Home | Contact Us

Privacy Policy For Information Received From Our European Affiliates

We at Trilegiant Corporation (referred to as "Trilegiant", "We," "Us," or "Our") recognize the importance of protecting the privacy of certain Personal Information (as defined herein) that We may receive from Our European affiliates and/or former affiliates (the "Affiliates") about the customers or clients of Our Affiliates (referred to as "You" or "Your"). This Privacy Policy discloses the purposes for which We receive and use Your Personal Information, how We use it, how to contact Us with any inquiries or complaints, and how to correct, change, or delete it. At Trilegiant it is Our intention to give You a complete and accurate understanding about how We receive Your information and the use We make of it in the course of Our business. You can be assured that Trilegiant will not disclose Your Personal Information to third parties without Your consent, except as may be noted in this Privacy Policy.

Compliance with Safe Harbor Privacy Principles

Trilegiant complies with the U.S.-EU Safe Harbor Framework and the U.S.-Swiss Safe Harbor Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information from European Union member countries and Switzerland. Trilegiant has certified that it adheres to the Safe Harbor Privacy Principles of notice, choice, onward transfer, security, data integrity, access, and enforcement. To learn more about the Safe Harbor program, and to view Trilegiant’s certification, please visit http://www.export.gov/safeharbor/.

What Does Trilegiant Treat as Personal Information?

"Personal Information" is any information or data about You that in itself, or as part of a unique combination of information, specifically recognizes You by unique descriptors and/or identifiers. Examples of Personal Information are name, address, credit card number, bank or financial account number, and social security number. Personal Information does not, however, include publicly available information. Trilegiant recognizes that You have an expectation about how Your Personal Information will be used and safeguarded. Trilegiant takes very seriously its commitment to ensure that such expectations are reasonably met, including the implementation of sound policies and business practices designed to diminish the unauthorized use of Personal Information for purposes such as the falsification of identity, unauthorized transactions in Your name, and/or the sale of Personal Information to third parties such as telemarketing firms. As a general rule, Trilegiant will not (within the scope of the European Directive 95/46/EC (the "Directive")) disclose any specific Personal Information that We receive about You from Our Affiliates in a manner that connects You with the Personal Information.

How Does Trilegiant Receive Your Personal Information?

Trilegiant acts as a data processor for Our Affiliates and supports their business offerings purely as a data processor as defined in the Directive. In doing so, We act at the specific direction of, and in accordance with written instructions provided by, the relevant Affiliate outlining the authority granted to Trilegiant as the data processor. The data that we receive from Our Affiliates includes customer data (such as Your Personal Information) housed in the databases of the clients of such Affiliate, which data is transmitted by the Affiliate, via a secured link (like a Virtual Private Network) using appropriate encryption mechanisms, to Our database servers. Although it is ultimately the responsibility of the Affiliate to ensure the integrity of the data it transmits to Us, We take reasonable steps to ensure that the data remains reliable, accurate, complete, and current, and that it is used solely for the intended purposes for which it was collected.

Onward Transmission:

As a general rule, Trilegiant will not disclose any specific Personal Information about You that We receive from Our Affiliates, except when We have Your permission or under special circumstances, as described below. We receive and use Personal Information for Our business purposes only, and as specifically instructed by Our Affiliates. The following describes some of the ways that Your Personal Information may be disclosed:

Third Party Contractors:
From time to time, We may disclose Your Personal Information to third party contractors who are acting as Our agents for the purposes of fulfilling Our data processing obligations to Our Affiliates. In such cases, We shall enter into a written agreement with such third parties requiring that the third parties provide at least the same level of privacy protection as is required by the Safe Harbor Privacy Principles.

Trilegiant may also disclose Personal Information in special cases when We have reason to believe that disclosing this information is necessary to identify, contact or bring legal action against someone who may be causing injury to or interference (either intentionally or unintentionally) with any of Trilegiant's rights or property, other customers or clients of Trilegiant, or anyone else. Trilegiant may disclose Personal Information when We believe in good faith that the law requires it and/or as otherwise permitted by the Safe Harbor Privacy Principles.

If We become involved in a merger, acquisition, or any form of sale of some or all of Our assets, any Personal Information about you involved in such transactions will upon effectiveness of such transaction, remain subject to the privacy policy that your Personal Information is subject to immediately prior to the transaction.

How Can You Control the Usage Of Your Personal Information?

Given that Trilegiant is only acting as a data processor on behalf of, and at the specific direction and instruction of, Our Affiliates, we are not entitled to modify, change, amend or otherwise alter Your Personal Information unless otherwise instructed directly by Our Affiliates. Accordingly, We will promptly forward to the relevant Affiliate from which We received Your Personal Information any request We may receive from You to correct, update or delete such Personal Information. We will coordinate any responses and/or inquiries that We may receive from such Affiliates in response to Your requests, and will promptly comply with any related instructions We may receive from such Affiliates relating to the processing of Your Personal Information (including any corrections, updates or deletions to such Personal Information). We will also reasonably cooperate with the applicable European Data Protection Supervisory Authority in the course of any inquiries it may have, and will reasonably comply with the advice of such Supervisory Authority, with regard to Our processing of Your Personal Information.

If, at any time, You wish to update, change, limit, or delete Your Personal Information, You may contact Trilegiant's Information Protection Officer, Brian Fisher, at (203) 956-1000 (telephone), (203) 956-8789 (fax), or bfisher@affiniongroup.com, who will forward Your request to the relevant Affiliate.

Data Security

The security of all Personal Information associated with Our clients and customers is an important concern to Us. We take reasonable industry-standard precautions to safeguard the confidentiality of your Personal Information, and to protect your Personal Information from loss, misuse, and unauthorized access, disclosure, alteration, and destruction. We exercise care, as a data recipient, in ensuring a secure transmission of Your Personal Information from Our Affiliates to Our servers. We require that such transmissions be made via a secured link (like a Virtual Private Network ("VPN")) using appropriate encryption mechanisms. Unfortunately, no data transmission over a VPN can be guaranteed to be 100% secure. As a result, while We strive to protect Your Personal Information, Trilegiant and Trilegiant-affiliates cannot guarantee or warrant the security of any such Personal Information.


Trilegiant has instituted a self-regulatory and assessment program for ensuring verification and adherence to the Safe Harbor Privacy Principles. This may consist of regular information protection reviews including privacy information reviews, physical security reviews, disaster recovery planning, testing and reviews, internal and external audits of Trilegiant's security, reviews performed by Our Affiliates, and onsite and survey reviews by Our Affiliates’ clients. Vulnerability reviews by Trilegiant or Our designated third party agents are also performed periodically. Trilegiant's privacy polices and practices are in accordance with the aforementioned program and the Safe Harbor Privacy Principles.

If You wish to file a complaint or have any objections about the way We use or disclose Your Personal Information, please follow Our Dispute Resolution process below.

Dispute Resolution

In addition to the establishment of internal controls and dispute resolution procedures for ensuring compliance with the Safe Harbor Privacy Principles, Trilegiant has implemented an independent recourse mechanism whereby Your complaints and disputes can be investigated and resolved. To that end, Trilegiant has committed to cooperate with data protection authorities located in the European Union, or their authorized representatives.

If You wish to file a complaint or have any objections about the way We use or disclose Your Personal Information, You may contact Trilegiant's Information Protection Officer, Brian Fisher, at (203) 956-1000 (telephone), (203) 956-8789 (fax), or bfisher@affiniongroup.com. We will cooperate with the appropriate regulatory authorities, including local data protection authorities, to resolve Your complaint where necessary.

©2008 Trilegiant Corporation   Privacy Policy For Information Received From Our European Affiliates