The purpose of this Data Protection Policy is to inform you of how Lokopoko Travel manage Personal Data in accordance with the Personal Data Protection Act 2012 (“PDPA”).
1 Personal Data
1.1 Personal data refers to data, whether true or not, about an individual who can be identified from that data; or from that data and other information to which the organisation has or is likely to have access.
1.2 Generally the information which we collect includes information that can identify you (“Personal Data”), including, but not limited to, your name, NRIC, passport details or other identification number, telephone number(s), mailing address, email address, credit card information, and any other information relating to any individuals which you have provided us in any forms you may have submitted to us, or via other forms of interaction with you. We may also request you to provide us with information on your travel preferences, loyalty, frequent flyer and/or car rental programmes which you participate in, and feedback, testimonials, photographs and videos of the tour(s) which you booked with us (together with the Personal Data collectively referred to as the “Personal Information”). You are not required to provide the Personal Information if we request it, and if you choose not to provide the requested Personal Information, we may be unable to provide certain products or services to you.
2 Collection Of Personal Data
2.1 Generally, we collect personal data in the following ways:
- when you submit a booking form or enquiry form, or other forms relating to any of our travel products and services;
- when you enter into any agreement or provide other documentation or information in respect of your interactions with us, or when you use our services;
- when you interact with our customer service officers, for example, via telephone calls, letters, face-to-face meetings, social media platforms and emails;
- when you use our electronic services, or interact with us via any of our websites or use services on any of our websites;
- when you request that we contact you or request that you be included in an email or other mailing list;
- when you respond to our promotions, initiatives such as surveys and contests or to any request for additional Personal Data;
- when your images are captured by us via CCTV cameras while you are within our premises, or via photographs or videos taken by us or our representatives when you attend events at our premises;
- when you are contacted by, and respond to, our marketing representatives and customer service officers;
- when we receive references from business partners and third parties, for example, where you have been referred by them;
- when we seek information from third parties about you in connection with the products and services you have applied for; and/or
- when you submit your Personal Data to us for any other reason.
2.2 When you browse our websites, or use our applications and/or digital services, you generally do so anonymously but please see the section below on cookies. We do not, at our websites, applications and digital services, automatically collect Personal Data unless you provide such information when you a place a travel booking with us.
2.3 When you make a travel booking on behalf of your travel companion/s you provide us with any Personal Data relating to a third party (e.g. information of your spouse, children, parents, and/or employees). By submitting such information to us, you represent and warrant to us that you have obtained the consent of the third party to provide us with their Personal Data for the respective purposes.
2.4 You should ensure that all Personal Data submitted to us is complete, accurate, true and correct. Failure on your part to do so may result in our inability to provide you with the products and services you have requested.
3 Purposes For The Collection, Use And Disclosure Of Your Personal Data
3.1 Generally, Lokopoko Travel collects, uses and discloses your Personal Data for the following purposes:
- if you are an existing or prospective customer of our products and services:
- assessing and processing any bookings or requests made by you for any product or travel, transportation and hospitality services offered by us;
- visa application assistance;
- meeting and events booking including the provision of badges and stationery;
- creating and maintaining your profile in our system database for internal records and reference;
- providing customer service and support;
- responding to your queries, feedback, complaints and requests;
- verifying your identity;
- managing the administrative and business operations and complying with internal policies and procedures;
- requesting feedback or participation in surveys, as well as conducting market research and/or analysis for statistical, profiling or other purposes for us to review, develop and improve the quality of our products and services;
- facilities management (including but not limited to maintaining the security of our premises);
- managing the safety and security of our premises and services (including but not limited to carrying out CCTV surveillance and conducting security clearances);
- monitoring or recording phone calls and customer-facing interactions for quality assurance, employee training and performance evaluation and identity verification purposes;
- in connection with any claims, actions or proceedings (including but not limited to drafting and reviewing documents, transaction documentation, obtaining legal advice, and facilitating dispute resolution), and/or protecting and enforcing our contractual and legal rights and obligations;
- meeting or complying with any applicable rules, laws, regulations, codes of practice or guidelines issued by any legal or regulatory bodies which are binding on Lokopoko Travel (including but not limited to responding to regulatory complaints, disclosing to regulatory bodies and conducting audit checks, due diligence and investigations);
- any other purpose reasonably related to the aforesaid.
4 Disclosure Of Personal Data
4.1 Lokopoko Travel will take reasonable steps to protect your Personal Data against unauthorised disclosure. Subject to the provisions of any applicable law, your Personal Data may be disclosed by Lokopoko Travel, for the purposes listed above (where applicable), to the following entities or parties, whether they are located overseas or in Singapore:
- Lokopoko Pte. Ltd. (“Lokopoko Travel”);
- companies providing services relating to travel, marketing and consultancy to Lokopoko Travel;
- agents, contractors or third party service providers who provide operational services to Lokopoko Travel, such as courier services, telecommunications, information technology, printing, billing, payroll, technical services, training, market research, call centre, security, payment processing, data storage, hosting, insurance related services, information processing, analytics, marketing, and other service providers who enable specific features and functionalities of the products and/or services provided by Lokopoko Travel;
- Travel suppliers such as airlines, General Distribution Systems (GDS), hotels, property owners, cruise lines, rail providers, insurance providers, car rental providers, ground transportation providers, tour operators, online travel agencies, and intermediaries who will fulfil your travel reservations in connection with the travel products and services provided by Lokopoko Travel;
- any business partner, investor, assignee or transferee (actual or prospective) to facilitate business asset transactions (which may extend to any merger, acquisition or asset sale) involving Lokopoko Travel;
- external banks, credit card companies and their respective service providers;
- We also accept payments through Stripe. When processing payments, some of your data will be passed to Stripe, including information required to process or support the payment, such as the purchase total and billing information.
- our professional advisers such as consultants, auditors and lawyers;
- relevant government ministries, regulators, statutory boards or authorities or law enforcement agencies to comply with any laws, rules, guidelines and regulations or schemes imposed by any governmental authority; and
- any other party whom you authorise us to disclose your Personal Data to.
5 Automated Data Collection
5.2 Google Analytics
Our website and/or online travel platform may contain web analytic services provided by Google Analytics. This means that when you visit our website and/or online travel platform, a cookie will be stored on your computer or mobile device, except when your browser settings do not allow for such cookies. Google Analytics acts as our agent, which means that we solely determine the purposes for which the data is being used.
6 Data Security
6.1 Lokopoko Travel will take reasonable efforts to protect Personal Data in our possession or our control by making reasonable security arrangements to prevent unauthorised access, collection, use, disclosure, copying, modification, disposal or similar risks. However, we cannot completely guarantee the security of any Personal Data we may have collected from or about you, or that for example no harmful code will enter our websites, applications, and digital services (for example viruses, bugs, trojan horses, spyware or adware). You should be aware of the risks associated with using websites, applications, and digital services.
6.2 While we strive to protect your Personal Data, we cannot ensure the security of the information you transmit to us via the Internet, when you browse our websites, or use our applications and/or digital services, and the method of electronic storage. We urge you to take every precaution to protect your Personal Data when you are on the Internet, when you browse our websites, or use our applications and/or digital services. We recommend that you change your passwords often, use a combination of letters and numbers, and ensure that you use a secure browser.
6.3 If applicable, you undertake to keep your username and password secure and confidential and shall not disclose or permit it to be disclosed to any unauthorised person, and to inform us as soon as reasonably practicable if you know or suspect that someone else knows your username and password or believe the confidentiality of your username and password has been lost, stolen or compromised in any way or that actual or possible unauthorised transactions have taken place. We are not liable for any damages resulting from any security breaches, on unauthorised and/or fraudulent use of your username and password.
7 Contacting Us – Feedback, Withdrawal Of Consent, Access And Correction Of Your Personal Data
7.1 Please send all Feedback, Withdrawal Of Consent, Access And Correction Of Your Personal Data via email to the Data Protection Officer (the “DPO”) of Lokopoko Travel at the following email address: firstname.lastname@example.org.
7.2 Where you legitimately request access to and/or correction of Personal Data relating to you, such Personal Data which is in the possession and control of Lokopoko Travel, we shall provide and/or correct that data within thirty (30) days and in a manner in accordance with its standard procedures as stated hereinafter.
7.4 If you withdraw your consent to any or all use of your Personal Data, depending on the nature of your request, Lokopoko Travel may not be in a position to administer any contractual relationship in place. Lokopoko Travel’s legal rights and remedies in such event are expressly reserved.
8.1 Lokopoko Travel may from time to time update this Data Protection Policy to ensure that this Data Protection Policy is consistent with our future developments, industry trends, and/or any changes in legal or regulatory requirements. Subject to your rights at law, you agree to be bound by the prevailing terms of this Data Protection Policy as updated from time to time on our websites, applications, and digital services.
8.2 We reserve the right to alter any of the clauses contained herein in compliance with local legislation, and for any other purpose deemed reasonably necessary by us. You should look at these terms regularly. If you do not agree to the modified terms, you should inform us as soon as possible of the terms to which you do not consent. Pending such notice, if there is any inconsistency between these terms and the additional terms, the additional terms will prevail to the extent of the inconsistency.
8.3 As part of our efforts to ensure that we properly manage, protect and process your personal data, we will review and update our policies, procedures and processes from time to time. You are encouraged to visit our website from time to time to ensure that you are well informed of our latest policies in relation to personal data protection.
9 Governing Law
9.1 This Data Protection Policy, your browsing of our websites, and use of our applications and/or digital services shall be governed in all respects by the laws of Singapore. You hereby submit to the non-exclusive jurisdiction of the Singapore courts.