Trust and Compliance
FCM Travel Solutions has always taken the privacy and confidentiality of your employees’ personal data seriously. We comply with our obligations under all applicable privacy and data protection laws, in all the jurisdictions where we operate.
Our legal, risk, security and privacy teams constantly review our operations to ensure we are appropriately managing risks and securely storing and processing the personal data of our clients as we provide them an unmatched global corporate travel management service. From this page you can access information and download relevant documents from FCM’s trust and compliance programme.
In the leadup to the General Data Protection Regulation (GDPR) coming into effect on the 25th of May 2018, Flight Centre Travel Group (FCTG) adopted the position that we were a data processor for the processing operations undertaken by our corporate travel business, FCM Travel Solutions (FCM). This decision was based on the information and advice available to FCTG at the time, and we were confident with this initial conclusion.
The defined terms used in this Data Privacy Addendum shall be read as having the meanings set forth in the Agreement. If a term is defined both in this Data Privacy Addendum and elsewhere in the Agreement then, for purposes of this Data Privacy Addendum, the definition in this Data Privacy Addendum shall prevail. In this Data Privacy Addendum, references to any Applicable Privacy Laws and to terms defined therein shall be replaced with or incorporate (as the case may be) references to any Applicable Privacy Laws replacing, amending, extending, re-enacting, or consolidating such Applicable Privacy Laws and the equivalent terms defined in such Applicable Privacy Laws once in force and applicable.
FCM has embraced the General Data Protection Regulation (“GDPR”) as a baseline standard for its operations globally. Similar to existing legal requirements, compliance with the GDPR requires a partnership between FCM and our corporate customers in their use of our services. As a data controller, FCM applies its Data Processing Addendum (“DPA”) when providing travel services, enabling clients to transfer data to FCM with confidence. FCM’s DPA describes the roles and responsibilities of FCM and our clients, the scope of data processing, cooperation and assistance requirements, data security,
transfer mechanisms and the technical and organizational measures used in the delivery of our services.
This statement is presented based on ISO/IEC 27001 which is the leading international standard for information security management systems (ISMS). Worldwide, organisations implement and maintain an Information Security Management System (ISMS) to protect data that is crucial to their businesses, mitigate risk and ensure stable operations, and to provide confidence to stakeholders and customers. The standard is grouped based on Control Sets, which are the topics contained within it.
Compliance with data protection laws requires close cooperation between FCM and each of our partners. As a global brand, FCM has implemented an integrated global programme to ensure a robust and consistent approach to information protection across our network.
Flight Centre Travel Group is one of the world’s largest travel agency groups. We need to collect, use and disclose personal information in order to perform our business functions and activities, including making and managing travel bookings on behalf of our customers. We are firmly committed to protecting the privacy and confidentiality of personal information and to maintaining various physical, electronic and procedural safeguards to protect personal information in our care.
The broad scope of the GDPR means that it will also impact businesses outside of Europe. As part of the global Flight Centre Travel Group, we have appointed global and regional data protection officers to provide an integrated approach to data security.
@ All Rights Reserved By Sttravel