1.1 We collect personal data on a global basis for the Smart Data program.
1.2 Whenever a transaction is processed, we collect the personal account number (PAN), merchant identifier, transaction amount, location and time. For commercial cards, depending on how the merchant's point of sales system is established we may receive additional data relating to travel merchants. Examples of the latter include flight details, miles driven, passenger name and government identification information.
1.3 At the direction of their corporate client customers, travel agencies provide us with the full travel details of the corporate clients’ employees' travel arrangements. This information is provided on a personally identifiable basis, along with the applicable PAN so that we can match this data against other transactions.
1.4 We provide travel merchants (airlines, hotels and the like) with lists of cards of customers who have enrolled in the Smart Data program. These merchants in turn provide their data with respect to those cards solely for use in the Smart Data program. This data may include hotel folio data, flight information and the like.
2.1 We format, clean and collate this information and undertake data matching.
3.1 When we receive data access or correction requests relating to personal information in the Smart Data database we may advise the cardholder to contact the merchant. We do not correct the information directly since the data is over-written from the source files.
3.2 We make the data available to our corporate customers. To enable this data availability through an Internet portal, we collect the personal information of potential users to authenticate those users. We may get the authentication data directly from users (whom may or may not be cardholders) or the corporation.
Such data usually includes name, email address, contact number and place of employment. That authentication information would be provided upon request to the corporation.