Carlson Wagonlit Travel (CWT), doing business as Macy's Travel, has travel agency operations in many countries around the world. CWT's focus is to provide business travel services to the employees of businesses with whom CWT signs a corporate travel services agreement. In doing so, CWT receives individual data from the employees.

Why the laws apply to us and why CWT needs to obtain the consent of the traveler
Data protection laws apply to the information received by CWT because that data can be used to identify an individual person.

The purpose of data protection is to protect an individual's rights by keeping personal data secure and by regulating its processing, so that it may be used only for the purpose for which it was given/collected. CWT is using the Data Protection Statement (see below) to request the consent of the traveler. For examples of such laws, please see the following Web sites:

• European Directive on Data Protection
• Australian privacy laws
• Canadian privacy laws
• Safe Harbor in the United States

CWT has always had internal confidentiality standards. We are in the process of implementing company-wide the measures described below in this policy, as well as additional ones. Our policy and corresponding procedures take into account the national laws of the many countries where CWT has operations, and in some cases surpass these regulations. It is our goal to standardize globally the way travel data is handled and processed within CWT.

Information that we store
The travel data that we store may include: name, address, email address, credit card references/number, travel destinations, travel schedules, seating preferences, smoking or non-smoking accommodations, meal preferences and reservation information, as well as passport details and next of kin information.

When servicing a given corporate client, CWT creates a "Traveler Profile" with travel data for each traveler, which is kept on file as a reference document and consulted each time a reservation is to be made. When a reservation is made, CWT creates a "passenger name record" (PNR), which contains all of the information needed to fulfill the travel request of each traveler.

Based on the travel expenses incurred by travelers of each corporate client, CWT produces reports that summarize and analyze the travel trends of that client.

What we do with the information
In addition to creating Traveler Profiles and PNRs, CWT uses the travel data with the consent of the traveler for the following travel and other travel-related purposes.

• Reservations: CWT may need to transfer travel data to various third party travel suppliers and computer reservation systems for the purposes of making reservations within the traveler's home country or to another CWT agency in another country where the traveler may be traveling.
• Consolidation of Travel Data: At the request of the corporate client (the traveler's employer), CWT or a third party prepares information reports that summarize and analyze the travel expenditures per destination, per travel supplier, etc.
• Compliance with Travel Policy: Also at the request of the corporate client, CWT may report on the compliance of the travelers with the travel policy of the client and identify any exceptions to the compliance.
• Collecting Travel Payments: CWT may transfer travel data to third parties in the traveler's home country or in another country for the purpose of collecting payments related to travel reservations.
• CWT Databases: In order to constantly improve the servicing of our clients around the world, the travel data is handled out of certain locations accessible by our travel agents around the world.
• New products and Services: Also with the goal of improving service and based on the data given to CWT, we may send additional information to the traveler if it applies to his/her trip. An example would be a list of restaurants near a specific hotel, in a specific city.

CWT as a Data Controller or a Data Processor
CWT proposes two options:

1. CWT is Data Controller: CWT needs to collect the consent of each traveler (Data Protection Statement).
2. Client is Data Controller: CWT is data processor while the Client manages the traveler consent process internally.

Measures we are taking
CWT is implementing, step-by-step, a process through which we will standardize the way our company and its affiliates handle travel data.

• Data Protection Statement: CWT has established a Data Protection Statement to ensure consent to various uses of travel data given to CWT. The statements are signed by the traveler either in paper form or in electronic form, as determined with the client.
• Transfer to Third Parties: Prior to a transfer, third parties (except for travel suppliers such as the airlines, computer reservation systems, hotels, etc.) are required to sign a transfer agreement with CWT, which requires them to follow the applicable data protection laws. An exception may be made if the third party is located in the EU or in a country approved by the EU as having satisfactory data protection laws. This will ensure that even if the laws governing the third party are less strict than our standards, the level of protection that the traveler's data receives will be consistent. For instance, data consolidators are required to sign an agreement. Even subsidiaries of CWT in countries with data protection laws that are considered less strict also sign a transfer agreement. There is an EU model clause Data Transfer Agreement signed between Carlson Wagonlit Holdings B.V. and its subsidiary Carlson Wagonlit Travel, Inc.
• Security: Pursuant to the various data protection laws, CWT is implementing appropriate technical and organizational measures to protect the personal travel data, obtained from our clients' travelers, against accidental or unlawful disclosure or destruction. The measures are being determined for each department, according to their handling of the travel data.
• Destruction: Under many data protection laws, personal data must be destroyed after a certain period of time. CWT keeps travel data only as long as required by law, a period of time which may vary according to the requirements for the various internal departments.
• Our policy may be subject to additional requirements in compliance with local legislation in certain countries (please see below, under "Notes").
• Infrequent travelers: Most infrequent travelers (those travelers who make three or less trips a year), or "one-offs," will fit into the global procedure we have outlined in this policy. One-offs such as consultants for our larger clients will fill out a Traveler Profile and make reservations in the same way as our frequent travelers. There are some situations, however, where the normal procedure will be impossible to follow, such as with groups, and ship and mining crews. In these cases, the information for the one-off trip (including personal data) will not be given by the traveler, but by a third party. If the client provides personal data to us about a traveler, they must ensure that they are entitled to disclose that data to us and that without us taking any further steps required by privacy/data protection laws, we may collect, use and disclose such information for the purposes described above. For example, the client should take reasonable steps to ensure the individual traveler concerned is aware of the various matters detailed in this CWT Privacy/Data Protection Policy as those matters relate to that individual, including our identity, how to contact us, our purposes of collection, our information disclosure ractices, the individual's right to obtain access to the data and the consequences for the individual if the data is not provided.
  We will also send a letter to our clients informing them of their responsibilities as a third party providing us with the personal data of an individual traveler.
• Itineraries: In order to fulfill our responsibility to inform the individual traveler of our Data Protection obligations, we intend to include the following text at the end of each itinerary:
  "All information provided by you, or any other party such as your employer, to Carlson Wagonlit Travel (CWT) will be used by CWT, its related companies and other Travel Service Providers requiring this information, in order to make and process your requested travel arrangements. A copy of CWT's Privacy/Data Protection Policy can be obtained from your local CWT contact or from the CWT Website. Please note that airlines may be required by law to pass information contained in this reservation to customs and immigration authorities when requested."
  Please note that this text does not appear on itineraries issued in the United States and Canada.

Travelers' rights
The traveler's principal rights are to:

1. amend his/her personal data, and upon written request and payment of a statutory fee or if none, a reasonable fee, to receive from CWT, within a reasonable amount of time, a copy of his/her Traveler Profile (see contacts at the bottom of this Policy) (for data held by third parties, please contact the third party),
2. know how his/her data is being processed, for what purpose and who is doing the processing,
3. choose whether or not to receive unsolicited services/direct marketing/information on other travel products and services,
4. revoke consent to the DPS (upon written request) or refuse to provide information.
   Please note that if a traveler chooses not to sign, or to revoke consent to, the Data Protection Statement, CWT cannot accept his/her travel data and cannot service the traveler. If this is the case, we encourage the traveler to contact his/her employer.

Frequently Asked Questions

What data is covered by data protection laws?
Personal data (what CWT calls travel data) is defined as data, which relates to a living individual who can be identified from the data. If the traveler data does not refer to or identify any individual employee then, the data can be processed by CWT without the traveler's consent. For instance, if the management reports do not include any references to specific individuals, then CWT would not have to obtain the traveler's consent to the delivery of reports to the traveler's employer.

Why is the travel agreement between CWT and the client not sufficient to protect the travelers' data?
The travel agreement is between the corporate client (employer of the traveler) and CWT, and not between the traveler and CWT. Data protection laws protect the rights of the individual traveler, and in processing the individual traveler's data, CWT has obligations under these laws which it has to fulfill itself and cannot pass onto the client.

What happens if CWT does not obtain the traveler's consent, and is therefore not in compliance with the data protection laws?
Practically speaking, it will be very difficult for CWT to provide travel services to an individual traveler who refuses to allow CWT to process his/her travel data. Included in the data protection laws are harsh penalties for non-compliance; in some countries it is a criminal offense.

What obligations do we have in processing the data within CWT?
CWT must ensure, at the very least, that the personal data:

• is processed fairly and lawfully,
• is obtained only for specific and lawful purposes and shall not be further processed in any manner incompatible with these purposes,
• is not excessive (in terms of the type of data requested) in relation to the purposes for which it is collected and further processed,
• is accurate,
• is kept secure and not held for longer than necessary.

Can CWT use the data to carry out its own analyses?
CWT may not use the data for promotion and marketing purposes by third parties unless the traveler gives his/her consent. CWT may, for instance, use the data to analyze the travel trends of its corporate clients in order to propose other CWT services to the clients, such as CWT Solutions Group activities, without receiving the traveler's consent. If the traveler's consent is only given to his/her employer, the corporate client, if the client is Data Controller, then that consent cannot apply to CWT's use for purposes other than those directed by that Client.

Notes
The following notes are to detail certain points and country specifics.

• "Carlson Wagonlit Travel" refers to the group of companies of which the parent company is Carlson Wagonlit Holdings B.V., a Dutch company, and its affiliates in over 40 countries around the world. CWT values the protection of personal data of all our travelers wherever they are based around the world.
• "24-hour travel assistance center." CWT is willing to provide travel services to its clients and their travelers on an emergency basis from its 24-hour travel assistance centers, outside normal business hours of their usual travel agency, without requiring a signed data protection statement. CWT believes that this is in the best interest of the individual traveler during an emergency. However, CWT will inform the traveler that the traveler is required to sign the statement as soon as the traveler is able to do so.
• Australia. We will use and disclose personal data for the primary purpose for which it was collected. We may also use and disclose personal data for purposes related or ancillary to the main reasons we collect it. Some examples of the way we use and disclose personal data are provided in this CWT Privacy/Data Protection Policy, for example, see under the heading "What we do with the information".
• Canada. Federal laws on data protection will apply to CWT's activities as of Jan. 1, 2004. Quebec has existing data protection laws for commercial activity within that province. Other provinces have indicated that they may enact data protection laws for commercial activities within their respective jurisdictions and CWT will continue to evaluate its approach to ensure compliance with new laws as they are introduced.
• European Union. The European Union has established a list of countries outside of the EU that it considers safe for the transfer of personal data. This list currently includes Canada, Hungary and Switzerland. See below for U.S. arrangement.
• United States Safe Harbor. The European Commission has negotiated with the U.S. Department of Commerce certain principles and guidelines for the transfer of data. These Safe Harbor principles guide U.S. entities in providing an adequate level of protection for personal data. The voluntary decision by a U.S. entity to enter the Safe Harbor means that the entity must comply with the Principles, publicly declare that it is doing so, and obtain certification from the U.S. Department of Commerce. For more information on Safe Harbor, including a list of the seven Principles, please review the Safe Harbor Overview. At present no CWT entity has signed up to the Safe Harbor Principles. The EU standard contractual clauses for the transfer of personal data to processors established in third countries (under Directive 95/46/EC) is signed between CWT and the CWT U.S. entity.
• Other countries. Other countries are in the process of adopting data protection laws and we will be monitoring these laws and determining if we need to take any additional measures.

Contacts
For any questions concerning your personal travel data, please contact your local CWT office.

For questions on Data Protection, please write to the Data Protection Officer in your country or region, or to our Data Protection mailbox at dataprotection@carlsonwagonlit.fr.

This policy is subject to change. The changes will be posted on this Web site, so please be sure to check the site regularly.