- Collection of Information
- Use of Information
- Sharing, Transfer and Public Disclosure of Information
- Storage and Cross-border Transmission of Information
- Use of Cookie
- Reminders of Sensitive Personal Information
- Information Security and Protection
- Handling of Information Security Issues
- Protection of Minors’ Information
- Management of User’s Personal Information
- Accessing Our Website from Outside the China Mainland
- Governing Law
Published on: Sept. 21, 2017
Respect for user’s privacy is a basic policy of Trip.com. Trip.com Website collects travel services information offered by qualified hotels, air ticket agencies and travel agencies on Trip.com Website for users to search, and helps users to contact the aforesaid hotels, air ticket agencies and travel agencies and book the relevant travel services.
2. Collection of Information
In order to better serve you, Trip.com will follow the principles of “reasonableness, relevance and necessity”, will collect information only with your consent and will not collect information prohibited by laws and regulations. Given the importance of Trip.com’s membership services, you shall agree that Trip.com will collect all information you enter on Trip.com Website or information provided to us otherwise:
- You need to enter your name, gender, birthday, mobile number, email and other information to register for membership.
- You should timely update your personal profile with detailed and accurate information.
- When booking air or train tickets, you need to provide passenger’s name, gender, ID document number and the contact person’s name, mobile number, email and delivery address and other information.
- When booking hotels and entrance tickets for tourist attractions, you need to provide the guests’ name, contact person’s name, mobile number and email etc.
- When paying for products ordered, you need to provide your bank card number, the mobile number previously arranged with the bank, or your credit card number, cardholder name, expiry date etc.
- We may also need you to provide your personal information so we may know your travel plans, styles and preferences, including your meal requirements, departure/check-in&check-out time, seat choice, ticket choice, insurance choice and other services (such as travel, car services, entrance tickets and travel guides etc.) provided by Trip.com.
We will automatically collect your personal information during your use of Trip.com services:
Log information, which refers to information that the system may automatically collect through cookies, web beacon or other channels when you use our services, including:
- Device information or software information, such as your IP address, version and device identifier (IDFA / IMEI) of the mobile device your use, and configurations of the web browser or mobile device you use to access our services.
- Information that is searched or browsed when you use our services, such as web pages used or terms searched and pages visited through APP, as well as other information browsed or provided when using our services.
- Information contained in the content you share through our services, such as the shared photo taken or uploaded, or comments, and dates and times etc.
- Location information, which means your location information we collect when you turn on your device’s Location feature and use our location-based services, such as your geographical position information collected via GPS or WIFI, or your address information contained in the account information you provide to us, or shared information uploaded by you or others showing your current or previous location. You can turn off the Location feature to prevent us from collecting your location information.
- We will obtain your information from affiliates and business partners. For example, when you make booking or reservations through website of our affiliates, business partners and their mobile APPs, your booking or reservation information with them might by forwarded to us so that we can process your order and ensure your booking success. For another example, we allow you to log into Trip.com with your social media account, and with your consent (you make authorization to the social platform), your personal information will be shared with us through the social platform.
3. Use of Information
Trip.com will generally collect and use your personal information for the following purposes:
- Providing services to you: We will use your personal data to complete and manage your online booking. In addition, we will provide you with related products and services through affiliates, business partners and third parties.
- Account management: You can create a Trip.com account and we will use the information you provide to manage your account and provide you with practical features. You can use your account for various operations, such as managing orders, adjusting personal settings, adding frequently used passengers, checking historical orders, evaluating orders and managing payments etc.
- Responding to your inquiries and requests: We provide 7/24 customer services in multiple languages to offer help when you need it.
- Marketing activities: We will also use your personal information for legitimate marketing purposes, such as sending you the latest news on travel products or services, providing personalized recommendations and information of other promotional activities that may interest you.
- Contacting you: Responding to and dealing with your questions or requests, sending order-related messages (such as message of successful order submission, messages reminding you to continue unfinished orders etc.). We may also send you a questionnaire or invite you to feed back on our services etc.
- Market research: We will sometimes invite you to participate in a market research to measure your interest in our products, services and websites.
- Improving service security and reliability: We may detect and prevent fraud and illegal activities and use your personal data for risk assessment and security purposes.
- Data analysis: We may use your personal data for analysis so that we can get to know your location, your preferences and demographic information, or match with the data obtained from other sources (including third parties), so to develop our products and services or marketing plans and to improve our services.
- Daily operations: including but not limited to order management, customer verification, technical support, network maintenance, troubleshooting, internal administrative affairs, internal policies and procedures, and producing internal reports.
- Phone monitoring: Your phone conversation with our customer service staff, both answering our call and calling us, may be recorded. We may rely on the recording to monitor the quality of customer service, check the accuracy of the information you provide to prevent fraud, or serve the purpose of internal staff training. The recordings will be automatically deleted after a period of time, unless they are retained due to compliance requirements or protection of legal interests.
- Fulfilling obligations: Dealing with insurance claims and payments that occur under relevant policies, processing commissions paid to partners or claiming for loss caused by service partners or recovering payments made etc.
- Legal purposes: We may need to use your information to handle and settle legal disputes, or to abide by any laws and regulations or provisions of documents issued by regulatory authorities that are binding on us, so to cooperate with the investigation by national departments or regulatory authorities and comply with laws and regulations.
- Also, we may collect, use and disclose your personal information for other purposes and will inform you by revising this statement.
- While enjoying the services provided by Trip.com, you shall also authorize Trip.com to and agree that Trip.com can send business information to your email, mobile phone and mailing address, including but not limited to the latest Trip.com product information, promotional information etc. If you choose not to accept Trip.com’s all kinds of information services, you can reject them by making settings as guided by Trip.com.
You are fully aware that we can use your personal information without our authorization and consent in the following circumstances:
- When relating to national security and national defense security;
- When relating to public safety, public health, and significant public interests;
- When relating to crime investigation, prosecution, trial and execution of judgment;
- When we need to use user’s personal information to protect the personal safety, property and other major legitimate rights and interests of individual users or others but it’s difficult to obtain the user’s consent;
- The personal information collected is made open to the public by the relevant individual user himself/herself;
- Personal information about you is collected from legally and publicly disclosed information, such as from legal news reports, information disclosure by governments and other channels;
- When use of your personal information is necessary for contract signing based on your requests;
- When use of your personal information is necessary to maintain the safe and stable operation of the supplied products and/or services, such as the detection and disposal of defects in products and/or services;
- When use of your personal information is required for legitimate news reporting;
- When use of your personal information is necessary for academic research institutions to conduct statistical or academic researches for public interest, and the institutions have de-identified personal information included when publishing the results of academic researches or descriptions;
- Other circumstances prescribed by laws and regulations.
Sharing, Transfer and Public Disclosure of Information
We may share your order information, account information, device information and location information with third parties such as partners to ensure successful provision of services to you. We will only share your personal information for legal, legitimate, necessary, specific and explicit purposes, and will only share the personal information necessary for the provision of the services. Our partners include the following types (including Chinese and overseas entities):
- Providers: including but not limited to hotels, airlines, cruises, car rental agencies, travel agencies, scenic spots and event providers and agents that meet your booking needs. These providers may contact you as needed to provide you with travel products or services.
- Financial institutions and third-party payment agencies: When you book an order, apply for a refund and purchase insurances, we will share the relevant order information with the financial institution or the third-party payment institution, and as we believe it’s necessary for fraud detection and prevention, we will further share other necessary information, such as IP address, with the relevant financial institutions.
- Business partners: We may work with partners to provide products or services for you, including courier business, communications services, customer services, marketing and advertising etc.
Transfer of Information
We will not transfer your personal information to any company, organization and individual except in the following cases:
- We have obtained your express consent or authorization in advance;
- Transfer of information is required by applicable laws and regulations, legal procedures, mandatory administrative or judicial requirements;
We will only disclose your personal information in the following circumstances:
- Disclosure of your designated personal information based on your needs in manners you expressly approved;
- In circumstances where your personal information must be disclosed as required by laws and regulations, mandatory administrative or judicial requirements, we might publicly disclose your personal information in accordance with the type of personal information required and the disclosure manner specified. Subject to laws and regulations, we will require the application party to provide the respective and relevant legal documents, such as summons or investigation letters when we receive the above requests for disclosure of information.
Storage and Cross-border Transmission of Information
- Your personal information will be kept for 3 months since the day of account cancellation, unless the retention period needs to be extended, or the extended retention is approved by laws or competent authorities or is required for competent authorities’ investigations.
- If we stop the operation of Trip.com products or services, we will promptly stop the collection of your personal information, will notify you of the operation termination by sending a notice to each of you or posting an announcement, and will delete or de-identify the personal information we hold.
Personal information collected and produced by us in the territory of the People's Republic of China will be stored in China, with the following exceptions:
- Circumstances expressly defined by laws and regulations;
- Your express authorization has been obtained;
- Your personal free-will actions such as conducting cross-border transactions online.
- Use of Cookie
A cookie is a text file that a web server puts on your device to help you invoke information when you access the web site. It will facilitate the process of recording the personal information you filled out. You have the right to accept or reject cookies and may change your browser’s settings to reject cookies if they are automatically accepted by the browser. Please note that if you choose to reject cookies, you may not be able to fully enjoy the services provided by Trip.com.
- Reminders of Sensitive Personal Information
Information Security and Protection
- Trip.com attaches great importance to information security and has set up a dedicated team for this. We strive to protect your personal information and have taken appropriate management, technical and physical security measures. With reference to domestic and international information security standards and best practices, we have established an information security guarantee system in line with business development, have passed ISO27001 information security management standard certification and the PCI-DSS (Payment Card Industry Data Security Standard) certification.
- We have from the point of view of the data life cycle, established security measures for all links including data collection, storage, display, processing, use, and destruction. We take different control measures according to the level of information sensitivity, including but not limited to access control, SSL encryption transmission, AES256bit or higher level encryption algorithms for encrypted storage, masking of the sensitive information to be displayed etc.
- Notwithstanding the foregoing security measures, please also understand that there are no such “perfect security measures”for the internet. We will rely on currently available technologies and take appropriate security measures to protect your information. We will offer reasonable security guarantees and will do our best to keep your information from being leaked, damaged or lost.
- Your account has in-built security features. You are advised to properly safe keep your account and password and do not disclose your password to any person. If you find leakage of your personal information, especially leakage of your account and password, please contact our customer service staff immediately, so that we can take appropriate measures.
- Please timely save or back up your text, pictures and other information. You shall understand and accept that the system and communication network you use to access our services may go wrong due to factors out of our control.
- Handling of Information Security Issues
In the event of personal information security incidents, we will inform you in accordance with the requirements of laws and regulations of: basic information of the security incident and its possible influences, measures we have taken or will take, suggestions for you to take preventive measures and lower risks, as wells remedies we provide for you etc. We will keep you updated on the incident via emails, letters, over the phone, or via push notifications. When it’s impossible to notify individual users one by one, we will make announcements in a reasonable and effective way. At the same time, we will report the disposal of personal information security incidents in accordance with requirements of regulatory organs.
- Protection of Minors’Information
Trip.com attaches great importance to the protection of personal information of minors. If you are a minor under 18 years of age, you shall obtain the written consent of your parent or legal guardian before using Trip.com's services.
Management of User’s Personal Information
- You can log into “My Trip.com” at any time and go to “My Profile” and “Commonly Used Information” to view, change and delete your account information, modify your personal information, privacy settings, and security settings, change the shipping address and other personal data you provided when using Trip.com services. In case of any questions, you can contact Trip.com’s Service Center at service@Trip.com.
- You can cancel your Trip.com account by the method below: Call the customer service line (400-830-6666 for domestic users) noted on Trip.com’s official website, follow the voice instruction to link to a customer service specialist that will help you cancel your account after a verification process. After the cancellation, all information in your account will be cleared out and we will no longer collect, use or share any personal information related to this account, provided that we will still retain the previously collected information for the period as required by the regulatory authorities and the competent authorities shall still have the right to access such information during this period.
- Accessing Our Website from places Outside the Mainland China
- Governing Law