Privacy Policy

1. Who We Are

Glamingo.ai operates Glamingo.ai, an AI-powered beauty and wellness marketplace serving the Singapore market. We provide an innovative platform that connects consumers with beauty and wellness services, leveraging artificial intelligence and machine learning to deliver personalized recommendations and enhance the beauty and wellness discovery and booking experience.

If you have any questions about data protection at Glamingo.ai, you can contact our team at any time by sending an email to support@glamingo.ai.

While using the Platform, you agree to this privacy policy. This privacy policy applies to all personal data obtained by us through your use of the Platform. It does not apply to any websites controlled by third parties not affiliated with us that the Platform may link to ("Third Party Sites"). The relevant privacy policies set out in the respective Third Party Sites shall apply in those cases.

2. Your Legal Rights

(a) Right to Access

You have the right to be informed which data we store about you and how we process this data. We will respond to your access request as soon as practicable, in any case within thirty (30) days upon receiving your access request. We will also inform you within the timeframe if we are unable to adhere to your request (with reasons) or require additional time to effect the request.

(b) Right to Rectification

If you notice that stored data is incorrect, you can always ask us to correct it. We will respond to your correction request as soon as practicable, in any case within thirty (30) days upon receiving your correction request. We will also inform you within the timeframe if we are unable to adhere to your request (with reasons) or require additional time to effect the request.

(c) Right to Withdraw Your Consent

You can withdraw your consent to our collection, use and disclosure of your personal data at any time for any or all of the purposes stated in this privacy policy. Upon receiving your withdrawal request, we may require reasonable time (depending on the complexity of the request and its impact on our relationship with you) for your request to be processed and for us to notify you of the consequences of us acceding to the same, including any legal consequences which may affect your rights and liabilities to us. Please note that depending on the nature and scope of your request, we may not be in a position to continue providing our services to you and we shall, in such circumstances, notify you before completing the processing of your request.

We will endeavour to process your request within ten (10) business days upon receipt, and will notify you accordingly if we require additional time.

To exercise your rights, you may send in your request via email to support@glamingo.ai at any time and we will process such requests in accordance with this privacy policy and our obligations under applicable laws.

We may charge you a reasonable fee for the handling and processing of your requests to access your personal data, and will inform you of the amount charged in advance.

3. Overview of Personal Data We Collect and Process

In this section you can find general information about the categories of personal data we process about you. For your understanding, personal data is information that directly identifies you (such as your name) or enables us to indirectly identify you.

Our data processing activities on the Platform can be summarized by reference to the following:

(a) Account Registration and Profile Information

This includes your name, email address, telephone number, date of birth, gender, delivery address, billing information, and beauty and wellness preferences.

Why do we process this category? This processing is based on our legitimate interest in accordance with the Singapore Personal Data Protection Act 2012 ("PDPA") to be able to contact you immediately and process your request.

(b) Beauty Profile and Preferences

This includes information about your skin type, skin concerns, beauty goals, service preferences, allergies or sensitivities, previous booking history, and responses to beauty questionnaires.

Why do we process this category? To provide AI-powered personalized beauty recommendations, curate relevant services, improve our recommendation algorithms, and enhance your overall experience on our platform.

(c) Transaction and Payment Information

This includes order details, payment method information, transaction history, booking preferences, and refund/return requests.

Why do we process this category? To process your bookings, handle payments, manage service appointments, provide customer support, process returns and refunds, and maintain transaction records for legal and business purposes.

(d) Platform Usage and Analytics Data

This includes your browsing behavior, service views, search queries, click patterns, session duration, device information, IP address, location data, and interaction with AI recommendations.

Why do we process this category? To analyze platform usage, improve our services, optimize user experience, enhance our AI algorithms, provide relevant content and recommendations, and ensure platform security and performance.

(e) Communications and Customer Support

This includes your communications with us, customer support inquiries, feedback, reviews, and any other correspondence.

Why do we process this category? To provide customer support, respond to your inquiries, address complaints, improve our services based on feedback, and maintain records of our communications.

(f) Fraud Detection, Prevention and Security

This includes your device ID, device identification, operating system and corresponding version, time of access, configuration settings, IP address, and behavioral patterns.

Why do we process this category? Each time you access the Platform, this information is stored by us for technical reasons. We also use this information to detect suspicious behavior, prevent fraud, and protect the Platform. To keep the Platform secure and guarantee you a safe booking experience, we use various technical measures including AI-powered fraud detection systems to identify and prevent potential security threats.

If any automated decision-making leads to a negative result for you and you do not agree with the outcome, you can contact us at support@glamingo.ai. In this case, we will individually assess the circumstances of your case. All of our fraud detection and prevention algorithms are subject to human review.

(g) Marketing and Promotional Communications

This includes your marketing preferences, responses to promotional campaigns, and engagement with marketing content.

Why do we process this category? To send you relevant marketing communications, promotional offers, beauty tips, and service recommendations based on your preferences and consent. You can opt-out of marketing communications at any time.

(h) Mergers & Acquisitions, Change of Ownership

In the event of a merger with or acquisition by another company, we will disclose certain limited information to that company. Prior to disclosure, we will ensure that the recipient company undertakes to protect your personal data to a comparable standard to that under the PDPA and this privacy policy, and also that the company complies with applicable data protection laws and regulations. We will endeavour to keep the extent of the data shared with the other company to the absolute minimum required in order to conclude the transaction.

4. Who We Share Your Personal Data With

We never give your data to unauthorized third parties. However, in order to run our business efficiently, we obtain the services of selected service providers and give them limited and strictly monitored access to some of our data, in order to fulfil the purposes stated in this privacy policy.

Before we forward personal data to these partner companies for processing on our behalf, each individual company undergoes an audit. All data recipients must meet the legal data protection requirements and undertake to protect your personal data to a comparable standard as required under the PDPA and other relevant data protection laws.

(a) Glamingo.ai's Affiliates

We are a Singapore-based company focused on serving the local market. We may share your personal data within our organization as required to fulfil the purposes outlined above, including for efficient resource utilization, ensuring proper business processes, assisting with customer support, conducting legal assessments, or implementing IT and platform security measures.

(b) Service Providers and Data Processors

We use different service providers and data processors for our daily processing activities. These service providers and data processors process your personal data in accordance with the applicable local data protection laws and requirements and are permitted to process personal data only according to our instructions. Our services providers and data processors have no claims whatsoever to process your personal data for their own, independent purposes. We also monitor our processors and include only those who meet our data protection standards.

You have already learned about some of the parties we use as service providers above. Our user platforms and databases run on cloud resources provided by subsidiaries of Google and Amazon Web Services (AWS). Because we use different data processors and change them from time to time, it is not possible for us to identify all individual recipients of personal data in this privacy policy. However, if you are interested, we will be happy to disclose the name of the processor(s) in use at that time upon request.

(c) Beauty and Wellness Brands and Service Providers

When you make a booking or request a service through our marketplace, we share relevant order information with the specific beauty and wellness brands and service providers to fulfill your bookings and provide the requested services.

(d) Third Parties

In addition to data processors, we also work with third parties who are not bound by our instructions, such as consultants, lawyers, or tax consultants who receive your data from us on the basis of a contract and process your personal data for legal reasons or to protect our interests. We do not sell or rent your personal data to third parties under any circumstances. This will never take place without your explicit, informed consent.

(e) Prosecuting Authorities, Courts and Other Public Bodies

Unfortunately, it can happen that a few of our customers and service providers do not behave fairly and want to harm us. In these cases, we are not only obliged to hand over personal data to public authorities due to legal obligations, it is also in our interest to prevent damage and to enforce our claims and to reject unjustified claims. We may also share your personal data with law enforcement agencies, government and regulatory bodies to meet applicable legal or regulatory obligations.

5. How Long We Store Your Data

We generally delete your data after the purposes stated in this privacy policy have been fulfilled. The exact deletion rules are defined in our data retention policies and schedules. Different deletion rules apply depending on the purpose of the processing. Within our deletion concepts we have defined various data classes and assigned regular maximum retention and deletion periods to them. When the retention period has expired, the stored data will be deleted accordingly. If you have not used your account on our Platform for a period of more than three years, we will delete your personal data to make sure to comply with the principle of storage limitation.

In addition to the deletion rules we have defined ourselves, there are other legal retention periods which we must also observe. For various legal documents, such as invoices or business letters, applicable laws define minimum retention periods. For example, tax data must be kept for a period of between six and ten years or even longer in some cases. These special retention periods vary according to local legal requirements. Furthermore, we will continue to store your data if we have a right to do so in accordance with applicable local laws. This applies in particular if we need your personal data for the establishment, exercise or defence of legal claims.

6. International Data Transfers

Your personal data may be disclosed or transferred to relevant third parties outside of your country as required under law, pursuant to relevant contractual relationships, or for the purposes stated above. We will ensure that your personal data transferred outside your country is adequately protected with appropriate safeguards in accordance with the PDPA.

By providing your personal data to us via the Platform, you consent to the transfer of your personal data in accordance with this privacy policy.

7. Right of Modification

We reserve the right to change this privacy notice to ensure compliance with relevant legal and statutory provisions, including the PDPA. We will inform you of any significant changes, such as changes of purpose or new purposes of processing.