Why should I choose Tumodo?

Tumodo is an all-in-one business travel platform, where you can book any services for business trips in one window. We guarantee full transparency, the protection of user data and reliable interaction.

What is included in the cost of using the Tumodo platform?

After you start working with Tumodo, you get not only a multifunctional platform for business trips, where you can arrange any services and set up integrations with accounting systems. We provide 24/7 support service and an extensive database of suppliers.

Are Tumodo prices different from airline and hotel websites?

No, they’re not. Tumodo has no overcharge or hidden fees. The amounts you see in your search are transferred to our system directly from suppliers.

How to start working with Tumodo?

Here’s how you can start working with Tumodo: 1) leave a request on our website; 2) write to hello@tumodo.io; 3) call +971(4)550-39-00. Our manager will contact you and help you conclude an agreement.

How does Tumodo help after connecting to the platform?

Your company is provided with a personal manager who not only provides training, but also helps in setting up the necessary functionality. The specialist always stays in touch with you — you can ask him any question about working with the platform.

Tumodo Privacy Notice

1. OUR ROLE IN YOUR PRIVACY

If you are a Tumodo user, a traveller, a prospective customer, or just visiting our website, this Privacy Policy applies to you and us. We understand how important your privacy is, and we make it a top priority to keep your personal information safe.

At Tumodo we are deeply committed to protecting your privacy and ensuring the security of your personal information. Our dedication to privacy extends across all aspects of our operations, from the collection and processing of data to its storage and disposal. We adhere to stringent data protection standards and comply with applicable laws and regulations to safeguard your information.

Our practices are designed to ensure transparency, providing you with clear information about how your data is used, and give you control over your personal information. We continuously review and enhance our privacy measures to adapt to evolving legal requirements and technological advancements, reinforcing our commitment to maintaining the trust you place in us.

2. WHO ARE WE?

At Tumodo, we simplify business travel with our all-in-one platform for booking and managing flights, hotels, trains, and transfers. Since 2021, we've combined smart technology with expert support to help over 300 companies save time and money on thousands of bookings every day.

This Privacy Policy explains how we collect, use, and protect your information when you visit our website or use our services. Please review and accept the practices described in this policy before using our services.

3. WHAT IS PERSONAL DATA?

Personal data includes any information that can be used to identify you, whether on its own or when combined with other details. This may cover your name, contact details like email or phone number, billing information, and records of your purchases.

It also includes technical data such as your IP address, user ID, browsing activity, and any other information you share with us while using our services or communicating with our team.

4. RESPONSIBILITIES

4.1. Our Responsibilities

4.1.1. We may function either as a Data Processor or a Data Controller, depending on the nature and context of our relationship with you. When we process your Personal Data on behalf of your employer or any organization that has entered into a service agreement with us, we act solely as a Data Processor, following the instructions provided by that organization (the Data Controller). While we work as Data Processors, we do not determine the purpose or means of processing your data, and our role is limited to facilitating the services as per our contractual obligations.

4.1.2. Conversely, we act as the Data Controller when we collect your Personal Data directly from you and independently determine the purposes and means of processing such information. This typically occurs when you interact with us directly through our Website, Mobile Application, or other platforms without any involvement from a third-party organization. In these situations, we process your data in accordance with the reasons outlined in this Privacy Policy, ensuring full compliance with applicable data protection laws and maintaining transparency, security, and accountability throughout the data lifecycle.

4.2. Your Responsibilities

4.2.1. We encourage you to carefully review this Privacy Policy to understand how we handle your personal information. If you are a customer, we also advise you to refer to the Travel Services Agreement, which outlines the specific terms regarding the processing of your data. Under this agreement, we act as a data processor on behalf of your employer, and the details of how we manage your data are provided within.

4.2.2. In cases where you provide us with personal information about someone else, or if third parties share your personal information with us, we assure you that such data will only be used for the purposes described in this Privacy Policy. By sharing this information, you confirm that you have obtained the necessary consent and have the legal right to disclose it to us, allowing us to process it in accordance with the terms set forth herein.

5. TYPES OF DATA WE COLLECT

5.1. Information that is Provided to Tumodo directly:

5.1.1. Contact Details:

To get started with our company, you are asked to provide certain personal information, including your name, email address, phone number, company name, and any other contact details you choose to share. This information allows us to initiate communication, manage your account, and provide you with the necessary services.

5.1.2. Professional Information:

We ask for professional information such as the company, entity, or organization you work for, collaborate with, or represent. This helps us understand your needs, tailor our services, and establish effective communication.

5.1.3. Customer Support:

When you reach out to us for customer support, we may collect essential information such as your name, email and contact details to provide the assistance you need. We ensure that we only request the information strictly necessary to address your support inquiries effectively and efficiently. This enables us to resolve your issues promptly while respecting your privacy.

5.1.4. Survey, Firmographic and Demographic Data:

As part of our surveys, we collect a combination of personal and non-personal data to better understand user and business profiles. This may include personally identifiable information such as your first name, last name, job title, company name, and email address, some of which are required fields along with firmographic details like industry, company size, location, and number of employees. Additionally, we gather demographic data providing opt out mechanisms along with feedback. All responses are anonymized in final reports to protect user privacy.

5.1.5. Travel Data:

We may collect detailed travel-related information to facilitate and manage your bookings and travel arrangements. This can include identity document details such as the document number, date of issue, issuing authority, and expiry date, as well as the traveller’s full name, date of birth, and country of origin. We may also gather visa-related information, including the visa number and other relevant details. Additional data may include the name of the traveller’s employer, reservation code, ticket number, departure and arrival locations, travel dates and times, hotel name and address, and transfer details. This information is essential for ensuring accurate and seamless travel services.

5.1.6. Other Information:

Any other information you provide in your requests for information or that is generated during the contractual relationship between your company, organization, or entity and Tumodo.

5.2. Information Automatically Collected by Tumodo:

5.2.1. Device Information:

While using our Website or Mobile App, your device may automatically share certain technical information with us. This can include a unique device ID, the type of operating system you're using, and for mobile users, the advertising identifier linked to your device. We collect this data through cookies and similar tracking tools. For detailed information on how we handle cookies, please see our Cookie Policy.

5.2.2. Data that identifies you:

As you navigate through our Website or Mobile Application, certain usage data is automatically collected to help us understand how you interact with our Services. This information may include your IP address, browser type, domain name, referral and exit URLs, specific pages visited, the sequence of your navigation, time and date of access, and other relevant technical insights. These details are gathered using cookies and similar technologies to help us improve functionality, enhance user experience, and maintain the performance and security of our platform.

5.2.3. Data on how you use Tumodo:

We collect information about how you interact with the Tumodo app and website to better understand your experience and improve our services. This includes data on your app usage patterns, such as the paths you navigate (clickstreams), the products or services you explore, search terms, clicks, and pages you visit. We also monitor page load times, any errors encountered during use, the duration of your visits, actions performed on each page, how frequently those actions occur, and referral sources—meaning the website or platform that directed you to Tumodo. This behavioural data helps us optimize functionality and personalize your experience.

5.2.4. Location Data:

When you access our Website or Mobile Application, we may estimate your geographic location to provide content that is relevant and tailored to your region. This is typically done by analysing your IP address, which helps us determine your general location, such as your country or city. By localizing content based on your region, we aim to enhance your experience by displaying information, services, or features that are most applicable to where you are accessing our platform from. Please note that this location data is approximate and is not used to identify your exact position.

5.3. Sensitive Data:

We want to assure you that we do not collect any sensitive personal information as defined under applicable data protection laws. This includes data revealing your racial or ethnic background, political views, religious or philosophical beliefs, trade union affiliations, or any genetic or biometric data. Additionally, we do not gather information related to your health, sexual orientation or sexual life, or any details concerning criminal convictions or alleged offences. Our data collection practices are strictly limited to what is necessary for providing and improving our services, and we take great care to respect your privacy and comply with all relevant legal standards.

6. COOKIES

6.1.

Tumodo uses cookies and similar technologies across our Website and Services to support the collection of personal data and enhance your overall experience. These tools allow us to gain insights into how users interact with our platform, helping us to improve functionality, strengthen security, detect and prevent fraudulent activity, and understand which areas of the Website are most frequently visited. Additionally, cookies help us evaluate the performance of various web features and ensure smoother operation. To learn more about how we use these technologies and the choices available to you, please refer to our Cookie Policy.

6.2.

You can also manage your preferences with our cookie banner or delete cookies through your browser settings. However, if you use your browser settings to disable, reject, or block cookies (including essential cookies), certain parts of our website or app may not function fully. In some cases, our website or app may not be accessible at all. Please note that we have no control over how third parties use cookies.

7. LEGAL GROUNDS OF PROCESSING (WHY WE USE YOUR DATA)

We process your personal data in accordance with applicable data protection laws and rely on a range of legal grounds to ensure that all processing is lawful, fair, and transparent. These legal bases include:

7.1. Consent

We process your personal data based on your freely given, specific, informed, and unambiguous consent, where required by law. This includes subscribing to newsletters, promotional messages, or surveys. You may withdraw your consent anytime via opt-out links or by contacting us at dpo@tumodo.io, without affecting prior lawful processing. Please refer to our Consent Management Policy for comprehensive guidance on how we manage user consent.

7.2. Contractual Necessity

Certain processing activities are essential to fulfil the terms of a contract we have with you. This includes actions such as processing your transactions, managing your account, and providing you with customer support or access to our services. Without this data, we may be unable to deliver the services you have requested.

7.3. Legal Obligation

In some cases, we are required to process your personal data to comply with legal and regulatory obligations. This includes, for instance, maintaining financial and transaction records for tax compliance, or responding to valid legal requests from public authorities or law enforcement.

7.4. Legitimate Interests

We may also process your information when it is in our legitimate business interests, provided that these interests do not override your own rights and freedoms. Such purposes may include but not be limited to enhancing and improving our services, managing customer inquiries and support, ensuring the security and integrity of our systems, including fraud detection and prevention and others.

In exceptional circumstances, we may process your data to protect your vital interests or those of another person — for example, in a medical emergency. We take care to assess and document our legal bases before carrying out any data processing. If you have questions or concerns about how your data is being handled, you’re encouraged to contact us using the details provided in the Contact Us section of this Privacy Policy.

8. HOW WE USE YOUR DATA

We can only use your data for specific reasons and if we have a legal basis to do so. These reasons include:

8.1. Managing our contractual relationship

8.1.1.

To facilitate the organization and management of travel arrangements in accordance with the terms of the Travel Services Agreements entered into with our clients. This includes the execution, fulfilment, oversight, and enforcement of contractual obligations, as well as the preparation and issuance of invoices, generation of cost reports, and the collection of payments from customers.

8.1.2. Legal Basis for Processing

Processing is carried out as necessary for the performance of the Travel Services Agreement between the parties.

8.1.3. Categories of Personal Data Involved

Contact Details (e.g., name, phone number, email address)
Professional Information (e.g., company name, job title)
Identifiers (e.g., government-issued IDs, reservation numbers)
Travel Data (e.g., travel itinerary, hotel details, visa information)
Additional Information relevant to travel service execution and compliance monitoring

8.2. Prospective contractual relationship

8.2.1.

To respond to inquiries regarding our company and the services we offer, to process service requests submitted on behalf of your company, entity, or organization, and to initiate, evaluate, or manage potential contractual relationships between Tumodo and your business or institution.

8.2.2. Legal basis for Processing

NDA or consent provided at pre-contractual meetings and communication.

8.2.3. Data categories

Contact details
Professional information
Data that identifies you

8.3. Marketing communications

8.3.1.

To keep you informed about Tumodo’s services and offerings that are similar to those you have previously requested, used, or shown interest in. This may involve sending promotional or commercial communications via email, phone, or other electronic means. Where permitted under applicable laws, we may also send you communications regarding other products or services that may be relevant to your business needs. You have the right to opt out of receiving such communications at any time. To do so, simply click the “unsubscribe” link included in our emails or contact us directly at dpo@tumodo.io.

8.3.2. Legal basis of Processing

Travel Services Agreement or Consent, Legitimate interest — developing and growing our business with our clients. You can request to unsubscribe from receiving commercial communications at any time and at no cost.

8.3.3. Data categories

Contact details
Professional information

8.4. Suppliers

8.4.1.

We securely share travel-related data with our trusted service providers such as airlines, hotels, and car rental companies through protected and compliant IT channels to facilitate the provision of travel services.

8.4.2. Legal basis of Processing

Travel Services Agreement, Consent.

8.4.3. Data categories

Data for traveling

8.5. Improving Services of Tumodo

8.5.1.

We process your data to improve user experience and enhance the functionality of our services. We also collect your feedback through third-party platforms, questionnaires, and live sessions to better tailor our services to your needs. To support development and analytics, we may anonymize certain data to ensure individual identities remain protected. Additionally, we may record and review calls with the Tumodo team for quality assurance purposes. Our analysis may involve the use of artificial intelligence and other advanced techniques, and in some cases, we may engage trusted third-party service providers to assist with these processes under strict data protection obligations.

8.5.2. Legal basis of Processing

Travel Services Agreement, Consent, Legitimate interests —

(i) having tools to improve customer service and be in a position to defend from and minimize claims from our clients, and
(ii) analysing our business practices so that we can make informed decisions and define our strategies for developing and growing our business.

8.5.3. Data categories

Contact details
Professional information
Data that identifies you
Data on how you use Tumodo
Other information (for example, feedback data)

8.6. Customer support

8.6.1.

To communicate important updates regarding changes to our services and to resolve any issues you may encounter on our platform, we may contact you via email, phone, or live chat.

8.6.2. Legal basis of Processing

Travel Services Agreement, Legitimate interests —

(i) fulfilling our contractual obligations towards our clients, and
(ii) developing and strengthening our brand reputation and protecting and growing our business.

8.6.3. Data categories

Contact details
Professional information
Data that identifies you
Data for travelling
Other information

8.7. Maintaining security of the Tumodo services and Website

8.7.1.

To ensure the lawful and appropriate use of our services and website by actively monitoring, detecting, investigating, and preventing any unauthorized, unlawful, or abusive activities that may violate Tumodo’s internal policies or applicable legal and regulatory requirements.

8.7.2. Legal basis of Processing

Applicable laws and regulations, Legitimate interest — protecting our assets and clients from cyberattacks and similar malicious actions.

8.7.3. Data categories

Contact details
Professional information
Data that identifies you
Other related information

8.8. Fraud prevention

8.8.1.

To identify, prevent, and mitigate activities that may be unlawful or otherwise prohibited, as well as to ensure full compliance with applicable legal and regulatory obligations. This includes, but is not limited to, the issuance of invoices to customers and the fulfilment of statutory requirements related to fraud detection and prevention.

8.8.2. Legal basis of Processing

Applicable laws and regulations, Legitimate interest — protecting our business and clients from fraudulent actions with both internal and external sources.

8.8.3. Data Categories

Contact details
Professional information
Data that identifies you
Other information

8.9. Complying with legal obligations

8.9.1.

To comply with applicable laws and regulatory obligations, including but not limited to anti-terrorism measures, government reporting requirements, and other legally mandated disclosures. This also includes the processing of personal data in response to lawful requests from regulatory authorities, law enforcement agencies, or judicial bodies.

8.9.2. Legal basis of Processing

Applicable laws and regulations.

8.9.3. Data categories

Contact details
Professional information
Data that identifies you
Other information

We only process your personal data for the purposes described above and ensure that the processing is necessary, proportionate, and limited to what is necessary for the purposes for which it was collected.

9. DATA SUBJECT RIGHTS AND CHOICES

9.1. Data Subject Rights

As a data subject, you are entitled to a range of rights under applicable data protection laws. These rights are designed to give you greater control over your personal data and how it is used. We respect and uphold these rights for all individuals whose data we process. You may exercise the following rights at any time, subject to certain legal limitations:

9.1.1. Data Subject Rights under European Union

Right to Access: Allows Data Subjects to obtain a copy of their personal data and details of its processing.
Right to be Informed: Data Subjects must know how their personal data is being processed and used.
Right to Rectification: Data Subjects can request corrections to inaccurate or incomplete personal data.
Right to Erasure (Right to be Forgotten): Data Subjects can delete personal data under specific circumstances.
Right to Restriction of Processing: Data Subjects can limit how their data is used, for example, during disputes about accuracy.
Right to Data Portability: Data Subjects can receive and transfer their data in a structured, machine-readable format.
Right to Object: Data Subjects can object to processing for direct marketing and other legitimate interests.
Right not to be Subject to Automated Decision Making: Data Subjects are protected from decisions made solely through automated means without human intervention.

9.1.2. Data Principal Rights in India

Right to Access Information: Data Principals can access a summary of personal data and its processing.
Right to Correction and Erasure: Data Principals can request correction, completion, and erasure of personal data.
Right to Grievance Redressal: Data Principals have the right to register complaints with data fiduciaries.
Right to Nominate: Data Principals can nominate another person to exercise rights in case of death or incapacity.
Right to Withdraw Consent: Data Principals can revoke consent at any time, halting further processing.

9.1.3. Data Subject Rights under Kingdom of Saudi Arabia

Right to Access: Data Subjects can request access to their personal data held by data controllers.
Right to be Informed: Data Subjects must know how their personal data is being processed and used.
Right to Rectification: Data Subjects have the right to correct, complete, or update personal data.
Right to Erasure: Data Subjects may request deletion of personal data when no longer necessary or upon consent withdrawal.
Right to Withdraw Consent: Data Subjects can withdraw their consent at any time, preventing future processing.
Right to Data Portability: Data Subjects can request their data in a readable format.
Right to Object to Processing: Data Subjects can refuse automated processing that produces legal effects.
Right to Restrict Processing: Data Subjects may limit processing in specific situations.

9.1.4. Data Subject Rights in United Arab Emirates

Right to Access: Data Subjects can request and receive access to their personal data.
Right to Rectification: Data Subjects can rectify inaccurate or incomplete data.
Right to Erasure: Data Subjects may request deletion under defined conditions (e.g., consent withdrawal).
Right to Restriction of Processing: Data Subjects can limit the processing of their data under certain conditions.
Right to Data Portability: Data Subjects can obtain their personal data in a structured, machine-readable format.
Right to Object: Data Subjects can object to processing for direct marketing or other purposes.
Right Not to Be Subject to Automated Decision-Making: Data Subjects have the right to human intervention in automated decision processes.

9.1.5. Data Subject Rights in Kazakhstan

Right to Access: Data Subjects can access information on whether and how their personal data is being processed.
Right to be Informed: Data Subjects must know how their personal data is being processed and used.
Right to Rectification: Data Subjects have a right to correct inaccurate or outdated personal data.
Right to Erasure: Data Subject’s personal data must be deleted if the processing purpose is fulfilled or consent is withdrawn.
Right to Withdraw Consent: Data Subjects can revoke consent, ceasing the processing of their data.
Right to Be Informed: Data Subjects have the right to be informed about the collection and use of their personal data.

9.2. Data Subject Choices

9.2.1.

You have the option to withhold your personal data when interacting with us. However, please be aware that not providing certain information may affect the functionality of our website, and you may be unable to access our app or use certain services as intended.

9.2.2.

You have the ability to manage or block cookies through your browser settings or via the cookie banner displayed on our website. Additionally, you can delete cookies through your browser settings. Please note that disabling cookies may impact the performance and availability of certain features and services on our website.

9.2.3.

If we intend to use your data for marketing purposes, we will inform you in advance and provide details about any third parties involved. Unless we rely on your consent (which you can withdraw at any time), you can opt out of receiving marketing communications by contacting us at dpo@tumodo.io.

9.3. Exercising Your Data Subject Rights

9.3.1.

You can reach out to us anytime if you have any questions or wish to exercise your rights using the information in the "Contact Us" section below or through email at dpo@tumodo.io. Please refer to our Data Subject Rights Manual for comprehensive guidance on how we manage your rights.

9.3.2.

Once a request is received, we will acknowledge it within the timelines prescribed under applicable laws and provide information on the next steps, including any additional documentation or clarification needed. We may take reasonable steps to verify your identity before acting on your request. Where a request is made through an authorized representative, proof of authorization will also be required.

9.3.3.

Your request will then be reviewed and assessed in accordance with applicable data protection laws. This includes determining whether the request is lawful and whether any exemptions apply. In cases where the request is valid, we will take appropriate action such as providing a copy of your personal data, correcting inaccurate details, deleting data, or enabling data transfer to another service provider.

9.3.4.

If the request is accepted, we will initiate the internal process to fulfil it, which may involve coordinating with relevant departments or data processors. Once the request has been completed, we will notify you of the outcome, including details of the action taken and any data we are required to retain under applicable laws.

9.3.5.

However, we may decline to act on a request if it is manifestly unfounded, excessive, repetitive, or if complying would conflict with our legal obligations, regulatory requirements, or the rights and freedoms of others. In such cases, we will inform you of the reason for the denial and advise you of your right to escalate the matter to the relevant supervisory authority or grievance officer.

9.3.6.

Once your request has been completed or lawfully denied, we will provide a final response within the timeframe required by law. All such requests and outcomes are logged and retained in accordance with our internal compliance procedures.

9.3.7.

All requests and their outcomes — whether fulfilled or denied — are documented and retained securely in accordance with our internal compliance procedures and legal obligations.

10. SAFEGUARDING YOUR INFORMATION

We place the highest priority on safeguarding your personal data through comprehensive security measures. To prevent unauthorized access and data breaches, we employ strict security protocols. Additionally, we limit the collection and processing of personal data to what is strictly necessary for fulfilling our intended purposes, thereby reducing the risk of unauthorized access. We have a comprehensive security program designed to keep your personal data safe which consists of:

ISO 27001, ISO 27017, ISO 27018, SOC 1, SOC 2, SOC 3, PCI DSS Level 1, and BSI’s C5 certified third party Data Centre.
Encryption in transit and at rest with both the platform and at the Tumodo endpoint.
Firewalls on Network and Application Layer.
Data pseudonymization where necessary.
Define and enforce data retention policies to delete or archive data that is no longer needed, reducing the risk of exposure.
Encrypt sensitive data prior to recording to database or on disk, ensure secure management of encryption keys.
Database security measures, such as safe and reliable authentication, access control and database-level encryption.

Please be aware that you provide your personal data at your own risk, as no data transmission can be guaranteed to be 100% secure. You are responsible for maintaining the confidentiality of your username and password, so please ensure they are kept secure and private. If you believe your privacy has been compromised, we urge you to contact us immediately at dpo@tumodo.io.

11. DATA RETENTION

11.1.

We retain your personal data for as long as you maintain an active relationship with Tumodo. This includes the period during which you use our services, access our platforms, or otherwise engage with us. Once this relationship comes to an end — whether by termination, inactivity, or any other reason — we will restrict further use of your personal data by placing it under a secure retention policy.

11.2.

Your data will then be retained in a blocked or restricted-access format for the duration of any applicable statutory limitation periods. This is necessary to demonstrate our compliance with legal obligations, resolve disputes, enforce our agreements, and protect our legal rights. During this time, your data will not be used for any other purposes.

11.3.

After the expiration of the relevant retention or limitation periods, we will either securely delete your personal data or irreversibly anonymize it so that it can no longer be associated with you. This ensures that we meet both our legal responsibilities and our commitment to protecting your privacy.

12. THIRD PARTY PROCESSING

Your privacy is fundamental to everything we do, and we are dedicated to protecting your personal information at every step. In order to deliver our services effectively and enhance your overall experience, it may be necessary for us to share your data with carefully selected third-party partners. This section explains the circumstances under which such data sharing occurs, as well as the safeguards we implement to ensure your information is handled with the highest standards of security and integrity. We may share your data with different companies or organizations for the following reasons:

12.1. Data sharing and Cross Border Data Transfer

We may engage third-party companies and individuals ("Processors") to facilitate our services, provide services on our behalf, or assist us in analysing how our services are used. These Processors may have access to your personal information only to perform these tasks on our behalf and are obligated not to disclose or use it for any other purpose. We ensure that we enter into binding confidentiality and Data Protection Agreements with such Processors and ensure that they are GDPR compliant or adhere to similar data protection standards if located in other jurisdictions. These providers may include platforms and tools related to travel management, customer support, marketing, operational efficiency, cybersecurity, payment processing, and affiliated entities within the Tumodo group.

Sometimes, we may need to transfer personal data to a third country that has not been approved by the relevant supervisory authority as a safe destination for such transfers. These countries may have different data protection laws that may not be as protective as those in your country. In such cases, we ensure the use of Standard Contractual Clauses approved by the European Commission. These are a set of contractual terms and conditions that both the sender and receiver of the personal data agree to uphold, guaranteeing that the rights and freedoms of individuals are protected.

12.2. Professional advisors

As part of our routine business activities, we may disclose certain necessary and relevant personal data to our professional advisors. These may include legal counsel, auditors, accountants, and insurance providers. Such sharing is strictly limited to what is required for the provision of their services and is conducted under confidentiality obligations. This ensures that your personal information is handled responsibly and solely for legitimate business and compliance purposes.

12.3. Public bodies

We may share your personal data with government agencies, regulatory authorities, law enforcement bodies, courts, or tribunals when required by applicable laws and regulations. Such disclosures may occur to fulfil a legal obligation, respond to official and lawful requests, or to establish, exercise, or defend our legal rights. These actions are taken to protect our interests, your rights, and the rights and safety of others, ensuring compliance with legal and judicial processes.

12.4. Other third-party categories

In the event that it becomes necessary to share your personal data with third-party categories not previously identified, we will provide you with prior notice. Such disclosures will only occur after ensuring that appropriate legal safeguards and contractual protections are implemented to maintain the confidentiality, integrity, and security of your personal information in accordance with applicable data protection laws.

13. MONITORING, REVIEW AND UPDATE

Regular monitoring and periodic reviewing of this Policy shall be done to ensure compliance with the latest legal and regulatory requirements and to identify potential vulnerabilities.

14. CONTACT US

If you have questions or complaints regarding this Policy or the use of our services, you may contact us via email at dpo@tumodo.io. You may also contact us at our mailing address as provided below. Please mention "Data Privacy" as the subject in your mail for convenience.