UATP Is A Data Processor
Universal Air Travel Plan is the corporate travel payment network owned and issued by airlines around the world. UATP acts as a data processor on behalf of its business customers by streamlining billing and providing travel managers with detailed activity reports that track a traveler’s carrier, destination and travel itinerary. In this capacity, UATP acts on the instructions of its business customers and does not own or have independent rights to control of the personal data it collects and/or processes on their behalf.
For such personal data transferred from the EU or Switzerland to UATP in the US on behalf of its business customers, UATP complies with the U.S. Department of Commerce’s U.S.-EU and U.S.-Swiss Safe Harbor Principles and associated Frequently Asked Questions (FAQs). To learn more about the Safe Harbor program, and to view UATP’s certification, please visit http://www.export.gov/safeharbor/.
For such data processing, UATP enters into agreements with its business customers in the EU and Switzerland, specifying that the EU or Swiss business customer recognizes that it (the customer) is a data controller for the purpose of data protection legislation and is in compliance with the relevant Member State national law.
UATP Handles EU and Swiss Data with Appropriate Care and Safeguards
UATP will not disclose to third parties personal data processed in this capacity, except as permitted or required by the processing agreement, EU or Swiss Safe Harbor, or applicable Member State data protection law.
Any information that UATP, EU and Swiss business customers identify as sensitive will be treated accordingly. In addition, any data processing will be carried out with appropriate security measures specified in the agreement. UATP has security measures in place to help protect personal data from loss, misuse, unauthorized access, disclosure, alteration, and destruction.
In acting as a processor on behalf of our business customers (the EU and Swiss data controllers), UATP complies with applicable EU and Swiss Safe Harbor Principles for personal data received for processing from them.
UATP Abides By Safe Harbor Procedures and Protocol
UATP has a Privacy Administrator who is responsible for the internal supervision of UATP’s privacy policies. UATP educates its relevant employees about compliance with the U.S.-EU and U.S.-Swiss Safe Harbor Principles and has self-assessment procedures in place to ensure its compliance. The EU and Swiss Safe Harbor verification statements are available upon request.
UATP makes every effort to comply with the U.S.-EU and U.S.-Swiss Safe Harbor Principals of notice, choice, onward transfer, security, data integrity, access, and enforcement and associated Frequently Asked Questions (FAQs) and makes a specific commitment to remedy any problems that may arise from an alleged failure of compliance with such Principals and FAQs. JAMS serves as UATP’s third-party dispute resolution provider. You may contact JAMS to request investigation of an unresolved complaint regarding our compliance with the Safe Harbor Principals and FAQs. JAMS website is available at http://www.jamsadr.com/ and JAMS may be contacted via telephone at 1-800-352-5267.
UATP has certified that it adheres to the U.S.-EU and U.S.-Swiss Safe Harbor Privacy Principles of notice, choice, onward transfer, security, data integrity, access, and enforcement and associated Frequently Asked Questions (FAQs). To learn more about the Safe Harbor program, and to view UATP’s certification, please visit http://www.export.gov/safeharbor/.
If you believe that UATP is not complying with the U.S.-EU and U.S.-Swiss Safe Harbor Principles or this policy, contact our company by mail, e-mail, or telephone at:
Universal Air Travel Plan, Inc.
1425 K Street, NW
Washington, DC 20005
Updated: December 30, 2013