TravelBank Keeps Your PII and Other Data Secure
We’re here to give you the best experience with travel booking and expense reporting, and a big part of that means protecting your data. That’s why we use a multi-tiered approach based on proven industry standards.
Keeping Your PII Secure
Our biggest priority is safeguarding your personally identifiable information (PII), which includes details like your name, date of birth, and social security number. Because we respect your privacy, we’ve built a thorough security plan that’s similar to the ones used by the Department of Defense, major banks, and other institutions that need to keep PII safe and confidential.
7 Ways We Protect Your Data
Transport Layer Security (TLS) Encryption
Our systems use powerful SHA2 256 2048-bit Transport Layer Security (TLS) to encrypt any data transmitted between us and our users, and between our servers and data centers. It’s as strong as the encryption used by online banks and payment systems, and it ensures that outside parties can’t read or intercept your information.
Secure Shell (SSH) Network Encryption Protocol
The folks on our server support team communicate using Secure Shell (SSH) protocol. SSH is a robust network encryption protocol used to protect login credentials and all other information coming into and going out from our servers.
Physical Security Measures
Both our data center and our head office are private and secure, and have strict multi-layer security protocols including gatekeeping by security officers, visitor vetting and authentication, and badging.
Environmental Controls
Our data center is built to make sure we can keep delivering the best experience to you even if things happen that are out of our control. This includes disaster-compliant construction and architecture, backup generators, high performance HVAC systems, and internal systems to detect smoke, fire, and water.
Malware Protection
We use updated anti-virus software on all relevant platforms.
Data Disposal
We cross-shred sensitive printed information, and irrevocably delete sensitive information that lives on hard drives and other media formats.
Vulnerability Monitoring
We monitor security vulnerabilities as they are identified and are communicated by tech vendors or alerting services. If we find a known vulnerability in one of our systems, we assess it to confirm if it’s applicable to the version of the tech we’re using. After testing, we work to implement vendor-approved patches and upgrades.
Third-Party Vendors
We use reputable third-party vendors to make sure we’re meeting and exceeding information security and data protection policies and standards.
These vendors help us stress test our systems with regular penetration testing to search out, identify, and resolve any vulnerabilities with vetted and approved fixes.
When we use these third-party service providers:
- We run data privacy and information security risk assessments on each and every vendor;
- We make them sign confidentiality agreements that include their responsibility to keep your information confidential; and
- We make them use the controls and systems we use in our own work
GDPR Compliance
On May 25, 2018, the European Union’s General Data Protection Regulation (GDPR) became a game-changing event for many global companies. While this regulation did not directly affect TravelBank, it has had a direct impact on some of our clients.
TravelBank takes the protection of customer’s personally identifiable information seriously. To support our clients, we have and will continue to maintain a formal data protection program with a dedicated Data Protection Officer in place. As we move forward, TravelBank continues to evolve its data protection capabilities to address a dynamic threat landscape.
Accessing Your PII
You’ll always have access to your own data.
Request access to PII we’re storing for you
Request corrections to any PII that’s wrong or outdated
Remove your PII from TravelBank