Data Privacy Policy

Thank you for using DayAway! Your trust is important to us and we are committed to protecting the privacy and security of your Personal Data and ensure that it is handled properly worldwide.

This Data Privacy Policy describes how we collect, use, process, and disclose your Personal Data, in conjunction with your access to and use of DayAway Platforms, in a readable and transparent manner. It also tells you what rights you can exercise in relation to your Personal Data, how you can contact us and how DayAway uses cookies and other similar tracking technologies.

Providing your Personal Data to DayAway is voluntary and the services we can provide you depends on the completeness and accuracy of the relevant Personal Data provided by you.

It is critical that you read this Policy first before proceeding to register an account and transact via DayAway Platforms. By checking the box for “I’ve agreed to Terms of Services and Data Privacy Policy” during account registration process via DayAway Platforms, you have explicitly agreed and consented to DayAway collecting, using, processing and disclosing your Personal Data in the manner and for any of the purposes set forth in this Policy. This Policy applies to any kind of customer information we collect through DayAway Platforms or by any other means connected to these platforms.

You should ensure that all Personal Data submitted to us is complete, accurate, true and correct; and to notify us about any changes to or inaccuracies in your Personal Data as soon as possible. If you have registered an account with DayAway, you can access and update the information you have provided in your account settings. Failure on your part to do so may result in our inability to provide you with any products and/or services you have requested.

If you provide us with any Personal Data relating to a third party (e.g. information on your customers, spouse, children, parents, and/or employees), by submitting such information to us, you represent to us that you have obtained the explicit consent of such third party to you providing us with their Personal Data, and for the collection, use and disclosure of their Personal Data for all purposes set out in our herein and by or for the benefit of the persons referenced herein, and that they have understood and accepted how DayAway uses their information (as described in this Policy).

This Policy supplements but does not supersede nor replace any other consents you may have previously provided to us in respect of your Personal Data, and any consents you may have provided in connection with this Policy are cumulative and additional to any rights which we may have under applicable law to handle or process your Personal Data.

DayAway may from time to time update this Policy to, for example, ensure that this Policy is consistent with our future developments, industry trends and/or any changes in legal or regulatory requirements. To the maximum extent permissible under applicable law, you agree to be bound by the prevailing terms of this Policy as may be updated from time to time on our website (DayAway Data Privacy Policy), and/or as you may be notified, where required by applicable law, via permissible forms of communication according to such contact particulars that we may have of you in our records. Hence, please check back regularly for updated information on our handling or processing of your Personal Data. You may also contact us at privacy@mydayaway.com to learn about our handling or processing of your Personal Data.

If you are one of our business partners, make sure to also check out our Privacy Policy for Business Partners to understand how personal data is further processed as part of the business relationship.

1. TYPES & SOURCES OF PERSONAL DATA COLLECTED

   PERSONAL DATA PROVIDED BY YOU:

   1. Depending on the nature of your interaction with us, we ask for and collect relevant personal information about you when you use our services and/or features on DayAway Platforms, including but not limited to account registration, your request for customer service and marketing updates and execution of transactions and agreements. Generally, such information includes
      1. Profile Information: Your first name, last name, email address, and phone number, username, password, transactional data and any other information relating to any individuals which you have provided us in any forms you may have submitted to us (including in the form of biometric data), or via other forms of interaction with you.
      2. Other Information: You may otherwise choose to provide us information when you fill in a form, update or add information to your DayAway profile, respond to surveys, participate in promotions, communicate with our staff and Representatives, share your experience with us (such as by leaving a review), or use other features of the DayAway Platform.
   2. For employment applications via DayAway’s stipulated channels of communications, Personal Data generally includes the information requested in the job application form and as provided in your resume and/or curriculum vitae in connection with any appointment or position.

   PERSONAL DATA COLLECTED AUTOMATICALLY:

   3. Geolocation information: When you use certain features of the DayAway platform, we may collect information about your precise or approximate location as determined through data such as your IP address or mobile device's GPS to offer you an improved user experience. Most mobile devices allow you to control or disable the use of location services for applications in the device's settings menu. DayAway may also collect this information even when you are not using the app if this connection is enabled through your settings or device permissions.
   4. Usage information: We collect information about your interactions with the DayAway platform such as the pages or content you view, your searches for hotels, bookings you have made, and other actions on the DayAway platform.
   5. Cookies and similar technologies: We use cookies and other similar technologies when you use our platform, use our mobile app, or engage with our online ads or email communications. We may collect certain information by automated means using technologies such as cookies, web beacons, pixels, browser analysis tools, server logs, and mobile identifiers. Please refer to “Use of cookies and related technologies” for more information.
   6. Pixels and SDK: Third parties, including Facebook, may use cookies, web beacons, and other storage technologies to collect or receive information from our websites and elsewhere on the internet and use that information to provide measurement services and target ads. For apps that third parties, including Facebook, may collect or receive information from your app and other apps and use that information to provide measurement services and targeted ads, users can opt-out of the collection and use of information for ad targeting by updating their Facebook account ad settings and by contacting optout@dayawayapp.com with a description of your request and validation information. Users can access a mechanism for exercising such choice by going to http://www.aboutads.info/choices and http://www.youronlinechoices.eu/.

   INFORMATION RECEIVED FROM OTHER SOURCES:

   7. We may also receive relevant information about you from other sources, including but not limited to business partners, DayAway’s related corporations and other independent third parties. Examples of such information are:
      1. Transaction queries, disputes or complaints raised with third parties who provide goods and services via DayAway platforms;
      2. Payment information from payment service providers for transactions executed via DayAway Platforms; and
      3. Information about you through the communication services integrated into DayAway Platforms.
   8. If we combine the information we receive from others with information we collect through the DayAway platform, we will treat the combined information as described in this Policy.
   9. When you link your DayAway user account to your social media account, you might trigger exchanges of data between DayAway and that social media provider. You can always choose not to share that data.
2. PURPOSES FOR THE COLLECTION, USE AND DISCLOSURE OF PERSONAL DATA
   1. Generally, where permitted under applicable law, DayAway collects, uses (including identity verification and matching of any Personal Data held which relates to you), processes and discloses your Personal Data to the extent that it is relevant and necessary for the following purposes, depending on the nature of our relationship:
      1. Account facilities: To process your DayAway account registration and administer this account, which includes but not limited to providing you with goods and/or services which you have purchased or requested to receive; to push content to you which may be relevant to you (including to personalise and customise your experience based on your interactions with our platform(s), your search and booking history, your profile information and preferences, and other content you submit from time to time);
      2. Transaction fulfilment: To complete your transactions or otherwise as necessary to fulfil your reservations and/or bookings with us and/or third parties, including verifying and processing your personal particulars and payments in relation to the purchase or provision of goods and/or services; and to coordinate your bookings and/or reservations with third parties;
      3. Customer service: To provide customer support, including responding to, processing and handling your queries, requests, feedback and suggestions and resolving complaints;
      4. Promotion of a safe and trustworthy service: To create a trustworthy environment for you, we continuously analyze and use certain Personal Data to detect and prevent fraud and other illegal or unwanted activities. Similarly, we use Personal Data for risk assessment and security purposes, including when you report a safety concern, or for the authentication of users and reservations;
      5. Service and product quality improvement: To request feedback or participation in surveys, as well as conducting market research and/or analysis for statistical, profiling or other purposes for us to design our products, understand customer behaviour, preferences and market trends, and to review, develop and improve the quality of our products and services. As much as possible, we strive to use anonymized and de-identified personal data for this work;
      6. Marketing activities: To (i) market services, products and benefits to you, including promotions and loyalty and reward programmes, including joint marketing and/or cross promotions with third parties; and (ii) matching Personal Data with other data collected for other purposes and from other sources (including third parties) in connection with the customisation, provision or offering of products, services, marketing or promotions, whether by DayAway or other third parties;
      7. General communication with you: To communicate with you and inform you of changes and development to the Companies' policies, terms and conditions and other administrative information, including for the purposes of servicing you in relation to the products and services offered to you;
      8. External media communication: To provide aggregated and de-identified Personal Data in media announcements and responses;
      9. Legal purposes: To (i) comply with any applicable rules, laws and regulations, codes of practice or guidelines or to assist in law enforcement, and crime prevention, detection and investigations by relevant authorities, including fraud and moneylaundering or terrorist financing, and analysing and managing commercial risks; (ii) draft and review documents, obtaining legal advice and facilitating dispute resolution in connection with any claims, actions or proceedings; and/or (iii) protecting and enforcing our contractual and legal rights and obligations;
      10. Internal operation purposes: To manage the administrative and business operations of the Companies and complying with internal policies and procedures, including but not limited to managing and preparing reports on incidents and accidents;
      11. Job application: if you submit any application to us as a candidate for employment: (i) conducting interviews; (ii) processing your application which includes prerecruitment checks involving your qualifications and facilitating interviews; (iii) providing or obtaining employee references and for background screening; (iv) assessing your suitability for the position applied for; (v) processing staff referrals; and/or (vi) any other purposes relating to any of the foregoing; and/or
      12. any other purpose relating to or reasonably necessary for any of the above.
   2. In addition, where permitted under applicable law, DayAway may also collect, use and disclose your Personal Data for the following purposes (which we may describe in our documents and agreements as "Additional Purposes" for the handling or processing of Personal Data):
      1. facilitating business asset transactions (which may extend to any mergers, acquisitions or asset sales) involving any of the Companies;
      2. administering contests and competitions;
      3. collection, use, disclosure and/or processing of customer data by us or our business partners for data monetization purposes.
   3. If you have provided your contact details and have indicated that you consent to receiving marketing or promotional information via the contact details provided, then from time to time, we may contact you with information about our products and services (including discounts and special offers) via the contact channels which you have consented to.
   4. In relation to particular products or services or in your interactions with us, we may also have specifically notified you of other purposes for which we collect, use and/or disclose your Personal Data. If so, we will collect, use and/or disclose your Personal Data for these purposes as well.
   5. We ensure that any processing of your personal data has a valid legal basis for that processing activity, which includes:
      1. Based on your consent where needed under applicable law; or
      2. For performance of a contract with you; or
      3. For activities with legitimate interest, such as marketing and fraud prevention, except where such interests are overridden by your interests or fundamental rights and freedoms which require protection of personal data, in particular where the data subject is a child; or
      4. For vital interest such as emergency medical care situations; or
      5. To fulfil legal obligations, such as legal law enforcement requests; or
      6. For public interest involving a government entity or organizations acting on its behalf.
   6. When using Personal Data to serve DayAway’s or a third party’s legitimate interest, DayAway will always balance your rights and interests in the protection of your Personal Data against DayAway’s rights and interests or those of the third party. For example, where we rely on personal information to make automated decisions, the processing of personal information will not result in discriminating practices against individuals.
   7. We will ask for your consent before we collect sensitive data unless it is permissible under the applicable law. However, where you voluntarily provide sensitive data, we will assume that you have given us consent to process that information within the context it was submitted.
   8. If you wish to object to the processing purposes set out above and no opt-out mechanism is available to you directly, please contact us at privacy@mydayaway.com.
3. SHARING OF PERSONAL DATA WITH THIRD PARTIES
   1. Subject to applicable law, your Personal Data may be provided, for the purposes listed above (where applicable), to the following entities or parties, whether they are located overseas or in Singapore:
      1. Third-party providers of goods and services via DayAway, such as the providers of experiences and/or reservations you book (or attempt to book) via our platform, including without limitation hotels, tour operators, activity providers, restaurants, shops, transportation companies, telecommunication network operators, and/or insurance companies;
      2. Parties who provide services to DayAway, including (i) third-party service providers, including but not limited to technology, analytics, search engine, payment processing, marketing service providers; (ii) agents; and (iii) contractors;
      3. DayAway's related corporations;
      4. DayAway’s co-brand and other business partners;
      5. DayAway’s professional advisers such as our board of directors, auditors and lawyers;
      6. Business partners, investors, assignees or transferees (actual or prospective) to facilitate business asset transactions (which may extend to any merger, acquisition or any debt or asset sale) involving any of the Companies;
      7. Financial institutions, credit card companies and their respective service providers;
      8. Third party referrers;
      9. Relevant government regulators, government ministries, statutory boards or authorities and/or law enforcement agencies, to comply with any directions, laws, rules, guidelines, regulations or schemes issued or administered by any of them;
      10. any other party to whom you authorise us to disclose your Personal Data to.
4. CROSS-BORDER TRANSFER OF PERSONAL DATA
   1. DayAway is a global business. The data that we collect from you, as described in this Policy, could be made accessible from, transferred to, or stored in countries which may not have the same data protection laws as the country in which you initially provided the information. In such cases, we will protect your data as described in this Policy.
   2. This may also be applicable if you are in the European Economic Area (EEA). Countries your data may be transferred to may not have laws that provide the same level of protection for your personal data as laws within the EEA. Where this is the case, we will put appropriate safeguards in place to make sure that these transfers comply with European privacy law. In particular, when your data is transferred to third-party service providers, we establish and implement appropriate contractual, organizational, and technical measures with them. This is done by putting in place Standard Contractual Clauses as approved by the European Commission, by examining the countries to which the data may be transferred, and by imposing specific technical and organizational security measures.
   3. In certain specific cases, we transfer your data outside the EEA because it is in your interest or is necessary to conclude or perform the contract we have with you. For example, when you purchase a service offered by a third-party service provider, who is located outside the EEA, through DayAway Platforms, we might need to transfer your data to the said provider to facilitate the fulfilment of your transaction.
   4. You can ask us to see a copy of our implemented safeguards (where possible) by contacting us at privacy@mydayaway.com.
5. USE OF COOKIES AND RELATED TECHNOLOGIES
   1. You acknowledge and agree that DayAway Platforms may include analytics code and other tools that may allow us to gather information on any use of DayAway Platforms, and may include our use of cookies, running of verification and compliance analysis and/or use of data capture, syndication analysis, and/or other similar tools to track, extract, compile, aggregate, archive, disclose or otherwise analyse any data and/or information resulting from any person's access to and/or use of any of DayAway Platforms, and further that: (a) we shall retain all rights, title and interest in and to all such gathered information and data; (b) you shall not disable or interfere with any such analytics code and tools; and (c) any intellectual property rights of or in the results of such analytics shall vest solely in us. For the avoidance of doubt, we may monitor, track and share with third parties your geolocation information obtained by any of DayAway Platforms for safety, security, technical, marketing and commercial purposes, including to provide and improve our products and services.
   2. DayAway may employ cookies and other technologies as follows:
      1. tracking information such as the number of visitors and their frequency of use, profiles of visitors and their preferred sites;
      2. making DayAway Platforms easier to use. For example, cookies may be used to help speed up your future interactions with DayAway Platforms;
      3. to better tailor our products and services to your interests and needs. For example, cookies information may be identified and disclosed to our vendors and business partners to generate consumer insights;
      4. collating information on a user's search and browsing history;
      5. when you interact with us on DayAway Platforms, we may automatically receive and record information on our server logs from your browser. We may collect for the purposes of analysis, statistical and site-related information including, without limitation, information relating to how a visitor arrived at DayAway Platforms, the browser used by a visitor, the operating system a visitor is using, a visitor's IP address, and a visitor's click stream information and time stamp (which may include for example, information about which pages they have viewed, the time the pages were accessed and the time spent per web page, your searches for hotels or experiences, bookings you have made, and other actions);
      6. using such information to understand how people use DayAway Platforms, and to help us improve their structure and contents;
      7. using cookies that are necessary in order to enable DayAway Platforms to operate, for example, cookies that enable you to log onto secure parts of DayAway Platforms; and/or
      8. personalising DayAway Platforms for you, including delivering ads which may be of particular interest to you and using cookie related information to allow us to understand the effectiveness of our ads.
   3. We may also collect information about your precise or approximate location as determined through data such as your IP address or mobile device's GPS to offer you an improved user experience. Most mobile devices allow you to control or disable the use of location services for applications in the device's settings menu. DayAway may also collect this information even when you are not using the app if this connection is enabled through your settings or device permissions.
   4. Some cookies we use are from third party companies to provide us with web analytics and intelligence about DayAway Platforms. These companies collect information about your interaction with DayAway Platforms. We use such information to compile statistics about visitors who interact with DayAway Platforms and other DayAway online content, to gauge the effectiveness of our communications, and to provide more pertinent information to our visitors.
   5. If you do not agree to such use of cookies, you can adjust your browser settings. Unless you have adjusted your browser settings to block cookies, our system will issue cookies as soon as you visit our site or click on a link in a targeted email that we have sent you, even if you have previously deleted our cookies.
   6. The way which cookies can be managed depends on your browser. The following links provide information on how to configure or disable cookies in each browser:
      1. Google Chrome: https://support.google.com/chrome/answer/95647?hl=en
      2. Mozilla Firefox: https://support.mozilla.org/en-US/kb/enable-and-disable-cookieswebsite-preferences
      3. Internet Explorer: http://windows.microsoft.com/en-SG/internet-explorer/deletemanage-cookies#ie=ie-9
      4. Safari: http://support.apple.com/kb/HT1677?utm_source=Agillic%20Dialogue
      5. Safari for iPhone: http://support.apple.com/kb/ta38619
      6. Chrome for Android: https://support.google.com/chrome/answer/2392971?hl=en
   7. If you do not agree to our use of cookies and other technologies as set out in this Policy, you should delete or disable the cookies associated with DayAway Platforms by changing the settings on your browser accordingly. However, you may not be able to enter certain part(s) of DayAway Platforms. This may also impact your user experience while on DayAway Platforms.
6. CHILDREN’S PERSONAL DATA
   1. Unless indicated otherwise, DayAway’s services are generally not intended for children under 16 years old, and we will never collect their data unless it is provided by and with the consent of a parent or guardian.
   2. If we find out that we have processed information of a child under 16 years of age without the valid consent of a parent or guardian, we reserve the right to delete it.
7. DATA SECURITY
   1. DayAway observe reasonable procedures to prevent unauthorized access to and the misuse of Personal Data.
   2. We use appropriate business systems and procedures to protect and safeguard the personal data you give us. We also use security procedures and technical and physical restrictions for accessing and using the personal data on our servers. Only authorized personnel are permitted to access personal data in the course of their work.
   3. We will keep your personal data for as long as is necessary to enable you to use our services or to provide our services to you, to comply with applicable laws, resolve any disputes and otherwise to allow us to conduct our business, including to detect and prevent fraud and/or other illegal activities. All personal data we keep about you is covered by this Policy.
   4. DayAway cannot completely guarantee the security of any Personal Data we may have collected from or about you, or that no harmful code will enter our website (for example viruses, bugs, trojan horses, spyware or adware). You should be aware of the risks associated with websites.
   5. We cannot ensure the security of the information you transmit to us via the Internet, and we urge you to take every precaution to protect your Personal Data when you use our platforms. We recommend that you change your passwords often, use a combination of letters and numbers, and ensure that you use a secure browser.
   6. If applicable, you undertake to keep your username and password secure and confidential and shall not disclose or permit it to be disclosed to any unauthorised person, and to inform us as soon as reasonably practicable if you know or suspect that someone else knows your username and password or believe the confidentiality of your username and password has been lost, stolen or compromised in any way or that actual or possible unauthorised transactions have taken place. We are not liable for any damages resulting from any security breaches, on unauthorised and/or fraudulent use of your username and password.
8. THIRD-PARTY SITES
   1. Our website may contain links to other websites operated by third parties. We are not responsible for the privacy practices of websites operated by third parties that are linked to our website. We encourage you to learn about the privacy policies of such third-party websites. Some of these third-party websites may be co-branded with our logo or trademark, even though they are not operated or maintained by us. Once you have left our website, you should check the applicable privacy policy of the third-party website to determine how they will handle any information they collect from you.
9. YOUR DATA PROTECTION RIGHTS
   1. Right to access: You have the right to request DayAway for copies of your personal data.
   2. Right to rectification: You have the right to request that DayAway correct any information you believe is inaccurate and/or incomplete.
   3. Right to erasure: In some jurisdictions, applicable law may entitle you to request that DayAway erase your personal data, under certain conditions. We may retain some of your Personal Data as necessary for our legitimate business interests, such as fraud detection and prevention and enhancing safety. For example, if we suspend a DayAway account for fraud or safety reasons, we may retain certain account information to prevent the account user from opening a new DayAway Account in the future. Information you have shared with others (e.g., Reviews, forum postings) may continue to be publicly visible on the DayAway Platform, even after your DayAway account is cancelled. However, attribution of such information to you will be removed. Additionally, some copies of your information (e.g., log records) may remain in our database, but are disassociated from personal identifiers.
   4. Right to restrict processing: If we are processing your Personal Data based on your consent you may withdraw your consent at any time. Please note that the withdrawal of your consent does not affect the lawfulness of any processing activities based on such consent before its withdrawal. Additionally, in some jurisdictions, applicable law may give you the right to limit the ways in which we use your Personal Data, in particular where (i) you contest the accuracy of your Personal Data; (ii) the processing is unlawful and you oppose the erasure of your Personal Data; (iii) we no longer need your Personal Data for the purposes of the processing, but you require the information for the establishment, exercise or defence of legal claims; or (iv) you have objected to the processing and pending the verification whether the legitimate grounds of DayAway override your own.
   5. Right to object to processing: In some jurisdictions, applicable law may entitle you to require DayAway not to process your Personal Data for certain specific purposes (including profiling) where such processing is based on legitimate interest. If you object to such processing DayAway will no longer process your Personal Data for these purposes unless we can demonstrate compelling legitimate grounds for such processing or such processing is required for the establishment, exercise or defence of legal claims.
   6. Right to data portability: You have the right to request that DayAway transfer the data that we have collected to another organization, or directly to you, under certain conditions.
   7. If you
      1. have any questions, feedback or compliant relating to your Personal Data or our Policy, including without limitation our reliance on the legitimate interests and/or consent bases of collecting, using and/or disclosing your Personal Data as described in this Policy; or
      2. would like to exercise the above-mentioned rights,
      you can write to our Data Protection Officer, Martha Waslen, at privacy@mydayaway.com.
   8. Where we use your contact information to send you marketing information, you can unsubscribe from email marketing communications by clicking “Unsubscribe” link included in each newsletter or other communication.
   9. Please note that if your Personal Data has been provided to us by a third party, you should contact such party directly to make any queries, feedback, and access and correction requests to DayAway on your behalf.
   10. You may withdraw your consent as provided under applicable law. However, if you withdraw your consent to any or all collection, use, and/or disclosure of your Personal Data, depending on the nature of your request, DayAway may not be in a position to continue to provide its products or services to you, administer any contractual relationship already in place, or perform or conclude an existing or prospective agreement. This may also result in the termination of any agreements you have with DayAway, and your being in breach of your contractual obligations or undertakings. DayAway's legal rights and remedies in such event are expressly reserved.

APPENDIX - TERMS USED IN THIS POLICY