Updated: 07-07-2021
To demonstrate the commitment of Carey International, Inc. and its family of owned companies using the registered trademarks CAREY® and operating in the United States and the United Kingdom (listed here, collectively, “Carey”), we have developed this policy (“Privacy Policy”), which discloses our privacy practices for the information we collect from you, as well as the collection, storage, use, or transfer of Personal Information sent from the European Union, European Economic Area, The United Kingdom and Switzerland to the United States.
EU-US*** and Swiss-US Privacy Shield
***While we do not rely on the EU-US Privacy Shield, we continue to keep to the commitments below that we made when we certified to the Privacy Shield.
Carey participates with the EU-US and Swiss-US Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information from the European Union member countries, the United Kingdom and Switzerland transferred to the United States pursuant to Privacy Shield. Carey has certified to the Department of Commerce that it adheres to the Privacy Shield Principles with respect to such data, including notice, choice, accountability for onward transfer, security, data integrity and purpose limitation, access, and recourse, enforcement and liability. If there is any conflict between the terms in this Privacy Policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view our certification, please visit https://www.privacyshield.gov.
For purposes of the EU’s General Data Protection Regulation 2016 (the “GDPR”), the data controller is Carey International, Inc., with offices at 7445 New Technology Way, Frederick, MD 21703.
It is Carey’s policy to notify individuals about the purposes for which we collect and use information we collect, how to contact us with inquiries or complaints, the types of third parties to which we disclose information, and the choices and means available for you to limit use and disclosure. This Privacy Policy does not apply to websites run by independently-owned Carey franchises and affiliates, though those websites may link or redirect to Carey’s Web Site. Independent franchisees and affiliates may have developed similar, but not identical, standards and policies regarding privacy and security in connection with their web sites, subject to certain contractual obligations relating to their business relationship with Carey. In any event, our independently-owned Carey franchises and affiliates must adhere to all GDPR principles.
BY USING CAREY’S WEB SITES, SERVICES, OR MOBILE APP TO OBTAIN SERVICES, (EACH AS DEFINED IN CAREY’S TERMS OF USE) YOU AGREE TO BE BOUND BY THE TERMS AND CONDITIONS OF THIS PRIVACY POLICY, WHICH IS INCORPORATED INTO AND SUBJECT TO OUR TERMS OF USE. IF AN INDIVIDUAL IS USING THE WEB SITE, SERVICES, OR MOBILE APP ON BEHALF OF A BUSINESS ENTITY, WHETHER AS AN EMPLOYEE, CONSULTANT OR AGENT OF SUCH BUSINESS ENTITY, BY DOING SO, SUCH INDIVIDUAL REPRESENTS THAT THEY HAVE THE LEGAL CAPACITY AND AUTHORITY TO BIND SUCH BUSINESS ENTITY TO THIS PRIVACY POLICY. “YOU” SHALL REFER BOTH TO THE INDIVIDUAL ACCESSING THE WEB SITE, SERVICES, OR MOBILE APP ON BEHALF OF A BUSINESS ENTITY, IF ANY, AND ANY SUCH BUSINESS ENTITY ITSELF.
IF YOU DO NOT AGREE WITH THE TERMS AND CONDITIONS OF THIS PRIVACY POLICY, DO NOT USE THE WEB SITE, THE SERVICES, OR THE MOBILE APP.
“Personal Information” is information that would allow someone to identify or contact you, including, for example, your full name, address, credit card number, and telephone number(s) or email address. Personal Information excludes aggregated or anonymized demographic or sensitive information that, by itself, does not identify any one individual.
Carey collects the Personal Information that you provide to us through our Web Site, Services, or Mobile App, our Worldwide Reservations Center, and directly through Carey sales employees. We may collect information in additional ways from Users of our Web Site, as explained in this Section and Sections 2 and 3.
Users may browse through the informational portion of our Web Site without providing us with any Personal Information. However, if you request information or materials from us, we may ask for your contact information, such as your name, email address, company name, postal address, and phone number(s). In addition, we may collect personal information from you when you send us emails or submit other forms of information directly to us. We may also collect personal information from you at other points on our Web Site that state that Personal Information is being collected.
To access and make reservations through the Services available at our Web Site and Mobile App, we will require you to complete a registration form. This registration form will request certain Personal Information about the Web Site or Mobile App user (“User”) and the traveler who will use our transportation services (“Client”) in the event the Client is different from the User. Certain parts of this information will be compiled into a profile maintained by Carey in order to, among other things, most efficiently provide the services to Clients and/or Users. Such information may include at least the following: for the User, name, address, email address, company name, home/mobile phone number and ARC or IATA number; and for the Client, name, email address, home/mobile phone number, company name, work address, home address and billing address, pick-up and drop-off information, credit card information, corporate account information, specific preferences related to the services, and in-transit itineraries. In addition, we may use a feature of your browser called a “cookie” to identify you while you are using our Web Site. Cookies are small pieces of information stored on your hard drive, not on our Web Site. We may allow select third parties to use cookies and similar technologies to collect information about your online activities across different web site and over time.
We do not respond to web browser “do not track” signals. If you arrive at our Web Site by way of a link from a third party web site that does respond to “do not track” requests, the recognition of any “do not track” request you have initiated will end as soon as you reach our Web Site.
Click this link to view our Cookie Policy
Carey owns the Web Site, the Services, and the Mobile App and the Personal Information collected through the Web Site, the Services, and the Mobile App. We may outsource to a third party the hosting and operation of the Web Site. However, such third parties do not and will not have any ownership interest in the Personal Information collected or any right to use the Personal Information apart from the operation of our Web Site. For Personal Information we receive from third party reservations agents, systems or centers, Carey owns, jointly owns, or has the appropriate licenses to use such information. Because Carey is not responsible for the privacy practices of third parties, you should check with the third party who initiated your reservations to determine its respective privacy policies.
Delivery of Service – We use the Personal Information collected through our Web Site, Services, or Mobile App to administer and deliver our services. In connection with the delivery of our services, we may share the Personal Information with third-party partners or vendors who help deliver or administer the services, but they are only permitted to use the information in connection with the delivery or administration of our services. For example, we share a Client’s credit card information with third-party credit card processing and fraud detection companies, but those companies are not permitted to use the credit card or Personal Information for any purpose other than to assist us to safely and securely fulfill the specific purchase transaction. We may also share Personal Information with Carey subsidiaries, affiliates, licensees, and subcontracted service providers who need that information to provide the services that you have requested. Under certain circumstances, we may remain liable for the acts of our third-party agents or service providers who perform services on our behalf for their handling of EEA Personal Data that we transfer to them.
Carey Sales Promotions and Marketing – We may use the Personal Information collected through the Web Site, Services, or Mobile App to provide you with information or newsletters related to our services, and to promote our services to your company as listed in your profile, where you have provided your consent if required under the applicable law. This may include information and promotions and marketing via email, the Mobile App, postal mail, fax or telephone calls. However, for information that we have collected through your voluntary participation in an online customer survey to obtain your suggestions or comments about Carey International’s services, we use such information only for the purpose for which it was collected. We will not use such survey information for direct marketing or disclosure to other companies.
Internal Marketing Research and Reporting – We use non-personal information on an anonymized, aggregated basis for a variety of purposes, including operating and enhancing our Web Site, Services, or Mobile App and our service delivery, internal marketing research, and management reporting. We reserve the right to use and disclose this aggregated information to third parties for any purpose. Aggregate information will not identify any one specific individual.
Cookies – We also use pixels, or transparent GIF files, to help manage online advertising. These GIF files are provided by our advertisement management partners. These files enable our partners to recognize a unique cookie on your Web browser, which in turn enables us to learn which advertisements bring users to our website. The cookie was placed by us, or by another advertiser who works with our partners. The information that we collect and share is anonymous and not personally identifiable. It does not contain your name, postal address(es), telephone number, or email address.
Click this link to view our Cookie Policy
Transfer Due to Corporate Reorganization – We may share, sell or transfer the Personal Information you provide to us in the event of bankruptcy, other reorganization, or the sale or transfer of a division or some or all of our corporate assets or capital stock.
You can control the content of the Personal Information we have collected by following the instructions stated below in Section 5. In addition, if you do not want to receive marketing materials or communications from us or, subject to Section 5, do not want your contact information disclosed to third parties apart from the delivery or administration of our services, you can Opt-Out. You may withdraw or Opt-Out at of allowing us to share your Personal Information for marketing materials or communications at any time during your business relationship with Carey. You begin the process to Opt-Out of receiving marketing materials or communications from us at Opt-out@Carey.com.
In any event, we only share your Personal Information with third parties in limited circumstances where:
We provide your Personal Information to service providers we have retained to perform services, or process Personal Information, on our behalf, and only to the extent necessary to deliver or administer such services. We require service providers to process Personal Information in a manner consistent with this Privacy Policy or other similar or appropriate privacy measures and any laws governing the processing of Personal Information.
Access, use, preservation, or disclosure of Personal Information is reasonably necessary for Carey to detect, prevent or remedy security or technical issues, or suspected or actual fraudulent or illegal activity; to satisfy any applicable law, regulation, public authorities, ordinance, matters related to national security, or legal process, including government investigation; or to protect the rights of Carey, our clients, or other individuals, as required or permitted by law.
You have authorized Carey to do so by reviewing this Privacy Policy and moving forward with using our services. Carey will notify you in the event we use Personal Information in a manner different from that described in this Privacy Policy. We will not share any sensitive information without your Opt-In consent.
In the event that we use your Personal Information in a manner different from that described in this Privacy Policy, we will notify you and offer you a reasonable opportunity to Opt-Out of: (i) the use of your Personal Information for such purposes; or (ii) the disclosure of your Personal Information to a third party.
In the unlikely event that sensitive information (such as a medical or health condition, race or ethnic origin, religious or philosophical belief, sexual orientation or habits, etc.) is provided to Carey, Carey will offer you the opportunity to affirmatively and explicitly consent to: (i) the use of sensitive information in a manner different from that described in this Privacy Policy; or (ii) the disclosure of sensitive information to a third party (“Opt-In”).
Please note that if you provide any information on your own or directly to third parties who may be linked to, or otherwise connected with, our Web Site, different rules may apply to their use or disclosure of your Personal Information. We encourage you to investigate and ask questions before disclosing information to third parties.
You can access, update, restrict, erase or transfer your Personal Information through Carey’s Web Site by logging into your Carey account through the Profile and Settings functions on the Mobile App, by contacting us at Privacyinfo@Carey.com, or by calling Carey’s Worldwide Reservations Center. However, for verification and security purposes, before we allow you to access, update, restrict, erase or transfer, you may be asked to provide us certain Personal Information. You may also request that we provide to you certain information related to your business relationship with Carey by contacting us at Privacyinfo@Carey.com or by calling Carey’s Worldwide Reservations Center.
In order to service your reservation, Carey may share your travel and other information with certain third party service providers. Except as provided in this Privacy Policy we are not responsible for removing your Personal Information from the records of any third party who has previously been provided with your information in accordance with this Privacy Policy; however, we will assist you in any reasonable manner associated with doing so. Depending on applicable law, Carey may be liable for misuse of your information resulting from the transfer of that information.
Carey will use Personal Information to the extent necessary to deliver or administer our services, and only for the purposes for which it was originally collected, or subsequently authorized by you, in accordance with this Privacy Policy. Carey will take reasonable steps to ensure that your Personal Information is relevant to its intended use, current, accurate, and complete.
We have established and currently maintain security procedures to protect the confidentiality, security and integrity of your Personal Information from loss, misuse, unauthorized access, and disclosure. We use encryption, tokenization, Secure Socket Layers, and firewalls, and we implement off-line efforts to further protect this information, including updating our security practices and privacy policies, privacy and security related training, and limiting employee, agent, and subcontractor access to Personal Information to those who need to know such information to deliver or administer services. In addition, both electronic and paper records containing Personal Information are maintained in access-controlled facilities and access to the information within our secured facilities is limited to only those Carey associates with a legitimate need to access the information in furtherance of providing the services requested by you.
Carey’s headquarters is in the United States of America. By using the Web Site, Services, or Mobile App, you authorize the exportation/transfer of your Personal Information to the U.S.A. and its storage and use as specified above when you provide such information to us.
We will store your Personal Information, in a form that permits us to identify you, for no longer than is necessary for the purpose for which the Personal Information is processed. We store your Personal Information as necessary to comply with our record retention policy, any legal obligations (which may include the duration of a pending suit, allegation, investigation or claim), resolve disputes, and enforce our agreements and rights, or if it is not technically and reasonably feasible to remove it. Otherwise, we will seek to delete your Personal Information within a reasonable timeframe upon request.
Carey has established internal policies and procedures to review and verify our ongoing compliance with this Privacy Policy, including an annual assessment to verify that privacy practices have been implemented as represented in this Privacy Policy. In compliance with the EU-US Privacy Shield Principles, Carey commits to resolve complaints about your privacy and our collection or use of your personal information. If you have any questions or concerns regarding this Privacy Policy, or if you have any complaints regarding this Privacy Policy, please first contact us at
For residents of the European Union:
Carey England Limited
Attn: Data Representative
1st Floor , 6-9 The Square,
Stockley Park, Uxbridge,
UB11 1FW, United Kingdom
privacyinfo@careyuk.com
For residents outside of the European Union:
Carey International, Inc.
Attn: Data Representative
7445 New Technology Way
Frederick, MD 21703
Privacyinfo@Carey.com
Carey has further committed to refer unresolved privacy complaints under the EU-US Privacy Shield Principles to JAMS, a non-profit alternative dispute resolution provider located in the United States. In the event of a formal complaint, it is Carey’s policy to contact the individual directly to resolve any concerns. Carey will cooperate with JAMS, free of charge to you, pursuant to the JAMS International Mediation Rules, which are accessible on the JAMS website at https://www.jamsadr.com/eu-us-privacy-shield, if the complaint cannot be resolved through Carey’s internal processes. If you do not receive timely acknowledgment of your complaint, or if we have not addressed your complaint to your satisfaction, please contact or visit www.jamsard.com for more information or to file a complaint. Such JAMS mediation will be held in New York, NY for complaints by individuals in the U.S. and in London, UK for complaints by individuals outside of the U.S.
Carey is subject to the investigatory and enforcement power of the Federal Trade Commission with respect to claims or complaints related to this Privacy Policy. As set forth in section 4 above, we may disclose your Personal Information in response to lawful requests related to applicable law, regulation, ordinance, public authorities, matters related national security or legal process, including government investigations.
You may have the option to select binding arbitration for the resolution of your complaint under certain circumstances, provided you have taken the following steps: (1) raised your complaint directly with Carey and provided us the opportunity to resolve the issue; (2) made use of the independent dispute resolution mechanism identified above; and (3) raised the issue through the relevant data protection authority and allowed the US Department of Commerce an opportunity to resolve the complaint at no cost to you.
Your California Privacy Rights – California Civil Code § 1798.83 (California’s “Shine the Light” Law) requires certain businesses to respond to requests from California customers who have an established relationship with the business about the business’ practices related to disclosing certain personal information to third parties for the third parties’ direct marketing purposes.
Alternatively, such businesses may implement a policy not to disclose personal information of customers to third parties for the third parties’ direct marketing purposes unless the customer first affirmatively agrees to disclosure (Opt-In).
Carey does not disclose Personal Information of customers to third parties for third parties’ direct marketing purposes. In the event we do so in the future, we will not disclose any of your Personal Information to third parties for third parties’ direct marketing purposes unless you consent in advance.
Your California Consumer Privacy Act (”CCPA”) Rights – As of January 1, 2020 verified California residents will have the right to:
request and receive disclosure of our personal information collection practices during the prior 12 months, including the categories of personal information about them that we collected, the categories of sources of such information, our business purpose for collecting or sharing such information, and the categories of third parties with whom we share such information.
request and receive a copy of the personal information we have collected about them during the prior 12 months.
request and receive disclosure of our information sharing practices during the prior 12 months, including a list of the categories of personal information about them that we sold with the category of third party recipients and a list of the categories of personal information about you that we disclosed for a business purpose.
request that we not sell personal information about them and request that we delete (and direct our service providers to delete) their personal information subject to certain exceptions.
If you have questions about your CCPA Rights please call us toll free at 800-285-5312 or email us at Privacyinfo@Carey.com. For purposes of the CCPA personal information means information that identifies, relates to, describes, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular California resident or household. The categories of personal information are listed below.
In order to make a request for disclosure of our information collection or sharing practices, for a copy of the personal information we collected about you, or for deletion of your information California residents may call us toll-free at 800-285-5312 or by make a request online by clicking this link. We will ask you for information that allows us to reasonably verify your identity (that you are the person about whom we collected personal information) and will use the information you submit only for that purpose. If you do not have a registered account with us we may request that you submit a signed statement under penalty of perjury that you are the individual you claim to be. We cannot respond to your request or provide you with personal information if we cannot verify your identity and confirm that the personal information relates to you. We will acknowledge receipt of your request within 10 days and will endeavor to respond within forty-five days of receipt of your request, but if we require more time (up to an additional forty-five days) we will notify you of our need for additional time.
You may make a request for disclosure of our information collection practices, the information we collected about you, or our sharing practices up to twice within a 12-month period. You may make a deletion request at any time.
For requests for a copy of the personal information we have collected during the 12 months prior to your request we will endeavor to provide the information in a format that is readily useable, including by mailing you a paper copy or providing an electronic copy to your registered account, if you have registered an account with us.
If you request that we delete your personal information, California law permits us to retain certain information and not to delete it under certain circumstances. By way of example, we are not required to comply with a request to delete information if the information is necessary for us to complete a transaction for you or otherwise perform a contract; to detect, protect against, or prosecute security incidents, fraud or illegal activity; to use the information only internally in ways reasonably aligned with your expectations as our customer (such as maintaining sales records), and to comply with legal obligations.
We will not discriminate against you as a result of your exercise of any of these rights.
We do not disclose personal information in exchange for payment of money, but we may disclose personal information to certain third parties that provide us with services such as helping us with advertising, fraud detection, data analysis and security, which may fall under the definition of “consideration” and be considered a “sale” under the CCPA. This includes categories listed in the chart below. If you are over the age of 16 and would like to instruct us not to sell your personal information, please contact our Do-Not-Sell group by clicking this link. We do not sell personal information of individuals we actually know are less than 16 years of age. Once we receive your Do-Not-Sell request we will wait at least 12 months before asking you to reauthorize personal information sales.
Using an Authorized Agent. You may submit a request through someone holding a formal Power of Attorney. Otherwise, you may submit a request using an authorized agent only if (1) you provide the authorized agent with written permission to make a request and (2) you verify your own identity directly with us. We will require the agent to submit proof to us that they have been authorized to make requests on your behalf.
During the past 12 months, we have collected the following categories of information from the listed sources, used it for the listed business purposes and shared it for a business purpose with the listed categories of third parties. The categories of information include information we collect from our website visitors, registered users, employees, vendors, suppliers and any other person that interacts with us either online or offline. Not all information is collected about all individuals. For instance, we may collect different information from applicants for employment or from vendors or from customers.
Category of Information collected | Source | Business purposes* for collection/use | Categories of third parties receiving information for a business purpose |
Identifiers (name, alias, postal address, email address, phone number, fax number, account name, Social Security number, unique personal identifier, IP address) | Individuals submitting information to us; information we automatically collect from site visitors; information we may receive from third-party marketing and data partners. |
Auditing relating to transactions; security detection, protection and enforcement; functionality debugging/error repair; ad customization; performing services for you; internal research and development; quality control. |
Service providers (such as payment processors, mail houses, marketing partners, shipping partners, employee benefits partners); affiliated companies; government regulators; law enforcement; and strategically aligned businesses. |
Sensitive Information (name with financial account, medical, health, and health insurance information, user name and password) | Individuals submitting information; employment applications; employees. |
Auditing relating to transactions; security and fraud detection, protection and enforcement; performing services for you; internal research and development; quality control; and Facilitating employment related activities and benefits for our employees. |
Service providers (such as payment processors and employee benefits partners); affiliated companies with a need to know; government regulators; and law enforcement. |
Protected classification information (race, gender, ethnicity, religion) | Employees and Individuals submitting information. | Facilitating employment related activities and benefits for our employees; Auditing relating to transactions; performing services for you; internal research and development; quality control. |
Service providers (such as payment processors, mail houses, marketing partners, shipping partners, employee benefits partners); affiliated companies with a need to know; government regulators; law enforcement; |
Commercial information (transaction history, products/services purchased, obtained or considered, product preference) | Individuals submitting information; information we automatically collect from site visitors; information we may receive from third-party marketing or data partners. |
Auditing relating to transactions; security and fraud detection, protection and enforcement; functionality debugging/error repair; ad customization; performing services to you; internal research and development; quality control. |
Service providers (such as payment processors, mail houses, marketing partners, shipping partners, employee benefits partners); affiliated companies; government regulators; law enforcement; strategically aligned businesses. |
Electronic network activity (browsing or search history, website interactions, advertisement interactions) | Information automatically collected from site visitors. | Auditing relating to transactions; security and fraud detection, protection and enforcement; functionality debugging/error repair; ad customization; performing services for you; internal research and development; quality control. |
NOT SHARED |
Audio, video or similar information (customer service calls, security monitoring) | Individuals submitting information; information we collect for security purposes. |
Auditing relating to transactions; security detection, protection and enforcement; functionality debugging/error repair; ad customization; performing services for you; internal research and development; quality control. |
Service providers (such as payment processors, mail houses, marketing partners, shipping partners, employee benefits partners); affiliated companies; government regulators; law enforcement; strategically aligned businesses. |
Biometrics | NOT COLLECTED | NOT COLLECTED | NOT SHARED |
Geolocation | Information we automatically collect from site visitors. | Auditing relating to transactions; security detection, protection and enforcement; functionality debugging/error repair; ad customization; performing services for you; internal research and development; quality control. |
Service providers (such as payment processors, mail houses, marketing partners, shipping partners, employee benefits partners); affiliated companies; government regulators; law enforcement; strategically aligned businesses. |
Professional, educational or employment related information | Information submitted by individuals; information received from third parties in connection with vendor or employment status or applications; information we observe in connection with vendor or employment oversight. |
Auditing relating to transactions; security detection, protection and enforcement; functionality debugging/error repair; ad customization; performing services for you; internal research and development; quality control. |
Service providers (such as employee benefits partners); affiliated companies; government regulators; law enforcement; strategically aligned businesses. |
Inference from the above (preferences, characteristics, behavior, attitudes, abilities, etc.) | Internal analytics | Auditing relating to transactions; performing services for you; internal research and development; quality control. |
affiliated companies with a need to know; |
*More specifically, the business purposes include:
Performing services for you:
Advertising customization.
Auditing relating to transactions, internal research and development.
Security detection, protection and enforcement; functionality debugging, error repair.
Quality control.
We do not transfer personal information for monetary consideration. If you would like to tell us not to sell your information in the future in case we change our policy please email us at Privacyinfo@Carey.com with your name, postal address, telephone number and email address with “Nevada do not sell” in the subject line.
Carey may amend or change this Privacy Policy at any time. We will post any revisions to this Privacy Policy on Carey’s Web Site. Therefore, you should review Carey’s Web Site periodically to ensure that you are informed of our current policies and practices. Any User or Client who provides additional Personal Information after these changes are posted will be deemed to have accepted the revised policy.
This Privacy Policy is effective and was last updated on January 21, 2021.
We hope this Privacy Policy clarifies our policies and procedures regarding your Personal Information. If you have any questions, you may contact us at Privacyinfo@Carey.com. As stated above, if you are a California resident, over the age of 16 and would like to instruct us not to sell your personal information, please contact our Do-Not-Sell group by clicking this link.