entity: International Travel Network, LLC
Email address: privacy@airconcierge.com

POLICY AMENDMENTS

We keep our privacy policy under regular review updating it at least once in 12 months. ITN might make minor amendments to this Privacy policy which shall not adversely affect your privacy, except if laws set otherwise. In case of material changes ITN will definitely publish such amendments and amended policy on our website and, as far as possible, notify you either by email or by pop-up windows when you are using our Platforms next time. Amendments shall enter into force on the Effective Date. Actual version of the Privacy policy is published on our website.

DATA ACCURACY

When you give us PI, you are telling us, that the information is true, accurate, complete and current. You are also telling us, that you have the authorization to provide it to us It is important that the PI we hold about you is accurate and current. Please keep us informed, if your PI changes during your relationship with us.

THE CATEGORIES OF PERSONAL INFORMATION WE COLLECT

We may collect, use, store and transfer different kinds of PI about you which we have grouped together as follows:

• Identifiers or Identity Data such as a first/ middle/ last name, alias, postal address, unique personal identifier (cookie), date of birth, online identifier Internet Protocol address, passport / ID data (number, expiry, country of issuance, nationality) or other similar identifiers.
• Contact Data includes (billing address, delivery address, email address and telephone numbers).
• Commercial Information, including requested price quotes, products or services purchased or other purchasing or consuming histories or tendencies, as well as Financial Data (bank account and payment card details) and Transaction Data (details about payments to and from you and other details of products and services you have purchased from us).
• Network Activity Information, including , but not limited to Technical Data (your login data, browser type and version, browsing history, search history, time zone setting and location, browser plug-in types and versions, operating system and Platform, and other technology on the devices you use to access our Platforms), and information regarding your interaction with our Platforms (Usage Data).
• Geolocation data (country, state or city).
• Audio (e.g. call records) and Electronic (e.g. email threads) information.
• Inferences (conclusions) drawn from any of the PI collected by ITN, including, but not limited to Profile Data (your preferences, characteristics, psychological trends, behavior, attitudes, intelligence, feedback and survey responses) and Marketing Data (your preferences in receiving marketing from us and our partners and your communication preferences).

We also collect, use and share Aggregated Data such as statistical or demographic data for any purpose. Aggregated Data could be derived from your PI, but is not considered PI in law as this data will not directly or indirectly reveal your identity. For example, we may aggregate your Network Activity Information to calculate the percentage of users accessing a specific Platform feature. However, if we combine or connect Aggregated Data with your PI, so that it can directly or indirectly identify you, we treat the combined data as PI which will be used in accordance with this privacy policy.

Customer support If you choose to contact our customer support services we will collect any inquires, complaint or other information that you may submit to our support team. We do not collect any Special Categories of PI about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health, and genetic and biometric data). Nor do we collect any information about criminal convictions and offences.

CHILDREN

ITN does not knowingly collect PI from minors, except if the minor is one of travelers. If we become aware that a minor is attempting to submit PI, we will remove this information from our records. If you are the parent/legal guardian of a minor who has given us PI, please contact us so we can delete it.

IF YOU FAIL TO PROVIDE PERSONAL INFORMATION

Where we collect PI required by law or under the terms of a contract, and you fail to provide that PI when requested, we may not be able to perform the contract we have or are trying to enter into with you (for example, to provide you with goods or services). In this case, we may have to cancel a product or service you have with us, but we will notify you if this is the case at the time.

HOW WE COLLECT YOUR PERSONAL INFORMATION

We use different methods to collect PI from and about you including through:
PI you give to us We collect your PI directly from you (using life chat, online forms or via voice call/ messenger). Any contact data (emails, phones etc.) provided by you throughout any interaction will be treated as your personal contacts and saved in your profile for future communications, unless specifically requested not to be stored (one-time communication only). For example, when you provide us with your PI by requesting a quote, registering or booking travels, contacting our customer support. This includes PI you provide when you:

• apply for our products or services;
• subscribe to our service or publications;
• request marketing to be sent to you;
• give us feedback or contact us.

When we chat with you (e.g. WhatsApp, Facebook, regular sms etc.) the chat might be accidentally closed/ removed, there might be interruptions, slow internet connection etc. We may contact you later via automated phone and text messages or email (if available) in order to restore our communication started within the chat. No purchase necessary. You can opt out from further communication by replying to sms/ email or notifying us during the phone call.

One of the main collection methods are VOICE CALLS We have vested interest to ensure you have chosen the best possible option. Voice calls are an exclusive opportunity to provide you with an immediate customer support and disclose additional product features, you might not notice on website. Usually, we call back on your request. Sometimes there might be unfinished conversations regarding current flights (misunderstanding in live chat, email system error, poor internet connection etc.), which require immediate response. We don’t make unwanted telemarketing robocalls or any annoying advertising campaigns. You can opt-out this communication any time by contacting us via phone or email.

PI we collect passively We also collect your PI passively. For example, we collect information about you over time and across different Websites when you visit the Platform. We also use tracking tools like cookies and beacons. As you interact with our Platforms, we will automatically collect Network Activity Information about your equipment, browsing actions and patterns. We collect this PI by using cookies and other similar technologies. For additional information, please, refer to our Cookie policy. Platform features may make use of your device attributes and settings that will allow us to determine your physical location (country, state). Such technologies may include IP address mapping or other technologies. We use this information to enhance and personalize your experience and provide you with offers and services that may be of interest to you. ITN does not have control over your device settings, but we do recommend enabling location services on your device so you can take advantage of the location based features and functionality offered.

PI we receive from service providers: We collect your PI using service providers. This can include when you log in using a service provider platform, such as Facebook. In addition, we also integrate service providers` software that collects information about users for security reasons. The categories of PI ITN has collected/disclosed/sold for a business purpose in the preceding 12 months you can find HERE.

FOR WHAT PURPOSE WE USE YOUR PERSONAL INFORMATION

We will use your PI for the following purposes:
Improving our services To provide you and improve our Platforms and services, to better understand the users of our Platforms and services, and to protect our property and to prevent damage to them.
Regular customers If you have ever requested a price quote or purchased our services, we treat you as the Regular (loyal) Customer. Regular Customers have plenty of benefits:

• become experts of using our services;
• receive the most relevant price quotes.

According to our policy, we may contact you as a Regular Customer via email/phone saved within previous requests and transactions. Such cases may be, for example, when you have accidentally provided the wrong email/phone or when you cannot be reached via email/ phone left in the last request/ purchase. If you want to opt-out, please contact us.

Bookings We and our travel partners use your PI to process your bookings and store your itinerary information where applicable.

Marketing activities We use your information for marketing purposes. These activities may include:

• To send you marketing emails and/or text messages from ITN address regarding our services or those of our partners, if you have opted-in to receive emails and/or text messages from us or have transacted with us, and as permitted by law. You can easily unsubscribe from these marketing communications at any time by clicking on the “Unsubscribe” link included in the newsletter or by texting STOP via sms. To display more relevant advertising and recommendations, or suppress advertising and content that you might find irrelevant. This advertising might be shown to you on our Platforms as well as third party platforms (including Google and social media sites like Facebook) and include information or offers that we, or our business partners’, believe you will find interesting. Individualized advertising may be based on information collected through cookies or other tracking technologies. You can opt out from from Google (press here) and Facebook (press here) ad personalisation any time.
• If you choose to participate in promotional activities, relevant information may be used to administer these promotions.
• To communicate with you, including as follows:
• To send booking confirmations;
• To send alerts and notifications you have subscribed to, including to your mobile device;
• To solicit reviews;
• To update you regarding itineraries processed by our service;
• To communicate with you if you have contacted ITN customer support;
• To send you information servicing and administrative emails;
• To send you information about services, offered by ITN or our business partners, that we believe you would be interested in;

Legal purposes In certain cases we may need to use your information to handle and resolve legal disputes, for regulatory investigations and compliance or to enforce the terms of use of the service.

Performance of a contract The use of your PI may be necessary to perform the services and provide you products that you have requested from us. For example, if you make a booking on our Platform, we need to collect PI from you in order to complete the booking.

Consent We may rely on your consent to use your PI for certain direct marketing purposes. You can withdraw your consent anytime by contacting us. We have set out below, in a table format, a description of all the ways we plan to use your PI.

Purpose	Activity	Category of PI
To Complete the transaction, provide a service requested by you or otherwise perform a contract (ticket purchase; car rental; hotel booking etc.)	To register you as a new or a Regular customer / to start a business relationship	Identifiers Contact Data Audio/Electronic information
	To process and deliver your order including: (a) Managing payments, fees and charges (b) Collecting and recovering money owed to us (c) Providing to you post-sale customer support	Identifiers Contact Data Commercial Information Inferences Audio/Electronic information
For solely internal uses that are based on your relationship with us or compatible with the context in which PI was collected	To manage our relationship with you which will include: (a) Notifying you about changes to our terms or privacy policy (b) Asking you to leave a review or take a survey (c) Sending holiday greetings	Identifiers Contact Data Inferences Audio/Electronic information
	To deliver relevant Platform content and advertisements to you and measure or understand the effectiveness of the advertising we serve to you	Identifiers Contact Data Commercial Information Network Activity Information Inferences
	To use data analytics to improve our Platforms, products/services, marketing, customer relationships and experiences	Network Activity Information
	To make suggestions and recommendations to you about goods or services that may be of interest to you	Identifiers Contact Data Commercial Information Network Activity Information Inferences
To detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity	To administer and protect our business and Platforms (including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data)	Identifiers Contact Data Network Activity Information Audio/Electronic information
To identify and repair errors that impair existing intended functionality	To administer and protect our business and Platforms (including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data)	Identifiers Contact Data Network Activity Information Audio/Electronic information
To comply with a legal obligation	(a) To manage tax matters; (b) Bookkeeping and accountancy of transactions; (c) To manage consolidated reports and annual financial reports; (d) To comply with the requirements of licenses, registrations and permissions obtained by ITN, including industry standards (airline safety rules, PCI DSS etc.); (e) To comply with law requirements (e.g. EU; USA; Canada; UK etc.) of improving border controls (security) and combating illegal immigration.	Identifiers Contact Data Commercial Information Audio/Electronic information
To exercise or defend legal claims	(a) To manage complaints (b) To comply with requests, subpoenas and other enforcement notices issued by regulators, courts and law enforcement agencies (c) To protect and exercise legal claims of ITN before court, authority or law enforcement agency	Identifiers Contact Data Commercial Information Network Activity Information Inferences Audio / Electronic information Geolocation data

CHANGE OF PURPOSE

We will only use your PI for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If you wish to get an explanation as to how the processing for the new purpose is compatible with the original purpose, please contact us.

YOUR CHOICES

As a customer-oriented business we respect and value your expectations. As a result, you are able to make announcements and queries at any time regarding your concerns in privacy matters. Each of our marketing email has an opt-out button and you can change preferences or unsubscribe at all from such communication at any time. Each ITN website is targeted to the current audience and region, therefore subscribe/unsubscribe options are also different. You cannot unsubscribe from servicing emails and administrative messages.

HOW WE SHARE YOUR PERSONAL INFORMATION

Corporate affiliates and change of control We may share your PI with our corporate affiliates and if ITN itself (or part of its business) is sold or otherwise changes control, owners would have access to your PI for the uses set out herein.

Service providers We may share your PI with suppliers who perform services on our behalf and have agreed in writing to protect and not further disclose your information.

Payment service providers and travel vendors If you book through the Platforms, we may share your PI with the payment service providers, acquirer banks and the travel vendors you have booked with. This can include online travel agencies, hotels, airlines, car rental companies, and travel insurance providers. These third parties will process your PI as data controllers in accordance with their own privacy policies. If you contact our customer support, they may need to share information about your request with the relevant travel vendor in order to assist you.

Business partners We may share your PI with various business partners. Some of these business partners may use your PI for fraud detection, including, but not limited Identifiers, Contact Data and Network Activity Information , also to detect, prevent, or otherwise address fraud, security or technical issues. We may also share your PI to ask our partner to create a survey, form, application, or questionnaire, so we know the degree of your satisfaction with our services. Some of these business partners may use your PI for online behavioral advertising purposes, or to offer you services or products that we believe you may be interested in. We may also share your information as otherwise described to you at the time of collection. We may also share anonymous aggregated usage information with partners.

We enter into confidentiality and PI processing terms with partners to ensure they comply with high levels of confidentiality and best practice in privacy and security standards and we regularly review these standards and practices.

Trips shared by you If you use or have itineraries as part of our Service, you can send or grant access to your itinerary to anyone you choose. Your itinerary may contain enough details (for example, booking reference codes) to allow the recipient to cancel or modify your booking, perform a check-in, etc. You should only share your itinerary with people you trust. If you choose to display your itinerary on publicly-viewable web pages (Facebook, for instance), that information may be collected and used by others.

Information shared in public If you provide us a review of your trip, you authorize us to publish it on all our Platforms under the screen name you provided. You also authorize us to aggregate it with other reviews.

Authorities We may disclose PI if required by law, for example to law enforcement or other authorities. This includes court orders, subpoenas and orders arising from legal processes, and administrative or criminal investigations. We may also disclose your PI if the disclosure is necessary for the prevention, detection or prosecution of criminal acts or to prevent other damage, or in response to a legal action or to enforce our rights and claims.

We may also share anonymous aggregated usage information with others.

HOW WE STORE AND PROTECT YOUR PERSONAL INFORMATION

Our servers and data centers are located in the U.S and our service providers may be located there and in other countries. By providing us PI, you agree that your PI may be transferred to and stored in these countries. These countries may have different and/or less stringent privacy/data protection and data security rules than those of your own country. As a result, your PI may be subject to access requests from governments, courts, or law enforcement in those countries according to laws in those countries. Subject to the applicable laws of such countries, we will provide the necessary safeguards to maintain protections of your PI, e.g. by obtaining from the PI recipients contractual commitments based on the EU model clauses. ITN has a security program intended to keep the PI stored in our systems protected from unauthorized access and misuse. Our systems are configured with data encryption, or scrambling technologies and firewalls constructed to industry standards. We also use Secure Socket Layer (SSL) technology that protects the PI you send over the Internet. PI may only be accessed by persons within our organizations, or our service providers to carry out the uses indicated in this Privacy Policy. We have put in place appropriate security measures to prevent your PI from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your PI to those employees, agents, contractors and other service providers who have a business need to know. They will only process your PI on our instructions and they are subject to a duty of confidentiality. We have put in place procedures to deal with any suspected PI breach and will notify you and any applicable regulator of a breach where we are legally required to do so.

RETENTION PERIODS

We will only retain your PI for as long as reasonably necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, regulatory, tax, accounting or reporting requirements. We may retain your PI for a longer period in the event of a complaint or if we reasonably believe there is a prospect of litigation in respect to our relationship with you.

To determine the appropriate retention period for PI, we consider the amount, nature and sensitivity of the PI, the potential risk of harm from unauthorised use or disclosure of your PI, the purposes for which we process your PI and whether we can achieve those purposes through other means, and the applicable legal, regulatory, tax, accounting or other requirements.

OTHER WEBSITES

If you click through to third party websites or other platforms, ITN’s privacy policy does not apply.

REQUESTS AND COMPLAINTS

Under certain circumstances set by applicable law, you are entitled to:

• Request access to your PI (commonly known as a “data subject access request”). This enables you to receive a copy of the PI we hold about you and to check correctness and integrity of PI. The disclosure might be limited to the 12-month period preceding the receipt of verifiable request. You may also request to furnish you with:
  • the categories of sources from which PI is collected;
  • the business or commercial purposes for collecting of PI;
  • the categories of third parties with whom we share your PI;
  • the categories of PI we have disclosed for a business purpose.
• Request correction of the PI that we hold about you. This enables you to request any incomplete or inaccurate PI to be corrected, though we may need to verify the accuracy of the new PI you provide to us.
• Request to delete. You are able to submit verifiable request and ask us to delete your PI. Please, be aware, there are some cases, when we might reject your request.
• Request to opt out from PI sales/sharing. Such requests shall be submitted through the “Do Not Sell/Share My Personal Information” website.

Due to the remote nature of our services, it is important for us to keep communicating through the same email (Verified Email), which was used by you to request a price quote or purchase air tickets and other related services. The Verified Email is the key communication channel for us, so we can give quick answers and not to divulge your data to any malicious person. You might also submit request through the voice call, but still we must use the Verified Email to reply, due to law requirements and in order to protect our legal claims.

NONDISCRIMINATION: We shall not discriminate (deny services, charge different prices, provide different levels of quality) against you because you exercised any of the rights set herein. This right might be limited in case, if the difference in prices or levels or quality is reasonably related to the value provided to you by your PI. We might obtain your opt-in consent and provide to you financial incentives, so you agree to provide additional PI or not to request the deletion of your PI.

FEES and DENIALS: You will not have to pay a fee to access your PI (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive (more than twice in a 12-month period) or excessive. Alternatively, we could refuse to comply with your request in these circumstances. We might also refuse to act on your request, when we are not in a position to identify you and verify your request. We may need to request specific information from you to help us confirm your identity and ensure your right to access your PI (or to exercise any of your other rights). This is a security measure to ensure that PI is not disclosed to any person who has no right to receive it. We may also contact you (via email, phone or messenger) to ask you for further information in relation to your request to speed up our response. Due to law limitations we might deny your request to know if you are asking us to disclose a high-risk data (e.g. SSN, driver's license number, financial account data, passwords etc.). In such cases we will definitely inform you that we have collected such types of information, unless prohibited from doing so by law.

TERMS: We try to respond to all legitimate requests within one month. Occasionally it could take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated. The maximum response time shall not exceed 90 days.

CONTACTS: you can submit your complaint/ request to DPO email (see above).

HOW ITN RESPONDS TO “DO NOT TRACK” SIGNALS

Some browsers have a “Do Not Track” feature that lets you tell websites that you do not want to have your online activities tracked. These features are not yet uniform, so we are not currently set up to respond to those signals.

ITN COOKIE POLICY

Cookies is a small piece of data sent from Platform and stored on your device (computer, smartphone etc.) by your web browser while you are browsing our Platforms and sometimes down the line¹. Without Cookies it would be impossible to provide you information and services you are requesting through the Internet. Cookies remember stateful information (such as items added in the shopping cart in an online store) or record your browsing activity. They can also be used to remember arbitrary pieces of information that the user previously entered into form fields such as names, addresses, passwords and billing address.

By using the Platforms, you agree to the use of any of the cookies and tracking tools mentioned in this policy, unless you opted out (available only for some cookie types).

Additional information about cookie purposes can be found here or you can send a request to us.

CATEGORIES OF COOKIES USED BY ITN

Technical and strictly necessary Cookies In most cases our Platforms use cookies in order to ensure technical feasibility to connect our Platform with your device and provide services requested by you. This cookies is integrated by default into our Platforms. In case, you try to block/ turn off any of such cookies you might not receive some essential part of services, requested by you. Some examples of such cookies are:

1. User input cookies (session-id), e.g. when you are filling online form (ticket buying, making payment etc.).
2. Authentication cookies, used for authenticated services, e.g. when You are logging into your online account within any of information systems integrated with our Platform.
3. Security cookies used to detect authentication abuses and prevent malicious attacks.
4. Multimedia content player session cookies, such as flash player cookies.
5. Load balancing session cookies (faster processing of your requests).
6. Third party social plug-in content sharing cookies.

Functionality and Preferences Cookies Such Cookies help us to optimize and make more user-friendly our Platforms, enhance security level, facilitate faster and more convenient use of Platforms, receive valuable statistics in anonymized way, including, but not limited to:

• To make aggregated statistics on new visitors to the Platforms.
• To help us recognize your browser and its previously configured settings, for example language preferences, font size etc.
• To manage contractual relationships with partners, when you book on partner websites.
• To help improve our Platform offering and for capacity planning purposes. We or our service providers may set analytics cookies. These allow us to gather aggregated or segmented information about the types of visitors that access our Platforms and the pages and advertisements that they view. In order to better understand your use of our Platforms, we or our service providers may collect information on such use, including pages visited, links clicked etc. We do not use this information to personally identify you.

In case we are collecting Cookies for statistical purposes, we are committed to apply a “functional separation” principle, so the results of the processing shall be without any negative impact to Your privacy or there should not be any decisions made against You. Retention period of Functionality Cookies usually is very short. In case of longer periods, please, be aware that we always assess the risk level of such processing, so it does not adversely affect Your privacy. Under the strict supervision we might allow service providers to collect Functionality Cookies on our Platforms in order to provide us with aggregated statistics. In such cases we require service providers to aggregate or erase data obtained from Your device.

Advertising and Targeting Cookies We and our third party vendors, including Google and Facebook, use Advertising cookies to serve ads based on a Your prior visits to our Platforms. For example:

• To make use of cross-device tracking in order to optimize our advertising activities. As part of cross-device tracking, ITN may combine information collected from a particular browser or mobile device with another computer or device linked to the computer or device from which the information was collected. By changing your cookie settings on your device you can change your cross-device tracking settings for advertising purposes.
• To work with online advertising companies to display targeted advertising on our Platforms and third party platforms that you visit. This targeting may be based on information collected bu us or third party platforms. This targeting may also be based on your activities or behaviors on our Platforms or those of third parties. We may also obtain information about your browsing history from our business partners.
• We may use Google Analytics to collect demographic and interest data about you (such as age, gender, and interests), including through Google Analytics Demographics and Interest Reporting. We may use the information collected about you through Google Analytics for Google services such as Remarketing with Google Analytics and Google Display Network Impression Reporting. Choices you make are browser and device specific. Some aspects of our site use cookies to function. You may not be able to use these features if you set your device to block cookies. We anonymize IP addresses in Google Analytics.

We and our advertising partners may also use web beacons (single pixel GIF images). These web beacons are placed in the code of a Web page or an email newsletter. When you access a partner site within our mobile applications, we may track your activity on that site.

OPT-OUT FROM COOKIES

Your browser gives you the ability to control cookies. How to do this varies from browser to browser. You should view the Help menu on the browser you use for further information. Your opt out choice is stored in opt out cookies only in that browser, so you should separately set your preferences for other browsers, computers, or devices you may use. If your browser blocks cookies, your opt out preferences may not be effective. Deleting browser cookies can remove your opt out preferences, so you should visit this page periodically to review your preferences. If you block or delete cookies or opt out of online behavioral advertising, not all of the tracking that we have described in this policy will stop.

Please also note that opting out of a third party cookie does not mean that you will no longer receive or be subject to online advertising or marketing. It means that the third party service from which you opted out will no longer deliver ads tailored to your web preferences and online behavioral.

You may also opt out of third party cookies by visiting opt-out website like www.aboutads.info or https://cookies.insites.com/disable-cookies/