travel audience – Product Privacy Policy

LAST UPDATED – September 2017

Summary of the processing of personal data

1. About travel audience

Travel Audience operates a data-driven travel advertising platform. Our platform connects performance-oriented advertisers with our network of publishers, reaching millions of travelers. Our data-driven travel advertising platform consists of two major components: Our publisher network publishes third-party content via native advertising and our own demand-side-platform provides end-to-end data-driven advertising solutions to our partners.

Name and Address of the Controller

The Controller within the meaning of the General Data Protection Regulation and other national data protection laws of the member states as well as other provisions under data protection law is:

travel audience GmbH
Elsenstraße 106
12435 Berlin
Germany
T: +49 30 530 230 610
E-Mail: privacy@travelaudience.com

Should you have any questions relating to this Privacy Policy please contact us by e-mail under the following address privacy@travelaudience.com

Contact data of the data protection officer

The data protection officer of travel audience GmbH can be reached by normal mail under Data protection officer, travel audience GmbH, Elsenstraße 106, 12435 Berlin, Germany or by e-mail privacy@travelaudience.com

2. What are the purposes of this Product Privacy Policy?

This Product Privacy Policy describes which information is collected and used in the context of digital advertising in general and which information we and our partners may collect, receive and use in connection with our Travel Audience products and services. Therefore, this Product Privacy Policy does not apply to information we collect and use on our own website (accessible under the URL www.travelaudience.com). Please refer to our Website Privacy Policy which explains our practices in connection with personal information that we may collect through our website www.travelaudience.com. This Product Privacy Policy is intended to provide additional information on our products and services over and above the legal requirements.

3. What is digital advertising?

Digital advertising, also called internet advertising, is used by businesses to leverage internet technologies to deliver promotional advertisements to consumers. Digital advertising includes promotional advertisements and messages delivered through email, social media networks, online advertising on search engines or in mobile apps, banner ads on mobile sites or websites and affiliates programs.

4. How does digital advertising work and what information is being collected?

Our partners and we use cookies, mobile device advertising identifiers and other similar tracking solutions (we call it here User IDs) to help us collect and store information about the users of websites, social media networks and mobile apps. Such information is typically stored in the form of a user profile and connected to a User ID. On the basis of such User ID, we are not able to identify a certain natural person, but are only able to recognize a certain browser or device.

Cookies are an essential part of the internet environment and in digital advertising. Cookies are small files that can be stored on computers to contain or communicate certain information. Cookies can for instance allow a website to log users in automatically to an online service or provide users with personalized advertising. Cookies can be deleted at any time from users’ browsers via the browser settings, as described below.

Similarly, mobile device advertising identifiers can be used to recognize a user’s device and allow that user to login automatically to an online service as well as for other services and functionalities. Users can also reset the mobile device advertising identifier of their mobile device in the settings menu of their device, as also described below.

The technologies our partners and we use may collect the following information about online user activity, for example:

• Travel related information, such as search queries and booking information on our partner websites (for example origin, destination, number of passengers, hotel stars, duration, record locator, booking values, etc.) and other similar information relating to the use of websites and mobile applications of our partners;
• Device and browser information, such as information relating to a mobile device or a browser ( e.g. browser version, hardware model, operation system version and mobile network information);
• Location-based information, such as proximate location information which our partners or we may infer if we are legally allowed to do so from information such as from an IP address or GPS data or other online location-based information on which our partners and we sometimes rely on for the quality of our services;
• Browsing history, such as information regarding which websites or mobile apps users have visited or used.

5.  Use and sharing of the data collected as part of digital advertising, international data transfers and legal grounds for processing the data

The data collected via our and our partners’ products and services are used by us exclusively for the purpose of improving our services (i.e. to show users more relevant advertising) as part of our retargeting services. This means the information we and our partners collect and receive are used to display personalized advertising that we believe is of real interest to the users, to settle accounts with our partners for advertising campaigns using our services, to analyse and improve our services, and to analyse the effect of our partners’ advertising campaigns.

For such purposes and to the extent legally permitted, we might connect different collected data sources (from our partners or affiliates) to create user profiles in order to show the most relevant advertising to the user. Also with regard to such user profiles, we cannot identify a natural person on the basis of the information collected and used by us.

The legal basis for processing the data for the aforementioned purposes is

• the user has given its consent.
• travel audiences legitimate business interests ; where personal data is processed for legitimate interests, the privacy impact on the individual whose data is being processed will be considered.

We do not share the collected information with third parties, other than described in the following: If we are legally allowed to do so, we may share information with other companies of the Amadeus Group, which likewise use the data for the purposes as described above only. Only to the extent necessary for the aforementioned purposes, we might also share information with the following of our partners:

1. Social Advertising: We might use social advertising platforms to reach users on these platforms to deliver personalized ads. In these cases, the privacy terms of these social advertising platforms are relevant for the user regarding the use of the information by such platforms.
2. Supply Side Platforms (SSPs): We work with SSPs and might share cookie information with them. In this case we use a tracking script of these SSPs so they can set a cookie and provide us with bid requests for these relevant users.
3. DSPs: We also work with and might push information into third party Demand Side Platforms (DSPs) like Google DBM, Pocketmath or others.

It must also be noted that Travel Audience is a member of the Interactive Advertising Bureau, an international organization participating in the establishment of standards for the advertising industry (“IAB”). As such, Travel Audience abides by the IAB guidelines on conduct available at https://www.iab.com/guidelines/

Please also note that travel audience’s subcontractors and/or its partners may store data collected outside of the European Economic Area. However, in such cases, travel audience ensures that such transfers are done in compliance with privacy regulations, for instance through the signature of EU Model Clauses of Privacy Shield certification if applicable.

6. What rights do users have concerning the data collected as part of digital advertising?

Due to the fact that we cannot identify a natural person on the basis of the information collected and used by us, we are not able to answer requests from individual users which information we hold about them or to comply with a request to delete information relating to a certain individual. However, users have the automated capability to ensure that they do not receive display advertising personalized by us in the future. We explain how this works below.

7. How can a user ensure that he/she does not receive personalized display advertising from travel audience?

7.1 Cookie Settings in the Browser

First, in order to prevent browser-based personalized advertising, users can change the cookie settings in their browser so that cookies are no longer stored. They will thus prevent the cookies needed for retargeting from being placed on their computer. To that end, they must change the appropriate browser settings. The specific settings can differ depending on the browser used.

• Microsoft Internet Explorer, the relevant instructions can be found at https://support.microsoft.com/en-us/help/17442/windows-internet-explorer-delete-manage-cookies
• For Mozilla Firefox, you will find the relevant instructions at https://support.mozilla.org/en-US/kb/enable-and-disable-cookies-website-preferences
• For Google Chrome, you will find the relevant instructions at https://support.google.com/chrome/answer/95647?co=GENIE.Platform%3DDesktop&hl=en
• For Safari, you will find the relevant instructions at https://support.apple.com/kb/PH21411?locale=de_DE&viewlocale=en_US

For other browsers, or in case the displayed links do not lead to the desired result, then further information will usually be found by entering the name and manufacturer of the browser and the terms “cookies” and “settings” in an Internet search engine.

It must be noted that certain website services that require the processing of cookies (such as certain shopping carts on ecommerce sites) may no longer work if cookies are blocked.

7.2 Cookie Opt-Out

Users may furthermore inform us that they no longer want personalized advertising provided by us by activating the following button icon.

Please keep in mind that in this case we will set a cookie that contains information indicating that the user do not wish to receive advertising personalized by us through retargeting. When a user deactivates the acceptance of cookies (see above) in his/her browser or when he/she deletes the cookies, we will no longer be able to know that he/she does not want any retargeting. In this case, he/she will have to reactivate the aforementioned button icon, thereby ensuring that the relevant cookie is permanently stored. The same applies when a user uses a browser other than the one he/she are currently using.

7.3 Opt-Out on Mobile Devices

An opt-out of cookies as described above regarding browser-based personalized advertising may not prevent personalized advertising on a user’s mobile device. In order to opt out of personalized mobile advertising, users can reset the mobile device advertising identifier of their mobile device in the settings menu of their device. More information on how to do this can be found here: https://www.networkadvertising.org/mobile-choices.

It must be noted that we may still display advertising to such users following their opt-out, but that such advertisement will no longer be personalized or relevant to them.

8. Retention of personal data

We retain personal data for as long as necessary to fulfil the purposes it was collected for including for the purposes of satisfying any legal, accounting or reporting requirements.

We delete or anonymize personal data collected via our cookies after 13 months. Our cookies reset automatically if the expiration time of 13 month after the last touch point is reached or the user manually deletes the cookie.9. Changes to our products and services

We may change our products and services or use new technologies. We will then publish an updated version of this Product Privacy Policy on our website as well as on other appropriate websites. We therefore recommend that you occasionally view the most recent version of the Product Privacy Policy on our website if you would like to know what information we record and how we use them.

9. Right to lodge a complaint at a supervisory authority

Irrespective of any other legal remedy under administrative law or in court you are entitled to the right to lodge a complaint at a supervisory authority, in particular in the member state of your habitual residence, your place of work or the place of the alleged infringement if you consider are of the opinion that the processing of the personal data relating to you breaches the GDPR.

The supervisory authority, at which the complaint was lodged, will inform the complainant about the status and the results of the complaint including the possibility of a legal remedy in court according to Art. 78 GDPR.

10. Contact us

If you have any questions on how we collect and use information with our products and services or want to learn more about our technology, please send us an email to privacy@travelaudience.com