Privacy Policy

Privacy Policy

Effective Date: 02/20/2026
Last Updated: 02/20/2026

Exhibitravel (“Company,” “we,” “our,” or “us”) respects your privacy and is committed to protecting personal information in accordance with applicable U.S. federal and state laws, including the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA), Nevada privacy law (NRS 603A), and, where applicable, the EU General Data Protection Regulation (GDPR).

This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit www.exhibitravel.com or engage our corporate travel management services.

Exhibitravel maintains commercially reasonable data protection controls aligned with industry standards applicable to corporate travel management providers and enterprise client procurement requirements.

1. Information We Collect

We may collect the following categories of personal information:

A. Identification Information

  • Full name
  • Company name
  • Email address
  • Phone number
  • Billing address
  • Passport details (when required for international travel)

B. Commercial Information

  • Travel itineraries
  • Booking history
  • Payment details
  • Corporate travel program data

C. Technical & Usage Information

  • IP address
  • Browser type
  • Device information
  • Website activity and analytics data

D. Sensitive Personal Information

  • Government ID numbers (passport data when required)
  • Payment information
  • Travel preferences that may reveal personal details

Sensitive information is used only for essential business purposes such as booking travel, regulatory compliance, and fraud prevention.

2. How We Use Your Information

We use personal information to:

  • Provide travel booking and management services
  • Manage corporate travel programs
  • Facilitate vendor coordination (airlines, hotels, ground transportation)
  • Process payments
  • Provide duty of care monitoring
  • Respond to inquiries
  • Improve our website and services
  • Comply with legal obligations

We do not sell personal information.

3. Legal Basis for Processing (GDPR)

If you are located in the EEA or UK, we process personal data under:

  • Performance of a contract
  • Legitimate business interests
  • Legal compliance
  • Consent (where required)

4. Information Sharing & Disclosure

We may share information with:

  • Airlines and global distribution systems (GDS platforms)
  • Hotels and lodging providers
  • Ground transportation providers
  • Travel technology platforms
  • Payment processors
  • Corporate clients (for employee travel management)
  • Legal or regulatory authorities when required

All third-party vendors are required to maintain appropriate security safeguards.

5. Data Security

We implement reasonable administrative, technical, and physical safeguards including:

  • Secure data storage
  • Restricted access controls
  • Vendor due diligence
  • Contractual data protection clauses

While no system can guarantee absolute security, we take commercially reasonable measures to protect your information.

6. Data Retention

We retain personal data only as long as necessary to:

  • Provide contracted services
  • Comply with tax, accounting, and regulatory requirements
  • Resolve disputes
  • Enforce agreements

7. California Privacy Rights (CCPA / CPRA)

If you are a California resident, you have the right to:

  • Know what personal information we collect
  • Access specific personal information
  • Delete personal information (subject to exceptions)
  • Correct inaccurate personal information
  • Opt-out of sale or sharing (we do not sell data)
  • Limit use of sensitive personal information
  • Non-discrimination for exercising privacy rights

To exercise your rights, email:
privacy@exhibitravel.com
Subject: California Privacy Request

We may verify your identity before processing requests.

8. Nevada Privacy Rights (NRS 603A)

Nevada residents have the right to opt-out of the sale of certain personal information.

Exhibit Travel does not sell personal information.

Nevada residents may submit requests to:
privacy@exhibitravel.com

9. European Union & International Rights (GDPR)

If subject to GDPR, you have the right to:

  • Access your personal data
  • Rectify inaccuracies
  • Request erasure
  • Restrict processing
  • Object to processing
  • Data portability
  • Withdraw consent

You may lodge a complaint with your local supervisory authority.

International data transfers outside the EEA are protected through:

  • Standard Contractual Clauses
  • Vendor compliance agreements
  • Appropriate contractual safeguards

10. Data Processing Agreements (Enterprise Clients)

For corporate and enterprise travel clients, Exhibitravel may execute formal Data Processing Agreements (DPAs) outlining:

  • Roles of data controller and processor
  • Subprocessor transparency
  • Cross-border data transfer safeguards
  • Security standards
  • Breach notification timelines

Corporate clients may request a DPA by contacting:
privacy@exhibitravel.com

11. Duty of Care & Risk Monitoring Data

As part of corporate travel management services, Exhibitravel may process itinerary and location data to provide duty of care monitoring, emergency response coordination, and travel risk management services.

Such data is processed strictly for safety, compliance, and operational continuity purposes.

12. Data Breach Notification

In the event of a confirmed data breach involving personal information:

  • We will investigate promptly
  • Notify affected individuals when legally required
  • Notify regulatory authorities where applicable

13. Cookies & Tracking Technologies

We use cookies and similar technologies to:

  • Analyze website performance
  • Improve user experience
  • Understand visitor behavior

Users may adjust browser settings to disable cookies, though some functionality may be limited.

14. Children’s Privacy

Our services are not directed to individuals under 18 years of age.
We do not knowingly collect personal information from minors.

15. Travel Industry Compliance Statement

Exhibitravel operates within established travel industry standards and may coordinate with:

  • Airline distribution systems
  • Global travel technology platforms
  • Corporate booking tools
  • Supplier networks

We maintain commercially reasonable compliance standards consistent with corporate travel management best practices.

16. Changes to This Policy

We may update this Privacy Policy periodically.
Updates will be posted with a revised effective date.

17. Contact Information

Exhibitravel
Las Vegas, NV • USA
Email: privacy@exhibitravel.com
Website: www.exhibitravel.com