Privacy Policy
TRUSTe Privacy Certification

Privacy Policy for Trisept Solutions LLC

Effective Date 10/2/2023

1. Introduction

Trisept Solutions, LLC is a leisure travel technology services company located in Milwaukee, WI, United States of America. Trisept develops, delivers and supports travel reservation technology that allows its clients to service reservations from an online booking engine, through travel agents and, when appropriate, through call centers. Trisept processes customer travel data from its data centers in the USA. Trisept is not responsible for the content of the information it processes or responsible for the way its clients treat personal information that they collect or control.

Accordingly, Trisept does not directly interface with the traveling public and does not collect Personally Identifiable Information (“PII” under the General Data Protection Regulation (GDPR) of the European Union) or Personal Information (“PI” under the California Consumer Protection Act (CCPA)) from consumers. However, limited PII/PI is collected from representatives of its clients such as Travel Agents or Travel Merchandisers. This policy describes what information is collected directly as well as protections that are incorporated in the products and services Trisept provides to its clients that protect the information of their customers.

In no case is PII/PI sold by Trisept. However, Trisept may disclose your personal information as required by law, such as to comply with a subpoena, or similar legal process, when it believes in good faith that disclosure is necessary to protect Trisept rights, protect individuals safety or the safety of others, investigate fraud, or respond to a government request. We will only share your personal information with third parties only in the ways that are described in this policy.

2. EU-U.S. Data Privacy Framework and Swiss-U.S. Data Privacy Framework

Trisept Solutions complies with the EU-U.S. Data Privacy Framework (EU-U.S. DPF) and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF) as set forth by the U.S. Department of Commerce. Trisept Solutions has[have] certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) with regard to the processing of personal data received from the European Union in reliance on the EU-U.S. DPF. Trisept Solutions has[have] certified to the U.S. Department of Commerce that it adheres to the Swiss-U.S. Data Privacy Framework Principles (Swiss-U.S. DPF Principles) with regard to the processing of personal data received from Switzerland. If there is any conflict between the terms in this privacy policy and the EU-U.S. DPF Principles and/or the Swiss-U.S. DPF Principles, the Principles shall govern. To learn more about the Data Privacy Framework (DPF) program, and to view our certification, please visit

Trisept Solutions is responsible for the processing of personal data it receives, under the EU-U.S. DPF and Swiss-U.S. DPF, and subsequently transfers to a third party acting as an agent on its behalf. Trisept Solutions complies with the EU-U.S. DPF and Swiss-U.S. DPF Principles for all onward transfers of personal data from the EU and Switzerland, including the onward transfer liability provisions.

The Federal Trade Commission has jurisdiction over Trisept Solutions’ compliance with the EU-U.S. DPF and Swiss-U.S. DPF. In certain situations, Trisept Solutions may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.

In compliance with the EU-U.S. DPF and the Swiss-U.S. DPF, Trisept Solutions commits[commit] to refer unresolved complaints concerning our handling of personal data received in reliance on the EU-U.S. DPF and the Swiss-U.S. DPF to TRUSTe, an alternative dispute resolution provider based in the United States. If you do not receive timely acknowledgment of your DPF Principles-related complaint from us, or if we have not addressed your DPF Principles-related complaint to your satisfaction, please visit for more information or to file a complaint. These dispute resolution services are provided at no cost to you.

For complaints regarding EU-U.S. DPF and Swiss-U.S. DPF compliance not resolved by any of the other DPF mechanisms, you have the possibility, under certain conditions, to invoke binding arbitration. Further information can be found on the official DPF website:

3. Scope of Services Provided by Trisept

This privacy policy applies to and owned and operated by Trisept Solutions, LLC. This privacy policy describes how Trisept Solutions, LLC collects and uses the personal information you provide on our website and through our Trisept Hosting Platform, It also describes the choices available to you regarding our use of your personal information and how you can access and update this information. Trisept is a service provider to its clients. As noted, it collects small amounts of PII/PI from its clients in order to provide the services. Services are provided to Travel Merchandisers and Travel Agents who use the platforms in order to book end to end travel (e.g. flights, hotel stays, rental cars, airport transfers, or excursions) and use the contact center services if applicable. Information collected from customers is securely transferred via the Trisept platform and thus, the transfers meet the requirements of the Data Privacy Framework for data transferred between the US and European Economic Area (EEA) via specific agreements with the EU and Switzerland.

Clients using the Trisept Solutions are purchasing the secure services provided by the platforms. Trisept processes and maintains financial information as a validated platform for Payment Card Industry (PCI) compliance. PII/PI, including financial information, is collected directly by the agent or merchandiser using the Trisept tools to process it. Trisept is a processor under the GDPR definitions meaning it processes data collected by the controller (the organization collecting the data such as a Travel Agent or Merchandiser) following specific instructions from the controller. As stated, Trisept is not involved in or responsible for the actual PII/PI collected by its clients.

Trisept may collect information from direct visitors to its sites however does not collect personal information without the visitor’s knowledge.

If someone wishes to sign up for Trisept services, contact us or apply for a job through the website, certain, limited, personal information will be collected. The information that may be collected includes name, email address, address, phone number, and a resume. This information is used to contact you regarding your inquiries and the services you have expressed interests in as well as to determine whether or not you are qualified for the position for which you have applied.

4. Principles

Trisept certifies its compliance to the seven (7) principles of privacy protection as proscribed by its participation in the Data Privacy Framework. These principles and how they are demonstrated are:


The privacy policy enumerated here is published on our websites ( or and is applicable to individuals that register with Trisept and any member of the traveling public that may inquire about our approach to privacy. This policy is reviewed at least annually, and updates will be published to the websites. Notice of any material changes will be provided to the email address provided in registered accounts as well as a NOTICE on the website. Interested parties should visit the website regularly to ensure updates are received.


This principle states that any person for whom PII/PI is collected must be able to choose whether to continue receiving information from Trisept once the initial selection has been made. Subscribers to newsletters or mailings regarding travel specials or similar marketing materials may choose to stop receiving these emailed notices at any time by using the “unsubscribe” tab on the website where you subscribed to the marketing list. Alternatively you may send an email to with the request to be unsubscribed.

Subscribers to any of Trisept’s clients marketing messages must go to those websites directly and request to unsubscribe or follow the instructions provided on the website in order to choose to change status regarding receiving marketing emails.

On rare occasions, Trisept may need to communicate service related announcements via email, in which case, such communication will be made to the registered email address on the client account.

Accountability for Onward Transfer:

In some cases Trisept uses third parties to assist in the provision of its services. Third parties may be service providers such as banks that process payments, firms that provide analytics of aggregated information that report on types of services and purchases made to assist in making the platforms more efficient or effective in supplying services and the like. Any third party to Trisept is required by contract or similar written agreement to have in place a firm commitment to the security and privacy of any data it handles under the direction of Trisept. Further it must have, and provide evidence upon request, suitable security solutions in place to ensure the safety and security of any PII/PI it processes or manages on behalf of Trisept. In the event a third party determines it is no longer able to meet the requirements or Trisept determines a third party is not meeting the requirements for protecting the PII/PI per the contract, Trisept will notify its impacted clients of this fact and the steps taken to remediate the situation.


Trisept takes reasonable precautions to ensure the security and safety of data including loss, misuse, unauthorized access, disclosure, alteration and destruction of any PII/PI it collects directly or processes on behalf of a controller or other responsible party. Please note that transmitting any information involves the inherent risk of theft and unauthorized use. No method of transmission over the Internet, or method of electronic storage, is 100% secure, therefore, Trisept cannot guarantee its absolute security. Using the Hosting Platform for the transmission of customer information is encrypted using secure socket layer technology (SSL).

Data Integrity and Purpose Limitation:

The Privacy Policy requires that data collected by Trisept is limited to only that which is necessary to perform the service for which it was collected. In most cases, this is limited to the PII/PI of authorized agents or representatives that use the platforms provided by Trisept in order to satisfy a customer’s request to book a vacation. Trisept takes all reasonable steps to ensure that the data provided is accurate, current and sufficient to provide the intended service.

It is critical to note that Trisept is NOT responsible for data collected and onward submitted for processing to Trisept by its clients and their customers that are the actual purchasers of the travel services. Trisept takes reasonable steps to ensure its services are provided with the proper and sufficient protections to meet the Data Privacy Framework principles for processing PII/PI.


Persons from whom Trisept collects PII/PI have the right to access that information and may submit a request to see or have that data to at any time. Upon request, Trisept will provide you with information about whether we hold any of your personal information. A request may be made to review the information in order to make a correction or a change to the information held. Requests will be responded to within 45 days of receipt of the request.

Please note, information will be maintained/retained for as long as an account is active or as needed to provide the services and per the Trisept information retention policy. Data must be maintained and used to comply with legal obligations, resolve disputes and enforce agreements. A request to delete an account and/or any information held is subject to these circumstances.

5. Other

Several other items are relevant in this Privacy Policy. These are:

Cookies and Other Tracking Technologies

Trisept uses cookies or similar tracking technologies. These technologies are used in analyzing trends, administering the site, tracking users’ movements around the site and to gather demographic information about the user base as a whole. Reports based on the use of these technologies may be produced, generally on an aggregate basis.

Cookies are used to identify a return visitor or used as a way to measure activity and traffic patterns on the site. Users can control the use of cookies at the individual browser level. Individuals can turn off cookie collection at the browser level if you do not want any information collected. If the use of cookies is rejected, you may still use the sites, but your ability to use some features or areas of the sites may be limited.

Cookies and Behavioral Targeting / Re-Targeting

Trisept partners with a third party to either display advertising on the website or to manage advertising on other sites. The third party partner may use technologies such as cookies to gather information about your activities on this site and other sites in order to provide advertising based upon your browsing activities and interests. If you wish to opt out of interest-based advertising click here [or if located in the European Union click here]. Please note this does not opt you out of being served ads. You will continue to receive generic ads.

Log Files

As is true of most web sites, Trisept gathers certain information automatically and stores it in log files. This information may include internet protocol (IP) addresses, browser type, internet service provider (ISP), referring/exit pages, operating system, date/time stamp, and/or clickstream data. This automatically collected data is not linked to other information we collect about you.

Access to Data Controlled by our Clients

Trisept acknowledges that persons have the right to access their personal information. For the most part, Trisept has no direct relationship with the individuals whose personal data processed (the only persons for whom we have access are our employees and the PII/PI of travel agents or authorized representatives of our clients). An individual who seeks access, or who seeks to correct, amend, or delete inaccurate data should direct his/her query to the specific client (the data controller) that collected it. If the client requests us to remove the data, we will respond to that request within legal timeframes.