Privacy Policy

This policy explains how Tinggo collects, uses, discloses, protects, and manages personal data across our B2B travel technology, booking, ticketing, and distribution services.

Last updated: 15 June 2026

This Privacy Policy explains how Tinggo Travel Pte. Ltd. and its related companies, business units, platforms and services, including tinggo.com (“Tinggo”, “we”, “our” or “us”), collect, use, disclose, store and protect personal data.

This Privacy Policy applies to users of our websites, B2B booking portal, API services, customer support channels, business communications and related travel distribution services.

By accessing or using our website, B2B portal, API services or any Tinggo-related services, you acknowledge that you have read and understood this Privacy Policy.

1. About Tinggo

Tinggo provides B2B travel technology, booking, ticketing, servicing and distribution solutions for travel agencies, online travel agencies, travel management companies, corporate travel providers and other travel distribution partners.Our services may include access to air, rail and other travel content, booking and ticket issuance, post-booking servicing, payment support, reporting, account management, API connectivity and operational support.

2. Personal Data We May Collect

Depending on your relationship with us and how you use our services, we may collect the following types of personal data.

2.1 Business Contact Information
We may collect information from employees, representatives, directors, officers, authorised users, agents or contact persons of our business partners, including: Full name, Job title, Company name, Business email address, Business telephone or mobile number, Department or role, Office address, Business registration or company profile information, Communication records with Tinggo

2.2 Account and Portal User Information
When a company applies for, accesses or uses Tinggo’s B2B portal or related systems, we may collect: User name and login credentials, Account access permissions, User role and access level, Login records, IP address, Device and browser information, Activity logs within the portal, Booking, ticketing, refund, void, exchange or servicing activity, Support tickets and operational correspondence.

2.3 Traveller and Passenger Information
Where a business partner uses Tinggo’s platform, API or support team to search, book, issue or service travel products, we may process traveller or passenger personal data provided by the partner or authorised user, including: Full name, Gender, where required by the relevant supplier or booking system, Date of birth, Nationality, Passport, identity card or travel document details, Contact information, Passenger type, such as adult, child or infant, Travel itinerary, Booking reference, ticket number or supplier reference, Seat, cabin, service class or fare selection, Ancillary service requests, Special service requests, where applicable, Refund, exchange, cancellation or disruption handling information. For China rail or other rail bookings, we may process passenger identity information, route details, train number, departure and arrival stations, travel date, ticket class, seat or berth information, ticket status and other details required for booking, ticket issuance, collection, verification, servicing or regulatory compliance.

2.4 Payment, Billing and Transaction Information
We may collect or process: Billing contact details, Company payment records, Wallet, top-up or credit account records, Invoice details, Transaction amounts, Currency, Payment status, Refund or credit note information, Bank transfer references, Credit card or payment token information, where processed through authorised payment service providers. We do not intentionally store full credit card numbers unless required and permitted under applicable law and relevant payment security standards. Payment card data may be processed by third-party payment processors.

2.5 Technical and Website Information
When you visit our website or use our digital services, we may collect: IP address, Browser type and version, Device type, Operating system, Pages visited, Date and time of access, Referring website, Cookies and similar tracking data, Interaction data, such as clicks, form submissions and session behaviour.

3. How We Collect Personal Data

We may collect personal data in the following ways:

  • When you submit a form on our website
  • When your company applies for B2B portal access
  • When you create or use a Tinggo account
  • When you access Tinggo’s B2B portal or API
  • When you make a booking, ticketing, waitlist, refund, exchange or servicing request
  • When your company, employer, agent, travel agency or authorised representative provides the data to us
  • When you contact us by email, phone, messaging application, online form or support channel
  • When we receive booking or transaction data from travel suppliers, GDSs, NDC providers, rail suppliers, airline systems, payment providers or technology partners
  • When our website uses cookies or similar technologies
  • When required for compliance, security, fraud prevention, audit or legal purposes

Where you provide personal data relating to another individual, such as a traveller, passenger, employee, colleague or customer, you represent that you have obtained the necessary consent or have another lawful basis to provide such data to Tinggo for the relevant purposes.

4. Purposes for Collecting, Using and Disclosing Personal Data

We may collect, use and disclose personal data for the following purposes.

4.1 Account Registration and Partner Onboarding
We may use personal data to: Review and process B2B portal access applications, Verify company and business profile information, Create and manage portal accounts, Assign user roles and access permissions, Conduct due diligence, compliance checks and risk assessments, Communicate onboarding requirements, Provide login details and account support.

4.2 Travel Search, Booking and Ticketing Services
We may use personal data to: Search travel schedules, fares, availability and routing options, Create bookings, Issue tickets, Submit waitlist requests, Process passenger details, Manage supplier confirmations, Generate booking references, ticket numbers and travel documents, Provide e-tickets, confirmations, receipts and itinerary information, Support API-based booking and ticketing workflows.

4.3 Post-Booking Servicing
We may use personal data to: Manage cancellations, refunds, voids, exchanges and reissues, Handle schedule changes and disruptions, Assist with seat selection, baggage, meals or ancillary services, where available, Support customer service enquiries, Investigate booking errors, failed transactions or supplier issues, Communicate updates to business partners or authorised users.

4.4 Business Operations and Partner Support
We may use personal data to: Provide technical, commercial and operational support, Manage service requests and account enquiries, Maintain business records, Process invoices, statements, payments, credits and refunds, Monitor usage, transaction volume and service performance, Conduct reporting and reconciliationImprove service quality and partner experience.

4.5 Security, Fraud Prevention and Compliance
We may use personal data to: Verify user identity and access rights, Detect unauthorised access, suspicious activity or misuse of our systems, Prevent fraud, abuse, chargebacks, unauthorised ticketing or policy violations, Monitor API usage and system logs, Maintain platform security and operational integrity, Comply with laws, regulations, court orders, regulatory requests or law enforcement requests, Conduct audits, investigations, dispute resolution and legal claims management

4.6 Marketing and Business Communications
Where permitted under applicable law, we may use business contact information to: Send service updates, Share platform announcements, Provide information about new products, routes, suppliers or features, Invite partners to meetings, events, webinars or commercial discussions, Send relevant B2B marketing communications.

You may opt out of marketing communications at any time by following the unsubscribe instructions in our emails or contacting us directly. We may still send non-marketing communications relating to your account, transactions, security, service updates or contractual relationship with Tinggo.

5. Disclosure of Personal Data

We may disclose personal data to third parties where necessary for the purposes described in this Privacy Policy. These third parties may include: Airlines, Rail operators, Global distribution systems, NDC providers, Travel content aggregators, Ticketing and reservation systems, Ground handling or servicing partners, Payment processors and banks, Technology service providers, Cloud hosting providers, Data storage and cybersecurity providers, Customer support and communications providers, Professional advisers, including lawyers, auditors and accountants, Regulators, government authorities, law enforcement agencies or courts, Related companies, affiliates or authorised business partners of Tinggo, Any party involved in a merger, acquisition, restructuring, financing or transfer of business assets, subject to appropriate confidentiality obligations.

We only disclose personal data where it is reasonably necessary for our business operations, service delivery, compliance obligations or other purposes permitted by law.

6. International Transfers of Personal Data

Tinggo operates in the travel and technology sector, where bookings and servicing often require personal data to be transferred across borders. Your personal data may be transferred to, stored in or processed in countries outside Singapore, including countries where travel suppliers, airlines, rail operators, GDSs, API providers, cloud service providers, technology vendors, payment processors, support teams or related companies are located. Where personal data is transferred outside Singapore, we will take reasonable steps to ensure that such personal data continues to receive a standard of protection comparable to that required under Singapore’s Personal Data Protection Act 2012, where applicable.

7. Cookies and Similar Technologies

Our website and digital platforms may use cookies, pixels, tags, scripts, log files and similar technologies to support website functionality, security, analytics and user experience. We may use cookies to Enable website and portal functionality, Maintain login sessions, Remember user preferences, Improve website performance, Analyse website traffic and user behaviour, Detect technical issues or security risks, Support marketing or remarketing activities, where applicable. You may adjust your browser settings to block or delete cookies. However, certain website or portal functions may not work properly if cookies are disabled.

8. Data Security

We take reasonable administrative, technical and organisational measures to protect personal data in our possession or under our control against unauthorised access, collection, use, disclosure, copying, modification, disposal or similar risks. These measures may include Access controls, User authentication, Role-based permissions, System monitoring, Encryption where appropriate, Secure data transmission where appropriate, Internal policies and procedures, Staff training, Vendor due diligence, Incident response processes, Regular review of security practices. However, no method of transmission over the internet or electronic storage is completely secure. While we take reasonable steps to protect personal data, we cannot guarantee absolute security.

9. Accuracy of Personal Data

We rely on business partners, authorised users, travellers and other relevant parties to provide accurate, complete and up-to-date personal data.You should ensure that all personal data submitted to Tinggo, including passenger details, travel document details and contact information, is accurate before submitting any booking, ticketing, waitlist, refund, exchange or servicing request.Tinggo is not responsible for errors, failed bookings, denied boarding, ticketing issues, penalties, supplier rejection or other consequences arising from inaccurate, incomplete or outdated personal data provided to us.

10. Retention of Personal Data

We will retain personal data for as long as reasonably necessary to fulfil the purposes for which it was collected, or as required for legal, regulatory, accounting, tax, audit, contractual, operational, security or dispute resolution purposes.Retention periods may vary depending on the type of data and the purpose of processing. For example, booking, ticketing, invoice, payment, audit and compliance records may be retained for a longer period where required by law, contractual obligations or business requirements. When personal data is no longer required, we will take reasonable steps to delete, anonymise or securely dispose of it.

11. Access and Correction Requests

Subject to applicable law, you may request access to personal data that we hold about you or request correction of inaccurate or incomplete personal data. To make an access or correction request, please contact our Data Protection Officer using the contact details provided below. We may need to verify your identity before processing your request. We may also charge a reasonable administrative fee for access requests, where permitted by law. If a fee applies, we will inform you before processing the request. There may be circumstances where we are unable to provide access or correction, including where exceptions under applicable law apply.

12. Withdrawal of Consent

Where we rely on your consent to collect, use or disclose personal data, you may withdraw your consent by contacting us.Please note that withdrawing consent may affect our ability to provide services to you or your company. For example, if passenger data cannot be processed, we may not be able to complete bookings, issue tickets, manage waitlist requests, process refunds or provide post-booking support.Withdrawal of consent does not affect any collection, use or disclosure of personal data that was carried out before the withdrawal, or any continued processing permitted or required by law.

13. Business Partner Responsibilities

As Tinggo is a B2B platform, many bookings and service requests are submitted by business partners acting on behalf of their own customers, travellers or employees. Business partners are responsible for:

  • Obtaining all required consents from travellers and other individuals
  • Providing all required privacy notices to their customers, staff or travellers
  • Ensuring that personal data submitted to Tinggo is accurate and complete
  • Ensuring that they have the right to disclose personal data to Tinggo
  • Complying with applicable data protection, consumer protection, travel, payment and regulatory requirements
  • Ensuring that their authorised users use Tinggo’s systems lawfully and appropriately
  • Where a business partner uses Tinggo’s API, portal or support services to process personal data, the partner must ensure that its own privacy policy, customer terms and internal procedures properly cover such processing.

14. Third-Party Websites and Services

Our website, portal, emails or documents may contain links to third-party websites, supplier platforms, payment pages or external services.We are not responsible for the privacy practices, content, security or policies of third-party websites or services. You should review the privacy policies of those third parties before providing any personal data to them.

15. Children’s Personal Data

Our services are intended for business partners and authorised users. However, we may process children’s personal data where required for travel bookings, such as child or infant passenger details.Where a child’s personal data is provided to us, the business partner, parent, guardian or authorised representative is responsible for ensuring that the required consent or legal basis has been obtained.

16. Data Breach Management

If we become aware of a data breach involving personal data, we will assess the incident and take appropriate steps in accordance with applicable law and our internal procedures.Where required, we may notify affected individuals, business partners, regulators or other relevant parties.

17. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our business, services, systems, legal obligations or data protection practices. The updated version will be posted on this page with a revised “Last updated” date. Your continued use of our website, portal, API or services after any update means that you acknowledge the updated Privacy Policy.

18. Contact Us

If you have any questions, requests, complaints or feedback regarding this Privacy Policy or how Tinggo handles personal data, please contact:

Data Protection Officer
Tinggo Travel Pte. Ltd.
Email: privacy@tinggo.com
Mailing Address: 10 Woodlands Square, #03-56 Woods Square, Singapore 737714

Please include your name, legal company name, contact details and a clear description of your request so that we can respond appropriately. We will acknowledge and respond to your request as soon as reasonably practicable. In general, we aim to respond within 14 business days from the date we receive your request. If we require more time due to the nature or complexity of the request, we will inform you accordingly.