Partner Privacy Policy

Welcome to’s Supplier and Business Partner Privacy Statement.


WHEN THIS PRIVACY STATEMENT APPLIES is committed to protecting personal data. This privacy statement will inform you as to how we look after supplier and business partner (“Partner”) personal data, including personal data we collect on TripPartner, a mobile application operated by to provide products and services to our Partners; it supplements other notices and privacy statements and is not intended to override them.


This privacy statement was last updated on May 9, 2020.


WHO WE ARE is made up of different legal entities. Our parent entity is Group Limited, a NASDAQ listed company with its address at 968 Jin Zhong Road, Shanghai 20033 China. This privacy statement is issued on behalf of the group so when we mention, “we”, “us” or “our” in this privacy statement, we are referring to the relevant company in the group responsible for processing your data.

You have the right to make a complaint at any time to your local supervisory authority for data protection issues; however, we would appreciate the chance to deal with your concerns, so please contact us in the first instance.




We may collect, use, store and transfer different kinds of Partner personal data, including:


Information you have provided to us directly:

  • Contact Data includes first names, last names, business titles, business email addresses, addresses and telephone numbers.
  • Financial Data includes payment and invoice data, such as bank account and payment card detail, which may include personal data if you are a sole trader or similar.


Information we collect on TripPartner:

  • Technical Data includes any login data (including token name and unlock code), internet protocol (IP) address, the version and device identification code (IDFA / IMEI / OAID) used by the mobile device accessing TripPartner, as well as configuration information used by the mobile device to access our services through a web browser.
  • Usage Data includes information about how you use TripPartner.


We also record business calls for training and quality purposes (to develop and improve our services), and to help us manage and resolve any claims.


Where we need to collect personal data by law, or under the terms of a contract we have with you, and you fail to provide that data when requested, we may not be able to perform the contract we have or are trying to enter into with you. In this case, we may have to cancel a service you have with us but we will notify you if this is the case at the time.




We will only use Partner personal data when the law allows us to. Most commonly, we will use Partner personal data to:


  1. Negotiate and enter into a Partner contract with you.
  2. Perform our obligations, and receive the benefits of you performing your obligations, under the Partner
  3. Register you as a Partner and manage your Partner account.
  4. Register you on TripPartner and manage your TripPartner account.
  5. Manage our relationship with you, including (i) providing you with notifications, updates and confirmations, and (ii) responding to any questions and requests.
  6. Process any payments.
  7. Where you are a travel product supplier, to manage requests, queries and claims from customers that booked via
  8. Make suggestions and recommendations to you to improve and benefit our business partnership, including notifying you of relevant offers and Partner promotions and inviting you to events that we believe will be of interest to you.
  9. Measure the success of, develop and improve our services.
  10. Carry out technical operations on TripPartner, such as user verification, technical support, network maintenance, troubleshooting.
  11. Execute our internal business processes and management reporting.
  12. Manage the security of TripPartner, to prevent fraud and illegal activities.
  13. Comply with our legal obligations and regulatory requirements.
  14. Manage and resolve any legal complaints.





Legal Basis

A to G

To perform the contract we are about to enter into or have entered into with you

H to K

It is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests

L to N

We need to comply with a legal obligation




We may share Partner personal data with following parties for the purposes set out in “HOW WE USE PARTNER PERSONAL DATA” above:


  • Other companies in the group.
  • Third party vendors under contract to us to provide services or functions on our behalf, including financial, tax, IT and legal services, business analytics, customer service and fraud prevention.
  • Regulators and other authorities.
  • Third parties to whom we may choose to sell, transfer or merge parts of our business or our assets. Alternatively, we may seek to acquire other businesses or merge with them. If a change happens to our business, then the new owners may use Partner personal data in the same way as set out in this privacy statement.


If you are based in the European Economic Area (“EEA”)


Many of our group entities and the external third parties above are based outside the EEA so their processing of Partner personal data will involve a transfer of data outside the EEA.


Whenever we transfer Partner personal data out of the EEA, we ensure a similar degree of protection is afforded to it by ensuring that at least one of the following safeguards is implemented:


  • We will only transfer Partner personal data to countries that have been deemed to provide an adequate level of protection for personal data by the European Commission.
  • Where we use certain service providers, we may use specific contracts approved by the European Commission which give personal data the same protection it has in Europe.
  • Where we use providers based in the US, we may transfer data to them if they are part of the Privacy Shield which requires them to provide similar protection to personal data shared between Europe and the US.




We will only retain Partner personal data for as long as reasonably necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, regulatory, tax, accounting or reporting requirements. We may retain Partner personal data for a longer period in the event of a complaint or if we reasonably believe there is a prospect of litigation in respect to our relationship with you.


To determine the appropriate retention period for personal data, we consider the amount, nature and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of Partner personal data, the purposes for which we process Partner personal data and whether we can achieve those purposes through other means, and the applicable legal, regulatory, tax, accounting or other requirements.




Under certain circumstances, you may (for e.g. if you are based in Europe) have the right to:


  • Withdraw consent.
  • Request access to your personal data.
  • Request correction of your personal data.
  • Request erasure of your personal data.
  • Object to processing of your personal data.
  • Request restriction of processing your personal data.
  • Request transfer of your personal data.