Select Page

UATP EU-U.S. and Swiss – U.S. Privacy Shield Privacy Policy

Speak with an Expert

UATP Is a Data Processor

Universal Air Travel Plan is the corporate travel payment network owned and issued by airlines around the world. As a data processor, UATP processes data on behalf of its business customers through its transaction processing system, by streamlining billing, and by providing travel managers with detailed activity reports that track a traveler’s carrier, destination and travel itinerary. In this capacity, UATP acts on the instructions of its business customers and does not own or have independent rights to control of the personal data it collects and/or processes on their behalf. For such data processing, UATP enters into agreements with its business customers in the EU, the UK and Switzerland, specifying that the EU, UK or Swiss business customer recognizes that it (the customer) is a data controller or another data processor for the purpose of data protection legislation and is in compliance with the relevant Member State national law.

UATP Adheres to Privacy Shield Principles

UATP is committed to adhere to the principles of the EU-US and Swiss-US Privacy Shield frameworks with respect to personal data submitted by its customers in reliance on the Privacy Shield. UATP participates in the Privacy Shield Program as set forth by the US Department of Commerce regarding the collection, use and retention of personal data from European Economic Area (“EEA”) member countries, the United Kingdom (“UK”) and Switzerland. As such, UATP has certified that it adheres to the Privacy Shield Principles of notice, choice, onward transfer, security, data integrity, access, and enforcement. To learn more about these programs, and to view UATP’s certification, please visit www.privacyshield.gov.

Privacy Shield Principles

Notice and Choice

If you communicate with UATP, we may collect personally identifiable information from you and about you, including the e-mail addresses of those who communicate with us via e-mail, information volunteered by you, such as survey information and/or site registrations, name and address, telephone number, and fax number. We also may collect information about your interests in and use of our various programs and services. By providing any personal information to us by these means, you will fully understand and will clearly consent at the time of collection to the transfer of such personal information to, and the collection and processing of such information in, other countries or territories. Any such transfer and processing by us will be in accordance with our Privacy Policy and the Privacy Shield Principles.

We may also use information we collect on our website to personalize the content, improve the content of our web page, and/or to provide you with product or service offers. We use “cookies” to operate the website (“essential cookies”) and other cookies to help us evaluate how our visitors use and navigate our web site on an aggregate basis, including the number and frequency of visitors to each web page and the length of their visits. You may indicate your consent to nonessential cookies by clicking where indicated on your first visit to this website and agree to each use of such information.

A cookie is a text-only string of information that a website transfers to the cookie file of the browser on your computer’s hard disk so that the website can remember who you are. A cookie will typically contain the name of the domain from which the cookie has come, the “lifetime” of the cookie, and a value, usually a randomly generated unique number.

We also use a third party analytics provider to collect information about your use of certain products and services, Google Analytics. Google uses cookies to collect information about the products and services usage and to report website trends to us, without identifying individual end-users or visitors to UATP.

EU, UK and Swiss individuals have rights to access personal data about them and to limit use and disclosure of their personal data. With our Privacy Shield certification, UATP has committed to respect those rights. If you would like to request that we not continue to use information we collect about you for the marketing purposes described, please contact us at [email protected].

You also have the ability to change your mind and accept or decline cookies at any time by modifying the settings in your browser. Information on how to do this should be provided in the web browser’s help/reference section. You can learn about how Google uses data by going to www.google.com/policies/privacy/partners/ and you can opt-out by downloading the Google Analytics opt-out browser add-on, available at https://tools.google.com/dlpage/gaoptout.

Where personal information is collected by UATP through means other than this website, the notice will be provided in clear and conspicuous language when you are first asked to provide such information. To the extent that UATP acts solely as a data processor when processing personal data on behalf of its business customers (EU, UK or Swiss data controllers) UATP acts only on the instructions of such controllers and does not control or share such personal data without direction from the relevant data controller. In those instances, and to the extent provided for by applicable law, UATP may rely on its data controllers to satisfy the notice and consent principles under EU and EU Member State data protection law, and will only act on the instructions of that controller.

Accountability for Onward Transfers – Third Parties Who May Receive Personal Data.

UATP uses a limited number of third party service providers to assist us in providing our services to customers. These third party providers help us with certain technical operations, assist with the transmission of data, and provide data storage services. These third parties may process or store personal data in the course of providing their services. UATP maintains contracts with these third parties restricting their access, use, and disclosure of personal data in compliance with our Privacy Shield obligations. To the extent provided by the Privacy Shield principles, UATP remains responsible and liable under the Privacy Shield if a third party that UATP engages to process personal information on its behalf does so in a manner inconsistent with the Privacy Shield Principles, unless UATP proves that it is not responsible for the matter giving rise to the damage.

Security, Data Integrity and Purpose Limitation

UATP Handles EU, UK and Swiss citizens’ personal data with appropriate care and safeguards. UATP has security measures in place to help protect personal data from loss, misuse, unauthorized access, disclosure, alteration, and destruction. UATP has a Privacy Administrator identified below who is responsible for the internal supervision of UATP’s privacy policies.

In addition, any data processing will be carried out with reasonable and appropriate security measures specified in the processing agreement between UATP and its customers. UATP will not disclose to third parties personal data processed, except as permitted or required by the agreement between UATP and the third party, the EU, UK or Swiss Privacy Shield, or other applicable data protection law.

UATP may be required to disclose personal information collected at its website site or processed for UATP business purposes in response to legal process, for example, in response to a court order or a subpoena. We also may disclose such information in response to a law enforcement or other government agency’s request, or where we believe it is necessary to investigate, prevent, or take action regarding illegal activities, suspected fraud, situations involving potential threats to the physical safety of any person, violations of our terms of use, to comply with legal requirements, or as otherwise required by or law.

In addition, we may share information in the event of a bankruptcy, or a merger, acquisition, joint venture, or other business combination involving us.

Recourse and Enforcement

UATP’s commitments under the Privacy Shield are subject to the investigatory and enforcement powers of the U.S. Federal Trade Commission.

UATP makes a specific commitment to remedy any problems that may arise from an alleged failure of compliance with the above Principals and to resolve complaints about our collection of or use of your personal information. EU, UK and/or Swiss individuals with inquiries or complaints regarding UATP compliance with the EU – U.S. and Swiss – U.S. Privacy Shield Principles or this policy should first contact our company by mail, e-mail, or telephone at:

Universal Air Travel Plan, Inc.

Legal Department
1629 K Street, NW
Suite 300
Washington, DC 20006
+1 202 774 5065
[email protected] or [email protected]

UATP will respond within 45 days. If our response does not address your concern, you may contact JAMS, an independent third-party dispute resolution body based in the United States. JAMS website is https://www.jamsadr.com/eu-us-privacy-shield and JAMS may be contacted via telephone at 1-800-352-5267. JAMS has committed to respond to complaints to provide recourse at no cost to you. If neither UATP nor JAMS resolves your complaint, you may have the possibility to engage in binding arbitration through the Privacy Shield Panel.

Updated: December 2020

This site uses cookies to offer you a better browsing experience.  Please agree to our cookies.

Accept Cookies My Preferences Decline
Privacy Settings saved!
Privacy Settings

You can change these settings at any time. However, this can result in some functions no longer being available. For information on deleting the cookies, please consult your browser’s help function.

Analytics Essential Legal & Privacy
Analytical cookies are used to collect information about your use of certain products and services, including Google Analytics. Google uses cookies to collect information about the products and services usage and reports website trends to us, without identifying individual end-users or visitors to UATP.
HubSpot
We use HubSpot to monitor traffic and improve our website.
  • hubspotutk
  • __hssc
  • __hssrc
  • __hstc
Google Analytics & Tag Manager
We use Google Analytics and Tag Manager to track anonymized user information to monitor our traffic and improve our website.
  • _ga
  • _gid
  • _gat
Decline all Services
Accept all Services