Global Privacy Statement

Effective Date: May 25, 2018

Deem is committed to protecting the privacy of individuals who visit the Company’s Web sites (“Visitors”), and protecting the data of customers that obtain our products and services (“Customers”).  This Privacy Statement describes Deem’s privacy practices in relation to the use of the Company’s Web sites and the related applications, services, and programs offered by Deem (collectively, the “Services”), as well as individuals’ choices regarding use, access and correction of personal information.

Our privacy practices may vary among the countries in which we operate to reflect local practices and legal requirements.

If you have questions regarding Deem’s Privacy Statement or associated practices, please contact us at privacy@deem.com


Our privacy practices may vary among the countries in which we operate to reflect local practices and legal requirements.

Information We Collect

We collect and process personal data with your consent or as required to meet our legitimate obligations such as providing services to our customers, meet our contractual and legal requirements, ensure compliance, and protect the security of our systems and customers.

We may obtain personal information from various sources, such as:

● Deem websites and mobile applications

● Businesses that obtain our products and services for use by their customers or employees (such as employers that use our travel-related services)

● Social media through which you may access our sites or communicate with us

● Surveys, contests, sweepstakes, marketing events, and other promotions

● Sales inquiries and related correspondence 

● Requests for marketing information

● Our parent, affiliate or subsidiary companies, service providers, business partners and other third parties

The types of personal information we may obtain include:

● Contact information such as name, address, phone, and email address

● Billing information which includes credit card details, customer employee ID, or other details required for purchase

● Travel preferences including preferred meals & seats and emergency contacts

● Trip itinerary which includes confirmation number, travel destinations, date of birth and other required fields for booking transportation & accommodations, and other related information

● Expense reporting such as receipt images and information required for approval purposes

● Travel documents including visa details and passport number

● Loyalty information which includes frequent flyer numbers

● Information from our customer’s financial or human resources systems

● Information from partners and suppliers including airlines, Global Distribution Systems (GDS), and travel management companies that serve our customers. 

● Website activity, including but not limited to page views, whitepaper downloads and video views

In addition, when you visit Deem websites or use our mobile applications, we may collect certain information by automated means, such as cookies and web beacons. A "cookie" is a text file that websites send to a visitor's computer or other Internet-connected device to uniquely identify the visitor's browser or to store information or settings in the browser. A "web beacon," also known as an Internet tag, pixel tag or clear GIF, is used to transmit information back to a web server. We also may use third-party website analytics tools (such as Google Analytics ) that collect information about visitor traffic on our sites. The information we may collect by automated means includes:

● Information about the devices our visitors use to access the Internet (such as the IP address and the type of the device, its operating system type and web browser)

● URLs that refer visitors to our sites, including whether you visited the website directly or were referred from another website or link

● Dates, times and duration of visits to our sites (including whether you are a repeat or first-time visitor)

● Information on actions taken on our sites (such as page views and site navigation patterns, the pages, links, banners, icons and other parts of the website on which you click or which you access during your visit)

● Search terms that visitors use to reach Deem websites

● Location information, such as the real-time geographic location of the device on which you install our mobile applications based on your consent


How We Use Information

Deem may use the Personal Data within the scope of Deem Services for the following: 

● Provide products or services you request, such as travel booking and expense reporting

● Travel confirmations and other service related communication

● Provide customer support, security alerts, and service notifications

● Understand your needs and interests and tailor our products and services to suit your personal interests and the manner in which visitors use our sites, products and services

● Protect against and prevent fraud, unauthorized transactions, claims and other liabilities, and manage risk exposure, including by identifying potential hackers and other unauthorized users

● Provide Deem business customers (such as employers or financial institutions) with the information regarding transactions completed by their employees or customers on the Deem platform

● Communicate with you about our products, services, offers, events and promotions, and offer you products and services we believe may be of interest to you

● Enable you to communicate with us through our blogs, social networks and other interactive media

● Manage your participation in our events, sweepstakes and other promotions

● Analyze and enhance our marketing communications and strategies (including by identifying when emails sent to you have been received and read)

● Analyze trends and statistics regarding visitors' use of our sites, mobile applications and social media assets, and the transactions visitors conduct on our sites

● Comply with applicable legal requirements and industry standards and our policies

We also may use the information we obtain about you in other ways for which we provide specific notice at the time of collection.


Information We Share

Service Provider 

Deem may share data about Deem’s Visitors and Customers with our service providers, business partners, and authorized third-parties in order to provide and support Deem’s Services.  These service providers are authorized to use your personal information only as necessary to provide the requested services to us.  Deem may also share data with providers whose products and services you may obtain on our sites, such as airlines, hotels, travel agencies, car rental agencies, car and taxi services and other merchants.

Deem may also share Data about Deem Visitors and Customers with the Company’s service providers to ensure the quality of information provided, and with third–party social networking and media Web sites, such as Facebook and LinkedIn, for marketing and advertising on those Web sites. 

Unless described in this Privacy Statement, Deem does not share, sell, rent, or trade any information with third parties for their promotional purposes.

Section “Cookies and Web Beacons” of this Privacy Statement specifically addresses the information we or third parties collect through cookies and web beacons, and how you can control cookies through your Web browsers.  We may also disclose your personal information to any third party with your prior consent.

 

Compelled Disclosure

Deem reserves the right to use or disclose information provided if required by law or if the Company reasonably believes that use or disclosure is necessary to protect the Company’s rights and/or to comply with a judicial proceeding, court order, or legal process.


Use of Deem Products and Services

Many of the Deem products and services are designed to facilitate and enhance consumers' ability to interact with and obtain products and services from third parties. This business model requires Deem to share information about you with various providers (such as airlines, hotels, restaurants, car services and reservation aggregators) and other third parties. These third parties are not our service providers or agents; they may process the personal information we provide to them in accordance with their own privacy practices and privacy notices. You may choose not to provide your personal information to Deem or such third parties by refraining from using our products or services. If you are using Deem products or services that a Deem business customer (such as your employer) obtained on your behalf, you must contact the relevant business customer to deactivate your account.


Marketing Emails

Deem sends you marketing, promotion and sales emails only with your prior consent. You may choose not to receive marketing email communications from us by clicking on the unsubscribe link in the marketing emails or by visiting here.


Web Analytics

To opt-out of the aggregation and analysis of data collected about you on our sites by Google Analytics, please click here


Cookies and Web Beacons

Deem uses commonly-used information-gathering tools, such as cookies and Web beacons, to collect information as you navigate the Company’s Web sites (“Web Site Navigational Information”). As described more fully below, we use these cookies or similar technologies to analyze trends, administer Web sites and Services, track users’ movements around our Web sites and Services, serve targeted advertisements and gather demographic information about our user base as a whole. This section describes the types of Web Site Navigational Information used on the Company’s Web sites and Services, and how this information may be used.

Cookies

Deem uses cookies to make interactions with the Company’s Web sites easy and meaningful. When you visit one of the Company’s Web sites, Deem’s servers send a cookie to your computer or device. Standing alone, cookies do not personally identify you; they merely recognize your Web browser. Unless you choose to identify yourself to Deem, either by responding to a promotional offer, opening an account, or filling out a Web form or have previously identified yourself to Deem, you remain anonymous to the Company.

Deem uses cookies that are session-based and persistent-based. Session cookies exist only during one session. They disappear from your computer or device when you close your browser software or turn off your computer. Persistent cookies remain on your computer or device after you close your browser or turn off your computer. You can control the use of cookies at the individual browser level, but if you choose to disable cookies, it may limit your use of certain features or functions on our Web sites or Services. 

Required Cookies

  • Description: These cookies are required for the operation of our Services (for example, to enable you to log into secure areas of our website). These cookies enable you to move around the sites and use their features. Disabling these cookies will encumber the sites’ performance and may make the features and service unavailable.
  • Manage Settings: Because required cookies are essential to operate the Company’s Web sites and the Services, there is no option to opt out of these cookies.

Functionality Cookies

  • Description: These cookies are used to recognize you when you return to our sites. This enables us to personalize our content for you and remember your preferences (for example, your choice of language or region). Deem may track and analyze usage and volume statistical information from Visitors, and Customers to provide enhanced interactions and more relevant communications, and to track the performance of the Company's advertisements.
  • Manage Settings: To learn more about how to control cookies using your browser settings click here.

Targeting or Advertising cookies

Note: These cookies may be used for Marketing activities only and not for processing data related to other Services provided to our customers

  • Description: These cookies record your online activities, including your visits to our sites, the pages you have visited, and the links and advertisements you have clicked. One purpose of this is to help make the content displayed on our sites more relevant to you. Another purpose is to allow delivery of advertisements or other communications to you that are designed to be more relevant to your apparent interests. Delivery of interest-based advertising may involve us, our service providers and partners such as publishers, data management platforms, and demand side platforms. For example, if you look at a page on one of our sites, we may cause an advertisement to be delivered to you, on our site or on other sites, for products referenced on that page or for similar products and services. We and our service providers and partners may also append other data to information collected by these cookies, including information obtained from third parties, and share this information with third parties for the purpose of delivering ads to you.
  • Manage Settings: If you would like more information about this practice and to know your choices about not having this information used by these companies, click here.

Web Beacons

A Web Beacon is a very small clear picture file used to keep track of your navigation through a single website or a series of websites.  They may also be referred to as “Web Bugs” or “Clear Gifs.” Web Beacons may be used with cookies to gain an understanding of how a website’s users navigate through the website.

Do Not Track

Currently, various browsers — including Internet Explorer, Firefox, and Safari — offer a “do not track” or “DNT” option that relies on a technology known as a DNT header, which sends a signal to Web sites’ visited by the user about the user's browser DNT preference setting. Deem does not currently commit to responding to browsers' DNT signals with respect to the Company's Web sites, in part, because no common industry standard for DNT has been adopted by industry groups, technology companies or regulators, including no consistent standard of interpreting user intent. Deem takes privacy and meaningful choice seriously and will make efforts to continue to monitor developments around DNT browser technology and the implementation of a standard.


Your California Privacy Rights

If you are a California resident, you may request that we provide to you (i) a list of the categories of personal information about you that Deem has disclosed to third parties for the third parties' direct marketing purposes during the calendar year preceding your request, (ii) the names and addresses of such third parties, and (iii) if the nature of the third parties' business cannot reasonably be determined from their names, examples of the products or services marketed, if known to Deem, that are sufficient to give you a reasonable indication of the nature of the third parties' business. To submit your request, please email privacy@deem.com.


Disclosure to Third Parties

Subject to applicable law in the country where you are located, you may have the right to direct us not to share your personal information with third parties, except (i) with service providers we have retained to perform services on our behalf or (ii) as indicated in the "Compelled  Disclosure" section of this Privacy Statement. To submit your request, please email privacy@deem.com. In some circumstances, withdrawing your consent to Deem's use or disclosure of your personal information will mean that you cannot take advantage of Deem products or services.

To update your privacy preferences, ask us to remove your information from our mailing lists or submit a request, please contact us as specified below.


Access and Correction

You may obtain a copy of certain personal information we maintain about you or update or correct inaccuracies in that information by logging into the online account you may establish on our websites.

In addition, if you believe other personal information we maintain about you is inaccurate, you may request that we correct or amend the information by contacting us as indicated in the "How to Contact Us" section of this Privacy Statement. If we deny an access request, we will notify you of the reasons for the denial.  If you are using Deem products or services that a Deem business customer (such your employer) obtained on your behalf, you should request such further access to your information from the relevant business customer.

Subject to applicable law, you may have certain additional rights to request access to and receive information about the personal information we maintain about you, update and correct inaccuracies in your personal data, and have the information blocked or deleted, as appropriate.


The Deem website may provide links to third-party websites for your convenience and information. If you access those links, you will leave the Deem website. Deem does not control those sites or their privacy practices, which may differ from Deem's practices. We do not endorse or make any representations about third-party websites. The personal information you choose to provide to or that is collected by these third-party websites is not covered by this Privacy Statement. We encourage you to review the privacy policy of any company before submitting your personal information.

We may also provide social media features on our website that enable you to share Deem information with your social networks and to interact with Deem on various social media sites. Your use of these features may result in the collection or sharing of information about you. We encourage you to review the privacy policies and settings on the social media sites with which you interact to help you understand those sites' privacy practices.


Data Retention

The time periods for which we retain your Personal Information depend on the purposes for which we use it. Deem will keep your Personal Information for as long as you are a registered subscriber or user of our products or for as long as we have another business purpose to do so and, thereafter, for no longer than is required or permitted by law, or Deem’s Records Retention Policy, reasonably necessary for internal reporting and reconciliation purposes, to provide you with information you might request, or to protect the security of our systems and prevent fraud. If there is any information that we are unable, for technical reasons, to delete entirely from our systems, we will put in place appropriate measures to prevent any further use of the data.


Cross Border Transfers

Deem is headquartered in the United States, and we have operations, entities, and service providers in the United States and throughout the world. As such, we and our service providers may transfer your personal information to, or access it in, jurisdictions that may not provide equivalent levels of data protection as your home jurisdiction. We will take steps to ensure that your personal information receives an adequate level of protection in the jurisdictions in which we process it. If you are located in the European Economic Area or Switzerland, we provide adequate protection for the transfer of Personal Information to countries outside of the EEA or Switzerland through a series of intercompany agreements based on the Standard Contractual Clauses authorized under the EU Data Protection Directive 95/46/EC.



Security

The security of your Personal Information is very important to Deem. We use physical, electronic, and administrative safeguards that are designed to protect your Personal Information from loss, misuse and unauthorized access, disclosure, alteration and destruction.

In addition, Deem uses standard security protocols and mechanisms to exchange the transmission of sensitive data such as credit card details. When you enter sensitive Personal Information such as your credit card number on our site, we encrypt it using Transport Layer Security (TLS) technology.

In the event that your Personal Information is acquired, or is reasonably believed to have been acquired, by an unauthorized person and applicable law requires notification, Deem will notify you by e-mail or mail. Deem will give you notice promptly, consistent with the reasonable needs of law enforcement and/or Deem to determine the scope of the breach and to investigate and restore the integrity of the data system.


Lawful Basis for Processing

We will only collect and process personal data about you where we have lawful basis. Lawful basis include consent (where you have given consent) or contract (where processing is necessary for the performance of the contract with you).

Where we rely on your consent to process personal data, you have the right to withdraw or decline your consent at any time, and where we rely on legitimate interests, you have the right to object. If you have any questions about the lawful basis upon which we collect and use your personal data, please contact our Data Protection Officer at privacy@deem.com


RIGHTS FOR CERTAIN USERS - European Privacy Rights 

Deem adheres to applicable data protection laws in the European Economic Area, which, if applicable to you, include the following rights:

● You have the right to access your personal data held by us (“right to access”)

● You have the right to withdraw your consent at any time from future processing of Personal Data where processing is based on your consent

● You have a right to object to the processing of your Personal Data under certain circumstances (“right to object”)

● You have the right to rectify inaccurate Personal Data and ensure its completeness (“right to rectification”)

● You are entitled to request a transfer of your Personal Data to another controller to the extent possible or obtain copies of your Personal Data in an industry standard format (“right to data portability”)

● You have the right to request deletion of your Personal Data subject to applicable legal obligations (“right to be forgotten”)

You must contact your Company if you have questions or seek to exercise any of these rights.


Career Center

When you visit our Career Center website, we may collect information such as the user name and password you select to establish an account on the site, your employment and education history and other personal information typically collected during the job application process. We use the information to enable you to search and apply for career opportunities at Deem, submit your resume for general consideration, email a friend about this the Career Center, and comply with applicable legal requirements and our policies and procedures.


Children's Privacy

Deem does not knowingly collect information from children under the age of 13 and does not target its websites to children under 13. If we learn that a user is under 13 years of age, we will promptly delete any personal information that the individual has provided to us. We encourage parents and guardians to take an active role in their children's online activities and interests.


Updates to this Privacy Statement

This Privacy Statement may be updated periodically and without prior notice to you to reflect changes in our personal information practices. We will post a prominent notice on our websites to notify you of any significant changes to our Privacy Statement and indicate at the bottom of the notice when it was most recently updated.


How to Contact Us

If you have any questions or comments about this Privacy Statement, or if you would like us to update the information we have about you or your preferences, please contact us by email at privacy@deem.com. You also may write to us at:

Deem
Attn: Chief Information Security Officer – Privacy Rights
642 Harrison St., 2nd Floor
San Francisco, CA 94107