Clarity ("We") are committed to protecting and respecting your privacy.
Mawasem Limited (as Clarity) are committed to respecting and protecting your privacy whilst remaining compliant with the EU General Data Protection Regulation (GDPR) and the Data Protection Act (DPA). In line with this objective we operate an Information Security Management System which is certified against ISO 27001:2013 and a Personal Information Management System aligned with the BS 10012:2017 standard.
Mawasem (as Clarity, hereafter referred to as such) are a Data Processor and have appointed a Data Protection Officer who can be contacted as follows: DPO@claritybt.com
You can also contact Clarity by post, c/o IT Compliance, at 4th Floor, Churchgate House, 56 Oxford Street, Manchester M1 6EU.
Information we may collect from you
We may collect and process the following data about you:
Information that you provide in order to make a travel booking (see below*) or purchase any other services via Clarity;
Details of transactions you carry out through Clarity, and of the fulfilment of your bookings;
Details of your visits to Clarity (including, but not limited to, traffic data and location data), whether this is required for our own purposes or otherwise, and the resources that you access;
Information you provide in order to enter a competition or promotion, complete a survey, or if you report a problem with Clarity.
*In terms of personal information collected during the travel booking process, this may include traveller name, gender, date of birth, residential address, email address, passport details, next of kin information and employer details, as well as dietary requirements, details of any disabilities and even loyalty card information if the traveller wishes to share this information. This is not a default list, however and should not be considered a baseline dataset. The sole information we absolutely require to establish a traveller profile is a name and email address. Thereafter we only process the data required to fulfil bookings in our capacity as a travel management service provider, plus any additional information volunteered by travellers themselves.
If you contact us, we may keep a record of your email or other correspondence.
Where we store your personal data
We’re based in the UK but sometimes your personal information may be transferred outside the European Economic Area (EEA). If we do so we’ll make sure that suitable safeguards are in place, for example by using approved contractual agreements, unless certain exceptions apply. You can review a list of our sub-processors by visiting:www.claritybusinesstravel.com/sub-processors
In order to fulfil global travel requirements some personal information may ultimately be sent to non-EEA locations by downstream travel service providers, for example airlines or hotels. We treat these third parties as Data Controllers and as such cannot be accountable for the way in which they process data.
Uses made of the information including the legal basis for processing
To fulfil its contractual and customer obligations, there is a requirement for Clarity to collect and process specific, personally-identifiable information relating to our clients’ employees and representatives. Our legal basis for processing is that to do so is necessary for the performance of a contract to which you are party. We may use information held about you in the following ways:
- To provide travel management services;
- To carry out our obligations arising in connection with any contracts entered into between you and us, or between you and a third party;
- To allow you to participate in interactive features of our service, if you choose to do so (such as our optional travel tracker technologies);
- To notify you about changes to our service;
- To provide you with information and offers that we, or selected third parties, feel may interest you. If you are an existing customer, we will only contact you by electronic means with information about services similar to those which were the subject of a previous sale to you. If you are a new customer, and where we permit selected third parties to use your data, we (or they) will contact you by electronic means only if you have consented to this.
We do not carry out any automated decision-making or profiling based on personal data which has been collected.
Disclosure of your information
We may disclose your personal information to any member of our Group, which means our subsidiaries, our ultimate holding company and its subsidiaries, as defined in section 1159 of the UK Companies Act 2006, to relevant third parties who will supply the travel arrangements or other services you request, to Government bodies and other authorities to whom we are legally obliged to pass your data (e.g. border agencies of countries you intend to visit) and to relevant third parties for the purpose of fraud protection and credit risk reduction.
We may also use your information for other specific, legitimate purposes such as:
- To ensure that content from our booking tool is presented in the most effective manner for you and for your device;
- To provide you with information on products or services that you request from us or which we feel may interest you, where you have either explicitly consented to being notified, or we believe you will have a legitimate interest;
- To carry out our obligations arising from any contract(s) to which you are party;
- To allow you to participate in interactive features of our service, when you choose to do so;
- To notify you about changes to our service.
We do not sell, rent or lease customer lists to third parties. We may, from time to time, contact you on behalf of external business partners about a particular offering that may be of interest to you. In those cases your unique, personally-identifiable information (which may include e-mail, name, address, telephone number) is not transferred to the third party. In addition, we may share data with trusted partners to help us perform affiliate marketing, statistical analysis, send you email or postal mail, provide customer support, or arrange for deliveries. All such third parties are prohibited from using your personal information except to provide these services to us, and they are required to maintain the confidentiality of your information.
We will only contact you by electronic means (e-mail, SMS, Push or telephone) with information about goods and services similar to those which were the subject of a previous sale or enquiry made by you.
You have the right to ask us not to process your personal data for marketing purposes. We will usually inform you (before collecting your data) if we intend to use your data for such purposes or if we intend to disclose your information to any third party for such purposes. You can exercise your right to prevent such processing by ticking/un-ticking certain boxes on the forms we use to collect your data. You can also exercise the right at any time by writing to: Clarity, Ground Floor, 3 Lakeside, Festival Park, Stoke-on-Trent, ST1 5RY, United Kingdom
Our site contains links to and from the websites of our principals, suppliers, advertisers and other third parties. If you follow a link to any of these other websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies or for these third party websites. Please check these policies before you submit any personal data to these websites.
Unless we explain otherwise to you, we’ll hold your personal information in accordance with the following criteria:
Reasonable business need, defined as:
- For as long as it is required to carry out our obligations arising in connection with any contracts entered into between you and us, or between you and a third party;
- For as long as we provide services to you and then for as long as someone could bring a related claim against either of us
Retention periods in line with legal and regulatory requirements or guidance
When retention can no longer be justified under any of the above criteria, all personal information shall be anonymised or securely disposed of.
Individual rights of access to personal data