Datalex is dedicated to the security and privacy of information provided to us. We take our obligations to protect the security and privacy of all information provided to us by our customers very seriously. Datalex is a data processor, which means that we do not consider the information transmitted to us from our customers or through their web-sites to be the property of Datalex. We treat it as customer confidential information and do not use it for any purpose not requested by our customer.
During the course of our business, Datalex receives, processes, stores and transmits information provided by end users to our customers. Datalex generally receives information as a step in an end-users process of purchasing our customer products or services. These are usually travel-related products such as airline tickets and hotel and car reservations. Typical information received includes traveller name, address, telephone number, age, credit card number, itinerary, personal travel preferences (e.g. meal or seating preference) and frequent flyer information.
This information is processed and formatted by Datalex and passed on to the internal or third-party reservation and ticketing systems, such as airline, car and hotel reservation systems, payment processors, and other service providers designated by our customer for further processing and fulfillment. Datalex follows our customer instructions regarding the processing, transmission and storage of this information and will not transmit any information to a third party unless explicitly instructed to do so by our customer.
Datalex is highly sensitive to the security of information provided to us. We employ physical security to prevent unauthorised access to the hardware on which data is store and processed. We maintain physical security, logical security and authentication to maintain data confidentiality within our networks and facilities. The specifications for our security are maintained in the Datalex Security Posture handbook. These are updated regularly as new threats are identified and new security measures are developed.
In general, information received by Datalex is received from you, through our customer, processed and re-transmitted within minutes. Datalex does maintain traveller profile information for some customers for a longer period of time. This data is usually accessible to you at the time of booking to ensure it is correct, or at other times to change, correct or update through our customer’s web-site.
Datalex has applied to participate in the EU-U.S. Privacy Shield regarding our collection, use and retention of personal information from European Union member countries. We are committed to subjecting all personal data received from the EU to the Privacy Shield Framework Principles. To learn more about the EU-U.S. Privacy Shield and obtain a list of participating companies please visit: https://www.privacyshield.gov/list
EU residents have a right to access data held by may access personal information held by Datalex by contacting the airline or other travel service provider who collected the information. Datalex designates the EU DPA panel as the body to address complaints regarding Datalex processing of personal information and to provide redress. In the United States Datalex is subject to the Department of Commerce. Individual complainants may invoke binding arbitration regarding any privacy dispute. Datalex will cooperate with public authorities when lawfully required to disclose personal information. Datalex will be liable for the improper transfer of personal information to third parties not including recipients designated by the data controller.
Please feel free to contact our headquarters in Dublin, Ireland regarding any inquiries or complaints regarding collected data or this policy. firstname.lastname@example.org