This Policy should answer your questions about:
In order to facilitate interactions with ARC and manage the business operations of ARC and its related entities, ARC may collect and maintain information about individuals from different sources, including, for example:
"Personally Identifiable Information" (also referred to as "Personal Data") is any information that identifies you personally, either alone or in combination with other information available from ARC. Personally Identifiable Information ("PII") does not include information that does not identify an individual. On some ARC sites, you may be able to register for and/or order ARC products or services, participate in surveys, request information, or apply for a position, which may require that you provide PII.
ARC does not knowingly collect PII from children under the age of 13 and ARC does not target its Web sites to children under 13.
Personally Identifiable Information (PII) received or collected by ARC is used primarily to complete transactions, fulfill requests, and also to facilitate performance of contracts between ARC and participants in ARC's programs and services (e.g., ARC accredited travel agents, CTDs, participating Carriers and other ARC participants (collectively "Participants")) or as otherwise required by ARC's business practices or needs. PII is made available to ARC employees in the customary exercise of their duties. Additionally, ARC may contract with third party service providers, contractors and suppliers to conduct surveys or provide products, services, event registration, or other customer solutions to you based upon and using the information ARC gathers and receives. ARC contractors may have access to PII in the course of assisting in ARC's business operations and providing services to you (e.g., ARC Marketplace). ARC endeavors to limit access to Personally Identifiable Information by such third parties to that which is necessary for the contractor to perform its designated functions. Although we use all reasonable means to ensure that the information you provide is not used by such third parties for purposes other than described in this policy, ARC is not responsible for any improper use of PII that is beyond our reasonable control.
ARC compiles a list (the ARC List aka Agency List) of ARC participants and other travel professionals which includes, but is not limited to company name, address, email address, phone number and type of entity, etc., that may be shared with or marketed to suppliers or other entities for product information, promotions or other messages.
ARC processes information related to airline carrier transactions (airline tickets, refunds, exchanges, etc.) and retains such information for a period deemed reasonable to facilitate the processing and settlement of the transactions and during which disputes between the parties to the transactions (e.g., the passenger, the travel professional who issued the transaction and the carrier) are likely to arise and with respect to which PII associated with the transaction will continue to be relevant. ARC also prepares and publishes aggregated or consolidated transactional data.
To reduce the likelihood of unauthorized access, disclosure, alteration or destruction of information, to maintain data accuracy, to safeguard and secure the information in the database, ARC has put in place physical, electronic, and managerial procedures that ARC believes to be reasonable. ARC currently uses the Secure Socket Layers (SSL) protocol to help protect information in transit over the Internet. ARC employs firewalls to reduce the likelihood of unauthorized access via the Internet.
You can also help to keep information secure. Create secure passwords (i.e., difficult for someone else to figure out). Use a combination of special characters, number and upper and lower case letters. Change passwords frequently and do not share usernames and passwords or give your password to anyone.
The PCI Data Security Standards are a set of best practices developed by the credit card payment industry and used to protect card holder data. There are 12 core data security requirements.
ARC was very pleased to be the first level 1 entity in the travel industry to be certified as PCI Compliant, and we actively participate in the PCI Security Standards Council. Level 1 merchants and processors with more than 6 million transactions must go through a yearly on-site audit by a qualified security assessor and perform quarterly scans to maintain compliance with PCI standards.
We all share a common interest to keep credit card information secure. Please click on the link for information about PCI and protection of credit card information.
ARC websites may provide links to third party companies' websites for your convenience and information. If you access such links, you leave ARC's website. ARC does not control such sites or their privacy policies or practices.
Your use of the ARC site and its services indicates you understand this policy and agree to the collection and use of the information discussed herein.
Airlines Reporting Corporation
Customer Support Center
3000 Wilson Boulevard, Suite 300
Arlington VA 22201-3862
Last Revised May 3, 2013