Travel Leaders Group Holdings, LLC (Internova Travel Group, LLC) (“Internova”) and its affiliates (“Internova,” “we,” “us,” “our” or the “Company”) make up a global travel services company that serves corporate and individual client travel needs through various travel related offerings and services (the “Services”). We created this privacy policy (“Privacy Policy”) because we know that you care about how information you provide to us is used and shared. This Privacy Policy explains the conditions under which and the purposes for which (i) we collect and use your Personal Data (as defined in section 1, below) in connection with the provision of our Services and through your use of our Company websites (“Site(s)”) and (ii) we may share or disclose your Personal Data to third parties, as well the choices and means, if any, we offer you for limiting the use and disclosure of your Personal Data .
This Privacy Policy applies to our brands listed below.
This Privacy Policy does not apply to Personal Data collected by or provided in connection with an individual’s application for employment, current or former employment, or independent contractor arrangements with Internova. If you are an Internova employee, independent contractor, or applicant for employment, please see the Internova Employee Privacy Notice(s) or Prospective Employee Privacy Notice(s) for information about how Internova collects, uses, processes, discloses, shares, and retains employment data not covered by this Privacy Policy.
The server(s) that make(s) this Site available may be located outside the country from which you accessed this Site, but we will collect and use Personal Data only in accordance with this Privacy Policy and as required by local law in the places in which we operate. Our European Union and UK Privacy Policy can be found in the UK & European Union Privacy Policy section of this Privacy Policy. Information about individual rights under U.S. Data Protection Laws can be found in the Notice of Privacy Rights to Residents of Certain U.S. States section of this Privacy Policy.
We collect information about you when you use our Site(s) or in providing our Services to you. “Personal Data” consists of any information that relates to you and/or information from which you can be identified, directly or indirectly. For example, information which identifies you may consist of your name, address, telephone number, photographs, location data, an online identifier (e.g., cookies identifiers and your IP address) or one or more factors specific to your physical, physiological, economic, cultural, or social identity. The laws of some countries have different definitions of personal data or equivalent terms and, in this Privacy Policy, we give this the same meaning as under the data protection laws that apply to our processing of your personal data.
We do not consider Personal Data to include information that has been de-identified so that it does not allow information to be linked to a specific individual or that does not allow a specific individual to be singled out. We may collect non-Personal Data related to your interaction with or use of the Services and/or Sites.
We may collect different types of Personal Data: “Technical Information” and “Personal Information.”
Your Personal Information, and that of your travel companions, is provided to us either directly by you or through an employer or group travel sponsor or other organizer (as the case may be), in order to provide you with the Services you have requested, and for other purposes as set out in this Privacy Policy.
“Personal Information” typically consists of your:
We may also collect other Personal Information in order to assist you with your travel plans, including but not limited to:
Sensitive Data. We may collect or process data that is deemed “Sensitive Data” under certain laws. We may process the following categories of Sensitive Data when you use our Services:
When required by applicable law, Internova will collect consent prior to processing certain categories of Sensitive Data.
We collect other “Technical Information”, such as your:
You can learn more about how we use cookie data by reviewing our Cookie Policy [which can be found in section 11 of this Privacy Policy].
We and/or certain service providers operating on our behalf may collect Information about your activity, or activity on devices associated with you over time, on our sites and applications, and across non-affiliated websites or online applications. We may collect this Information by using certain technologies, such as cookies, web beacons, pixels, software developer kits, third party libraries, and other similar technologies. Third-party service providers, advertisers, and/or partners may also view, edit, or set their own cookies or place web beacons. We collect Technical Information when you use our Site, or information that has been made anonymous, such as:
We may also collect information pertinent to the marketing of our products and services. This information may include marketing channels, User Market IDs (CenterPoint, TNMP, etc.), Site brands and product names, contract terms, financial information and other information.
We collect and analyze this Technical Information to measure the number of visitors to the different sections of our Site, to evaluate how visitors use our Site and to provide you with advertisements that are relevant and useful to you, unless you have told us not to. We also use the information we collect to understand customer needs and trends, to carry out targeted promotional activities, and to generally help us make our Site more useful to visitors.
We may use your Site data by itself or aggregate it with similar information we have obtained from others. We may share your Site data with our affiliates and other third parties to achieve these objectives (see section 5 for further information). You may obtain a list of our affiliates and third parties with whom we share your Site data by contacting us here.
Depending on the jurisdiction in which you reside, we may use Internet Protocol (IP) addresses to identify a visitor when we feel it is necessary to enforce compliance with our Site’s terms and conditions, or to: (a) fulfill a government request; (b) conform with the requirements of the law or legal process; (c) protect or defend our legal rights or property, our Site, or other users; or (d) in an emergency to protect the health and safety of our Site’s users or the general public.
We may collect additional Information about you from third party websites, social media platforms, and/or sources providing publicly available Information (e.g., from the U.S. postal service) to help us provide Services to you, help prevent fraud, and for marketing and advertising purposes.
This Privacy Policy only applies to Information collected by our Services. We are not responsible for the privacy and security practices of those other websites or Social Media Platforms or the Information they may collect (which may include IP address). You should contact such third parties directly to determine their respective privacy policies. Links to any other websites or content do not constitute or imply an endorsement or recommendation by us of the linked website, Social Media Platform, and/or content.
We collect and use your Personal Data for a variety of reasons, including to personalize Services to you. If you are a customer, an agent, the Personal Data we hold, and use is necessary for the performance of the services or other agreement to which you are a party or to perform the services you have otherwise requested.
If you are a prospective customer, the Personal Data we collect and use is necessary for our legitimate interest in providing you with information about the services we offer, and about which you have expressed an interest or that we believe will be of benefit to you. Where appropriate, we will obtain your consent at the time we communicate with you.
In some cases, our purpose for collecting the information is because you have expressly consented to our collection and use of your Personal Data.
You may provide the information to us directly, or through a tool or product provided by us or another company to your employer (in the case of our business clients). We collect your Personal Data, such as name, address, email address, phone number, and credit card information in order to provide the services you have requested. Other examples of Personal Data that we collect include:
We use the Personal Data we have collected to allow us to provide the products and services you have chosen, process payments, or to manage and develop our business and operations, including:
If you send us an email with questions or comments, we may use your email address to respond to your questions or comments, and we may save your questions or comments for future reference. We may email you when:
For purposes of this Privacy Policy, “sell,” “sold,” or “sale” means the disclosure of Personal Data for monetary or other valuable consideration but does not include, for example, the transfer of Personal Data as an asset that is part of a merger, bankruptcy, or other disposition of all or any portion of our business, whereas “sharing” means disclosing or making available Personal Data to a third party for purposes of cross-context behavioral advertising. While we do not disclose Personal Data to third parties in exchange for monetary compensation, we may disclose Personal Data such as identifiers and Internet and network activity Information, to third party advertising networks and analytics providers for purposes of marketing and advertising and to improve and measure our ad campaigns. Such third parties may include third party advertising networks and website analytics firms who use cookies and web beacons to collect non-personally identifiable information when you visit our Site and third-party sites. The information collected through cookies and/or web beacons, including your IP address, web browser, pages viewed, time spent on pages, and links clicked, is often used by these advertising networks to serve you with advertisements, while you are on our Site and/or on third party sites, that better reflect your preferences and needs. This information may be used by us and these third parties to analyze and track data, determine the popularity of certain content, deliver advertising and content targeted to your interests on our products and services, and better understand your online activity. For more information on how this type of advertising works, go to here. Our use of online tracking technologies may be considered a “sale” or “sharing” under certain laws. To the extent that disclosing data to these online tracking technologies is deemed to be a “sale” or “sharing” under certain laws, you can opt out of these online tracking technologies by submitting a request via https://admin.axeptio.eu/ or by broadcasting an opt-out preference signal, such as the Global Privacy Control (GPC). Please note that some features of our website may not be available to you as a result of these choices.
We may also use Personal Data to create anonymized, aggregated, and/or de-identified data (removing any personally identifiable Information that can be used to de-identify such data or traced to any particular user or customer), which we may use for our business, analytics and research purposes, including disclosing, sharing or selling such data to our partners, service providers, and/or other third parties for research, marketing or promotional purposes.
We do not sell or share sensitive Personal Information, nor do we sell or share Personal Information about individuals we know are under the age of sixteen (16).
We do not collect, use, or disclose Sensitive Information beyond the permitted business purposes under applicable law. Accordingly we only use or disclose Sensitive Information as reasonably necessary: (a) to perform services or provide the goods requested by or reasonably expected by you; (b) to prevent, detect, or investigate security incidents that compromise stored or transferred Information; (c) to detect, prevent, and respond to malicious, deceptive, fraudulent, or illegal actions directed at the Company and to prosecute those responsible for actions; (d) to ensure physical safety of natural persons; (e) for short-term transient use, such as non-personalized advertising shown as part of an individual’s current interactions with the Company; (f) to perform Services; (g) to maintain the quality of Services; and (h) to process Information where the goal is not to draw inferences of characteristics about you.
As explained in more detail in this section, we may share your Personal Data with various third parties, and certain third parties may collect Personal Data on our behalf. This includes:
We may use third parties to assist in fulfilling your service requests or providing other important information to you. We also use third parties to support our internal business functions. We require all such service providers to act in compliance with their contractual obligations to protect your Personal Data. We may also share your Personal Data with third parties, including our affiliates, or with employees, agents, consultants and other parties who require the information to assist us to establish, maintain and manage our business relationship with you. Further, we may share your Personal Data with our partners and affiliates to promote other services to you that you might like or to show you ads in which you might be interested, subject to appliable data protection and electronic marketing laws. For a full list of third party providers we may share Personal Data with please refer to the subprocessors list found on https://trust.internova.com.
Subject to applicable electronic marketing and data protection laws, may share your email contact information with our partners to assist with marketing our products and services. You may unsubscribe at any time from receiving future commercial email communications from us by clicking the “unsubscribe” link included at the bottom of any marketing emails we send, or by contacting us here. However, we will continue to send you transactional emails such as customer service communications in connection with the products or services you have purchased. For security reasons, we do not recommend that you send Personal Data, such as passwords, social security numbers, or bank account information, to us by email.
We will not share your opt-in status to an SMS campaign with any third party for purposes unrelated to providing you with the services of that campaign. We may share your Personal Data, including your SMS opt-in or consent status, with third parties that help us provide our messaging services, including but not limited to platform providers, phone companies, and any other vendors who assist us in the delivery of text messages.
The website uses cookies to help keep track of items you put into your shopping cart including when you have abandoned your cart and this information is used to determine when to send cart reminder messages via SMS.
We do not sell or lease Personal Data or provide a list of our customers to third parties. However, as we continue to develop our business, we may sell or purchase assets, restructure our business or obtain investment or be subject to other relevant corporate transactions. If another entity acquires us or all (or substantially all) of our assets, the information we have about you will be transferred to and used by this acquiring entity. Also, if any bankruptcy or reorganization proceeding is brought by or against us, all such information may be considered an asset of ours and as such may be sold or transferred to third parties. We may also transfer information about you in the context of a prospective corporate transaction.
Depending on the jurisdiction in which you reside, we may reserve the right in some circumstances to disclose any information about you if we are required to do so by law, with respect to copyright and other intellectual property infringement claims, or if we believe that such action is necessary to: (a) fulfill a government request; (b) conform with the requirements of the law or legal process; (c) protect or defend our legal rights or property, or our Site; or (d) in an emergency to protect the health and safety of our Site’s users or the general public.
In the event of our insolvency we, or any appointed insolvency practitioner, may disclose your Personal Data to the CAA, and/or ABTA so that they can assess the status of your booking and advise you on the appropriate course of action under any scheme of financial protection.
We may use Personal Data to create anonymized, aggregated, and/or de-identified data. We may also provide unaffiliated third parties with such aggregated, anonymized, and/or de-identified information derived from Personal Data for those third parties’ own purposes, including research, marketing, and advertising. Once de-identified, we maintain this information in a de-identified form and do not attempt to reidentify the information, except as permitted under applicable law.
We strive to provide you with choices regarding the Personal Data you provide to us. We have created mechanisms to provide you with the following control over your information:
You have additional rights concerning your Personal Data if you reside in the United Kingdom or in the European Union. These can be found in the “UK & European Union Privacy Notice” section of this Privacy Policy.
It is important that the Personal Information we hold about you is accurate and current. We require you to keep us informed of changes to your Personal Information. If your registration information changes, please contact us here. We take reasonable steps to verify your identity prior to honoring any such requests to help protect your privacy and security.
If you want to know what Personal Data we hold about you or wish to change Personal Data that is inaccurate or out of date, or to withdraw your consent to our use of your Personal Data, please contact us here. It may not always be possible to completely remove or modify information in our databases, although we will make reasonable efforts to do so upon your request. We do not control how our partners retain, store and destroy data they have accessed in connection with assisting with providing our services. You should check their websites for more information on their practices.
Certain browsers may offer you the option of providing notice to websites that you do not wish for your online activities to be tracked for preference-based advertising purposes (“DNT Notice”). Some browsers are, by default, set to provide a DNT Notice, whether or not that reflects your preference. Providing DNT Notice is often touted as a means to ensure that cookies, web beacons and similar technology are not used for preference-based advertising purposes – that is, to restrict the collection of information your online activities for advertising purposes. Unfortunately, given how preference-based advertising works, DNT Notices may not effectively accomplish this goal. For this and a variety of other reasons, with respect to our Site, we do not take any particular action based on browser based DNT Notices. However, we do not use third-party advertisers or engage in behavioral marketing data collection for resale.
If you are located in the US, you may have additional rights. Please refer to the Notice of Privacy Rights for Residents of Certain US States section of this Privacy Policy and our Cookie Policy.
If you are located in the United Kingdom or the European Union, you may have additional rights. Please refer to the UK & European Union Privacy Policy section of this Privacy Policy and our Cookie Policy.
If you are located in Canada, you may have additional rights. Please refer to the Canadian Notice section of this Privacy Policy and our Cookie Policy.
Residents of certain U.S. states may have rights and choices regarding their Personal Data. To the extent any data protection law applies to our collection of your data, this supplemental section of our Privacy Policy outlines the individual rights you may be entitled to and how to exercise those rights.
Depending on where you live and subject to certain exceptions, you may have some or all of the following rights.
To learn more about whether you are guaranteed certain rights, or to submit a request to exercise your rights, please contact us using any of the methods in the Contact Us section.
If permitted by the applicable data protection law, you may use an authorized agent to submit requests on your behalf provided that the authorized agent is a natural person or a business entity that you have authorized to act on your behalf. If you use an authorized agent, we will require: (1) proof of written permission for the authorized agent to make requests on your behalf, and identity verification from you; or (2) proof of power of attorney pursuant under applicable law. We may deny a request from an authorized agent that does not submit proper verification proof.
To exercise any of the rights described above, please submit a verifiable request to us via the methods described below. The verifiable request must:
To help protect your privacy and maintain security, if you request access to or deletion of your Information, we will take steps and may require you to provide certain Information to verify your identity before granting you access to your Information or complying with your request. In addition, if you ask us to provide you with specific pieces of Information, we may require you to sign a declaration under penalty of perjury that you are the consumer whose Information is the subject of the request. Only you or your authorized agent may make a verifiable request related to your Information. If you designate an authorized agent to make a request on your behalf, we may require you to provide the authorized agent written permission to do so and to verify your own identity directly with us (as described above). You may also make a verifiable consumer request on behalf of your minor child.
You may contact us using our online form.
We reserve the right to amend this Privacy Notice at our discretion and at any time. When we make changes to this Privacy Notice, we will notify you through a notice on our Site.
If you have any questions or comments about this Privacy Notice, the ways in which we collect and use your Personal Information, your choices and rights regarding such use, or wish to exercise your rights under applicable data protection law, please do not hesitate to contact us at:
Internova Travel Group
Attn: Privacy Office
1633 Broadway, 35th Floor
New York, NY 10019
United States
https://dsar.internova.com
This privacy notice describes how Internova treats information you provide to us or that we collect about you. This is any information that relates to you and can identify you, either directly or indirectly, such as a name, an identification number, your IP address, data about your location, or information about your physical, physiological, mental, economic, cultural, or social identity (“Personal Data”).
This notice describes our practices in connection with Personal Data that we collect from you through the website(s) and / or Services that link to this notice and applies to our processing of Personal Data of UK and EU residents that is covered by the EU General Data Protection Regulation (“GDPR”) and the UK General Data Protection Regulation (“UK GDPR”) and is a supplement to our Privacy Policy.
If you have any questions about which of the above companies is the controller of your Personal Data or their exact controller relationship, please contact us using the following contact details privacy@internova.com.
We collect Personal Data from the sources listed in Section 1 of this Privacy Policy. This includes collecting Personal Data directly from you or automatically from you or your device when you interact with our Sites or Services, from business partners, your employer or travel sponsor, and other sources as detailed in Section 1 of this Privacy Policy.
We may collect, use, store and transfer different kinds of Personal Data about you which we have grouped together as follows:
The table below sets out our purposes for processing your Personal Data and the lawful bases we rely on to carry out such processing.
| Purpose of processing activity | Lawful basis for processing |
| Use of Services: To allow you to use our Services and Sites, including enabling you to create accounts, collecting your payments, and providing you with customer support. | • Necessary for the performance of our contract with you, or to take steps prior to entering into a contract with you. |
| Communication: To communicate with you about our Services, your orders, and our relationship with you, including providing you with information on your request and updating you about changes to our terms. | • Necessary for the performance of our contract with you, or to take steps prior to entering into a contract with you. • Your consent*. • Necessary for our legitimate interests in ensuring that our commercial interests are reasonably protected contractually and to reflect changes in our business. |
| Business administration: To ensure proper administration of our business, including by keeping appropriate records, processing complaints, managing our business relationships, and in the context of a business reorganisation. | • Necessary for our legitimate interests in ensuring the functioning and continuity of our Services and business operations. • Necessary to comply with an applicable legal obligation. |
| Risk alerts and personalized assistance: To display real-time risk alerts and personalized assistance notification features when you use certain of our Services (such as 3rd party Duty of Care tools that customers sign up to). | • Your consent*, collected when you engage with our Services. |
| Security: To ensure the security and ongoing functioning of our Services and Sites, including through troubleshooting, activity monitoring, and system maintenance. | • Necessary for our legitimate interests in ensuring the security and ongoing functioning of our Services. |
| Marketing: To send you marketing communications about our Services and business, if this is in accordance with your marketing preferences and/or applicable data protection laws. | • Your consent*, collected when you engage with our Services or Sites. • Where permitted by applicable data protection laws, we may rely on our legitimate interests instead of consent (where our legitimate interests are to pursue business development initiatives and keep you informed of relevant offers). |
| Advertising: To deliver relevant website content and advertisements to you and to understand the effectiveness of the advertising we serve to you by using tracking technologies. | • Your consent*, collected through our cookie consent mechanisms. • Where permitted by applicable data protection laws, we may rely on our legitimate interests instead of your consent (where our legitimate interests are to pursue business development initiatives and keep you informed of relevant offers).Please see our Cookie Policy for further information. |
| Analytics: To understand your online activities to improve our Services, offerings and the user experience by using tracking technologies. | • Your consent*, collected through our cookie consent mechanisms. • Where permitted by applicable data protection laws, we may rely on our legitimate interests instead of your consent (where our legitimate interests are to improve our Services, offerings and the user experience).Please see our Cookie Policy for further information. |
| Wrongdoing: To allow us to detect, prevent, investigate and prosecute illegal activity, suspected fraud or other wrongdoing. | • Necessary for our legitimate interests in detecting, preventing, investigating and prosecuting illegal activity, suspected fraud or other wrongdoing. • Necessary to comply with an applicable legal obligation. |
| Legal claims: To allow us to establish, exercise or defend legal claims in potential or actual legal proceedings. | • Necessary for our legitimate interests in pursuing legal claims. • Necessary for compliance with applicable legal obligations. |
| Exercise rights: To allow us to exercise or perform any right or obligation which is conferred or imposed on us by applicable law. | • Necessary to comply with an applicable legal obligation. |
| Legal obligations: To allow us to comply with any applicable legal obligation, including obligations to retain your data for a certain period of time. | • Necessary to comply with an applicable legal obligation. |
*Where we are relying on consent to process your personal data, you will have the right to withdraw your consent at any time in accordance with the “Your rights as a Data Subject” section below.
We only retain your Personal Data for as long as is reasonably necessary to fulfil the purpose for which it was originally collected, or as otherwise required by applicable legal obligations. We may retain your Personal Data for a longer period in the event of a complaint or if we reasonably believe there is a prospect of litigation in respect to our relationship with you. If we continue to retain your personal data in accordance with a legal obligation, any further processing of your data will be limited to compliance with such legal obligation.
To determine the appropriate retention period for Personal Data, we consider the amount, nature and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal obligations.
You have important rights that you may exercise to protect your Personal Data. You may access those rights at any time by contacting us here.
Individuals located in UK and the EEA, have certain rights regarding their Personal Data, as set out in more detail below. Some of these rights, e.g., the right to be forgotten or the right to request that we transfer your information to another company, will only apply in certain circumstances. Most rights are also subject to certain exceptions and exemptions that may mean that we are not always legally required to comply with your request in part or in full.
You have the following rights concerning your personal data that we hold and process that you can exercise at any time:
| Rights | What does this mean? |
| The right to be informed | You have the right to be provided with clear, transparent, and easily understandable information about how we use your Personal data and your rights. Therefore, we are providing you with the information in this notice. |
| The right of access | You have the right to obtain access to your Personal Data (if we are processing it), and certain other supplementary information (like the information provided in this notice). This is so you are aware and can check that we are using your Personal Data in accordance with data protection law. |
| The right to rectification | You are entitled to have your Personal Data corrected if it is inaccurate or incomplete. |
| The right to erasure | This is also known as ‘the right to be forgotten’ and, basically, enables you to request the deletion or removal of your Personal Data where there is no compelling reason for us to keep using it. This is not a general right to erasure; there are exceptions. |
| The right to restrict processing | You have rights to ‘block’ or suppress further use of your Personal Data. When processing is restricted, we can still store your Personal Data, but may not use it further. We keep lists of people who have asked for further use of their Personal Data to be ‘blocked’ to make sure the restriction is respected in future. |
| The right to data portability | You have the right to receive your Personal Data in a structured, commonly used and machine-readable format and to request that this data is transmitted to another controller where this is technically feasible. This right only applies to Personal Data you have provided to us yourself (not any other information), that we process by automated means based on your consent or for the performance of a contract with you. |
| The right to object | You have the right to object to the use of your Personal Data where are processing your Personal Data to pursue our or a third party’s legitimate interests for direct marketing or other purposes set out in this Privacy Policy. Where you object, we must stop using your Personal Data for direct marketing purposes. For objections related to processing for other purposes, we will need to stop using your Personal Data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or we need to use the Personal Data to establish, exercise or defend legal claims. |
| The right not to be subject to a decision based solely on automated processing, including profiling | You have the right not to have your Personal Data used to make solely automated decisions about you that hat have legal or similarly significant effects on you. For example, you have the right not to have your Personal Data used to create a profile of you that automated decisions are later based on without there being any human involvement in that processing. |
| The right to withdraw consent at any time | If you have given your consent to anything we do with your Personal Data, you have the right to withdraw your consent at any time (although if you do so, it does not mean that anything we have done with your Personal Data with your consent up to that point is unlawful) as per the “Consent” section below. This includes the right to withdraw consent to us using your Personal Data for marketing purposes. |
Relevant requests will be forwarded on to other parties holding and processing your data, where appropriate.
In order to provide your access to your Personal Data, we will need to validate your identity and require that you send an email from the email address account associated with your Personal Data as stored on Internova’s systems. Our aim is not to be intrusive, and we undertake not to ask irrelevant or unnecessary questions. Moreover, the information you provide will be subject to rigorous measures and procedures to minimize the risk of unauthorized access or disclosure.
For certain types of Personal Data, we have asked for your consent to use the data for certain described purposes at the time you provided it. You may withdraw your consent at any time. When you give us your consent, you are giving us permission to process your personal data specifically for the purpose identified in the consent request. Where we ask you for additional personal data, we will obtain your consent to our proposed use of that data where required, and always tell you why and how the information will be used.
You may withdraw consent at any time by contacting us here.
See Section 4 of our Privacy Policy for details regarding how we share your Personal Data with third parties.. For a complete and up-to-date list of the third parties we are currently using and sharing Personal Data with, please contact us here.
Any third parties that we may share your data with are obliged to keep your details secure, and to use them only for the purposes and to complete the tasks identified by Internova. When they no longer need your data to fulfill this service, they will dispose of the details in line with Internova ’s procedures.
We may transfer your personal data outside the United Kingdom and European Economic Area, including to other companies in the Internova group, third-party service providers and partners, and we put adequate safeguards in place when we do so. This includes only transferring personal data to countries that have been deemed to provide an adequate level of protection for personal data, or by otherwise using an appropriate safeguard to ensure the ongoing protection of personal data, such as standard contractual clauses approved by the applicable regulatory authority. You may request further information on the safeguards we use by contacting us here.
If you wish to make a data subject request or raise a complaint on how we handle your Personal Data, you can contact us at https://dsar.internova.com
ICO
If you have a query or complaint about how your personal data is being used by Internova that we have been unable to resolve, you can also contact the Information Commissioners Office, the supervisory authority that regulates personal data in the UK, by writing to them at Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF, or by visiting their website: https://ico.org.uk. You can also contact them by telephone: at 0303 123 1113. Further details can be found here.
EU Data Protection Authorities
You have the right to lodge a complaint about the way we handle or process your Personal Data with your relevant national data protection regulator. See details of the EEA data protection regulators here.
For the purposes of complying with the legislation of Estados Unidos Mexicanos (“Mexico”) regarding the processing of Personal Data, the provisions of all sections of this Privacy Policy are hereby reproduced, as if they were inserted, except as indicated below, which is intended to complement the Privacy Notice for Mexico.
Corporate Travel Services Worldwide, S.A.P.I. de C.V., is the subsidiary of Internova that is responsible for the use and protection of your Personal Data in México, which has its address at Jaime Balmes No. 11 Piso 10, Torre B, Colonia Polanco I Sección, Alcaldía Miguel Hidalgo, C.P. 11510, Ciudad de México, Mexico.
For the avoidance of doubt, the concept of Sensitive Data indicated in this Privacy Policy also includes the concept of Patrimonial and Financial Data provided for in Mexican law.
All rights regarding Data Protection that are also applicable to Mexico are described in section 7, subsection A, of this Privacy Policy, to which is also added the right to “Opposition”, which means that you have the right to object to the use of your personal data for specific purposes.
For the exercise of any of the rights indicated in section 7, subsection A, of this Privacy Policy, including the “ARCO” rights, as well as to revoke your consent for the use of your Personal Data, it will also be applicable to Mexico as established in section 7, subsection C of this Privacy Policy.
In addition to the other means and procedures established in this Privacy Policy to limit the use or disclosure of your Personal Data, we offer you the following:
• Your registration in the Public Registry of Consumers to avoid advertising, which is in charge of the Federal Consumer Prosecutor’s Office, so that your personal data is not used to receive advertising or promotions from companies of goods or services. For more information about this registry, you can consult the PROFECO website or contact this authority directly.
• Your registration on the exclusion list “No Advertising List”, so that your personal data is not processed for marketing, advertising or commercial prospecting purposes on our part. To register on the “No Advertising List” it will be enough to request it in writing to the email: politicadeprivacidad@altour.mx, directing your request to the Personal Data Protection Department.
This Privacy Notice applies to the processing of Personal Information under applicable Canadian privacy laws and is a supplement to our Privacy Policy.
Subject to applicable law, you have the right to access, update and correct inaccuracies in your Personal Information in our custody and control. You may request access, updating and corrections of inaccuracies in your Personal Information in our custody or control by emailing or writing to us at the contact information set out at the bottom of this Privacy Policy.
We have implemented reasonable administrative, technical and physical measures in an effort to safeguard the Personal Information in our custody and control against theft, loss and unauthorized access, use, modification and disclosure. We restrict access to Personal Information on a need-to-know basis to employees and authorized service providers who require access to fulfil their job requirements. We have record retention processes designed to retain Personal Information for no longer than necessary for the purposes set out herein or as otherwise required to meet legal or business requirements.
Your Personal Information will be transferred (or otherwise made available) to certain third parties that provide services on our behalf. We use service providers to provide services such as collecting travel and other information, hosting the Site, analyzing data, and delivering customer feedback surveys. Our service providers are only provided with the information they need to perform their designated functions and are not authorized to use or disclose Personal Information for their own marketing or other purposes. Our service providers are located in Canada, the U.S. and other foreign jurisdictions.
As some of our service providers are located outside of Quebec, your Personal Data may be transferred outside of Quebec.
We and our Canadian, U.S. and other foreign service providers may provide your Personal Data in response to a search warrant to other legally valid inquiry or order, or to another organization for the purposes of investigating a breach of an agreement or contravention of law or detecting, suppressing or preventing fraud, or as otherwise may be required or permitted by applicable Canadian, U.S. or other law or legal process, which may include lawful access by U.S. or foreign courts, law enforcement or other government authorities. Your Personal Information may also be disclosed where necessary for the establishment, exercise or defence of legal claims and to investigate or prevent actual or suspected loss or harm to persons or property.
Our Site(s) may contain links to other websites that Internova does not own or operate. We provide links to third party websites (e.g., such as the websites of business partners and other organizations we work with) as a convenience to the user. These links are not intended as an endorsement of or referral to the linked websites. The linked websites have separate and independent privacy policies, notices and terms of use. We do not have any control over such websites, and therefore we have no responsibility or liability for the manner in which the organizations that operate such linked websites may collect, use or disclose, secure and otherwise treat Personal Information. We encourage you to read the privacy policy of every website you visit.
If you have any questions or comments about this Privacy Policy or the manner in which we or our service providers treat your personal information, or to request access to our collection of your personal information, please contact us using the contact information located at the bottom of this Privacy Policy.
To make this Site work properly, we sometimes place small data files called cookies on your device.
A cookie is a small text file that a website saves on your computer or mobile device when you visit the site. It enables the website to remember your actions and preferences (such as login, language, font size and other display preferences) over a period of time, so you don’t have to keep re-entering them whenever you come back to the site or browse from one page to another.
We use cookies for the following purposes:
We use the following cookies and classify cookies in the following categories:
You can opt-out of each cookie category (except strictly necessary cookies).
When you visit any web site, it may store or retrieve information on your browser, mostly in the form of cookies. This information might be about you, your preferences or your device and is mostly used to make the site work as you expect it to. The information does not usually directly identify you, but it can give you a more personalized web experience. Because we respect your right to privacy, you can choose not to allow some types of cookies. However, blocking some types of cookies may impact your experience of the Site and the Services we are able to offer.
All information these cookies collect is aggregated and therefore anonymous. If you do not allow these cookies we will not know when you have visited our site and will not be able to monitor its performance. For example, a number of our pages use cookies to remember (i) your display preferences, such as contrast color settings or font size; (ii) if you have already replied to a survey pop-up that asks you if the content was helpful or not (so you won’t be asked again); or (iii) if you have agreed (or not) to our use of cookies on this Site. Some videos embedded in our pages use a cookie to anonymously gather statistics on how you got there and what videos you visited.
Enabling these cookies is not strictly necessary for the Site to work but it will provide you with a better browsing experience. You can delete or block these cookies, but if you do that some features of this Site may not work as intended. The cookie-related information is not used to identify you personally and the pattern data is fully under our control. These cookies are not used for any purpose other than those described here.
You can control and/or delete cookies as you wish – for details, click here. You can delete all cookies that are already on your computer and you can set most browsers to prevent them from being placed. If you do this, however, you may have to manually adjust some preferences every time you visit a site and some services and functionalities may not work.
We strive to safeguard Personal Information using methods that are appropriate to the sensitivity of the information. We have implemented security measures we consider reasonable and appropriate to protect against the loss, misuse and alteration of the Personal Information under our control. However, we cannot guarantee or warrant the security of any information you disclose or transmit to us online and are not responsible for the theft, destruction, or inadvertent disclosure of your Personal Information. From time to time, we evaluate new technology for protecting information, and when appropriate, we upgrade our information security systems.
We will retain your Information for as long as needed to provide you Services, and as necessary to comply with our legal obligations, resolve disputes, and enforce our policies. We will retain and use your Information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements. In accordance with our routine record keeping, we may delete certain records that contain Information you have submitted to us. We are under no obligation to store such Information indefinitely and disclaim any liability arising out of, or related to, the destruction of such Information.
Our Services are targeted to individuals located inside and outside the United States, and we maintain significant operations in the United States. As such, the Services collect Personal Data and process and store that data in databases located in the United States. If you are visiting the Services from a country outside the United States, you should be aware that you may transfer Personal Data about yourself to the United States, and that the data protection laws of the United States may not be as comprehensive as those in your own country.
Our Site is not directed to children. Our Services do not target children nor do we sell products or services for purchase directly by children. We will not knowingly collect Personal Information from children without explicit parental or guardian consent, in line with applicable legal requirements. If you are a parent or guardian of a child under the age of 13 and believe he or she has disclosed Personal Data to us, please contact us here. A parent or guardian of a child under the age of 13 may review and request deletion of such child’s Personal Data as well as prohibit the use of that information.
If you are based in the UK or the EU, the age threshold for obtaining parental consent varies between 13 and 16 years, depending on the age established in each country. Please contact us here if you are a parent or a guardian of a child in the UK or the EU and you believe he or she has disclosed Personal Data to us. A parent or guardian may review and request deletion of a child’s Personal Data as well as prohibit the use of that information.
We may use artificial intelligence (“AI”) and machine learning technologies in connection with our Services to enhance user experience, personalize content, improve our products, detect fraud, and support business operations. The types of AI we use may include automated decision-making, analytics, and generative AI tools. Examples include recommending travel options, analyzing booking patterns, and detecting potentially fraudulent activity.
How We Use AI: AI may process your Personal Data (as defined in this Policy) to provide tailored recommendations, automate certain customer service interactions, and improve our services. We do not use your Personal Data to train third-party generative AI models, and we do not sell or share sensitive Personal Data for AI development.
Automated Decision-Making: In some cases, decisions about your transactions or service experience may be made in whole or in part by automated means. Where required by law, you have the right to request human review of decisions made solely by automated processing, to express your point of view, and to contest the decision.
Your Choices: Depending on your jurisdiction, you may have the right to opt out of certain types of automated processing or profiling. To exercise these rights, please contact us using the information provided in the “Contact Us” section of this Policy.
Third-Party AI Providers: We may use third-party service providers to deliver AI-powered features. These providers are contractually required to protect your Personal Data and may not use it for their own purposes.
Security and Data Minimization: We implement technical and organizational measures to safeguard Personal Data used in AI systems and limit data collection to what is necessary for the stated purposes.
If you have questions about our use of AI or your rights regarding automated decision-making, please contact us at privacy@internova.com or via our online form.
Our Services may contain links to other websites or services that are not owned or controlled by us, including links to Social Media Platforms such as Facebook, Instagram, or YouTube, or may redirect you off our website away from our Services. This Privacy Policy does not apply to your use of unaffiliated websites to which our Site is linked. Company is not responsible for the privacy practices or the content on linked sites. We recommend that you carefully read the privacy policies of each site you visit.
This Privacy Policy as posted on this Site is the sole statement of our Privacy Policy with respect to this Site, and no summary, modification, restatement or other version thereof, or other privacy statement or policy, in any form, is valid unless we post a new or revised policy to the Site.
Individuals with disabilities who are unable to usefully access our Privacy Policy online may contact us to inquire how they can obtain a copy of our policy in another, more easily readable format.
We may from time to time make changes to this Privacy Policy to reflect changes in legal or regulatory obligations or changes in the manner in which we deal with Personal Data . We will post any revised version of this Privacy Policy on our Site. Any changes will be effective on the effective date stated in the revised Privacy Policy. If there are significant changes, we may provide more prominent notice or obtain your consent as required by law. If you do not wish to accept the changes, you should cease using the Site. Your continued use of the Site after we have posted a revised Privacy Policy indicates your agreement to the revisions.
To get more information about our privacy and information security practices, or if you (a) have questions or comments about our Privacy Policy; (b) wish to make corrections to any Personal Information you have provided; (c) want to opt-out from receiving future commercial correspondence, including emails, from us or our affiliated companies; or (d) wish to withdraw your consent to sharing your Personal Information with others, contact us as follows:
Email us:
Write us:
Attn: Privacy Office
1633 Broadway, 35th Floor
New York, NY 10019
United States
You may contact us using our online form here.
