Last Modified: January 8, 2024
This Data Privacy Addendum, including its Annexes (“DPA”) forms part of the Business Travel Agreement or other written or electronic agreement (e.g., “Letter of Agreement” or “Purchase Order Form”), referred to in this DPA as the “Agreement”, between Atlas Travel & Technology Group, Inc., including its brands, related corporate businesses, or affiliates; (hereinafter referred to as “ATTG”) and Client in connection with the Services as defined in the Agreement.
This DPA is supplemental to, and forms an integral part of, the Agreement and is effective upon its incorporation into the Agreement, which may be specified in the Agreement, or an executed amendment to the Agreement. In case of any conflict or inconsistency with the terms of the Agreement, this DPA will take precedence over the terms of the Agreement to the extent of such conflict or inconsistency.
The term of this DPA will follow the term of the Agreement. All capitalized terms not defined herein shall have the meaning set forth in the Agreement.
Annex 1 – Details of Processing
Annex 2 – Technical and Organizational Security Measures
1. Definitions
The defined terms used in this DPA shall be read as having the meanings set forth in the Agreement. If a term is defined both in this DPA and elsewhere in the Agreement then, for purposes of this DPA, the definition in this DPA shall prevail.
In this DPA, references to any Applicable Privacy Laws and terms defined therein shall be replaced with or incorporate (as the case may be) references to any Applicable Privacy Laws replacing, amending, extending, re-enacting, or consolidating such Applicable Privacy Laws and the equivalent terms defined in such Applicable Privacy Laws once in force and applicable.
1.1 “Applicable Privacy Laws” means all applicable worldwide legislation relating to data protection and privacy which applies to the respective party in the role of Processing Personal Data in question under the Agreement, including without limitation European Data Protection Laws, the CCPA and other applicable U.S. federal and state privacy laws.
1.2 “CCPA” means the California Consumer Privacy Act, Cal. Civ. Code § 1798.100 et seq., and its implementing regulations.
1.3 “Client Personal Data” means Personal Data provided to ATTG by Client, its affiliates, employees, officers, contractors, representatives, agency workers, or end users to ATTG pursuant to the provision of the Services or otherwise in connection with the Agreement.
1.4 “Controller” means the natural or legal person, public authority, agency or other body that, alone or jointly with others, determines the purposes and means of the Processing of Personal Data.
1.5 “Data Privacy Framework” means the EU-U.S. Data Privacy Framework, the Swiss-U.S. Data Privacy Framework and the UK Extension to the EU-U.S. Data Privacy Framework self-certification programs (as applicable) operated by the U.S. Department of Commerce; as may be amended, superseded or replaced.
1.6 “Data Privacy Framework Principles” means the Principles and Supplemental Principles contained in the relevant Data Privacy Framework; as may be amended, superseded or replaced.
1.7 “Data Subject” means any natural person about whom Personal Data relates.
1.8 “Data Subject Request” means any request by a Data Subject in respect of Personal Data Processed by a Controller pursuant to the provision of the Services or otherwise in connection with the Agreement.
1.9 “Europe” means the European Union, the European Economic Area and/or their member states, Switzerland and the United Kingdom.
1.10 “European Data” means Personal Data that is subject to the protection of European Data Protection Laws.
1.11 “European Data Protection Laws” means data protection laws applicable in Europe, including: (i) Regulation 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (General Data Protection Regulation) (“GDPR”); (ii) Directive 2002/58/EC concerning the processing of personal data and the protection of privacy in the electronic communications sector; and (iii) applicable national implementations of (i) and (ii); or (iii) GDPR as it forms parts of the United Kingdom domestic law by virtue of Section 3 of the European Union (Withdrawal) Act 2018 (“UK GDPR”); and (iv) Swiss Federal Data Protection Act on 19 June 1992 and its Ordinance (“Swiss DPA”); in each case, as may be amended, superseded or replaced.
1.12 “Good Industry Practice” means the exercise of that degree of skill, diligence, prudence, and foresight which would reasonably and ordinarily be expected from a skilled and experienced operator engaged in the same type of undertaking under the same or similar circumstances.
1.13 “Personal Data” means any information relating to an identified or identifiable natural person (an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person), or as that term (or similar variants, such as “personal information”) may otherwise be defined in Applicable Privacy Laws).
1.14 “Personal Data Breach” means a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, Client Personal Data in ATTG’s possession or control. Personal Data Breaches include, but are not limited to: (i) unauthorized access, disclosure, loss, download, theft, blocking, encryption or deletion by malware or other unauthorized action in relation to Client Personal Data by unauthorized third parties; (ii) operational incidents which have an impact on the Processing of Client Personal Data; or (iii) any breach of this DPA or Applicable Privacy Laws by ATTG, its employees or agents, to the extent that such breach affects the integrity and security of Client Personal Data or materially adversely impacts ATTG’s obligations under this DPA.
1.15 “Processing” means any operation or set of operations performed on Personal Data or on sets of Personal Data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, access, consultation, use, acquisition, transfer, hosting (via server, web, cloud, or otherwise), disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure, or destruction. Any activity defined as processing by or otherwise subject to the requirements of Applicable Privacy Laws shall fall within this definition. “Processed”, “Process” and any other variations of “Processing” shall also be defined as set out above.
1.16 “Processor” means the natural or legal person, public authority, agency or other body which Processes Personal Data on behalf of the Controller.
1.17 “Standard Contractual Clauses” means the standard contractual clauses annexed to the European Commission’s Decision (EU) 2021/914 of 4 June 2021 currently found at https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj, as may be amended, superseded or replaced.
1.18 “Supervisory Authority” means any data protection authority or other governmental, regulatory, administrative, judicial, or other agency or similar body that has authority to implement, enforce, and/or oversee compliance with Applicable Privacy Laws.
1.19 “Supplier” means the transport, accommodation and other wholesale service providers such as airlines, coach, rail and car rental operators who ATTG engages on the Client’s behalf to deliver travel-related products and services to the Client.
1.20 “UK Addendum” means the International Data Transfer Addendum issued by the UK Information Commissioner under section 119A(1) of the Data Protection Act 2018 currently found at https://ico.org.uk/media/for-organisations/documents/4019539/international-data-transfer-addendum.pdf, as may be amended, superseded, or replaced.
2. Parties as Controllers and compliance with Applicable Privacy Laws
The parties acknowledge that, in order to provide the Services, ATTG must necessarily process Client Personal Data as a Controller. Each party shall act as a separate and independent Controller (and not as a joint Controller) in relation to all Client Personal Data it Processes under and/or in connection with this Agreement and the Services. Each party shall comply with all Applicable Privacy Laws in respect of its Processing of Client Personal Data and shall ensure that it has a lawful basis for all such Processing, where applicable. Where an affiliate of a party is a Controller or Processor of Client Personal Data under this Agreement, such party shall ensure that its affiliate complies with its obligations under the Applicable Privacy Laws and this DPA as applicable.
Without limiting the foregoing, each party shall refrain from “selling” (as defined by the CCPA at Cal. Civ. Code § 1798.140(t), as it may be amended) or transferring Client Personal Data other than in compliance with the Applicable Privacy Laws.
3. Information Provided to Data Subjects
Prior to sharing any Client Personal Data with ATTG, Client shall provide all notifications required by Applicable Privacy Laws to the relevant Data Subject in each case with respect to the sharing of Client Personal Data with ATTG. Where ATTG collects Client Personal Data directly from Data Subjects, ATTG shall be responsible for ensuring that it provides clear and transparent information to Data Subjects, as required under Applicable Privacy Laws, in relation to the relevant Processing.
4. Cooperation and Assistance
Each party shall provide the other party with such reasonable cooperation, assistance and information to the other to assist that other party with its compliance with Applicable Privacy Laws.
5. Notifications
Each party shall promptly notify the other (to the extent permitted by law) in writing providing reasonable detail of any third-party complaint, audit, investigation or enquiry (whether by a Supervisory Authority, Data Subject or otherwise) establishing, alleging or enquiring as to possible noncompliance with any Applicable Privacy Laws in connection with Client Personal Data maintained by or for such party, and the parties will cooperate reasonably with each other in respect thereof.
6. Personal Data Breaches
The parties are aware that Applicable Privacy Laws may impose a duty on a party to inform a Supervisory Authority and the Data Subject in the event of Personal Data Breach affecting Client Personal Data. In addition to complying with its notification requirements under Applicable Privacy Laws, ATTG shall promptly notify the Client of any technical, organizational or other incidents (including incidents at Processors) which have resulted in a Personal Data Breach affecting Client Personal Data. ATTG’s notification of a Personal Data Breach to the Client must be comprehensive and include any information required by Applicable Privacy Laws, as and to the extent such information is available.
In the event of a Personal Data Breach, ATTG shall promptly take any measures required and appropriate under Applicable Privacy Laws and technical standards to restore the confidentiality, integrity and availability of Client Personal Data and the resilience of ATTG’s processing systems and services and to mitigate the risk of harm and/or any detrimental consequences for the Data Subjects affected or potentially affected by the Personal Data Breach.
7. Data Subject Requests
Each party will provide the other party with reasonable assistance in complying with any Data Subject Request.
8. Security
In accordance with Good Industry Practice and Applicable Privacy Laws, each party shall implement appropriate technical and organizational security measures (including maintaining any security controls) to ensure a level of security for Personal Data in such party’s possession or control that is appropriate to the risk presented by the Processing, taking into account the state of the art, the costs of implementation and the nature, scope, context and purpose of Processing as well as the risk of varying likelihood and severity for the rights and freedoms of Data Subjects. In assessing the appropriate level of security account shall be taken in particular of the risks that are presented by Processing, in particular from accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to Client Personal Data transmitted, stored or otherwise Processed.
Without prejudice to the generality of the foregoing, the minimum technical and organizational security measures that ATTG shall implement and maintain are set out in Annex II to this DPA. ATTG may, from time to time, implement adequate alternative technical and organizational security measures provided, however, that such measures shall not materially fall short of the level of security set out herein.
9. Personnel Controls
ATTG shall ensure that all personnel involved in the Processing of Client Personal Data are properly qualified and trained and have committed themselves to keep Client Personal Data confidential or are under an appropriate statutory obligation of confidentiality in accordance with Applicable Privacy Laws.
9.1 ATTG shall have in place an access management procedure for handling ATTG personnel requests to access Personal Data to ensure access on a need-to-know basis only;
9.2 ATTG shall have in place a procedure for conducting appropriate background checks for its personnel with access to Personal Data; and
9.3 ATTG shall only grant access to its personnel bound to confidentiality and will require such personnel to attend security and privacy awareness training with regular intervals.
10. Appointment of Data Privacy Personnel
Where required, each party will appoint authorized data privacy and security contact personnel.
11. Appointment of Processors
If ATTG engages a third-party Processor to process Client Personal Data for the purpose of providing the Services, ATTG shall agree to written terms with the Processor that: (i) require the Processor only to process the Client Personal Data for the purpose of delivering the Services; (ii) require the Processor to implement appropriate technical and organizational security measures, with at least the same level of protection or higher as those in this DPA, to protect the Client Personal Data against a Personal Data Breach; and (iii) otherwise comply with the requirements of Applicable Privacy Laws. ATTG shall remain responsible to the Client for any breach of this DPA that is caused by an act, error or omission of the Processor.
Notwithstanding the above, Client acknowledges that the Suppliers to whom ATTG discloses Client Personal Data in order to provide the Services are independent Controllers under Applicable Privacy Laws, and not Processors. As such, the requirements concerning Processors described in the preceding paragraph do not apply to ATTG’s disclosure of Client Personal Data to Suppliers.
12. Data Transfers
You acknowledge and agree that we may access and Process Personal Data on a global basis as necessary to provide the Services in accordance with the Agreement, and in particular that Personal Data may be transferred to and Processed by ATTG in the United States and to other jurisdictions where ATTG affiliates and Processors have operations. Wherever Personal Data is transferred outside its country of origin, each party will ensure such transfers are made in compliance with the requirements of Applicable Privacy Laws.
13. Transfer Mechanisms for Data Transfers
Wherever Personal Data is transferred outside its country of origin, each party will ensure such transfers are made in compliance with the requirements of Applicable Privacy Laws.
In order to enable the efficient and effective delivery of its Services, ATTG may from time to time transfer and Process Client Personal Data from Europe to other jurisdictions. This shall be permitted only where: (i) the transfer is necessary for the conclusion or performance of a contract concluded in the interest of the traveler (for example, to book travel or accommodation through a Supplier in a non-European country) or where the transfer is required by applicable law; and (ii) ATTG has done all such acts and things as are necessary to ensure that any Client Personal Data transferred outside of Europe (whether to an ATTG affiliate, a Processor, or otherwise) will remain adequately protected in accordance with the requirements of Applicable Privacy Laws.
(A) ATTG will not transfer European Data to any country or recipient not recognized as providing an adequate level of protection for Personal Data (within the meaning of applicable European Data Protection Laws), unless it first takes all such measures as are necessary to ensure the transfer is in compliance with applicable European Data Protection Laws. Such measures may include (without limitation) (i) transferring such data to a recipient that is covered by a suitable framework or other legally adequate transfer mechanism recognized by the relevant authorities or courts as providing an adequate level of protection for Personal Data, including the Data Privacy Framework; (ii) to a recipient that has achieved binding corporate rules authorization in accordance with European Data Protection Laws; or (iii) to a recipient that has executed the Standard Contractual Clauses in each case as adopted or approved in accordance with applicable European Data Protection Laws.
(B) Client acknowledges that in connection with the performance of the Services, ATTG is a recipient of European Data in the United States. To the extent that ATTG receives European Data in the United States, ATTG will comply with the following:
1) Data Privacy Framework. ATTG will use the Data Privacy Framework to lawfully receive European Data in the United States and ensure that it provides at least the same level of protection to such European Data as is required by the Data Privacy Framework Principles and will let you know if it is unable to comply with this requirement.
2) Standard Contractual Clauses. If European Data Protection Laws require that appropriate safeguards are put in place (for example, if the Data Privacy Framework does not cover the transfer to ATTG and/or the Data Privacy Framework is invalidated), the Standard Contractual Clauses will be incorporated by reference and form part of the Agreement as follows:
(a) In relation to European Data that is subject to the GDPR
(i) Client is the “data exporter” and ATTG is the “data importer”;
(ii) the Module One terms apply;
(iii) in Clause 7, the optional docking clause will not apply;
(iv) in Clause 11, the optional language is deleted;
(v) in Clause 17, Option 1 will apply and the governing law will be the Republic of Ireland);
(vi) in Clause 18(b), disputes will be resolved before the courts of Ireland
(vii) the Annexes of the Standard Contractual Clauses will be deemed completed with the information set out in the Annexes of this DPA;
(viii) the supervisory authority that will act as competent supervisory authority will be determined in accordance with GDPR; and
(ix) if and to the extent the Standard Contractual Clauses conflict with any provision of this DPA the Standard Contractual Clauses will prevail to the extent of such conflict.
(b) In relation to European Data that is subject to the UK GDPR, the Standard Contractual Clauses will apply in accordance with sub-section (a) and the following modifications (i) the Standard Contractual Clauses will be modified and interpreted in accordance with the UK Addendum, which will be incorporated by reference and form an integral part of the Agreement; (ii) Tables 1, 2 and 3 of the UK Addendum will be deemed completed with the information set out in the Annexes of this DPA and Table 4 will be deemed completed by selecting “neither party”; and (iii) any conflict between the terms of the Standard Contractual Clauses and the UK Addendum will be resolved in accordance with Section 10 and Section 11 of the UK Addendum.
(c) In relation to European Data that is subject to the Swiss DPA, the Standard Contractual Clauses will apply in accordance with sub-section (a) and the following modifications (i) references to “Regulation (EU) 2016/679” will be interpreted as references to the Swiss DPA; (ii) references to “EU”, “Union” and “Member State law” will be interpreted as references to Swiss law; and (iii) references to the “competent supervisory authority” and “competent courts” will be replaced with the “the Swiss Federal Data Protection and Information Commissioner” and the “relevant courts in Switzerland”.
(C) Alternative Transfer Mechanism. In the event that ATTG is required to adopt an alternative transfer mechanism for European Data, in addition to or other than the mechanisms described in sub-section (B) above, such alternative transfer mechanism will apply automatically instead of the mechanisms described in this DPA (but only to the extent such alternative transfer mechanism complies with European Data Protection Laws), and you agree to execute such other documents or take such action as may be reasonably necessary to give legal effect such alternative transfer mechanism.
14. Return of Data
The Client may in its absolute discretion by written notice require ATTG to return a complete copy of all Client Personal Data to the Client (or its nominee) by secure file transfer in such format as is reasonably notified by the Client. The Client shall be responsible for providing Data Subjects with any notice required under Applicable Privacy Laws in relation to such request.
15. Data Retention
ATTG acknowledges that, as a general rule, Personal Data may not be kept indefinitely or longer than necessary for the intended Processing. Client Personal Data may only be retained for so long as is necessary to satisfy all applicable lawful bases for Processing, where applicable, and otherwise for such period as required by Applicable Privacy Laws, and always provided that ATTG shall ensure that such retained Personal Data is (i) kept confidential and protected against unauthorized access, disclosure or use and (ii) only Processed as necessary for the purpose specified in the Applicable Privacy Laws permitting its storage and other Processing and for no other purpose.
16. Client’s Right to Audit
ATTG shall keep or cause to be kept such information as is reasonably necessary to demonstrate compliance with its obligations under this DPA and shall, upon reasonable notice during the term of the Agreement, make available to the Client information necessary to demonstrate compliance with its obligations under this DPA where such information is not subject to confidentiality restrictions owed to third parties. Without limiting the foregoing, ATTG shall make available to the Client, on request: (i) a list of all Processors appointed by ATTG to Process Client Personal Data; and (ii) a copy of its most recent PCI DSS Attestation of Compliance, to the extent the Client Personal Data includes any payment cardholder data. Any non-public documentation and information disclosed to the Client in accordance with this paragraph shall be deemed proprietary and confidential information of ATTG. The Client shall not disclose such documentation or information to any third party or use it for any purpose other than evaluating ATTG’s compliance with this DPA.
17. Survival
The undertakings in this DPA shall remain in force even after termination or expiration of the Agreement.
Annex 1 – Details of Processing
A. LIST OF PARTIES
Data exporter(s):
Name: The Client, as defined in the Agreement
Address: The Client’s address, as set out in the Agreement
Contact person’s name, position and contact details: The Client’s contact details, as set out in the Agreement.
Activities relevant to the data transferred under these Clauses: Travel management services
Role (controller/processor): Controller
Data importer(s):
Name: Atlas Travel & Technology Group, Inc.
Address: 200 Donald Lynch Boulevard, Marlborough, MA 01752
Contact person’s name, position and contact details: Lea Cahill, President
Activities relevant to the data transferred under these Clauses: Travel management services
Role (controller/processor): Controller
B. DESCRIPTION OF TRANSFER
Categories of data subjects whose personal data is transferred: Client travelers
Categories of personal data transferred: Personal data including, but not limited to, name, address, phone number(s), email address(es), passport or other government issued identification numbers, credit card details, travel preferences and loyalty membership identification, gender, birthdate, and meal preferences.
Sensitive data transferred (if applicable) and applied restrictions or safeguards: The parties do not anticipate the transfer of sensitive data.
Frequency of the transfer (e.g. whether the data is transferred on a one-off or continuous basis):
Continuous basis for the purposes of fulfilling the travel management services.
Nature of the processing:
Personal Data will be Processed in accordance with the Agreement (including this DPA) and may be subject to the following Processing activities:
1. Storage and other Processing necessary to provide, maintain and improve the travel management services provided to you; and/or
2. Disclosure in accordance with the Agreement (including this DPA) and/or as compelled by applicable laws.
Purpose(s) of the data transfer and further processing:
The provision of the Services pursuant to the Agreement, including travel booking and related travel management services.
Period for which the personal data will be retained:
Subject to the “Return of Data” and the “Data Retention” sections of this DPA, Personal Data will be Processed for the duration of the Term of the Agreement, unless otherwise agreed in writing.
For transfers to (sub-) processors, also specify subject matter, nature and duration of the processing:
Personal Data may be collected and shared with or disclosed to third party service providers for the provision of the Services pursuant to the Agreement including travel booking and related travel management services.
C. COMPETENT SUPERVISORY AUTHORITY
For the purposes of the Standard Contractual Clauses, the supervisory authority that will act as competent supervisory authority will be determined in accordance with GDPR.
Annex 2 –Technical and Organizational Security Measures
In addition to the terms set forth in this DPA, ATTG commits to implement and maintain technical and organizational security measures as least as stringent as those included below (details may change over time but the overall level of security will not decrease):
1. DATA SECURITY GOVERNANCE
ATTG maintains internal organizational and governance policy and procedures to appropriately manage information throughout its lifecycle. ATTG regularly tests, assesses and evaluates the effectiveness of its technical and organizational security measures.
ATTG will adhere to the applicable requirements of Payment Card Industry Data Security Standard (PCI DSS) when Processing payment card data.
2. PHYSICAL ACCESS CONTROL
ATTG uses a variety of measures appropriate to the function of the location to prevent unauthorized access to the physical premises where Personal Data are Processed. Those measures include:
• Centralized key and code management, card-key procedures
• Batch card systems including appropriate logging and alerting mechanisms
• Surveillance systems including alarms and, as appropriate, CCTV monitoring
• Receptionists and visitor policies
• Locking of server racks and secured equipment rooms within data centers
3. SYSTEM ACCESS CONTROL
ATTG implements appropriate measures to prevent its systems from being used by unauthorized persons. Those measures include:
• Individual, identifiable and role-based user account assignment, role-based and password protected access and authorization procedures
• Centralized, standardized password management and password policies (minimum length/characters, change of passwords)
• User accounts are disabled after excessive failed log-on attempts
• Automatic log-off in case of inactivity
• Anti-virus management
4. DATA ACCESS CONTROL
Individuals that are granted use of ATTG systems are only able to access the data that are required to be accessed by them within the scope of their responsibilities and to the extent covered by their respective access permission (authorization) and such data cannot be read, copied, modified or removed without specific authorization. Those measures include:
• Authentication at operating system level
• Separate authentication at application level
• Authentication against centrally managed authentication system
• Change control procedures that govern the handling of changes (application or OS) within the environment
• Remote access has appropriate authorization and multi-factor authentication
• Logging of system and network activities to produce an audit-trail in the event of system misuse
• Implementation of appropriate protection measures for stored data commensurate to risk, including encryption, pseudonymization and password controls.
5. DISCLOSURE CONTROL
ATTG implements appropriate measures to prevent data from being read, copied, altered or deleted by unauthorized persons during electronic transmission and during the transport of data storage media. ATTG also implements appropriate measures to verify to which entities’ data are transferred. Those measures include:
• Data transfer protocols including encryption for data carrier/media
• Profile set-up data transfer via secure file transfer methods
• Encrypted VPN
• No physical transfers of backup media
6. DATA ENTRY CONTROL
ATTG implements appropriate measures to monitor whether data have been entered, changed or removed (deleted), and by whom. Those measures include:
• Documentation of administration activities (user account setup, change management, access and authorization procedures)
• Archiving of password-reset and access requests
• System log-files
• Storage of audit logs for audit trail analysis
7. INSTRUCTIONAL CONTROL
ATTG implements appropriate measures to ensure that data may only be Processed in accordance with relevant instructions. Those measures include:
• Binding policies and procedures on ATTG employees
• Where Processors are engaged in the Processing of data, including appropriate contractual provisions to the agreements with Processors to maintain instructional control rights
8. AVAILABILITY CONTROL
ATTG maintains appropriate levels of redundancy and fault tolerance for accidental destruction or loss of data, including:
• Extensive and comprehensive backup and recovery management systems
• Documented disaster recovery and business continuity plans and systems
• Storage and archive policies
• Anti-virus, anti-spam and firewall systems and management including policies
• Data centers are appropriately equipped according to risk, including physically separated back up data centers, uninterruptible power supplies (including backup generators), fail redundant hardware and network systems and alarm and security systems (smoke, fire, water)
• Appropriate redundant technology on data storage systems
• All critical systems have backup and redundancy built into the environment
9. SEPARATION CONTROL
ATTG implements appropriate measures to ensure that data that are intended for different purposes are Processed separately. This is accomplished by:
• Access request and authorization processes provide logical data separation
• Separation of functions (production / testing)
• Segregation of duties and authorizations between users, administrators and system developers.