Compliance
We value the trust of our customers from across the globe and take the privacy and security of personal data seriously.
Trusting Atlas Travel as your travel management company means you are working with an organization that, at the heart of their business, is a commitment to earning, building and strengthening their client’s confidence. All strong business relationships are built on trust, and we consistently strive to meet your needs from a security, compliance and privacy perspective. That is our priority.
Highest level of customer and data privacy and protection
Full compliance under all privacy and data protection laws
Programs and partnerships that ensure client confidence
Our security program is based on international standards, data privacy laws, best practices and input from our clients. Our operations are continuously reviewed to ensure we are appropriately managing risks and securely storing and processing personal data as we provide you with outstanding global corporate travel management service.
Atlas Travel Trust Center
To further reinforce our commitment to leadership in data privacy and dedication to the security needs and growing expectations of our customers, the Atlas Travel Trust Center connects you to the latest security and compliance information for our services. To do so, we’ve partnered with TrustArc, a global expert in data privacy management and automation, to manage the privacy and risk of our company and clients, as well as to utilize their fully automated platform for end-to-end privacy management.
Through our partnership with TrustArc, Atlas Travel is more efficient and effective in managing a wide range of privacy and security functions, including data inventory and flow tracking, vendor management, risk assessments and overall compliance management. Our investment in TrustArc is a reflection of our emphasis on data protection and is our way of ensuring your privacy and security is in the best hands, today and always.
Security in Safeguarding Your Data
Reliability in Managing Privacy & Risk
International Standards Compliance
Security Protection
At Atlas Travel, our partnership with clients is paramount. We are committed to providing security program transparency to gain and keep your trust and take very seriously our responsibility to protect the client, traveler and employee data that we hold.
Our security and awareness program, SAFE, provides employees with the resources and knowledge necessary to raise the level of privacy, security understanding and compliance. Ongoing training is provided, along with newsletters, best practices and policy updates. Our SAFE intranet provides policies, procedures and resources, including how to report an incident.
This seal demonstrates that our privacy programs, policies and data collection practices have been approved by an independent third-party based on the Data Privacy Framework’s consumer personal information guidelines for transparency, accountability and choice.
Atlas Travel participates in and complies with the EU-U.S. and the Swiss-U.S. Data Privacy Framework. Our certification is listed on the Data Privacy Framework Active Participant List.
As a global partner, Atlas Travel is committed to our customers’ worldwide success and the protection of their data by ensuring that we adhere to GDPR requirements, as well as all applicable privacy and data protection laws in all the jurisdictions where we operate.
We have appointed DataRep as our Data Protection Representative in the European Union to meet our GDPR obligation and so our clients may exercise their rights directly from their home country.
In line with industry standards like Payment Card Industry Data Security Standard (PCI DSS) and others of similar global status, our embedded information includes vulnerability scanning provided by Approved Scanning Vendor (ASV) partner, SecureTrust (now Viking Cloud). You can view our compliance validation here.
As part of our dedication to raising awareness and promoting privacy and data protection best practices, we partner with the National CyberSecurity Alliance to participate in annual campaigns such as Data Privacy Day/Week (known as Data Protection Day in Europe) and are registered as an official Champion of CSAM.
We have established a Global Information Security Policy (GISP) that also includes PCI DSS requirements. Some examples of the policies and procedures we have in place include acceptable use, access controls, antivirus and malware, data classification, data privacy, disaster recovery, incident management, password controls, patch management and vendor management.
When providing travel services, Atlas Travel applies its Data Privacy Addendum (DPA), enabling clients to transfer information to us with confidence. The DPA describes the roles and responsibilities of Atlas Travel and our clients, the scope of data processing, cooperation and assistance requirements, security, transfer mechanisms and the measures used in the delivery of our services.
Atlas Travel processes personal data in accordance with its
Global Privacy Policy.