Travalytics (“we”, “us”, or “our”) is committed to protecting the privacy of our customers and business contacts. This Privacy Policy explains how we collect, use, store, and share personal data of individuals acting on behalf of our business customers, including those placing orders, managing accounts, or communicating with us.

1. Who This Policy Covers

This policy applies to the personal data of individuals who:

• Place orders for Travalytics services on behalf of their organisation

• Request quotes or information from us

• Manage their organisation’s Travalytics account

• Receive invoices or billing communications

• Contact us for support or sales discussions

It does not cover data collected through the Travalytics survey or app service from end-users or participants. For that, please see our Privacy Policy for App and Survey Participants.

2. What Information We Collect

We may collect and store the following personal data:

• Name and contact details (such as email address and phone number)

• Job title and organisation name

• Billing and invoicing details

• Order and contract history

• Communications with our sales, support, or billing teams

• Any preferences or settings you choose to provide

3. How We Use This Information

We use this personal data to:

• Provide and manage your organisation’s access to Travalytics services

• Process orders and payments

• Issue invoices and manage billing

• Communicate about your account, orders, upgrades, or renewals

• Respond to support requests and other enquiries

• Maintain business records and comply with legal obligations

4. Legal Basis for Processing

We process this data under the lawful bases of:

• Contract: To perform our contract with your organisation.

• Legitimate Interest: To manage our business relationship, prevent fraud, and improve our services.

• Legal Obligation: To comply with applicable accounting, tax, and legal requirements.

5. How We Share Data

We do not sell your personal data. We may share it with:

• Payment processors and billing partners

• Customer relationship management (CRM) systems

• Professional advisors (such as accountants or legal counsel)

• Government authorities if required by law

All such sharing is limited to what is necessary to provide our services or comply with legal requirements.

6. Data Storage and Security

We store customer account data securely using industry-standard technical and organisational measures. Access is restricted to authorised personnel only. Data is retained as long as necessary to fulfil the purposes described above, comply with legal obligations, and resolve disputes.

7. International Transfers

We primarily process personal data within the European Economic Area (EEA). We do not expect to transfer personal data outside the EEA except in specific cases where this is necessary to deliver services—for example, when working with customers located outside the EEA, or when required to do so by law.

In such cases, we will ensure that appropriate safeguards are in place to protect the data in accordance with applicable data protection laws. These safeguards may include the use of Standard Contractual Clauses (SCCs) approved by the European Commission or other legally recognised mechanisms.

8. Your Rights

Under the General Data Protection Regulation (GDPR), you have certain rights regarding your personal data. These rights include:

• Right of access – You have the right to request a copy of the personal data we hold about you.

• Right to rectification – You have the right to request correction of any inaccurate or incomplete personal data.

• Right to erasure – You may request that we delete your personal data, subject to certain legal obligations.

• Right to restriction of processing – You may request that we restrict the processing of your personal data under certain circumstances.

• Right to object – You have the right to object to processing based on our legitimate interests or for direct marketing purposes.

• Right to data portability – You may request to receive your personal data in a structured, commonly used, and machine-readable format, and to have it transferred to another data controller, where technically feasible.

• Right to withdraw consent – If processing is based on your consent, you may withdraw that consent at any time. This does not affect the lawfulness of processing based on consent before its withdrawal.

• Right to lodge a complaint – You have the right to lodge a complaint with a supervisory authority if you believe we have processed your personal data in violation of applicable data protection laws.

To exercise any of these rights, please contact us at hello@travalytics.io. We may request confirmation of your identity before responding to your request.

9. Changes to This Policy

We may update this Privacy Policy from time to time. We will publish any changes on this page with an updated effective date.

10. Contact Us

If you have any questions about this Privacy Policy or how we process your personal data, please contact:

Travalytics AB, Swedish organisation number 559527-2468
Raffinadgatan 2, 222 35 Lund, Sweden
hello@travalytics.io