Other Covered Entities

Yapta, Inc.

Industries

  • Travel and Tourism
  • Travel Providers
  • Corporate Travel Services

Participation

EU-U.S. Privacy Shield Framework: Active

Original Certification Date: 8/23/2018
Next Certification Due Date: 10/29/2019
Data Collected: HR, NON-HR

Swiss-U.S. Privacy Shield Framework: Active

Original Certification Date: 8/23/2018
Next Certification Due Date: 10/29/2019
Data Collected: NON-HR

Purpose of Data Collection

Certain Yapta Services require users to upload or otherwise submit travel related information, including information about individual travel itineraries, passenger name records (“PNRs“), ticketing information, booked fares, service fees, and related travel data. Anything in the PNR including Full Name, Addresses, Email Address, Phone Numbers, Mobile Geographic Location Information, Air, rail and hotel preferences, Special Service Requests, Loyalty Numbers, Travel documents, passport numbers, and Meal Preferences. Our Privacy Shield Policy applies to Personal Data transferred from European Union member countries and Switzerland to Yapta’s operations in the U.S. in reliance on the respective Privacy Shield framework and does not apply to Personal Data transferred under Standard Contractual Clauses or any approved derogation from the EU Directive. Some types of Personal Data may be subject to other privacy-related requirements and policies. For example: Yapta websites have their own privacy policies. Personal Data regarding and/or received from a customer is also subject to any specific agreement with, or notice to, the customer, as well as additional applicable laws. Employee Personal Information is subject to internal human resource policies found in the Employee Handbook.

Privacy Policy

HR and Non-HR Data

Description:

Yapta, Inc. (Yapta) complies with the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of Personal Data (as defined below) from European Union member countries and Switzerland. Yapta has certified that it adheres to the Privacy Shield Principles of Notice; Choice; Accountability for Onward Transfer; Security; Data Integrity and Purpose Limitation; Access; and Recourse, Enforcement, and Liability. If there is any conflict between the policies in this Privacy Shield Policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern.

Effective Date: 8/20/2018

Verification Method

Self-Assessment

Dispute Resolution

Questions or Complaints?

If you have a question or complaint regarding the covered data, please contact Yapta, Inc. at:

Doug Ljung
Director Information Security
Yapta, Inc.
Corporate
401 2nd Ave S, Suite 101
Seattle, Washington 98104

Privacy Shield organizations must respond within 45 days of receiving a complaint.

If you have not received a timely or satisfactory response from Yapta, Inc. to your question or complaint, please contact the independent recourse mechanism listed below




Appropriate statutory body with jurisdiction to investigate any claims against Yapta, Inc. regarding possible unfair or deceptive practices and violations of laws or regulations covering privacy Federal Trade Commission