Your data is safe with us. To find out more about how JacTravel will use and store your email data go to our Terms and Conditions page.
Your data is safe with us. To find out more about how JacTravel will use and store your email data go to our Terms and Conditions page.
Your data is safe with us. To find out more about how JacTravel will use and store your email data go to our Terms and Conditions page.
Your data is safe with us. To find out more about how JacTravel will use and store your email data go to our Terms and Conditions page.
We’ve always been committed to protecting your data. Our journey toward GDPR compliance began well before it came into effect in May of 2018, by supplying safe and secure ways for our Clients to transfer their data as needed.
The world of privacy and data protection is rapidly developing, as it did on June 4, 2021, when the European Commission adopted a new set of Standard Contractual Clauses (SCCs) as a legal mechanism of transferring data from the EEA, to meet the requirements of the GDPR.
When the GDPR came into effect, we incorporated a Data Processing Agreement (DPA) into our contracts, to include the necessary legal mechanisms to safeguard transfers of data from the EEA.
In light of recent changes and as part of our ongoing commitment to protecting your data, we performed a thorough review of our data transfers and our obligations under the GDPR, to ensure we had the necessary protective measures in place. As a result of this, we decided to take on greater responsibility for the data we collect and hold, ensuring we are in a position to control the measures we take to safeguard transfers of EEA data. To allow this, we are moving into the position of independent data controllers.
To address these changes and to reflect our increased undertaking to protect your data, we have replaced our existing DPA with a new set of Data Processing Terms, to incorporate the new controller to controller SCC’s.
You can see a copy our new Data Processing Terms here.
In addition to our new Data Processing Terms, our Privacy Notice sets out our commitment to ensuring we protect your data and the measures we take to meet our privacy obligations.
As part of this ongoing commitment, we have also imposed GDPR obligations our non-EEA processors and vendors where applicable.
The European Data Protection Board’s (EDPB) guidance on the new SCC’s indicated an 18-month grace period for existing data transfers, until December 27, 2022. We believe that this means there is no action required by you at this time, provided that your current data processing agreement with us included the prior SCCs and specified our relationship as one of independent data controllers. You should consult with your legal team to review your existing contract with us, in light of the EDPB’s guidance and these changes.
If you wish to update your agreement with us to include our Data Processing Terms and incorporate the new controller to controller SCCs, please contact your sales manager directly. If you have any questions, please reach out to our Data Protection Officer, Tammy Helg, at [email protected].
For more information about the new SCC’s and how we’re complying with the GDPR, please visit our FAQs page.
