Using our website is generally possible without providing any personal data. If personal data (e.g. name, address or email address) is collected on our website pages, this is always done, as far as possible, on a voluntary basis. This data will not be passed on to third parties without your express consent. Your personal data will only be processed by us in accordance with the provisions of the European General Data Protection Regulation (GDPR) and the Swiss Federal Act on Data Protection (FADP).
For Internet Explorer™: https://support.microsoft.com/en-us/help/17442/windows-internetexplorer-delete-manage-cookies
For Safari™: https://support.apple.com/en-us/HT201265
3.1 Data collected by us
3.2 Purpose of the data collected
trifact uses the data collected to ensure, maintain, preserve and improve the overall quality of its services. Data collection is also intended to protect our company and its users. We do not collect more data than necessary to fulfil the following purposes:
a) Bookings: Contact profiles are stored in a database as a reference document that must be retrieved for each booking. In order to make bookings, we may need to transfer personal data to various third party providers (e.g. transfer companies, hotels, airlines, travel agents, car rental companies, online booking tool providers, etc.) in your home country or in another country to which you are travelling.
b) Consolidation of travel data and compliance with travel policies: At the request of a client, trifact or a third party can produce information reports summarising and analysing spend per destination, per travel supplier, etc. These reports can then be sent to the client. In addition, at a client’s request, we may submit reports on your compliance with that client’s travel policy, event policy or budget compliance policy and identify exceptions to compliance.
c) New services/products: With the aim of improving services and based on the data provided to trifact, trifact may send you additional information regarding your current or future event(s).
d) Promotion and marketing: trifact may use your data to personalise your experience on the trifact website and to send you marketing communications that we think may be of interest to you, e.g. services, case studies, white papers, blog updates, etc. trifact may use your data for promotional and marketing purposes for current or potential trifact clients. We may use the data to analyse trends and thus offer further services to our clients.
e) Technical data: trifact or third parties commissioned by trifact evaluate this data exclusively for statistical purposes and only in anonymised form in order to optimise the trifact website and increase user-friendliness, efficiency and security.
f) Other purposes: trifact may use your data if trifact deems this necessary or appropriate:
(a) in accordance with applicable law, including laws outside of your country of residence;
(b) to comply with legal procedures;
(c) to respond to requests/inquiries from public and governmental authorities (including public and governmental authorities outside of your country of residence);
(d) to enforce the General Terms and Conditions of trifact;
(e) to protect the activity of trifact;
(f) to protect the rights, privacy, safety or property of trifact, of you or of others; and
(g) to enable trifact to pursue legal remedies or limit any damage that trifact may suffer;
(h) so that you can apply for a trifact job vacancy.
3.3 Processing personal data
Personal data collected by trifact and its partners is processed lawfully and in good faith in accordance with Art. 5 GDPR. In each case, the data is collected for a clear, specified and legitimate purpose and processed only for that purpose. The data collected for this purpose is kept to a minimum (data minimisation). Data collected by us is always factually correct and up to date. All reasonable steps shall be taken to ensure that personal data that is inaccurate in relation to the purposes of its processing is erased or rectified without delay. The data shall be kept in a form that permits identification of data subjects for no longer than is necessary for the purposes for which the data is processed. The maximum storage period is five years, unless a longer period is required by law or by the client. All data shall be processed, through appropriate technical and organisational measures, in a manner that ensures appropriate security of personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage. If you would like your data to be deleted, you can contact us at email@example.com at any time.
3.4 Personal data protection
trifact takes appropriate measures to:
(i) protect personal data from unauthorised access, disclosure, alteration or destruction; and
(ii) keep personal data accurate and up to date.
In addition, we strive to require our affiliated companies and service providers to whom we disclose personal information to take reasonable care to maintain the confidentiality of your personal information. Unfortunately, however, no security system or system for transmitting data over the internet can be guaranteed to be absolutely secure.
3.5 Personal data that we share
In order to provide you with the level of hospitality you expect and to offer you the best possible service, we may share your personal information with our service providers and other third parties. These include hotels, airlines, transport companies, third-party providers for booking processes and applications, print shops. This list is not exhaustive. We only work with processors that provide sufficient guarantees that appropriate technical and organisational measures will be implemented in such a way that the processing will be in compliance with the requirements of this regulation and will ensure the protection of the rights of the data subject. trifact may also transfer your data to third parties in the event of a reorganisation, merger, sale, joint venture, transfer or other disposition of all or part of trifact’s activities, assets or shares (including in connection with a bankruptcy or similar proceedings). Prior to a transfer, third parties (with the exception of travel providers and authorised transfers within the EU) must sign a data transfer agreement with trifact in which they are obliged to comply with the applicable data protection laws.
3.6 Transfer of personal data internationally
If the data is collected for the purpose of an event taking place abroad, the data will be passed on to suppliers in that country. This is done in order to book hotels, flights and transfers, as well as to fulfil participants’ wishes as well as possible. Although there may be differences between your country and other countries in terms of the scope of their respective data protection laws, trifact takes the best possible measures to ensure that your personal data is handled in accordance with this statement. Requests to change or delete data will be forwarded to all providers without delay. Please be aware that personal information you provide to trifact may be transferred to countries that have different privacy policies. Personal data may be sent to the USA, for example, where it is possible that the data will be viewed by government authorities.
3.7 Particularly sensitive categories of data
The term ‘confidential information’ refers to information about your racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, health, sex life or sexual orientation, genetic information, criminal background and biometric data used for unique identification. Unless you disclose this information yourself, we generally do not collect sensitive information. We use information about your health that you provide to us in order to provide you with a better service and to be able to respond to your requirements (e.g. consideration of allergies). By completing the relevant questions, you give your explicit consent to the processing of special category data mentioned above in accordance with Art. 9(1) GDPR. In accordance with Art. 7(3) GDPR, you have the right to revoke your consent to the collection of this data at any time. To do this, simply send an email to firstname.lastname@example.org with the request to revoke consent. The revocation of the consent shall not affect the lawfulness of the processing carried out on the basis of the consent until the revocation.
3.8 Amendment and deletion of personal data
You can assert your statutory rights to information and rectification at any time. In addition, you have the right to file a complaint with a supervisory authority. To the extent required by law, you may request that we provide information about your personal data and correct it if necessary. You have the right to request that relevant personal data be deleted at any time, unless trifact needs to retain such data for legitimate business or legal purposes. In addition, it must be ensured, as far as possible, that third parties also delete the data of the data subject. If you would like your data to be deleted, you can contact us at email@example.com at any time.
You must ensure that the data provided is:
As we will mainly be in contact with you by email, you must notify us immediately of any change in your email address. trifact is committed to protecting children’s data privacy. We do not collect any data relating to children under the age of 14. In addition, our website, and any information on it, is not addressed to children. It is the responsibility of parents to monitor the internet behaviour of minors.