Worldwide
Americas

User - Privacy Policy

Privacy Policy

Overview

This privacy policy explains the privacy practices of Fraedom Holdings Limited, Fraedom UK Limited, Fraedom Pty Ltd, Fraedom Company Limited, Fraedom LLC and their related group entities (as applicable) ("Fraedom Group", "we", "us", and "our").  In most instances, we are providing “Services” to your company or organisation ("Company") under a contract with that Company ("Contract"). The Fraedom entity responsible for your personal information will be the member of the Fraedom Group that your company has contracted with. You can find out more about us by contacting us using the information in the "Contact" section below.

The purpose of this privacy policy is to provide information about the way data that personally identifies the user or subject of the Service ("Personal Data") is collected and processed by us in connection with the Service. It is not intended to set out our obligations and those of your Company in relation to Personal Data.  Those obligations are addressed in the Contract.

In relation to the majority of activities described in this privacy policy and those undertaken by us in our provision of Services, we will be a data processor under applicable data protection legislation, and the Company will be the data controller. That means that in the majority of circumstances the Company has primary responsibility for determining how and why we use your Personal Data and in the event that you have any queries, comments or complaints about the way in which we use your Personal Data, you should discuss these with the Company in the first instance.

Unless otherwise specified in this privacy policy, we will only ever be the data controller where we are required to use your Personal Data in order to satisfy a legal or regulatory requirement to which we are subject, or in the unlikely event that we believe in good faith that we are required to do so, in order to protect our rights/property or those of our clients and/or their employees.

If you are using the Service on behalf of someone else (for example, you are authorised to make travel bookings or submit expenses on their behalf), you must ensure that you have that person's consent to provide us with their Personal Data and for our processing of that Personal Data as described in this privacy policy. If you are not certain whether you have such consent, then you must not input any Personal Data in this Service.

If you have any questions regarding our authority to collect and/or process Personal Data or any other terms of the Contract, please contact your manager.

In the event of any conflict between this privacy policy and the Contract, the Contract shall prevail. 

Changes to our Privacy Policy

From time to time, we may update this privacy policy to reflect new or different privacy practices.  We will place a notice online when we make material changes to this privacy policy so that you are always aware of what information we collect, how we use it and under what circumstances we disclose it. Please ensure that you read this privacy policy regularly.

You might find external links to third party websites on our application. This privacy policy does not apply to your use of a third party site.

What Personal Data Do We Collect Or Receive? 

In order to provide the Service and other services required by your Company, we may require various categories of Personal Data from time to time. This Personal Data may be collected from you or be provided on your behalf by your Company and may include: 

  • your name, title, gender and date of birth; 
  • your company name and employee ID number; 
  • your contact information, including your telephone number and email address;
  • your credit card details; 
  • your passport details; and 
  • your travel itinerary and special travel requirements.

It could also include sensitive or special category data, such as data relating to your health (for example, if you request wheelchair access), religion or racial or ethnic origin (for example, if you have special dietary requirements). We will only process this Personal Data if we have your express consent (which you may have given to the Company and then passed to us on your behalf) and at all times in accordance with the terms of this privacy policy.

Through our use of cookies, we may collect traffic data or receive information about your use of this application, although the cookies we use do not collect information that identifies individual users. Please see the section headed "Cookies" below for further details. 

Your provision of your Personal Data to us is voluntary. However, if you elect not to provide certain Personal Data, you may be unable to use the Service and we may be unable to provide the information or services that you have requested.

How Do We Collect Or Receive Personal Data? 

We may collect or receive Personal Data directly from your Company or its nominee(s), from you, your administrator, your travel booker (where applicable) or through data submitted to the application or through our use of cookies on the application. We may also collect Personal Data over the telephone, email or internet or when you contact us through the application, whether using the "Get in touch" facility or otherwise.

What We Do With Personal Data And On What Basis Do We Use It

We (and those acting on our behalf) may collect, store, use, process and transfer Personal Data across international borders in accordance with this privacy policy in and/or to countries or regions around the world (Countries/Regions) in accordance with the instructions given by the Company. The main Countries/Regions in which we may use and to which we may disclose the Personal Data include the United Kingdom and other European Economic Area (EEA) countries, Australia, New Zealand, the United States of America, Canada, Hong Kong and Singapore. Not all Countries/Regions necessarily offer the same level of protection over your Personal Data. However, regardless of where your Personal Data is transferred, we will protect it in accordance with this privacy policy and applicable law.

We (and those acting on our behalf) may collect, store, use and process Personal Data both inside and outside the Countries/Regions:

  • in accordance with your Company's written instructions; 
  • as required to provide the Service and/or fulfil our obligations under the Contract; 
  • in accordance with any terms set out at the point at which Personal Data is collected; and 
  • as necessary to comply with legal, regulatory, immigration or customs requirements,

in each case in the capacity as data processor under applicable data protection legislation.

More specifically, this may include:

  • the creation, storage and administration of your traveller (if applicable) and expense administration profiles
  • the transfer and disclosure of Personal Data to service providers which the Company requires or requests us to provide as part of our provision of services under the Contract
  • the transfer and disclosure of Personal Data to service providers, in and to the Countries, that are relevant to the provision of the Service to you (for example, the provision of IT infrastructure for the logging and management of support queries and for the purpose of optical character recognition associated with the technology we use)
  • responding to you or your Company's requests for information concerning your expense transactions or to respond to questions you or your Company might have
  • the transfer, disclosure and storage of Personal Data of your Company's registered administrators to enable us to contact them about the Services we provide to you (for example, to keep them informed about future releases of our technology, the status of support queries that have been logged, advising of upcoming maintenance windows and other issues that may affect the Service)
  • addressing questions relating to our services from you or your Company and pursuant to the Contract
  • the transfer and disclosure of Personal Data to the Fraedom Group in any of the Countries/Regions
  • the provision to your Company of management information, data aggregation (including aggregation using data provided to us by third parties at your Company's request), quality assurance surveys and any other services required from time to time by your Company
  • the transfer and disclosure of Personal Data to your Company as required by your Company from time to time, including as part of its management information, expense management and travel monitoring requirements
  • the transfer of data to third parties at your Company's request
  • responding to an audit of the Service under the Contract by your Company

As explained above, there may be limited circumstances where we have to use your Personal Data to satisfy our own legal or regulatory requirements, or otherwise to defend or establish legal claims, in which we case we will be the data controller for the purposes of applicable data protection legislation.

As data controller, the Company will be responsible for establishing the legal basis for our use of your Personal Data and the Company will be responsible for communicating this to you. Where we act as data controller in the limited circumstances explained in this privacy policy, we will only collect, use and share your Personal Data where we are satisfied that we have an appropriate legal basis to do this. This may be because:

  • our use of your Personal Data is in our legitimate interest as a commercial organisation (for example, in order to establish or defend legal claims or other queries or complaints about our Services). In these cases, we will look after your information at all times in a way that is proportionate and respects your privacy rights and you have a right to object to processing as explained in the Your Legal Rights section below; or
  • our use of your Personal Data is necessary to comply with a relevant legal or regulatory obligation that we have, for example to make disclosures required by tax authorities, law enforcement and/or our regulatory bodies.

General 

Cookies 

We use information collected from cookies and other technologies to improve your user experience and the overall quality of our services. We do this by setting our own cookies but also through certain third party products we use including Google Analytics, Fraedom Session Cookie and Fraedom Language preferences cookie. These third party cookies allow us to improve your experience of this application and to improve the Service we provide through this application. The cookies that we use on this application do not collect information that identifies individual users.

Further information about the use of cookies on this site is set out in the site's Cookie Policy which can be accessed here

Additional information about the use of Google Analytics can be found at www.google.com/policies/privacy/partners.

Location Based Services 

Certain Services require details of your location (for example, in order to provide you with local weather information). Depending on your browser and mobile device settings, we may receive this information automatically or following a request which you accept. We may share this data with certain third parties in order to provide these location based services. If you elect to disable location based services, you may not be able to use some or all of the features of the relevant Service. 

Accessing the Application using our App 

If you are a user of the Service pursuant to a Contract you may use our app to access the application and the Service. By registering a mobile device in order to access the application and the Service via our app, we will collect information about your device's Operating System (OS) version, manufacturer, model, and carrier. This information is used for the duration of your session and is not stored by us. 

Accuracy 

Please provide accurate Personal Data and update it as necessary in the manner specified below. In the absence of any updates, we will assume that the Personal Data submitted is correct.

Marketing 

We will not send you marketing material unless you or your Company has requested it and we will not sell your Personal Data to anyone, or otherwise disclose your Personal Data to any third party except as may be requested from time to time by your Company, as outlined in this privacy policy or as may otherwise be required or permitted by law.

How We Protect And Store Your Information

Security

We recognise the need and take reasonable steps to ensure that Personal Data we have collected remains secure. While we have security measures in place as required by the Contract and at law in order to protect against the loss, misuse, alteration of and unauthorised access to Personal Data under our control, you acknowledge that there remains a risk that Personal Data transmitted over the internet and stored by computer may be intercepted or accessed by an unauthorised third party. 

Storing your Personal Data

We will store your personal information for as long as is reasonably necessary for the purposes for which it was collected, as explained in this privacy policy. In some circumstances we may store your personal information for longer periods of time, for instance where we are required to do so in accordance with legal, regulatory, tax, accounting requirements.

In specific circumstances we may store your personal information for longer periods of time so that we have an accurate record of your dealings with us in the event of any complaints or challenges, or if we reasonably believe there is a prospect of litigation relating to your personal information or dealings.

Your rights in relation to your Personal Information 

Subject to certain exemptions, and in some cases dependent upon the processing activity we are undertaking, you have certain rights in relation to your Personal Data. As explained above, where the Company is the data controller in relation to the activities described in this privacy policy it is the Company that is ultimately responsible for assisting you with exercising your rights in relation to our use of your Personal Data. If you contact us in relation to any rights for which the Company is responsible, we will refer your request to the Company who be able to assist you.

If you wish to exercise your rights in relation to our use of your Personal Data where we are the data controller, you can do so by contacting us. Subject to legal and other permissible considerations, we will make every reasonable effort to address your request promptly or inform you if we require further information in order to fulfil your request. 

We may ask you for additional information to confirm your identity and for security purposes, before disclosing the Personal Data requested to you. We reserve the right to charge a fee where permitted by law, for instance if your request is manifestly unfounded or excessive.

We may not always be able to fully address your request, for example if it would impact the duty of confidentiality we owe to others, or if we are legally entitled to deal with the request in a different way.

Right of access to Personal Data - you have a right to request that we provide you with a copy of your Personal Data that we hold and you have the right to be informed of; (a) the source of your Personal Data; (b) the purposes, legal basis and methods of processing; (c) the data controller’s identity; and (d) the entities or categories of entities to whom your Personal Data may be transferred

Right to rectify or erase Personal Data - if you wish to delete, deactivate or amend the Personal Data, you have a right to request that we rectify inaccurate Personal Data. We may seek to verify the accuracy of the Personal Data before rectifying it.

Right to restriction of processing - you have the right to restrict our processing of your Personal Data where: (i) you contest the accuracy of the Personal Data until we have taken sufficient steps to correct or verify its accuracy; (ii) where the processing is unlawful but you do not want us to erase the data; (iii) where we no longer need the Personal Data for the purposes of the processing, but you require it for the establishment, exercise or defence of legal claims; or (iv) where you have objected to processing justified on legitimate interest grounds (see below) pending verification as to whether we have compelling legitimate grounds to continue processing. Where Personal Data is subjected to restriction in this way we will only process it with your consent or for the establishment, exercise or defence of legal claims.

Right to withdraw consent to marketing activity - As described above, we will not send you marketing material unless you or your Company has requested it, but you have the right to withdraw from such activity at any time. In the case of any email marketing communications, you can do this by following the unsubscribe link in the email.

Right to object to processing justified on legitimate interest grounds - where we are relying upon legitimate interest to process Personal Data, then you have the right to object to that processing. If you object, we must stop that processing unless we can either demonstrate compelling legitimate grounds for the processing that override your interests, rights and freedoms or where we need to process the data for the establishment, exercise or defence of legal claims. Where we rely upon legitimate interest as a basis for processing we believe that we can demonstrate such compelling legitimate grounds, but we will consider each case on an individual basis.

You also have the right to lodge a complaint with a supervisory authority, in particular in your country of residence, if you consider that the processing of your Personal Data infringes applicable law.

If you wish to exercise any of your rights as described above, please contact us at the address given below. 

Queries and Complaints

If you have any questions about this privacy policy, wish to exercise any of your rights as described above, or wish to file a complaint regarding this privacy policy, you can contact us by writing to the address detailed under the "Contact" heading below.

You have a right to lodge a complaint with your local supervisory authority if you have concerns about how we are processing your Personal Data.

We ask that you please attempt to resolve any issues with us first, although you have a right to contact your supervisory authority at any time.

Contact

Questions and comments regarding this privacy policy should be submitted to us using the application's "Get in touch" facility.
You can contact us by writing to us at:

WeWork
Level 3
38 Chancery Lane
London,
WC2A 1EN
FAO: Legal Department

 

This page was last updated on 25. 10.2019

Editor's picks

Five disruptive technologies changing the shape of banking

Future banking

How many currencies is the right number, and what happens to the losers?

Future banking

Banks and navigating the third party pool

Unlocking value

Why successful businesses need brains and brawn

Expense insights

White paper

Powering up the value of your commercial card programmes
CLOSE

Which kind of Fraedom is right for you?

Tell us what you want to see.

Toggle
Landing