PRIVACY POLICY
Privacy Notice
halalworld.com, which is part of HalalWorld (“we” or “us”), values you as our customer and
is aware that privacy is important for all of us. In this Privacy Notice, it is explained how,
within the scope of the services offered through halalworld.com, when you use our platform
and related services, we collect, process, store, use and transfer personal data under the law
and secondary legislation; your rights to determine within legal limits what we will do with the
information we collect or hold about you are set out, and it is stated how you can contact us.
Privacy Notice Summary
This section is a summary of our Privacy Notice. You can review the full Notice here or by scrolling down the page.
What does this Privacy Notice cover?
This Privacy Notice has been drafted to explain the following:
How and what types of personal data we collect and use
When and with whom we share your personal data
What choices you may have regarding the way we collect, use, and share your personal data
Ways to access your personal data and update it.
What personal data do we collect and use, and how do we collect it?
We collect personal data in the following circumstances:
When you give us personal data
When we collect it automatically
When we receive it from others
When you create an account on one of our sites, sign up on our sites to receive offers or information, or make a booking using our platform, you provide us with your personal data. In addition, when you visit our sites or download and use our applications, we collect this personal data through automated technologies such as cookies placed in your browser, obtaining your consent where required. We also receive personal data from affiliated companies within HalalWorld and from business partners and third parties that help us improve our platform and related tools and services, update and maintain records accurately, potentially detect and investigate fraud situations, and market our services more effectively.
When is your personal data shared?
Your personal data may be shared for certain purposes, including helping you make a travel/holiday booking, providing you with support regarding your travel and/or holiday accommodation, contacting you (including when we send you information about products and services or enable you to communicate with travel suppliers and/or accommodation providers), and complying with laws. The full version of the Privacy Notice below explains how personal data is shared.
What are your rights and choices?
You can exercise your data protection rights in various ways. For example, you can opt out of receiving marketing emails by clicking the "unsubscribe" link in emails or, as appropriate, from your account or by contacting our customer service. In our Privacy Notice, in addition to the options available to you, more information about data protection rights and choices is provided.
How can you contact us?
You can access more information about our privacy practices in the full version of our Privacy Notice. You can also Contact Us to ask questions about how we process your personal data or to make requests regarding your personal data.
Privacy Notice
Categories of Personal Data We Collect and Use
Sharing of Personal Data
Joint Use of Personal Data
Our Use of Artificial Intelligence
Your Rights and Choices
International Data Transfer
EU – U.S. Data Privacy Framework
Participation in the Global Cross-Border Privacy Rules System
Security
Minors
Record Retention
Contact Us
Updates to this Privacy Notice
Cookie Notice
Collection and Use of Your Personal Data
In this section, you will find information about:
the types of personal data we collect and use, and how we collect and use them,
the purposes for which we collect and use this information, and
the legal bases we rely on when collecting and using them.
Legal Bases for Processing
The table below shows the legal bases we rely on to collect and use your personal data.
In summary, when we collect or use your personal data, the collection or use must be based on one of the following criteria:
Consent: This means you have given your consent for us to process your personal data (e.g., sending you marketing communications where consent is required).
Legal obligation: This means we have a legal obligation to collect personal data from you or to use it for a specific purpose (e.g., using your transaction history to meet our financial and tax obligations under the law).
Performance of a contract: This means the personal data is necessary in order to enter into a contract with you (for example, to manage your booking, process payments, or create an account at your request).
If we require you to provide personal data in order to comply with a legal requirement or to enter into a contract with you, we will make this clear at the relevant time and inform you whether providing your personal data is mandatory (as well as the possible consequences if you do not provide it).
Legitimate interests: This means processing is necessary for our legitimate interests and those interests are not overridden by your rights (as explained below).
Some countries and regions, such as Turkey, permit us to process personal data on the basis of legitimate interests. When we collect and use your personal data based on our (or a third party’s) legitimate interests, these will usually involve operating or improving our platform, providing services to you as needed, conducting security verification when you contact us, responding to inquiries, carrying out marketing activities, or detecting and preventing unlawful activity. Regardless of our specific legitimate interest, we always assess its appropriateness in light of the potential impact on your rights. Although the concept of legitimate interest is recognized only in certain countries and regions, we weigh the use of your personal data against your general rights in all cases.
Categories of Personal Data We Collect and Use
We collect and use personal data for the following purposes:
Platform Use and Booking Purposes (including the following):
Enabling your booking, verifying your identity, and for travel insurance purposes.
Reserving the requested travel (such as flight, car, cruise, activity, and hotel) or enabling a resort booking.
Providing services related to your booking and/or account.
Creating, maintaining, and updating user accounts on our platform and verifying your identity as a user.
Retaining your search and travel history, accommodation and travel preferences, and similar information about your use of HalalWorld’s platform and services (and in other ways specified in this Privacy Notice).
Enabling and facilitating the acceptance and processing of payments (such as collecting and verifying your payment details in our various payment models to hold a booking, secure a reservation, allow a travel partner to check the validity of your card, speed up the payment process, or deal with applicable fees, charges, payments, and refunds), as well as coupons and other transactions.
Managing customer loyalty and reward programs.
Collecting and enabling reviews related to bookings.
Helping you use our services more quickly and easily through features such as signing in with your account on online services and on some HalalWorld brand sites.
Communication and Customer Service Purposes (including the following):
Responding to your questions, requests for information, and information processing preferences.
Enabling you to communicate with travel suppliers (such as hotels and resort owners).
Providing information such as booking confirmations and updates, emergency notifications, or contacting you for other purposes described in this Privacy Notice (e.g., via SMS, email, phone call, mail, push notifications, or other messaging platforms).
Marketing Purposes (including the following):
Communicating with you for marketing purposes (such as SMS, emails, phone calls, mail, in-app messaging, push notifications, or messages through other communication platforms).
Analyzing information such as internet browsing and/or purchase history and using the results to improve advertising and marketing tailored to your interests and preferences.
Measuring and analyzing the effectiveness of our marketing and promotions.
Managing promotions such as contests, sweepstakes, and similar giveaways.
Providing targeted advertisements and promotions based on your profile. Our Cookie Notice explains in more detail how we use cookies and similar tracking technologies.
Market Research, Analytics, and Training Purposes to Improve Our Services (including the following):
Conducting surveys, market research, and data analyses.
Maintaining, measuring the effectiveness of, and researching and improving our sites, applications, operations, tools, and services.
Monitoring or recording calls, chats, and other communications with our customer service team and other representatives, as well as communications between partners and guests on the platform, for quality control, training, dispute resolution, and other purposes described in this Privacy Notice.
Creating aggregated, anonymized, or otherwise de-identified data that we may use and disclose without restriction where permitted.
Security and Compliance Purposes (including the following):
Enhancing security, verifying our customers’ identity, preventing and investigating fraudulent and unauthorized activities, defending against claims and other liabilities, and managing other risks.
Complying with applicable laws (including tax data sharing laws and obligations), protecting our and our users’ rights and interests, defending ourselves, and responding to requests from law enforcement authorities, courts, governments, public bodies, and other legal authorities as part of legal processes.
Complying with existing security and anti-terrorism, anti-bribery, customs, immigration, and other due diligence laws and regulations.
We collect, process, and use the following categories of personal data for these purposes:
Personal Data Category | Purposes of Collection/Use | Sources of Personal Data | Legal basis (where applicable) |
---|---|---|---|
Government-issued identification data: including passport, driver’s license, official identification numbers, country of residence, and tax identification number (for accommodation owners) |
|
|
|
Identity data: name, username, email address, phone number; home, business, and billing addresses (including street and postal code) |
|
|
|
Payment data: payment card number, expiration date, billing address, including financial/bank account number |
|
|
|
Travel-related preferences: including favorite resort and accommodation types, special dietary requirements, and, where possible, needs for accessibility features |
|
|
|
Customer loyalty program data: loyalty program membership (with us and/or third-party programs), loyalty points balance, points earned and used, loyalty program status |
|
|
|
Geolocation data: location inferred from IP address, country selected to use our website, and—where you consent—real-time precise location |
|
|
|
Images, videos, and recordings: videos, images, and facial photos you upload or obtain from social media accounts linked to your profile (e.g., when you create an account using social media login) |
|
|
|
Communications with us: emails, chat transcripts, and recordings of calls with customer service representatives |
|
|
|
Site interaction data: searches, transactions, and other interactions you perform on our platform, online services, and applications |
|
|
|
Device data: device type, unique device identifiers, operating system, mobile carrier, pages accessed (with relevant dates and times), links clicked, trips viewed, and features used—how your device interacts with our online services |
|
|
|
Friends, connections, and travel companions data: information about travel companions or other persons for whom you make bookings; people you plan trips with or invite to join a travel group; people you interact with on or off our platform (e.g., via our travel assistant Romie, where available); and friends you refer to us |
|
|
|
Children’s data: names and contact details of underage guests provided by you as the parent/guardian as part of a travel booking |
|
|
|
Clickstream data: a sequence of activities representing visitor actions on a website; we may use clickstream data to understand how you use our site and reconstruct your site journey based on timing and location of actions |
|
|
|
Date of birth and gender: includes your full date of birth or approximate age range as well as your gender |
|
|
|
Sensitive information: data that may reveal your racial or ethnic origin, religious or philosophical beliefs, sexual orientation, or health or disability information. We use sensitive personal information only for the purpose for which it was collected. |
|
|
|
Sharing/Disclosure of Personal Data
We share your personal data with the categories of third parties listed in the table below for the general purposes described; these purposes are explained in more detail elsewhere in this Privacy Notice. The third parties with whom we share your personal data may process it not only as our processors but also as controllers (jointly or independently). For more information about such circumstances and parties, please visit here.
Recipient of Personal Data | Purpose Category |
---|---|
HalalWorld companies. We share your personal data within HalalWorld, whose main brands are listed at halalworld.com. Other HalalWorld companies, when accessing and processing the shared personal data, act as joint controllers or processors for another HalalWorld company. |
|
Third-party service providers. We share personal data with third parties in connection with providing services to you and operating our business. These providers are required to protect the personal data we share with them and may not use any identifiable personal data for any purpose other than delivering the agreed services. They are not permitted to use the personal data we share for their own direct marketing purposes unless you separately allow it. |
|
Travel suppliers. We share your personal information (including travel preferences) with travel suppliers such as hotels, airlines, car rental companies, insurance companies, vacation rental homeowners, bungalow owners/operators, caravan owners/operators and managers, as well as activity providers fulfilling your booking and rail or sea line companies. Travel suppliers may contact you to obtain additional personal information if necessary to facilitate your booking or provide travel or related services. |
|
Business partners and offers. When we promote a program or provide a service or product together with a third-party business partner, we share your personal data with that partner to assist us with marketing or to deliver the relevant product or service. In most cases, the program or offer will include the name of the third-party partner alone or alongside ours, or you will be redirected to that company’s website with notice. |
|
Notice on targeted advertising and third-party sharing. To enhance user experience and deliver content and offers tailored to your interests, we may share your personal data in a limited manner—and only with your explicit consent—for targeted advertising with our third-party partners. Such sharing is performed solely in compliance with GDPR, the Turkish Personal Data Protection Law (KVKK), and other applicable legislation. You may withdraw your consent at any time. This may be considered “sharing” of data under California law, and certain U.S. residents have the right to opt out. For more information and to update your preferences, visit the Rights and Choices section. Declining consent will not impact general service functionality, though personalization may be limited. For additional information about tracking technologies used for targeted advertising, see our Cookie Notice. |
|
Social media and online platforms. To make our online marketing activities more effective, we may share your personal data with media agencies, social media platforms, search engines, and other online service providers. These platforms may combine or match their existing user data with the data we share to create target audiences and display our advertisements to users who are more likely to be interested. Third-party service providers acting as intermediaries may also assist in these activities. Such processing occurs only with your explicit consent and in full compliance with GDPR and the Turkish KVKK. You have the right to withhold or withdraw consent at any time. For details on exercising your rights, refer to the Rights and Choices section. |
|
Other third parties. When you access certain features, such as Facebook’s “Like” button or multi-login that lets you sign in to our online services using your social media credentials, you share information with that third party, including that you visited or interacted with us. In the EEA, Switzerland, and the UK, we will not load social media sharing or login buttons on our website unless you accept our use of cookies and similar technologies. Personal data shared in this context is processed according to the relevant third party’s privacy policy. These providers must inform you about what personal data they collect, how it is processed, and how to manage your privacy settings. They may also combine the data from these interactions with other information they previously collected. If you do not want your personal data to be used in this way, please check the privacy settings of the relevant platform. |
|
Recipients related to our legal rights and obligations. We may share your personal data and related records to enforce our policies, meet tax or regulatory reporting obligations (including ensuring that certain taxes are applied during payment processing), respond to subpoenas or other legal requests, or protect and defend our property, employees, or other rights and interests where permitted or required by law. | Security and Compliance Purposes |
Recipients related to corporate transactions. We may share your personal data in connection with corporate transactions such as divestiture, mergers, consolidation, assignment, or sale of assets, or in the unlikely event of bankruptcy. In any acquisition, we will inform the acquirer that they must use your personal data only for the purposes disclosed in this Privacy Notice. | Security and Compliance Purposes |
Joint Use of Your Personal Data within HalalWorld
HalalWorld companies jointly use your personal data as described below and act as joint controllers of your data:
We jointly process all categories of personal data defined in the section Categories of Personal Data We Collect and Use for the uses described in the table above.
For example, to allow you to log in to your guest or partner accounts with the same login credentials across HalalWorld, we simplify how accounts work throughout HalalWorld and continue to provide improvements that help you manage your trips, profile, payment information, and preferences from one place.
HalalWorld companies, whose main brands are listed at halalworld.com, jointly process this personal data.
HalalWorld is the party responsible for managing your personal data. For more information on how to contact us about this joint use, please see the Contact Us section below.
Our Use of Artificial Intelligence
We may use artificial intelligence (AI) and machine learning for various purposes to provide our platform and related services. We may use your personal data for purposes such as:
Improving your user experience
Determining the order in which accommodations appear on our site
Interacting with you, answering your questions, and assisting you and your friends in planning travel (via our chat software and virtual travel agent/assistant)
Personalizing your search on our site, suggesting relevant personalized filters, pre-filling search criteria, and providing recommendations for vacation spots, accommodations, restaurants, or activities based on your profile, preferences, interactions, expected and unexpected real-time local events, weather forecasts, flight delays, or cancellations
Alerts related to pricing, market data about prices, and direct pricing and/or margin adjustments
Scanning content you upload to our site (e.g., images of your accommodations) to ensure they meet our quality or formatting requirements and to identify related amenities and features included in your search results listing
Screening reviews and feedback you share with us to ensure they do not contain identifiable personal data and/or to assess customer satisfaction
Providing summaries of guest reviews and Help Center articles for you
Keeping our site safe at the transaction level, listing level, user level, and other levels, including preventing and detecting any fraud, such as violations of our terms and conditions or other fraudulent activities
Displaying your language and dialect in your interactions with our virtual agents
Powering other applications such as placements
Automated moderation purposes, including confirming/rejecting the display/storage of certain elements in our systems
Insurance transactions, including any insured products we offer
Optimizing our positioning or directing guests to our websites
Generating new content, usually in text form, such as text summarization, translation, or text suggestions
Providing security management
Increasing our efficiency and productivity (e.g., with tools that generate summaries/documents from existing files)
Detecting anomalies (e.g., identifying items that do not match an existing trend)
Focusing on enhancing/categorizing/displaying images more effectively
Analyzing and helping resolve claims, complaints, disputes, and payment reconciliations
Automated Decision-Making
Your personal data may be subject to automated decision-making, and a decision may be determined using automated processes.
We act within our legitimate interests to keep our site secure and improve your user experience. We will not engage in automated decision-making that involves a legal or similarly significant effect on you solely on the basis of automated processing of your personal data, except when:
you have given your explicit consent,
the processing is necessary for entering into or performing a contract, or
we are otherwise authorized by applicable law.
Your Rights Regarding Automated Decision-Making
With respect to automated decision-making, you may have certain rights, including:
requesting a manual decision-making process instead, or
contesting a decision based solely on automated processing.
For more information about your data protection rights, please see the Your Rights and Choices section below.
Your Rights and Choices
You have certain rights and choices regarding your personal data, as explained below:
If you have an account with us, you can change your communication preferences by (1) logging into your account and updating your information there (note that you may not be able to do this across all HalalWorld companies), or (2) contacting us through the Contact Us section below.
You can control our use of non-essential cookies by following the instructions in our Cookie Notice.
At any time, you can log into your account or contact us through the Contact Us section to access your personal data, modify it, learn about deletion, or update its accuracy.
If you no longer wish to receive marketing or promotional emails from us, you can easily unsubscribe by using the “Unsubscribe” link at the bottom of those emails. You can also update your marketing communication preferences by logging into your account or, if this feature is not always available across all HalalWorld affiliates, by contacting us directly through the Contact Us section. Even if you unsubscribe from marketing emails or choose not to receive such messages, you may still receive transactional or legally required notifications related to your account (such as booking confirmations, security alerts, or service updates). These notifications are not considered commercial communications, so you cannot opt out of them.
For our mobile apps, you can view and manage notifications and preferences in your app and operating system settings menu.
If we process your personal data based on consent, you can withdraw that consent at any time by contacting us through the Contact Us section. Withdrawing your consent does not affect the lawfulness of any processing already carried out, nor does it affect personal data that we are legally allowed to process without your consent.
Some countries and regions grant additional rights to residents. These may vary by jurisdiction but can include:
The right to request a copy of your personal data,
The right to request information about the purpose of processing,
The right to request deletion of your personal data,
The right to object to our use and disclosure of your personal data,
The right to restrict how we process your personal data,
The right to opt out of the sale of your personal data,
The right to request portability of your personal data,
The right to request information about the logic involved in automated decision-making processes and their outcomes,
The right to object to fully automated decision-making (including profiling) that has significant legal effects, and to request a manual decision-making process instead,
The right to object to a decision based solely on automated processing.
For more information about data privacy rights that may be available to you, please click here.
If you have questions about privacy, your rights, or choices, or if you (or, where applicable, your authorized representative) want to make requests to modify, update, or delete your personal data, please contact us through the Contact Us section below.
In addition to the above rights, you may also have the right to lodge a complaint with the relevant data protection authority regarding our collection and use of your personal data. However, we kindly ask that you contact us first so we can try to resolve your concern. You may submit your request to us using the information provided in the Contact Us section below.
We will respond to all requests from individuals wishing to exercise their data protection rights in accordance with applicable data protection laws. If, under applicable law, you have the right to appeal our decision not to act on a request, instructions on how to do so will be included in our response.
International Data Transfer and Transfer of Personal Data Abroad
The personal data we process may be accessed from, processed in, or transferred to countries outside the country where you reside. These countries may have data protection regulations different from those in your country.
Such cross-border transfers of your personal data may be necessary for your explicit consent, for the performance of our contractual relationship with you, for the provision of services, and for other legitimate purposes set out in this Privacy Notice. This process is carried out in accordance with Article 9 of the Turkish Personal Data Protection Law (KVKK).
Our platform’s servers are located in the United States, and our company and third-party service providers operate in many different countries. Accordingly, your personal data may be processed in any of these countries. In addition, employees of our company may access personal data from various locations worldwide.
When your personal data is transferred, processed, and/or accessed internationally in this way, we ensure that such processing is carried out in compliance with this Privacy Notice and applicable data protection laws (such as KVKK and/or GDPR).
In this context, we take care to ensure that your personal data receives the same level of protection as in your country, regardless of where it is processed or accessed.
For international transfers of personal data, we meet legal obligations by carrying out security assessments, using contractual clauses approved by regulatory authorities, and implementing certification processes. Such transfers are conducted only in compliance with applicable law and on lawful grounds.
Some of the measures we apply include:
Adequacy decisions issued by the European Commission confirming that certain non-EEA countries provide an adequate level of data protection (see the Commission’s current list here).
Participation of recipient countries in the Global CBPR Forum (see the current list here). HalalWorld is Global CBPR-certified, and measures have been implemented across all HalalWorld companies to ensure personal data is shared in compliance with CBPR requirements where applicable. More information on HalalWorld’s participation in this forum can be found in the Participation in the Global Cross-Border Privacy Rules System section below.
Ensuring that third-party partners, suppliers, and service providers to whom personal data is transferred have appropriate mechanisms in place to protect your data. For example, our contracts with such parties include strict data transfer provisions (including, where applicable, the European Commission Standard Contractual Clauses (SCCs) for transfers from the EEA/UK) and require all parties to process personal data in compliance with applicable data protection law. Where applicable, these contracts may also require certification under the EU-U.S. DPF, the UK Extension to the EU-U.S. DPF, the Swiss-U.S. DPF, or Binding Corporate Rules (BCRs) approved by the European Commission. In line with the “onward transfer” principle of the DPF Frameworks, if HalalWorld learns that a third party is using or disclosing your personal data in violation of this Privacy Notice or the DPF Frameworks, it will take reasonable steps to prevent or stop such use or disclosure. HalalWorld may be liable for the onward transfer of personal data to third parties in violation of this Privacy Notice and the DPF Frameworks.
In the case of transfers from Turkey, either explicit consent is obtained or contracts containing commitments of adequate protection approved by the Turkish Personal Data Protection Board are used, in accordance with Article 9 of the KVKK.
Conducting periodic risk assessments and applying various technical and organizational measures to ensure compliance with applicable laws on data transfers.
EU–U.S. Data Privacy Framework
HalalWorld is committed to the principle of transparency regarding the international transfer of your personal data. Within this framework, your personal data will be transferred abroad only in the following circumstances:
To countries that provide an adequate level of data protection under the EU General Data Protection Regulation (GDPR),
To countries outside Turkey, provided that the necessary legal permissions have been obtained in accordance with the Turkish Personal Data Protection Law (KVKK),
Where appropriate security mechanisms such as the European Commission’s Standard Contractual Clauses (SCCs) are in place,
Where the recipient is a certified organization under the EU–U.S. Data Privacy Framework (DPF), the UK Extension to the EU–U.S. DPF, and/or the Swiss–U.S. DPF.
HalalWorld requires its partners and service providers, through contracts, to process and protect personal data only in compliance with applicable data protection laws. Where the parties are subject to the DPF Frameworks, we expect them to adhere to the principles of Notice, Choice, Accountability for Onward Transfer, Security, Data Integrity and Purpose Limitation, Access, and Recourse, Enforcement, and Liability.
When working with parties certified under the DPF Frameworks, all necessary measures will be taken in the event of any improper use or disclosure of personal data, and data subjects will be able to use complaint mechanisms. In this context, unresolved complaints may be referred to competent data protection authorities (such as EU data protection authorities, the UK Information Commissioner’s Office (ICO), or the Swiss FDPIC). Under certain conditions, you may also have the right to invoke binding arbitration.
For more information about the DPF Frameworks and valid certifications, please visit: https://www.dataprivacyframework.gov
Participation in the Global Cross-Border Privacy Rules System (Global CBPR)
The privacy practices of halalworld.com, as described in this Privacy Notice, are aligned with the Global Cross-Border Privacy Rules (CBPR) System.
The Global CBPR System provides a framework for organizations to ensure the protection of personal data transferred among participating economies.
You can find more detailed information about the Global CBPR framework at https://cbprs.org/.
Security
We want you to be able to use our platform and all related tools and services safely, and we strive to take appropriate steps to protect the information we collect. While no company can guarantee absolute security, we take reasonable measures to implement appropriate physical, technical, and organizational safeguards to protect the personal data we collect and process.
Our cybersecurity team develops and applies technical security controls and measures to ensure responsible collection, storage, and sharing of personal data, proportional to its level of confidentiality or sensitivity. We continuously apply and update security measures to protect your personal data against unauthorized access, loss, destruction, or alteration. We hold our data processing partners to the same high standards.
We have established an information security protection system based on industry-standard practices and apply regular assessments and certifications such as PCI-DSS. We have implemented security measures throughout the entire lifecycle of data collection, storage, processing, use, transmission, and sharing. Based on our information classification and handling standards, we apply verification and access controls, VPN, SSL-encrypted transmission, and multi-factor authentication mechanisms, among other technical and management measures, to ensure the security of systems and services.
We have management and approval mechanisms in place for employees who may have access to your information, and we provide them with regular information security training.
In the event of a personal data security incident that may affect your rights and interests, you will be notified in accordance with applicable data protection laws and regulations. Where required by applicable law and regulations, we will also notify the competent supervisory authorities of the incident.
Minors
Our website and mobile application are not directed to minors (as defined under applicable data protection laws), and we cannot distinguish the age of individuals who access and use them. If a minor provides us with personal data without parental or guardian consent, the parent or guardian should contact us (see the Contact Us section below). If we become aware that we have collected personal data from a minor without parental or guardian consent and the minor has an account with us, we will terminate that account.
There are limited circumstances in which we may need to collect personal data from minors: as part of a booking, in the purchase of other travel-related services, or in other exceptional cases (such as family-oriented features).
When processing personal data of minors, we strictly adhere to the principles of legality, necessity, clear purpose, transparency, and security, and we take strict measures to protect such data.
If you have any questions or concerns about how we protect the personal data of minors, or if you wish to delete or correct such personal data (as a parent or guardian of a minor), please contact us through the Contact Us section below.
Record Retention
Unless a longer retention period is required or permitted by law, we will retain your personal data for as long as necessary to fulfill the purposes described in this Privacy Notice, in compliance with all applicable laws.
If we intend to use your personal data for analysis or trend analysis over longer periods, we will use your data in a de-identified, aggregated, or otherwise anonymized form.
When we delete your personal data, we use industry-standard methods to ensure that the information cannot be recovered or retrieved in any way. To protect against accidental loss, we may retain backup copies of your personal data in our backup systems. Such personal data cannot be accessed unless restored, and any unnecessary personal data will be deleted during the restoration process.
We use the following criteria to determine how long we retain your personal data:
The duration of our relationship with you, including any active accounts you have with HalalWorld, recent bookings, or other interactions on our platform.
Whether we have legal obligations to retain your personal data (for example, where laws require us to retain records of your transactions with us).
Whether there are contractual obligations, court orders, statutes of limitation, or investigations by authorities that affect how long we must retain your personal data.
Whether your personal data is necessary to maintain secure backups of our systems.
Contact Us
If you have any questions or concerns about our use of your personal data, or if you wish to learn more about our data processing practices and exercise your rights to access, correct, or delete personal data, please contact us through the Privacy Section here.
Your primary data controller is the HalalWorld company responsible for the site or application you interact with; this company may also act as a joint controller together with other HalalWorld companies. For more information about the HalalWorld data controllers (and, where applicable, joint controllers) responsible for processing your personal data and/or the Representative, please click here.
Updates to this Privacy Notice
We may update this Notice at any time for various reasons, including (1) to improve it and make it clearer or easier to understand, (2) to comply with legal, regulatory, and/or tax requirements, (3) when we make changes to our services or how we conduct our business, and/or (4) for security-related reasons.
If we propose to make changes that significantly affect your rights and obligations, we will provide you with reasonable advance notice of such changes, unless urgent changes are required to comply with security, legal, or tax requirements.
You can see when this Privacy Notice was last updated by checking the “last updated” date at the top of this Notice.
For information about previous updates, please contact us here.