This privacy policy governs your use of the Worldtracer BDS application (App) powered by SITA.
The types of Personal Information that we may process in connection with the provision of our Services and via our Websites may be provided by you voluntarily; collected automatically on our Websites (e.g. by using cookies or other online technologies); or provided to us by or collected on behalf of third parties (e.g. by one of our business clients) in order for us to perform our Services for them.
"Personal Information" means data which allows the identification of a natural person directly or indirectly from that data. Examples may include name, address, email, telephone number, customer ID, or tax ID. It includes personal data as defined under EU law.
(i) Information provided voluntarily by users of our Websites
In order to use certain areas of our Websites, you must first complete the registration form and create a user name and password. During registration, you are required to give contact details such as your name and email address. We use these contact details to contact you about such of the services described on our Websites in which you have expressed interest.
You have the option to provide us with additional information which we use to provide you with a more personalized experience on our Websites, which includes presenting content more relevant to you based on the sector you specify, e.g. airline, airport.
SITA is the sole owner of the information collected on our Websites (SITA.aero or other SITA owned / controlled Websites).
You can use the unsubscribe function at any time if you no longer wish to be registered with us.
Any Personal Information that you provide through our Websites will be used for the purpose of providing you with information about SITA and its products and services. Such information will be sent to you using the contact details you have submitted via these Websites.
From time to time, we may provide you with the opportunity to participate in contests or surveys on our Websites. If you wish to participate, we will request certain Personal Information from you. Participation in these surveys or contests is completely voluntary and you can choose whether or not to provide such Personal Information. The requested Personal Information typically includes contact information and demographic information. We use this information to further understand our market and your requirements.
If you have registered on our Websites, we will occasionally send you information on SITA’s products and services. If you no longer wish to receive these types of communications, you may unsubscribe by following the instructions in section 8 below.
If you wish to subscribe to our newsletter(s), we will use your contact information, e.g. your name and email address to send the newsletter to you. If you no longer wish to receive our newsletters, you may unsubscribe by following the instructions in section 8 below.
We will send you strictly service-related announcements on rare occasions when it is necessary to do so. For instance, if our service is temporarily suspended for maintenance, we might send you an email.
Based upon the Personal Information you provide us, we will send you a welcome email. We will also communicate with you in response to your enquiries, to provide the services you request, and to manage your account. We will communicate with you by email or telephone.
We store information that we collect through log files to create a (registration) "profile"; of your preferences. We tie your Personal Information, and e.g. your purchasing and engagement (which pages visited) history, to information in the (registration) profile in order to provide tailored promotions and marketing offers and to improve the content of the Websites for you.
To update or change your profile, please check the profile section of the Websites. See also Section 8 which makes available a link to the Preference Center to make such changes. To delete your profile, please visit the DSR Data Subject Rights Center.
(ii) Information collected automatically on our Websites
To provide you with better website functionality, SITA uses cookies on its Websites. Cookies are alphanumeric identifiers that are transferred to your computer's hard drive through your Web browser. When this information is stored on your hard drive, our system is able to recognize your browser and automatically log you in where appropriate.
We also store or gather other information automatically and may store it in log files. This information includes internet protocol (IP) addresses, browser type, internet service provider (ISP), referring/exit pages, operating system, date/time stamp, and navigation data.
Cookies and similar technologies are used by SITA so that we can make it easier for you to access our Websites, to understand usage and for other purposes.
For more information on the types of cookies and similar technologies we use and why and how you can control them, please click here to access our Cookie Policy.
(iii) Information provided to us by or collected on behalf of third parties to perform our Services
This information includes, but is not limited to, name and contact details, flight information, passport details, payment information and biometrics which we use to perform our Services.
Where the information is provided by one of our business clients who shares Personal Information with us or instructs us to collect or process Personal Information, their privacy statement may also apply and you should read any privacy notices provided on their sites.
If you are from the European Economic Area, there needs to be a legal basis for the collection and use of the Personal Information described above. This will depend on the Personal Information concerned and the specific context in which the information is collected. We sometimes process Personal Information because we are providing a service to one of our partners and in those circumstances, it will be our partners' responsibility to ensure a legal basis exists.
However, when it is our responsibility to do so, we will normally collect Personal Information about you only (i) where we need the Personal Information to perform a contract, (ii) where the processing is in our legitimate interests and not overridden by your rights, (iii) where we have your consent to do so, or (iv) where we are otherwise authorized under applicable law. In some cases, we may also have a legal obligation to collect Personal Information from you or may otherwise need the Personal Information to protect your vital interests or those of another person.
If we ask you to provide Personal Information to comply with a legal requirement or to perform a contract with you, we will make this clear at the relevant time and advise you whether the provision of your Personal Information is mandatory or not (as well as of the possible consequences if you do not provide your Personal Information).
If we collect and use your Personal Information in reliance on our legitimate interests (or those of any third party), this interest will normally be to operate our Website or provide our Services and for our legitimate commercial interest, for instance, when responding to your queries, improving our platform, undertaking marketing, or for the purposes of detecting or preventing illegal activities.
Except as provided in this Privacy Statement, we will not share, sell, license, trade or rent any Personal Information to or with any third party without your consent, unless we are required to do so when processing Personal Information under the instructions and on behalf of one of our business clients.
We will share your personal data in the following ways:
We are a global organization and our information systems are in several countries around the world. This means that we may transfer Personal Information to our subsidiaries, affiliate companies or agents, and also to third parties, which may be located outside the European Economic Area ("EEA"), including for processing an order and providing you with support services. For transfers outside the EEA within the SITA Group we have executed a Data Transfer Agreement (which incorporate the EU's Standard Contractual Clauses). For transfers to third parties outside the SITA Group, we have taken appropriate safeguards to require that the Personal Information we process will remain protected in accordance with this Privacy Statement.
For more information and to obtain a copy of the safeguards we have put in place, please see below under "Contact".
We retain Personal Information we process from you where we have an ongoing legitimate business need to do so (for example, to provide our Website or Services or to comply with applicable legal, tax or accounting requirements, or pursuant to an ongoing service contract). When the information we process is to provide our business partners with a service they have requested, they are normally responsible for the retention.
When we have no ongoing legitimate business need to process certain Personal Information, we will either delete or anonymize it or, if this is not possible (for example, because this Personal Information has been stored in backup archives), then we will securely store this Personal Information and isolate it from any further processing until deletion is possible.
We take the security of the Personal Information we process seriously and use appropriate technical and organizational measures to protect it against unauthorized processing, disclosure, alteration or damage. The measures we use are designed to provide a level of security appropriate to the risk of processing your Personal Information. However, because no security system can be 100% effective, we cannot completely guarantee the security of any information we may have collected from or about individuals.
These Websites contain links to other sites that are not owned or controlled by SITA. Please be aware that we, SITA, are not responsible for the privacy practices of such other sites.
We encourage you to stay aware when you leave our Websites and to read the privacy statements of each and every website that collects Personal Information.
Where we collect and process your Personal Information in the context of our Website(s), you may access, update and rectify your Personal Information on your profile directly. In some countries (including in the EEA) you may a more general right to access, update or rectify Personal Information as well as have additional rights. You may for example, request that your Personal Information be erased or restricted. In addition, you may have the right to object to the processing of your Personal Information and request to have your Personal Information handed over to you or to another organization (data portability). You may also have the right to complain to a data protection authority about our collection and use of your Personal Information.
You can use the unsubscribe function at any time if you no longer wish to be registered with us. To obtain a copy of your Personal Information, or request the deletion of your account, please visit the DSR Data Subject Rights Center.
To the extent that we process your personal data based on your (initial) consent / opt-in, and not on other legal grounds, we will provide you with the opportunity to 'opt-out' later of having your personal data used for certain purposes when we ask for this information. Withdrawing your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal, nor will it affect processing of your Personal Information conducted in reliance on lawful processing grounds other than consent.
If you no longer wish to receive our marketing communications, you may opt-out of / unsubscribe from receiving them by following the instructions included in each newsletter or communication or via the Preference Center. For all other requests, such as (full) personal data erasure, please visit the DSR Data Subject Rights Center.
Where we process Personal Information in the context of providing our Services to our business partners, they will be normally responsible for responding to your requests with regard to the processing of your Personal Information and you should read any privacy notices provided on their sites.
You acknowledge that SITA may create aggregated and anonymized data from the Personal Information supplied as part of the Services or via the Websites, and that such data (the "Anonymized Data") will no longer be Personal Information. SITA may use the Anonymized Data for purposes of security testing and operational improvement, and to provide other organizations with reports. This provision is subject to all other parts of this document, and SITA shall at all times comply with its obligations under applicable agreements and laws, and follow best practices for research.
From time to time we may update this Statement in response to changing legal, technical or business developments. When we do, we will publish the changes on the Website, as appropriate. If material changes are made to this Statement, we will take appropriate measures to inform you, consistent with the significance of the changes we make. Your continued use of our Services and Websites after the effective date of such changes constitutes your acceptance of such changes.
You can submit any questions or concerns that you may have regarding our Privacy Statement by contacting us at privacy@sita.aero
©SITA - last updated: 7 September 2018
SITA and its affiliates ("SITA"), are committed to protecting the privacy of California consumers with whom we interact.
This CCPA Privacy Statement is a California-specific supplement to SITA's general Privacy Statement. The rights set forth in this CCPA Privacy Statement are in addition to any applicable privacy rights set forth in SITA's general Privacy Statement (such as your ability to unsubscribe from SITA registrations or marketing communications through the SITA preference center).
The California Consumer Privacy Act of 2018 and its regulations, (Cal. Civ. Code §1798.100 et seq., as amended, "CCPA") gives California residents (CCPA "consumers") rights and control over their personal information.
A CCPA "consumer" is a natural person who resides in California. For the purposes of this Privacy Statement, consumer does not include California-resident job-applicants or SITA employees.
"Personal information" is defined as information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or California household. Personal information does not include:
Personal information subject to the CCPA, is "sold" under the CCPA when it is shared with a third party or another business for monetary or other valuable consideration, and not for an authorized or exempt reason/purpose under CCPA (see the full definition in CCPA §1798.140 (t)(1)).
Under the CCPA, a business that sells California consumers' personal information to others: 1) must give notice to the consumer before selling their personal information to others; and 2) must provide the right to opt out of the sale of their personal information.
SITA does not sell personal information. Thus, these notification and opt-out requirements do not apply to SITA.
SITA provides business-to-business (B2B) services to companies in the transport industry, such as airlines and airports (SITA Customers). Where SITA provides these services it is a CCPA "service provider" to SITA Customers, collecting and processing personal information in connection with the services only on SITA Customers' behalf.
If you are a passenger/traveler, or a user of SITA-provided tools/software/platforms in the course of your employment with a SITA Customer, and you have any questions about your personal information, SITA advises that you please contact the airline or airport through which you travelled, or your employer, in relation to your personal information and your rights under the CCPA, as SITA's ability to respond to you as a service provider under CCPA is restricted, and SITA is not the relevant CCPA business in relation to the processing of your personal information.
This CCPA Privacy Statement relates to you if you are a California resident (a CCPA consumer) and SITA communicates or interacts with you, in relation to the marketing or the potential supply of services to your company that your company does not yet receive ("you" in the following paragraphs). SITA is a CCPA business in relation to your personal information, and not a service provider, and provides you the following disclosures and information, including in relation to your rights under CCPA.
Please note: the CCPA provides exemptions from certain CCPA requirements (including disclosure and consumer rights requirements) in respect of consumer personal information reflecting communications or transactions with employees, contractors, directors, and officers of SITA Customers related to services actually/currently provided to those customers or to SITA's due diligence on SITA Customers ("B2B communications exemption"), until and including December 31, 2020. If this exemption is removed or amended by the California legislature, SITA will update this Statement to include any relevant disclosures required in connection with B2B communications. Notwithstanding the B2B communications exemption SITA collects and processes such personal information securely in accordance with SITA's general Privacy Statement.
The table below outlines the categories of Personal Information (as defined by the CCPA) that we have collected and/or disclosed for a business or commercial purpose in the preceding twelve months. While the examples of Personal Information provided for each category are taken from the CCPA they are included only to help you understand what the categories mean, and more information about our specific practices can be found in SITA's general Privacy Statement.
| Category | Examples of types of Personal Information within Category | Categories of Sources of information | SITA collects category | SITA discloses category | SITA sells category |
| A. Identifiers | Name, alias, postal address, unique personal identifier, online identifier, internet protocol address, email address, account name, social security number, driver’s license number, passport number, or other similar identifiers. | Information you provide directly to us or automatically through your interaction with our websites, and vendors' platforms. | YES | YES | NO |
| B. Categories of Personal Information in Cal. Civ. Code 1798.80(e) | Name, signature, social security number, physical characteristics or description, address, telephone number, passport number, driver’s license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information. Not including publicly available information that is lawfully made available to the general public from federal, state, or local government records. | Information you provide directly to us. | YES | YES | NO |
| C. Characteristics of Protected Classifications under California or Federal Law | Race or color, ancestry or national origin, religion or creed, age (over 40), mental or physical disability, sex (including gender and pregnancy, childbirth, breastfeeding or related medical conditions), sexual orientation, gender identity or expression, medical condition, genetic information, marital status, military and veteran status. | Information you provide directly to us. | YES | YES | NO |
| D. Commercial Information | Records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies. | Information you provide directly to us or automatically through your interaction with our websites, and vendors' platforms. | YES | YES | NO |
| E. Biometric Information | Physiological, biological, or behavioral characteristics, including DNA, that can be used, singly or in combination with each other or with other identifying data, to establish individual identity, such as imagery of the iris, retina, fingerprint, face, hand, palm, vein patterns, and voice recordings, from which an identifier template, such as a faceprint, a minutiae template, or a voiceprint, can be extracted, and keystroke patterns or rhythms, gait patterns or rhythms, and sleep, health, or exercise data that contain identifying information. | N/A | NO | NO | NO |
| F. Internet of Other Electronic Network Activity Information | Browsing history, search history, and information regarding a consumer's interaction with an internet website, application or advertisement. | Information you provide directly to us or automatically through your interaction with our websites, and vendors' platforms. | YES | YES | NO |
| G. Geolocation Data | Such as physical location, IP address. | Information you provide directly to us or automatically through your interaction with our websites, and vendors' platforms. | YES | YES | NO |
| H. Sensory Information | Audio, electronic, visual, thermal, olfactory, or similar information. | N/A | NO | NO | NO |
| I. Professional or employment-related information | Job application or resume information, past and current job history, and job performance information | Information you provide directly to us or automatically through your interaction with our websites, and vendors' platforms. | YES | YES | NO |
| J. Non-Public Education Information (as defined in 20 U.S.C. 1232g; 34 C.F.R. Part 99) | Records that are directly related to a student maintained by an educational agency or institution or by a party acting for the agency or institution. | N/A | NO | NO | NO |
| K. Inferences Drawn from Personal Information | Consumer profiles reflecting a consumer's preferences, characteristics, psychological trends, preferences, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes. | Information you provide directly to us or automatically through your interaction with our websites, and vendors' platforms. | YES | YES | NO |
The CCPA defines various business and commercial purposes for collecting, using, and disclosing Personal Information. While we collect, use, and disclose Personal Information pursuant to SITA's general Privacy Statement as a whole, SITA wishes to clarify that this includes your Personal Information in accordance with the following specific CCPA business and commercial purposes:
As also explained in our general Privacy Statement, we share your Personal Information with the following categories of third parties:
The CCPA provides California consumers with certain rights related to their personal information as set out below. To submit a request based on these rights, please contact us via our DSR Data Subject Rights Center or at privacy@sita.aero or toll-free at 866 588 0497 (enter "0" and then enter the PIN – 777).
When receiving a request, we are required to verify that the individual making the request is actually you before we can fulfill the request. When you submit a request will we will notify you of what information we need to verify your identity (depending on the nature of the request and your personal information). California consumers may exercise their rights themselves or may use an authorized agent to make requests to disclose certain information about the processing of their personal information or to delete personal information on their behalf. If you use an authorized agent to submit a request, we may require that you provide us additional information demonstrating that the agent is acting on your behalf.
We will endeavor to fulfill a verifiable request within 45 days of submission using the methods described above. If we need additional time to fulfill the request, we will let you know in writing why we need more time and how much more time is being requested. The disclosures we provide only cover the 12-month period preceding receipt of your request. Where we are unable to comply with your request, we will explain why we cannot comply.
We will not charge you for responding to your request, unless (in the unlikely event) it is excessive, repetitive, or clearly inappropriate. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.
Under the CCPA, requests for personal information may only be made a maximum of twice per 12 months period.
You have the right to request from a business disclosure of the categories and specific pieces of personal information it has collected from them in the preceding 12 months, the categories of sources from which such personal information is collected, the business or commercial purpose for collecting or selling such personal information, and the categories of third parties with whom the business shares personal information.
You have the right to request from a business that sells or discloses personal information for a business purpose separate lists of the categories of personal information collected, sold or disclosed for a business purpose in the preceding 12 months, including the categories of third parties to whom the personal information was sold or disclosed for a business purpose. SITA does not sell personal information. As required by CCPA regulations, SITA additionally confirms that it has no actual knowledge that it sells any personal information of minors under 16 years of age.
The CCPA requires businesses that sell personal information to allow residents the ability to opt out of the selling of their information. Again, as SITA does not sell personal information, this opt out-right does not apply to you or SITA.
The CCPA prohibits businesses from discriminating against a California consumer for exercising any of their rights under the CCPA, including by:
California consumers have the right to request that a business delete any of their personal information that the business collected from them, subject to certain exceptions in CCPA §1798.105.
If you have any questions or concerns about SITA's privacy policies and practices, please contact us at privacy@sita.aero.
This SITA CCPA Privacy Statement last updated: 1 May 2020