Privacy Policy

Last Updated: December 2024

Introduction

cryospheron ("we," "us," or "our") respects your privacy and is committed to protecting your personal data. This privacy policy explains how we collect, use, disclose, and safeguard information obtained from visitors and clients of our winter tourism services.

This policy applies to all information collected through our website, email communications, phone conversations, and in-person interactions related to our travel services.

Information We Collect

Contact Information

When you inquire about or book our services, we collect:

Full name
Email address
Phone number
Mailing address
Emergency contact details

Travel Information

For travel arrangements and safety purposes, we collect:

Passport information
Date of birth
Nationality
Dietary requirements and restrictions
Medical information relevant to travel safety
Travel insurance details

Financial Information

For payment processing:

Billing address
Payment method details (processed through secure third-party providers)
Transaction history

Usage Data

When you visit our website, we automatically collect:

IP address
Browser type and version
Pages visited and time spent
Referring website
Device information

Communication Records

We maintain records of:

Email correspondence
Phone conversation notes
Feedback and survey responses
Service inquiries and responses

How We Collect Information

We collect information through:

Direct Interactions: Information you provide when contacting us, making bookings, or communicating about our services
Website Forms: Contact forms, inquiry forms, and booking request forms on our website
Automated Technologies: Cookies and similar tracking technologies when you browse our website
Third Parties: Information from payment processors, travel insurance providers, and travel partners with your consent

Legal Basis for Processing

We process your personal data based on:

Consent: You have given explicit consent for specific purposes
Contract Fulfillment: Processing is necessary to fulfill our travel service agreements with you
Legitimate Interests: Processing is necessary for our legitimate business interests (e.g., improving services, marketing) while respecting your privacy rights
Legal Obligations: Compliance with Singapore's Personal Data Protection Act (PDPA) and other applicable laws

How We Use Your Information

We use collected information to:

Service Provision

Process bookings and travel arrangements
Communicate about your trip details
Coordinate with local guides and accommodation providers
Ensure safety during travel
Handle special requirements and requests

Communication

Respond to inquiries and requests
Send booking confirmations and updates
Provide pre-trip information and preparation guidance
Share relevant travel advisories or changes

Service Improvement

Analyze website usage patterns
Gather feedback on travel experiences
Improve service quality and offerings
Develop new travel programs

Marketing (with consent)

Send information about new destinations
Share travel tips and insights
Offer relevant travel opportunities

Legal Compliance

Meet regulatory requirements
Respond to legal requests
Protect our legal rights
Prevent fraud or security incidents

Data Retention

We retain personal data for different periods depending on purpose:

Booking Information: 7 years after travel completion (for financial and legal compliance)
Marketing Consent: Until you withdraw consent or we cease operations
Website Analytics: 26 months from collection
Communication Records: 3 years after last interaction
Financial Records: 7 years (Singapore regulatory requirement)

After retention periods expire, we securely delete or anonymize data unless longer retention is required by law.

Data Protection and Security

We implement appropriate technical and organizational measures to protect your data:

Secure server infrastructure with encryption
Access controls limiting data access to authorized personnel only
Regular security assessments and updates
Staff training on data protection practices
Secure communication channels for sensitive information
Regular backups with encryption

While we strive to protect your data, no method of electronic storage or transmission is completely secure. We cannot guarantee absolute security but maintain industry-standard protections.

Data Sharing and Disclosure

We share your information only when necessary:

Service Providers

We share relevant information with:

Local guides and tour operators
Accommodation providers
Transportation companies
Travel insurance providers (with your consent)
Payment processors

Legal Requirements

We may disclose information to:

Comply with legal obligations
Respond to valid legal requests from authorities
Protect our rights and safety
Protect the rights and safety of travelers and third parties

Business Transfers

In the event of merger, acquisition, or sale of assets, your information may be transferred to the acquiring entity.

Your Rights Under Singapore PDPA

Under Singapore's Personal Data Protection Act, you have the right to:

Access: Request copies of personal data we hold about you
Correction: Request correction of inaccurate or incomplete data
Withdrawal of Consent: Withdraw consent for marketing communications or other processing based on consent
Data Portability: Request transfer of your data to another service provider where technically feasible
Object to Processing: Object to processing based on legitimate interests

To exercise these rights, contact us at [email protected]. We will respond within 30 days. Some rights may be limited by legal obligations or legitimate business needs.

International Data Transfers

As we arrange travel to destinations outside Singapore, your personal data may be transferred to:

Estonia (European Union)
Italy (European Union)
Russia

When transferring data internationally, we ensure appropriate safeguards including:

Contractual obligations requiring data protection
Verification that destination countries have adequate data protection laws
Limiting data shared to what is necessary for service provision

Third-Party Services

Our website and services may use third-party services including:

Google Analytics: For website usage analysis (see Cookie Policy)
Payment Processors: For secure payment handling
Email Service Providers: For communication management

Each third-party service has its own privacy policy governing how they handle data. We recommend reviewing their policies:

Google Privacy Policy: https://policies.google.com/privacy

Cookies and Tracking

We use cookies and similar technologies to enhance website functionality and analyze usage. For detailed information about our cookie practices, please see our Cookie Policy.

Children's Privacy

Our services are not directed to individuals under 18. We do not knowingly collect data from children. If traveling with minors, parents or guardians provide necessary information and consent on their behalf.

If we become aware we have collected data from a child without proper parental consent, we will delete that information promptly.

Changes to This Policy

We may update this privacy policy to reflect changes in our practices or legal requirements. Material changes will be communicated through:

Email notification to registered users
Prominent notice on our website
Updated "Last Modified" date at the top of this policy

Continued use of our services after policy changes constitutes acceptance of the updated policy.

Contact Us

For questions, concerns, or to exercise your privacy rights, contact:

Privacy Officer
cryospheron
250 North Bridge Road, #16-04
Raffles City Tower
Singapore 179101

Email: [email protected]
Phone: +65 6573 4128

Complaints

If you believe we have not adequately addressed your privacy concerns, you have the right to lodge a complaint with:

Personal Data Protection Commission Singapore
10 Pasir Panjang Road
#03-01 Mapletree Business City
Singapore 117438

Website: https://www.pdpc.gov.sg