Privacy Policy

Introduction

Rakuten Travel recognizes its responsibilities in relation to the collection, usage, disclosure, storage and transfer of personal data under the Personal Data Protection Act (“PDPA”).

Personal data will be collected only for lawful and relevant purposes and reasonable steps will be taken to ensure that personal data held by Rakuten Travel is accurate. Rakuten Travel will take reasonable steps to protect the personal data and to avoid unauthorized access.

Customers

We at Rakuten Travel place the privacy interests of our customers high in our priorities. We are committed to protecting the privacy, confidentiality, accuracy and security of the personal data provided to us. Our Privacy Policy tells you how we collect, use, disclose, store and transfer your personal data. All our employees are required to comply with our Privacy Policy when they carry out their daily activities.

Personal Data We Collect

Under PDPA, personal data is defined as information about an individual who can be identified from that data; or from that data and other information to which the organization has or is likely to have access. Personal data collected about you and your dependents may include:

Name, email, address and telephone number, age, date of birth, gender
NRIC, Passport, FIN No.

How we use your personal data (Purpose & Notification Obligation)

We may collect and use your personal data to:

identify you
communicate effectively with you
provide product recommendation
provide you with ongoing services and respond to your inquiries or instructions
conduct research and statistical analysis
comply with all applicable laws, including reporting to regulatory and industry entities

We will only collect and use personal data in an open, fair and lawful way that is necessary for the purposes identified by us above.

Releasing Your Data to Others (Transfer Out)

We may disclose your personal data to third parties:

service providers to provide us with services such as printing, mail distribution, data storage
regulators, law enforcement and government agencies

We will only disclose your personal data as it is reasonably required for the purposes stated above and the data is limited to information necessary for us and these third parties to do the work. These parties are also required to comply with the Singapore Personal Data Protection Act.

We may transfer personal data to service providers outside of Singapore for processing, storage, analysis, disaster recovery or emergency assistance services and this data may be required to be disclosed to those authorized under the applicable laws of that foreign country. These service providers with whom we have contractual relationships are required to provide a standard of protection to the transferred personal data that is comparable to the protection under the Singapore Personal Data Protection Act and consistent with our personal data protection policies and practices.

Withdrawing Your Consent

You may refuse or withdraw your consent for us to collect, use or disclose your personal data by giving us reasonable notice so long as there are no legal or contractual restrictions preventing you from doing so.

Using Information for Marketing Purposes

The information you supply will not be used by us for marketing purposes.

Accuracy

We will take all reasonable efforts to ensure that your personal data collected by us or on our behalf is accurate and complete.

Your Rights of Access & Correction

Under the PDPA, you have the right to request access to any personal data of yours that we have, and know how it is being used and disclosed for the last 12 months to the extent your right is allowed by law. However, you may be charged a reasonable fee for every request for such access.

You also have the right to request correction of your personal data.

Protecting Your Personal Data (Security)

We protect your personal data from unauthorized access, collection, use, disclosure, copying, modification or disposal by having physical, technological and organizational safeguards in place that are appropriate to the sensitivity of the data.

All our staff and service providers who act on our behalf must comply with our privacy policies and practices and can only access your data to do their jobs.

Retention

We will keep your personal data only for as long as it is needed for the purposes for which it was collected and as required for business or legal purposes. Once your personal data is no longer required for these purposes, we will destroy, erase or make anonymous the data.

Contacting Us

If you have any concern, query or complaint about our personal data protection policies and practices or wish to request access to, update or correct your personal data, please send your query to enquiry@zumata.com

Changes to this Privacy Policy

We review this Privacy Policy regularly and reserve the right to make changes at any time to take into account of changes in our business and legal requirements.

We will place updates and our revised Privacy Policy on our website. If the changes are significant and reduces your rights under this Privacy Policy, we will notify you on this website. Any changes will be effective 30 days following the date on which this Privacy Policy is revised and posted on our website.