Here's what we collect from you when you use the Service:
Third-Party Login Functionality: We allow users with accounts on third-party services, such as Facebook and Google, to log into the Service using functionality that those third parties provide (such as Facebook Connect and Google's OpenID-based authentication mechanism). By using this Facebook or Google functionality to log into the Service, you permit us to access and use specific identifying information related to your Facebook or Google account. While these services make a variety of information available, Hipmunk will associate only your e-mail address or other unique user account identifier with your Hipmunk account.
We also allow you to integrate various functionalities from other services, such as Microsoft Outlook and Google Calendar, with Hipmunk. If you choose to take advantage of this integration feature in the desktop version of the Service, we will ask you for your login credentials for the other service. If you access the Service using our mobile apps, you do not need to provide your login credentials, as your mobile device allows this integration automatically. By providing those credentials or installing the mobile apps, you are agreeing that we can access and store the information that the other service's functionality contains, including personally identifiable information. Further, if you have obtained authorized access through the other service to another person's information, you understand and agree that by providing us your login credentials or installing the mobile, you are allowing and are authorized to allow Hipmunk to access and store that other person's information, including personally identifiable information.
"Cookies" Information: One form of "automatically collected" information we record is information stored by "cookies." When you use the Service, we may send one or more cookies to your computer or your mobile device. We use both "session" and "persistent" cookies to collect, store, and sometimes track various types of information. A session cookie is one that disappears after you close your browser or our mobile app. While a persistent cookie remains after you close your browser or the mobile app (and may be used by your browser or the mobile app when you later return to the Service), persistent cookies generally can be removed. You can review the appropriate "Help" file in your Web browser or your mobile device to learn the proper way to modify your cookie settings.
Information Associated with Paid Subscriptions: Hipmunk offers a paid subscription service for managing executive travel ("Hipmunk for Business"). Hipmunk for Business allows you to find travel information for business purposes on behalf of others. When you sign up for Hipmunk for Business, we collect your name, e-mail address, and the names and e-mail addresses of the persons on whose behalf you will be using Hipmunk for Business. When you use Hipmunk for Business, we also collect the information in the categories listed above, which may include personally identifiable information pertaining to the persons on whose behalf you are using Hipmunk for Business.
Payment Information: Hipmunk for Business: A subscription to Hipmunk for Business requires a monthly payment. When you sign up for Hipmunk for Business, we collect billing details from you including name on card, card number, and billing address, and we pass that information to our third-party payment processor, Stripe, which handles payments for us. We don't store that information—Stripe does. You can find out more about Stripe here.
Booking through Hipmunk: If you are a registered Hipmunk user, you may book travel transactions with some of our travel partners through Hipmunk. When you use this feature, we collect payment details from you including name on card, card number, billing address, expiration date, security code, and phone number, and we pass that information to the travel partner to complete the transaction. The travel partner processes your payment. You have the option to let us save your payment details, which we will store for the sole purpose of enabling your future transactions. You may add a payment method or edit or delete your saved payment information at any time in your Hipmunk account settings.
Hipmunk uses the information you provide or that we collect to keep this great thing going—that is, to develop, operate, maintain, enhance, and provide the Service, to develop new products and services, and to customize and target content that may be more interesting, relevant or useful to you, including advertisements, and for other administrative purposes. Here are some examples of how we may use the information you provide or that we collect:
We may provide personally identifiable information to third parties for their use in helping us perform our internal business functions. These are things like processing payments for us, or performing maintenance, security, data analysis, e-mail transmission, or data hosting on our behalf. If you book travel with one of our travel partners through Hipmunk, we provide the payment details you give us to the travel partner to process the transaction. We will do our best to require these third parties to maintain your information securely, to not use it for purposes other than providing services to us, and to refrain from disclosing the information except when required by law.
Hipmunk may disclose your personal information if required to do so by law or in the good faith belief that disclosure is necessary to: (1) satisfy legal obligations or comply with legal process (such as a subpoena) served on Hipmunk; (2) protect Hipmunk and others from fraudulent, abusive, predatory, or unlawful uses or activity; (3) investigate and defend Hipmunk against any legal claims or threats; (4) protect and defend the rights or property of Hipmunk; (5) take action on user complaints, or (6) act in urgent circumstances to protect the personal safety of users of Hipmunk, the Service, or the public.
If there is a change in ownership of Hipmunk, including through a merger with, acquisition by, or sale of assets to another entity, we may sell or otherwise transfer all information you provide to us, including personally identifiable information, to that entity.
Hipmunk may disclose aggregated, anonymized, or other types of non-personally identifiable information, including "automatically collected" and "cookies" information that is non-personally identifiable, to third parties for various purposes. For example, Hipmunk may disclose non-personally identifiable information to our travel partners or other interested third parties to assist them in understanding the usage, viewing, and demographic patterns and activity on the Service, to assist them in serving your travel needs, to select the advertisements shown to you on our Service or on other websites and services, or to enhance your ability to conduct efficient and accurate searches.
You may, of course, decline to share certain information with Hipmunk, in which case Hipmunk may not be able to provide to you some of the features and functionality found on the Service. For instance, you may delete, or choose not to accept, cookies from the Service (see "Cookies" Information above for details). And through your account preferences page on the Service, you may update, correct, or delete certain categories of your profile information, and you may change your preferences. Please note that while your changes to your profile information are reflected promptly in active user databases, we may retain all information you previously submitted. If you want your information permanently anonymized, please submit a request to email@example.com. We may retain any anonymized information for a variety of purposes, including backups and archiving, prevention of fraud and abuse, and analytics.
Aside from what is described above, we do not provide personal information to our advertising technology partners without your consent. To learn more about our advertising technology partners, send us an e-mail at firstname.lastname@example.org. To learn more about online advertising generally and manage your online advertising preferences, you may visit the Network Advertising Initiative's website here.
Our website does not currently respond to a Do Not Track ("DNT") or similar signal as it awaits the results of efforts by the policy and legal community to determine the meaning of DNT and the proper way to respond.
Hipmunk employs various physical, managerial, and technical safeguards that are designed to help protect the integrity and security of our systems and to protect against the loss, misuse, and alteration of personally identifiable information that we control. For example, we scramble your password during transmission, and limit the employees who can access personally identifiable information to a small set who need such information to perform their jobs. If you save your payment information in your Hipmunk account, we store it in encrypted form in its own database. While we take reasonable measures to protect your information, we do not, however, guarantee the security of your information. If Hipmunk learns of a security systems breach, then we may attempt to notify you electronically, either by e-mail on via our website, so that you can take appropriate protective steps. These methods of communicating with you are only examples. We retain the right to decide which method we will use to notify you of a security breach, and will do so consistent with our legal obligations.
Our servers and data centers are located in the United States. If you choose to use the Service from outside the U.S., then you should know that you are transferring your personally identifiable information outside of your region and into the U.S. for storage and processing. By providing your personally identifiable information to us through your use of the Service, you agree to that transfer, storage, and processing in the U.S. Also, we may transfer your data from the U.S. to other countries or regions in connection with storage and processing of data, fulfilling your requests, and operating the Service. You should know that each region can have its own privacy and data-security laws, some of which may be less stringent than your own region.
Updated December 27, 2013