Effective date: August 13, 2018
Troovo Technologies Pty Ltd (“us”, “we”, or “our”) is a technology company that provides back-office processing for the fulfilment of travel bookings, reservations, and payments processing within the travel industry. We provide technology services to the travel operators, travel agencies and aggregators that provide travel business services for corporate business travel. Our service provider business model is to provide a B2B service that enables back office payments to be easy, accurate, fully automated, and virtually free. We operate the https://www.troovo.com website (the “Service”) which provides business information to corporate organisations about the products and services we provide.
Our Approach to Privacy
Our Privacy Program and Information Risk Policies apply to:
- All staff, contractors and suppliers working on behalf of Troovo
- Data collected for internal use by Troovo (“Company Data”)
- Data collected and saved in customers’ systems hosted and managed by Troovo (“Personal Data or Customer Data”)
It applies to all Company, Personal Data and Customer Data (“Data”) that Troovo holds, or processes, including personal information as defined under the Privacy Act of 1988 (Cth) that is covered by the Privacy Act.
Collection and Use of Personal Information
Our corporate clients collect personal information from their travellers so that they can coordinate travel bookings and payments processing to fulfil their corporate travel needs. Traveller data is collected by our client, and/or our client’s travel management company within our client’s designated information technology platform. The traveller’s personal data may be entered via feeds from the corporate clients; and/or by the traveller, or authorised travel manager and routed to various third-party travel providers required to fulfil corporate travel requests and business process workflows.
Purposes of Collection and Processing
We use the information provided by our clients solely to process business travel requests and payments on their behalf. Our corporate clients enrol in the Troovo technology platform to streamline their operations for handling travel bookings, changes to travel arrangements, and payments. We provide Intelligent Robotic Process Automation solutions that enable complex industries (e.g. travel, payments, and procurement) to fully automate their workflows and processes. These workflows and processes include, but are not limited to:
- Creating and updating travel, transportation and hospitality bookings
- Enabling robotic ticketing across multiple travel operators
- Enabling payments processing, including virtual payments (e.g. virtual card, peer-to peer, direct settlement, or blockchain-based payment capabilities)
- Providing client reporting, benchmarking of pricing data, and validation of travel agency or client-specific rules
Without the collection and processing of this personal data by us, our clients would not able to fulfil their travel and payments processing requirements.
Types of Data Collected and Processed
We collect and process data to provide services to our clients; to respond to sales and marketing requests for information; and to manage our web site and applications.
Personal Data: Our technology platform processes the requested traveller information (name, address, phone, itinerary, email address, company name, gender, date of birth, form of payment and credit card Information, flight/hotel/transportation, passport and visa details, and travel preferences, to fulfil and complete the booking on the clients’ behalf. Our platform enables the processing and the corresponding reconciliation of travel details, payments, invoicing, credits, discounts and schedule changes. Specific travel preferences (e.g. seat, meal choice, smoking, or special services) are offered as a convenience to the traveller and are indicated or selected directly by the traveller.
Direct Marketing Contact Data: We provide a “Contact Us” web form for employees of potential business partners to inquire about our products and services. Within this form, we may ask the employee to provide us with certain personal information that can be used for direct marketing communications, so that we can contact them to respond to their request. This personal information may include: company name, first name and last name, phone number and/or email address. The web form also provides an authentication step to confirm the request is coming from an individual and not machine input to prevent spam or automated extraction of data from the website.
Web site inquiries are routed to our direct sales team for prompt follow up and to provide the requested information. This information may be used to contact you with additional product and service information such as newsletters, marketing or promotional materials and other information that may be of interest to you. You may opt out of receiving any, or all, of these communications from us by contacting us or by instructions provided in any email we send.
Web Site Data: We may also collect information how this website is accessed and used (“Usage Data”). This Usage Data may include information such as the computer’s Internet Protocol address (e.g. IP address), browser type, browser version, the pages of the site that were visited, time/date of visits, time spent on those pages, unique device identifiers and other diagnostic data. We retain Usage Data for internal analysis purposes. Usage Data is generally retained for a minimal period, except when this data is used to strengthen the security of the web site.
We use session cookies, activity cookies and similar tracking technologies to track the activity on our Service and hold certain information that enable us to market our products and services more efficiently to prospective business organisations. Cookies are files with small amount of data which may include an anonymous unique identifier. Cookies are sent to the browser from a website and stored on the device. Browser settings can be set to refuse all cookies, or prompt notice when a cookie is being sent. However, if the devices do not accept cookies, you may not be able to access some portions of the web site.
Disclosure of Personal Information
We may be required to disclose personal information to various third-party travel providers (e.g. travel operators, hoteliers, aggregators), to our service providers, to enable access to our web site, or to comply with a legal obligation.
In order make travel arrangements, and in line with travel industry practices, we may need to share personal information to the various third-party travel providers (e.g. travel operators, travel management companies, travel agencies, computer reservation systems, hoteliers, payment card companies, aggregators etc.) required to fulfil our client’s corporate travel and payments requirements.
We may employ third party companies and individuals to facilitate our Service (“Service Providers”), to provide the Service on our behalf, to perform Service-related services or to assist us in analysing how our Service is used. These third parties have access to this information only to perform these tasks on our behalf and are obligated not to disclose or use it for any other purpose.
We may use third-party Service Providers, such as Google Analytics to monitor and analyse the use of our web site. Google Analytics is a web analytics service offered by Google that tracks and reports website traffic. Google uses the data collected to track and monitor the use of our web site. This aggregate data is shared with other Google services. Google may use the collected data to contextualise and personalise the ads of its own advertising network.
Disclosure for Law Enforcement
Under certain circumstances, Troovo Technologies Pty Ltd may be required to disclose your Personal Data if required to do so by law or in response to valid requests by public authorities (e.g. a court or a government agency). Troovo Technologies Pty Ltd may disclose your Personal Data in the good faith belief that such action is necessary to:
- To comply with a legal obligation
- To protect and defend the rights or property of Troovo Technologies Pty Ltd
- To prevent or investigate possible wrongdoing in connection with the Service
- To protect the personal safety of users of the Service or the public
- To protect against legal liability
Data Protection Safeguards
We maintain appropriate administrative, organisational, technical or physical security safeguards to ensure confidentiality, integrity, availability of our systems that process personal information used within the Service. We implement controls to prevent loss, misuse, or unauthorised access, disclosure, and alteration to personal information. To support secure payments processing, we focus our data protection policies and procedures to maintain secure networks and systems; protect cardholder data; implement access controls; and routinely monitor and test our system for vulnerabilities.
Our approach is to replace manual travel and payment transaction processes with robotic ones. This approach minimises the access to traveller or personal data. Our robotic data processor pulls booking/ordering data from one source, analyses and formats it, then sends it to its destination in an automated method, eliminating manual processes.
For users of this website’s web forms, the security of your data is important to us, but remember that no method of transmission over the Internet, or method of electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your Personal Data, we cannot guarantee its absolute security.
Retention of Data
We retain personal data as needed to meet our client agreements and to provide our services, respond to inquiries from our clients, to comply with legal/financial obligations, meet regulatory requirements, to resolve disputes or address potential claims or litigations. We also retain Usage Data for internal analysis purposes. Usage Data is generally retained for a shorter timeframe, except when this data is used to strengthen the security or to improve the functionality of our Service, or we are legally obligated to retain this data for longer time periods. Personal information that is no longer retained is anonymised, disposed of, or destroyed in a manner that prevents loss, theft, misuse, or unauthorised access.
Transfer of Data
Our clients, and their travellers, may be in multiple geographies based on the markets they service. If specific clients are located outside Australia and they choose to provide personal information to us, they consent that the services will be accessed from, processed in, and hosted within Australia.
Links to Other Sites
Our products and services are directed at corporate business entities. Our Service does not address the selling of our services to anyone under the age of 18 (“Children”) for. We do not knowingly collect personally identifiable information from anyone under the age of 18.
Access, Corrections and Concerns
As a service provider, we process the traveller or personal information solely on behalf of our clients. We take reasonable steps to ensure that personal data we receive, process, or maintain is accurate, complete, and reliable for its intended use. We rely on the accuracy of the data provided directly to us. We maintain mechanisms that enable our clients to provide to us changes, corrections, deletions, or updates to the traveller or personal information we retain. We will provide access to personal information upon request by an individual only with appropriate verification, and upon direction by our client, based on the processing terms outlined in our client agreements.
For business employees that have submitted their information to us, within the “Contact Us” portion of the web site to request information about our products or services, requests to access, amend, delete or limit the use of this information can be submitted to the privacy mailbox listed below.