Privacy Statement

Last Updated: February 5, 2021

Travelocity, part of the Expedia Group, (“we” or “us”) values you as our customer and recognizes that privacy is important to you. This Privacy Statement explains how we collect, use, and disclose data when you use our platform and associated services, and tells you how to contact us.

Privacy Statement Summary

This is a summary of our Privacy Statement. To review our Privacy Statement in full, please click here, or scroll down.

  1. What does this Privacy Statement cover?

This Privacy Statement is designed to describe:

  1. What personal information do we collect and use, and how do we collect it?

We collect personal information when:

When you create an account on one of our sites, sign up to receive offers or information, or make a booking using our platform, you give us your personal information. We also collect such information through automated technology such as cookies placed on your browser, with your consent where applicable, when you visit our sites or download and use our Apps. We also receive information from affiliated companies within Expedia Group, as well as business partners and other third-parties, which help us improve our platform and associated tools and services, update and maintain accurate records, potentially detect and investigate fraud, and more effectively market our services. 

  1. How is your personal information shared?

Your personal information may be shared to help you book your travel and/or vacation, assist with your travel and/or vacation stay, communicate with you (including when we send information on products and services or enable you to communicate with travel providers and/or property owners), and comply with the law. The full Privacy Statement details how personal information is shared.

  1. What are your rights and choices?

You can exercise your data protection rights in various ways. For example, you can opt out of marketing by clicking the “unsubscribe” link in the emails, in your account as applicable, or contacting our customer service. Our Privacy Statement has more information about the options and data protection rights available to you.

  1. How to contact us

More information about our privacy practices is in our full Privacy Statement. You can also contact us as described below in the “Contact Us” section to ask questions about how we handle your personal information or make requests about your personal information.

*****************************

Privacy Statement

Categories of Personal Information We Collect

When you use our platform, Apps, or associated tools or services, we may collect the following kinds of personal information from you as needed:

When you install any of our apps or use our platform, we automatically collect the following types of information from your device:

Our Cookie Statement further explains how we use cookies and similar tracking technology.

Mobile Applications

When you download and use any of our mobile apps, we collect certain technical information from your device to enable the app to work properly and as otherwise described in this Privacy Statement. That technical information includes:

Permissions for Location-Based Services:

Depending on your device’s settings and permissions and your choice to participate in certain programs, we may collect the location of your device by using GPS signals, cell phone towers, Wi-Fi signals, Bluetooth or other technologies. We will collect this information, if you opt in through the app or other program (either during your initial login or later) to enable certain location-based services available within the app (for example, locating available lodging closest to you). To disable location capabilities of the app, you can log off or change your mobile device’s settings.

Use of Personal Information

We use your personal information for various purposes described below, which depend on the site you visit or the app you use. 

Your Use of Online Sites, Apps, and Services:

Communications and Marketing:

Other Business Purposes and Compliance

Operate our business using lawful business purposes and as permitted by law

Sharing of Personal Information

We share your personal information as described below and in this Privacy Statement, and as permitted by applicable law.

Your Rights and Choices

International Data Transfer

The personal information we process may be transmitted or transferred to countries other than the country in which you reside. Those countries may have data protection laws that are different from the laws of your country.

The servers for our platform are located in the United States, and the Expedia Group companies and third-party service providers operate in many countries around the world. When we collect your personal information, we may process it in any of those countries.

We have taken appropriate steps and put safeguards in place to help ensure that your personal information remains protected in accordance with this Privacy Statement. For example, any data transfers between our group companies are governed by our intragroup agreements which incorporate strict data transfer terms (including the European Commission's Standard Contractual Clauses, for transfers from the EEA) and require all group companies to protect the personal information they process in accordance with applicable data protection law. In addition, certain Expedia Group U.S. affiliates have certified with the EU-U.S. and Swiss-U.S. Privacy Shield, as explained below in the "Privacy Shield" section.

We also require that third-party service providers to whom a data transfer is made has appropriate safeguards in place to protect your personal information, in compliance with applicable data protection law. The particular measures used will depend on the service provider, and our agreements with them may include European Commission approved Standard Contractual Clauses, the service provider's certification under the EU-U.S. and/or Swiss-U.S. Privacy Shield certification, or reliance on the service provider's Binding Corporate Rules, as defined by the European Commission.

Privacy Shield

Certain Expedia Group U.S. affiliates have certified to the EU-U.S. and Swiss-U.S. Privacy Shield frameworks and that we adhere to the Privacy Shield Principles of Notice, Choice, Accountability for Onward Transfers, Security, Data Integrity and Purpose Limitation, Access, and Recourse, Enforcement, and Liability for personal information from the EU, Switzerland, and the United Kingdom. Our certifications can be found here. For more information about the Privacy Shield principles, please visit: www.privacyshield.gov. For more on our adherence to the Privacy Shield Frameworks, please see information posted here.

Security

We want you to feel confident about using our platform and all associated tools and services, and we are committed to taking appropriate steps to protect the information we collect. While no company can guarantee absolute security, we do take reasonable steps to implement appropriate physical, technical, and organizational measures to protect the personal information that we collect and process.  

Record Retention

We will retain your personal information in accordance with all applicable laws, for as long as it may be relevant to fulfill the purposes set forth in this Privacy Statement, unless a longer retention period is required or permitted by law. We will deidentify, aggregate, or otherwise anonymize your personal information if we intend to use it for analytical purposes or trend analysis over longer periods of time.

The criteria we use to determine our retention periods include: