Data Processing Agreement
Tour Matrix AI Pte. Ltd.
DATA PROCESSING AGREEMENT
数据处理协议
Effective Date / 生效日期: This Agreement shall take effect on the date Controller accepts the Platform Terms of Use ("TOU") via the online registration process, and shall continue for the duration of the TOU and any applicable post-termination retention period.
本协议自甲方通过在线注册流程接受《平台使用条款》("TOU")之日起生效,并持续至 TOU 期限届满及任何适用的终止后保留期结束。
Parties and Roles / 当事方与角色
This Agreement is entered into between the parties to the Platform Terms of Use ("TOU"), namely:
本协议由《平台使用条款》("TOU")的双方订立,即:
(a) the Outbound Travel Agency ("Controller / 甲方"), being the entity that accepts the TOU and uploads traveller Personal Data to the Platform; and
出境旅行社("Controller / 甲方"),指接受 TOU 并向平台上传旅客个人数据的实体;及
(b) Tour Matrix AI Pte. Ltd. ("Processor / 乙方"), the operator of the Platform.
Tour Matrix AI Pte. Ltd.("Processor / 乙方"),平台运营方。
For the purposes of applicable Data Protection Laws, Controller acts as the Data Controller and Processor acts as the Data Processor in respect of Personal Data relating to travellers.
就适用数据保护法律而言,就旅客相关个人数据,甲方作为数据控制者,乙方作为数据处理者。
Recitals / 鉴于条款
(A) Controller is a travel agency engaged in outbound tourism business, using the online platform operated by Processor ("Platform / 平台") to book inbound travel products and services provided by destination management companies ("DMCs / 地接社").
甲方是一家从事出境旅游业务的旅行社,通过乙方运营的在线平台("平台")预订由入境地接社("DMC")提供的旅游产品和服务。
(B) In the course of providing Platform services, Processor processes Personal Data on behalf of Controller to facilitate booking, communication, itinerary fulfilment and emergency assistance.
在提供平台服务过程中,乙方代表甲方处理个人数据,以促成预订、沟通、行程履行及紧急情况协助。
(C) The Parties wish to set out the rights and obligations of each Party with respect to the processing of such Personal Data to ensure compliance with applicable Data Protection Laws, including but not limited to:
双方希望就处理该等个人数据设定各自的权利和义务,以确保遵守适用的数据保护法律,包括但不限于:
the General Data Protection Regulation (EU) 2016/679 (GDPR) and its implementing laws in the European Economic Area (EEA) Member States;
欧盟《通用数据保护条例》(GDPR) 及欧洲经济区(EEA)成员国的实施法律;
the UK GDPR and the Data Protection Act 2018;
英国 GDPR 及 《2018 年数据保护法》;
the Singapore Personal Data Protection Act 2012 (PDPA);
新加坡《2012 年个人数据保护法》(PDPA);
the Australian Privacy Act 1988 and the Australian Privacy Principles (APPs);
澳大利亚《1988 年隐私法》 及 《澳大利亚隐私原则》;
the California Consumer Privacy Act (CCPA/CPRA) and other applicable U.S. state privacy laws;
《加州消费者隐私法》(CCPA/CPRA) 及美国其他适用的州隐私法律;
the Canadian Personal Information Protection and Electronic Documents Act (PIPEDA) and applicable provincial privacy statutes;
加拿大《个人信息保护和电子文件法》(PIPEDA) 及适用的省隐私法规;
the People's Republic of China Personal Information Protection Law (PIPL);
中华人民共和国《个人信息保护法》(PIPL);
the Japan Act on the Protection of Personal Information (APPI);
日本《个人信息保护法》(APPI);
the Republic of Korea Personal Information Protection Act (PIPA).
韩国《个人信息保护法》(PIPA)。
(D) This Agreement forms an integral part of the master service agreement between the Parties ("MSA / 主协议"). In the event of any conflict between this Agreement and the MSA, this Agreement shall prevail.
本协议构成双方之间主服务协议("MSA / 主协议")的组成部分。如本协议与主协议存在冲突,以本协议为准。
Article 1 Definitions / 定义
1.1 The following terms shall have the meanings set out below. Capitalised terms not otherwise defined herein shall have the meaning ascribed to them in the MSA or in the applicable Data Protection Law.
下列术语应具有下文所载含义。本协议未另行定义的大写术语应具有主协议或适用数据保护法律赋予的含义。
| Term / 术语 | Definition / 定义 |
|---|---|
| "Applicable Laws" / "适用法律" | All laws, regulations, and regulatory requirements relating to data protection, privacy, and the processing of Personal Data that are applicable to a Party, including without limitation the Data Protection Laws identified in Recital (C). 适用于一方的与个人数据保护、隐私及处理相关的所有法律、法规及监管要求,包括但不限于鉴于条款(C)所列数据保护法律。 |
| "Data Breach" / "数据泄露事件" | A breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, Personal Data transmitted, stored or otherwise processed. 导致个人数据被意外或非法销毁、丢失、篡改、未经授权披露或访问的安全违规事件。 |
| "Data Protection Law" / "数据保护法律" | All Applicable Laws protecting the fundamental rights and freedoms of natural persons, and in particular their right to privacy and protection of Personal Data. 所有保护自然人的基本权利和自由、尤其是其隐私权和个人数据保护权的适用法律。 |
| "Data Subject" / "数据主体" | An identified or identifiable natural person to whom Personal Data relates, including but not limited to travellers, prospective travellers, and emergency contacts. 与个人数据相关的已识别或可识别的自然人,包括但不限于旅客、潜在旅客及紧急联系人。 |
| "EEA" | The European Economic Area. 欧洲经济区。 |
| "Personal Data" / "个人数据" | Any information relating to an identified or identifiable natural person processed by Processor on behalf of Controller under this Agreement. 乙方根据本协议代表甲方处理的、与已识别或可识别自然人相关的任何信息。 |
| "Processing" / "处理" | Any operation or set of operations which is performed on Personal Data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction. 对个人数据执行的任何单一或系列操作,无论是否通过自动化手段,例如收集、记录、整理、建构、存储、调整或修改、检索、咨询、使用、通过传输、传播或其他方式披露、比对或组合、限制、删除或销毁。 |
| "SCCs" / "标准合同条款" | The European Commission Implementing Decision (EU) 2021/914 of 4 June 2021 on standard contractual clauses for the transfer of personal data to third countries pursuant to Regulation (EU) 2016/679. 欧盟委员会 2021 年 6 月 4 日第 (EU) 2021/914 号实施决定所附向第三国传输个人数据的标准合同条款。 |
| "Sub-processor" / "次级处理者" | Any processor engaged by Processor to process Personal Data on behalf of Controller. 乙方聘请的、代表甲方处理个人数据的任何处理者。 |
| "TOMs" / "安全措施" | Technical and Organisational Measures. 技术和组织措施。 |
Article 2 Details of Processing / 处理详情
2.1 Subject-matter and Duration / 处理标的与期限
Processor shall process Personal Data on behalf of Controller for the duration of the MSA and any applicable post-termination retention period, solely for the purposes described in Annex A to this Agreement.
乙方应代表甲方处理个人数据,处理期限为主协议期限及任何适用的终止后保留期,处理目的仅限于本协议附件 A 所述目的。
2.2 Nature and Purpose of Processing / 处理的性质与目的
The nature and purpose of Processing are further specified in Annex A, and include:
处理的性质和目的在附件 A 中进一步规定,包括:
(a) facilitating the booking, confirmation, and fulfilment of inbound travel services;
促成入境旅游服务的预订、确认与履行;
(b) traveller identity verification and compliance with immigration, customs and transport regulations;
旅客身份验证及遵守移民、海关和运输法规;
(c) emergency contact and assistance during travel;
旅行期间的紧急联系与协助;
(d) Platform operation, technical support, and service quality improvement;
平台运营、技术支持及服务质量改进;
(e) compliance with applicable legal, regulatory, tax, and accounting obligations.
遵守适用的法律、监管、税务及会计义务。
2.3 Types of Personal Data / 个人数据类别
The categories of Personal Data processed are set out in Annex A, and may include:
处理的个人数据类别载于附件 A,可能包括:
Identity Data / 身份数据: name, gender, date of birth, nationality, passport or national ID number and validity, visa information, photograph;
姓名、性别、出生日期、国籍、护照或身份证号及有效期、签证信息、照片;
Contact Data / 联系数据: telephone number, email address, residential address, emergency contact details;
电话号码、电子邮件地址、居住地址、紧急联系人详情;
Health & Preference Data / 健康与偏好数据: dietary restrictions, allergies, religious or cultural requirements, accessibility needs, medical conditions (only where strictly necessary for the performance of the travel contract);
饮食限制、过敏信息、宗教或文化需求、无障碍需求、健康状况(仅在为严格履行旅游合同所必需时);
Itinerary Data / 行程数据: flight details, hotel preferences, tour arrangements, insurance policy numbers;
航班详情、酒店偏好、旅游安排、保险单号;
Payment Data / 支付数据: corporate bank account details (including account name, account number, and bank name) of Controller or DMCs, billing contact information of authorised corporate personnel (name, work email, work phone), and transaction records pertaining to B2B fund transfers. Processor does not collect, process, or store individual traveller credit or debit card information. B2B fund transfers are executed (a) directly via standard banking channels between corporate accounts, or (b) through authorised cross-border payment service providers (e.g., Airwallex, LianLian Pay, WorldFirst, etc., ) engaged by Processor for the purpose of facilitating foreign exchange settlement and compliant cross-border remittance. Such payment service providers process only the minimum corporate payment data necessary for the transaction and are bound by the data protection obligations set out in this Agreement;
甲方或地接社的公司银行账户详情(包括账户名称、账号及开户行)、企业授权经办人的账单联系信息(姓名、工作邮箱、工作电话),以及与 B2B 资金转账相关的交易记录。乙方不收集、处理或存储旅客个人信用卡或借记卡信息。B2B 资金转账通过以下方式执行:(a) 公司账户之间经由标准银行渠道直接完成,或 (b) 通过乙方聘请的授权跨境支付服务提供商(例如 Airwallex、连连支付、万里汇 等)完成,以便利外汇结算及合规跨境汇款。该等支付服务提供商仅处理交易所必需的最少量企业支付数据,并受本协议规定的数据保护义务约束;
Account & Log Data / 账户与日志数据: IP address, device identifiers, login records (where collected via the Platform).
IP 地址、设备标识符、登录记录(如通过平台收集)。
2.4 Categories of Data Subjects / 数据主体类别
The Personal Data processed relates to the following categories of Data Subjects:
处理的个人数据涉及以下类别的数据主体:
(a) Travellers and prospective travellers;
旅客及潜在旅客;
(b) Emergency contacts designated by travellers;
旅客指定的紧急联系人;
(c) Authorised employees or representatives of Controller using the Platform.
使用平台的甲方授权员工或代表。
2.5 Processing Instructions / 处理指示
Processor shall process Personal Data only in accordance with documented instructions from Controller, including the provisions of this Agreement, the MSA, and any lawful instructions issued via the Platform or in writing.
乙方仅应根据甲方的书面指示处理个人数据,包括本协议条款、主协议条款以及通过平台或书面发出的任何合法指示。
If Processor considers that an instruction infringes Applicable Laws, it shall immediately inform Controller and shall be entitled to suspend execution of the relevant instruction until Controller confirms or modifies it in writing.
如乙方认为某项指示违反适用法律,应立即通知甲方,并有权暂停执行相关指示,直至甲方以书面形式确认或修改该指示。
Article 3 Obligations of Processor / 处理者义务
3.1 Purpose Limitation / 目的限制
Processor shall not process Personal Data for any purpose other than those specified in Annex A, unless required to do so by Applicable Laws. In such case, Processor shall, to the extent permitted by law, inform Controller of that legal requirement before processing.
乙方不得将个人数据用于附件 A 规定以外的任何目的,但适用法律要求处理的除外。在此情况下,乙方应在法律允许的范围内,于处理前将该等法律要求通知甲方。
3.2 Confidentiality / 保密义务
Processor shall ensure that persons authorised to process Personal Data have committed themselves to confidentiality or are under an appropriate statutory obligation of confidentiality.
乙方应确保获授权处理个人数据的人员已承担保密义务,或受适当的法定保密义务约束。
3.3 Security Measures / 安全措施
Processor shall implement appropriate TOMs to ensure a level of security appropriate to the risk, as further described in Annex B. Such measures shall include, where appropriate:
乙方应实施适当的技术和组织措施,确保与风险相适应的安全水平,具体措施详见附件 B。该等措施在适当时应包括:
(a) the pseudonymisation and encryption of Personal Data;
个人数据的假名化和加密;
(b) the ability to ensure the ongoing confidentiality, integrity, availability and resilience of processing systems and services;
确保处理系统和服务持续保密、完整、可用及具备弹性的能力;
(c) the ability to restore the availability and access to Personal Data in a timely manner in the event of a physical or technical incident;
在发生物理或技术事件时及时恢复个人数据可用性和访问的能力;
(d) a process for regularly testing, assessing and evaluating the effectiveness of TOMs.
定期测试、评估和评价技术和组织措施有效性的流程。
3.4 Assistance with Data Subject Rights / 协助数据主体权利
Processor shall assist Controller by appropriate technical and organisational measures, insofar as this is possible, for the fulfilment of Controller's obligation to respond to requests to exercise Data Subjects' rights under Applicable Laws.
乙方应在可行的情况下,通过适当的技术和组织措施协助甲方履行响应数据主体依据适用法律行使权利的义务。
Upon receiving a request from a Data Subject, Processor shall notify Controller within five (5) Business Days and shall not respond to the request directly unless authorised in writing by Controller.
乙方收到数据主体请求后,应在 五(5)个工作日内 通知甲方,且未经甲方书面授权不得直接回复该请求。
3.5 Assistance with Compliance / 协助合规
Processor shall assist Controller in ensuring compliance with obligations relating to:
乙方应协助甲方确保履行与以下事项相关的义务:
(a) data protection impact assessments ("DPIA");
数据保护影响评估("DPIA");
(b) prior consultation with supervisory authorities;
与监管机构的预先磋商;
(c) maintaining records of processing activities (to the extent applicable to Processor).
保存处理活动记录(在适用于乙方的范围内)。
3.6 Return and Deletion / 返还与删除
Upon termination of the MSA or upon Controller's written request, Processor shall, at Controller's choice, return or delete all Personal Data and delete existing copies, unless storage is required by Applicable Laws. In the latter case, Processor shall continue to protect such Personal Data in accordance with this Agreement and shall return or delete it as soon as the legal retention period expires.
主协议终止时或经甲方书面要求,乙方应根据甲方选择返还或删除所有个人数据并删除现有副本,但适用法律要求存储的除外。在后一种情况下,乙方应继续按照本协议保护该等个人数据,并在法定保留期届满后尽快返还或删除。
Article 4 Obligations of Controller / 控制者义务
4.1 Lawful Basis and Transparency / 合法基础与透明度
Controller warrants that it has established, and shall maintain, a valid legal basis for the Processing of Personal Data under Applicable Laws (including, where required, obtaining informed and specific consent from Data Subjects).
甲方保证其已建立并将维持处理个人数据的合法基础(包括在需要时获得数据主体的知情且明确同意)。
Controller shall ensure that Data Subjects are informed, through a privacy notice or otherwise, of the fact that their Personal Data will be processed by Processor as a service provider, the purposes of Processing, and the identity of Processor.
甲方应确保通过隐私政策或其他方式告知数据主体,其个人数据将作为服务由乙方处理、处理目的及乙方身份。
4.2 Accuracy and Data Minimisation / 准确性与数据最小化
Controller shall ensure that Personal Data provided to Processor is accurate, up-to-date, and limited to what is necessary in relation to the purposes for which it is processed.
甲方应确保向乙方提供的个人数据准确、最新,且限于与处理目的相关的必要范围。
4.3 Instructions / 指示
Controller shall issue Processing instructions that are lawful, clear, and consistent with this Agreement.
甲方应发出合法、清晰且与本协议一致的处理指示。
4.4 Primary Responsibility / 主要责任
Controller acknowledges that, as between the Parties, Controller bears primary responsibility for responding to Data Subjects and supervisory authorities regarding the Processing of Personal Data, save where Processor is solely responsible for a breach of this Agreement.
甲方确认,在双方之间,甲方对响应数据主体和监管机构关于个人数据处理的询问承担主要责任,但乙方单独违反本协议的情形除外。
Article 5 Sub-processors / 次级处理者
5.1 Authorised Sub-processors / 授权次级处理者
Controller hereby authorises Processor to engage the Sub-processors listed in Annex C to this Agreement.
甲方特此授权乙方聘请本协议附件 C 所列的次级处理者。
5.2 General Conditions for Sub-processors / 次级处理者的一般条件
Where Processor engages a Sub-processor, it shall:
乙方聘请次级处理者时,应:
(a) enter into a written agreement with the Sub-processor imposing data protection obligations that are materially no less protective than those imposed on Processor under this Agreement;
与次级处理者签订书面协议,要求其承担的数据保护义务在实质上不低于本协议对乙方规定的义务;
(b) remain fully liable to Controller for the performance of the Sub-processor's obligations.
就次级处理者履行义务的行为向甲方承担全部责任。
5.3 Notification of New Sub-processors / 新增次级处理者通知
Processor shall give Controller at least thirty (30) days' prior written notice of any intended addition or replacement of Sub-processors. Controller may object to such changes on reasonable grounds relating to data protection within five (5) Business Days of receiving notice. If the Parties cannot resolve the objection within ten (10) Business Days, Controller may terminate the affected services without penalty.
乙方拟增加或更换次级处理者的,应至少提前 三十(30)天 书面通知甲方。甲方可在收到通知后 五(5)个工作日内 以与数据保护相关的合理理由提出反对。如双方未能在 十(10)个工作日内 解决反对意见,甲方可终止受影响的服务且不承担违约责任。
5.4 DMCs as Sub-processors / 地接社作为次级处理者
Controller acknowledges and agrees that DMCs (destination management companies) located in China, Japan, Korea, and other inbound destinations may receive Personal Data as Sub-processors solely for the purpose of fulfilling the booked travel services. Processor shall ensure that such DMCs are contractually bound to data protection standards equivalent to those in this Agreement.
甲方确认并同意,位于中国、日本、韩国及其他入境目的地的地接社(DMC)可作为次级处理者接收个人数据,且仅限于履行已预订的旅游服务之目的。乙方应确保该等地接社受相当于本协议标准的数据保护合同约束。
5.5 Payment Sub-processors / 支付类次级处理者
Controller acknowledges that Processor may engage licensed payment institutions and cross-border remittance service providers (including but not limited to Airwallex, LianLian Pay, and WorldFirst) as Sub-processors solely for the purpose of executing B2B fund transfers and foreign exchange settlement. Such payment Sub-processors shall process only corporate payment data and shall not have access to traveller Personal Data unless strictly necessary for a specific transaction (e.g., refund to a corporate contact). Processor shall ensure that such payment Sub-processors are contractually bound to data protection and security standards no less protective than those set out in this Agreement.
甲方确认,乙方可仅为执行 B2B 资金转账及外汇结算之目的,聘请持牌支付机构及跨境汇款服务提供商(包括但不限于 Airwallex、连连支付及万里汇)作为次级处理者。该等支付类次级处理者仅处理企业支付数据,且不得访问旅客个人数据,但为特定交易所严格必需者除外(例如向企业联系人退款)。乙方应确保该等支付类次级处理者受不低于本协议规定标准的数据保护及安全标准的合同约束。
Article 6 Data Subject Rights / 数据主体权利
6.1 Processor shall promptly assist Controller in responding to any request from a Data Subject seeking to exercise rights under Applicable Laws, including the right of access, rectification, erasure, restriction of processing, data portability, and objection.
乙方应及时协助甲方响应数据主体依据适用法律行使权利的请求,包括访问权、更正权、删除权、限制处理权、可携带权及反对权。
6.2 Unless otherwise instructed by Controller in writing, Processor shall not disclose Personal Data to any Data Subject or third party in response to a direct request.
除非甲方另行书面指示,乙方不得应直接请求向任何数据主体或第三方披露个人数据。
Article 7 Security Measures / 安全措施
The TOMs implemented by Processor are described in Annex B. Processor may update such measures from time to time provided that the updated measures do not materially decrease the overall level of protection.
乙方实施的技术和组织措施详见附件 B。乙方可不时更新该等措施,但更新后的措施不得实质性降低整体保护水平。
Article 8 Personal Data Breach / 个人数据泄露
8.1 Notification / 通知
Processor shall notify Controller without undue delay and in any case within twenty-four (24) hours after becoming aware of a Data Breach. Such notification shall include:
乙方应在知悉数据泄露事件后毫不延迟地通知甲方,且无论如何应在 二十四(24)小时内 发出通知。该通知应包括:
(a) the nature of the Data Breach including the categories and approximate number of Data Subjects and Personal Data records concerned;
数据泄露事件的性质,包括涉及的数据主体类别和大致数量以及个人数据记录数量;
(b) the likely consequences and the measures taken or proposed to be taken to address the breach;
可能产生的后果以及已采取或拟采取的应对该泄露事件的措施;
(c) the name and contact details of the data protection officer or other contact point.
数据保护官或其他联系点的姓名和联系方式。
8.2 Cooperation / 配合
Processor shall cooperate with Controller and take such reasonable commercial steps as are directed by Controller to assist in the investigation, mitigation and remediation of the Data Breach, and in the preparation of any required notifications to supervisory authorities and Data Subjects.
乙方应配合甲方,并采取甲方指示的合理商业措施,协助调查、减轻和补救数据泄露事件,以及准备向监管机构和数据主体发出的任何必要通知。
Article 9 Cross-Border Transfers and Standard Contractual Clauses / 跨境传输与标准合同条款
9.1 General Principle / 一般原则
The Parties acknowledge that Personal Data may be transferred across jurisdictions where Controller, Processor, or DMCs operate, including but not limited to Singapore, Australia, EEA member states, the United Kingdom, the United States, Canada, China, Japan, and Korea.
双方确认,个人数据可能在甲方、乙方或地接社运营的司法管辖区之间传输,包括但不限于新加坡、澳大利亚、EEA 成员国、英国、美国、加拿大、中国、日本和韩国。
9.2 Transfers from the EEA, Switzerland, and the UK / 来自 EEA、瑞士及英国的传输
Where Personal Data is transferred from the EEA, Switzerland, or the United Kingdom to Processor in Singapore (or any other jurisdiction not subject to an adequacy decision under GDPR or UK GDPR), such transfers shall be governed by:
如个人数据从 EEA、瑞士或英国传输至位于新加坡的乙方(或任何不受 GDPR 或英国 GDPR 充分性决定约束的其他司法管辖区),该等传输应受以下文件管辖:
(a) Annex D (EU Standard Contractual Clauses, Module Two: Controller to Processor) for transfers from the EEA and Switzerland; and
附件 D(欧盟标准合同条款,模块二:控制者到处理者),适用于来自 EEA 和瑞士的传输;以及
(b) Annex E (UK Addendum to the EU SCCs) for transfers from the United Kingdom.
附件 E(欧盟 SCCs 的英国附录),适用于来自英国的传输。
9.3 Compliance with PIPL / PIPL 合规
Where the Processing involves Personal Data of individuals located in mainland China, or where Personal Data is provided from mainland China to Processor outside of China, the Parties shall ensure compliance with PIPL, including:
如处理涉及位于中国大陆的个人的个人数据,或如个人数据从中国大陆提供给境外的乙方,双方应确保遵守 PIPL,包括:
(a) conducting a security assessment organised by the national cyberspace administration where required;
在需要时通过国家网信部门组织的安全评估;
(b) obtaining certification from a specialised institution for the protection of Personal Information where required;
在需要时获得专业机构进行的个人信息保护认证;
(c) entering into a standard contract formulated by the national cyberspace administration and filing it where required;
在需要时签订国家网信部门制定的标准合同并进行备案;
(d) obtaining separate consent from the Data Subject where required by PIPL Article 13 and 39.
在 PIPL 第 13 条和第 39 条要求时获得数据主体的单独同意。
Controller shall be primarily responsible for determining the applicable compliance pathway under PIPL, and Processor shall cooperate and provide necessary documentation.
甲方应主要负责确定 PIPL 下的适用合规路径,乙方应予以配合并提供必要文件。
9.4 Compliance with APPI (Japan) / APPI(日本)合规
Where Personal Data of Japanese residents is transferred to a Sub-processor outside Japan, Processor shall ensure that the Sub-processor is subject to data protection standards equivalent to those under the APPI, by contract or otherwise.
如日本居民的个人数据被传输至日本境外的次级处理者,乙方应确保该次级处理者通过合同或其他方式受相当于 APPI 标准的数据保护标准约束。
9.5 Compliance with PIPA (Korea) / PIPA(韩国)合规
Where Personal Data of Korean residents is transferred outside Korea, Processor shall ensure that such transfer is made subject to adequate safeguards, including contractual commitments ensuring an equivalent level of protection.
如韩国居民的个人数据被传输至韩国境外,乙方应确保该等传输具备充分保障,包括确保同等保护水平的合同承诺。
9.6 Singapore PDPA / 新加坡 PDPA
Where Personal Data is transferred from Singapore to a country or territory outside Singapore, Processor shall ensure that the recipient is bound by legally enforceable obligations to provide a standard of protection that is comparable to the protection under the Singapore PDPA.
如个人数据从新加坡传输至新加坡以外的国家或地区,乙方应确保接收方受具有法律约束力的义务约束,以提供与新加坡 PDPA 下保护水平相当的标准。
9.7 Australia APP 8 / 澳大利亚 APP 8
Where Personal Data is disclosed to an overseas recipient (including DMCs), Processor shall take reasonable steps to ensure that the overseas recipient does not breach the Australian Privacy Principles in relation to the Personal Data.
如个人数据向海外接收者(包括地接社)披露,乙方应采取合理措施确保海外接收者不违反与该个人数据相关的澳大利亚隐私原则。
Article 10 Audits / 审计
10.1 Controller shall have the right to audit Processor's compliance with this Agreement no more than once per calendar year during normal business hours, upon at least thirty (30) days' prior written notice, or in the event of a Data Breach or regulatory inquiry.
甲方有权在每年度内审计乙方对本协议的遵守情况不超过 一次,审计应在正常营业时间内进行,且应至少提前 三十(30)天 发出书面通知,或在发生数据泄露事件或监管调查时进行。
10.2 The Processor shall maintain and make available to the Controller, upon written request, up-to-date independent third-party certifications or audit reports, such as ISO/IEC 27001 certification, SOC 2 Type II reports, or equivalent recognized standards, which shall constitute the primary means by which the Processor demonstrates compliance with this DPA and Data Protection Legislation.
数据处理方应持有有效的最新独立第三方认证或审计报告(如 ISO/IEC 27001 认证、SOC 2 第二类审计报告或同等公认标准),并在数据控制方书面要求时向其提供;该等认证及报告为数据处理方证明其遵守本《数据处理协议》及数据保护相关法规的主要依据。
10.3 The Controller shall have no general right to conduct onsite audits of the Processor. Onsite inspections may occur only if expressly required by a competent supervisory authority and if the Processor fails to provide sufficient certification or evidence of compliance within a reasonable period.
数据控制方不享有对数据处理方开展现场审计的一般权利。仅在主管监管机关明确要求,且数据处理方未在合理期限内提供充分合规认证或合规证明的情况下,方可进行现场核查。
10.4 The Controller shall bear Processor’s reasonable costs of any Controller initiated audit unless such audit reveals a material breach by Processor of this DPA, then Processor shall bear its own expenses of an audit.
凡由数据控制方发起的审计,相关合理费用由数据控制方承担;但若审计结果证实数据处理方严重违反本《数据处理协议》约定,则审计相关费用由数据处理方自行承担。
Article 11 Term and Termination / 期限与终止
11.1 This Agreement shall enter into force on the date of the MSA and shall continue for the duration of the MSA and until all Personal Data has been returned or deleted in accordance with Article 3.6.
本协议自主协议签署之日起生效,持续至主协议期限届满且所有个人数据已依据第 3.6 条返还或删除为止。
11.2 Upon termination, Processor shall, at Controller's election, return or securely destroy all Personal Data and certify such destruction in writing, except where prohibited by Applicable Laws.
终止时,乙方应根据甲方选择返还或安全销毁所有个人数据,并以书面形式证明该等销毁,但适用法律禁止的除外。
Article 12 Liability / 责任
12.1 Each Party shall be liable to the other Party for damages caused by a breach of this Agreement or Applicable Laws to the extent attributable to that Party.
各方应就因其违反本协议或适用法律而给另一方造成的损害承担责任,但以可归责于该方的范围为限。
12.2 Processor shall not be liable for any indirect, consequential, or punitive damages arising out of or related to this Agreement, except where such liability cannot be excluded under Applicable Laws.
除适用法律不能排除该等责任的情形外,乙方不对因本协议引起的或与之相关的任何间接、后果性或惩罚性损害承担责任。
Article 13 Governing Law and Dispute Resolution / 适用法律与争议解决
13.1 This Agreement shall be governed by and construed in accordance with the laws of Singapore, without regard to its conflict of laws principles.
本协议应受 新加坡 法律管辖并依其解释,不考虑其法律冲突原则。
13.2 Any dispute arising out of or in connection with this Agreement shall be finally settled by arbitration in Singapore in accordance with the Arbitration Rules of the Singapore International Arbitration Centre (SIAC). The arbitral tribunal shall consist of one (1) arbitrator. The language of the arbitration shall be English.
因本协议引起或与之相关的任何争议,应根据 新加坡国际仲裁中心(SIAC) 的仲裁规则在新加坡通过仲裁最终解决。仲裁庭由一(1)名仲裁员组成。仲裁语言为 英文。
13.3 Notwithstanding Clause 13.2, either Party may seek interim or conservatory relief from a court of competent jurisdiction.
尽管有第 13.2 条规定,任何一方均可向有管辖权的法院寻求临时性或保全性救济。
Article 14 General Provisions / 一般条款
14.1 Entire Agreement / 完整协议
This Agreement, together with its Annexes, constitutes the entire agreement between the Parties with respect to the subject matter hereof and supersedes all prior negotiations, understandings, and agreements.
本协议及其附件构成双方就本协议标的达成的完整协议,并取代此前所有谈判、谅解和协议。
14.2 Amendments / 修订
No amendment or modification of this Agreement shall be valid unless in writing and signed by authorised representatives of both Parties.
对本协议的任何修改或修订,除非经双方授权代表书面签署,否则无效。
14.3 Severability / 可分割性
If any provision of this Agreement is held to be invalid or unenforceable, the remaining provisions shall continue in full force and effect.
如本协议任何条款被认定为无效或不可执行,其余条款应继续完全有效。
14.4 Counterparts / 文本份数
This Agreement may be executed in counterparts, each of which shall be deemed an original.
本协议可签署一式多份,每份均视为正本。
Incorporation by Reference / 引用生效
This Agreement is attached as Schedule A to the Platform Terms of Use. By accepting the TOU, Controller is deemed to have accepted all terms of this Agreement. No separate execution is required.
本协议作为《平台使用条款》的附件 A 附于其后。甲方接受 TOU 即视为接受本协议全部条款,无需另行签署。
ANNEXES / 附件
ANNEX A / 附件 A
DETAILS OF PROCESSING / 处理详情
| Item / 项目 | Description / 描述 |
|---|---|
| Subject-matter of Processing / 处理标的 | Processing of Personal Data necessary for the provision of the Platform services by Processor to Controller, including booking management, itinerary coordination, and traveller communication. 乙方向甲方提供平台服务所需的个人数据处理,包括预订管理、行程协调及旅客沟通。 |
| Duration of Processing / 处理期限 | For the term of the MSA and, thereafter, for the period required by Applicable Laws or as specified in Controller's deletion instructions, not exceeding 2 years following the completion of the relevant travel itinerary. 主协议期限内,以及此后适用法律要求或甲方删除指示规定的期限,但自相关旅游行程结束后不超过 2 年。 |
| Nature and Purpose / 性质与目的 | (a) Facilitating booking and B2B settlement of inbound travel products; (b) Transmitting traveller information to DMCs for service fulfilment; (c) Customer support and emergency assistance; (d) Compliance with legal and regulatory obligations. (a) 促成入境旅游产品的预订与 B2B 结算; (b) 向地接社传输旅客信息以履行服务; (c) 客户支持与紧急协助; (d) 遵守法律及监管义务。 |
| Types of Personal Data / 个人数据类别 | As described in Article 2.3 of this Agreement. 如本协议第 2.3 条所述。 |
| Categories of Data Subjects / 数据主体类别 | Travellers, prospective travellers, emergency contacts, and Controller's authorised personnel. 旅客、潜在旅客、紧急联系人及甲方授权人员。 |
| Planned Transfers / 计划传输 | Personal Data may be transferred from Controller's jurisdiction to Processor in Singapore, and from Processor to DMCs in China, Japan, Korea, and other destinations as necessary for itinerary fulfilment. 个人数据可能从甲方所在司法管辖区传输至位于新加坡的乙方,并从乙方传输至位于中国、日本、韩国及其他目的地的地接社,以履行行程所需。 |
ANNEX B / 附件 B
TECHNICAL AND ORGANISATIONAL SECURITY MEASURES / 技术和组织安全措施
Processor shall implement at least the following measures to protect Personal Data against unauthorised access, alteration, disclosure or destruction:
乙方应至少实施以下措施,以保护个人数据免受未经授权的访问、篡改、披露或销毁:
1. Encryption / 加密
Personal Data shall be encrypted in transit using TLS 1.2 or higher (or equivalent secure protocol).
Personal Data at rest shall be encrypted using AES-256 (or equivalent industry-standard algorithm).
传输中的个人数据应使用 TLS 1.2 或更高版本(或同等安全协议)加密。
静态个人数据应使用 AES-256(或同等行业标准算法)加密。
2. Access Control / 访问控制
Role-based access control (RBAC) enforcing the principle of least privilege.
Multi-factor authentication (MFA) for all administrative and engineering access to systems containing Personal Data.
Regular review and revocation of access rights upon role change or termination.
基于角色的访问控制(RBAC),执行最小权限原则。
对包含个人数据的所有系统和工程访问实施多因素认证(MFA)。
定期审查访问权限,并在角色变更或离职时及时撤销。
3. System Resilience and Availability / 系统弹性与可用性
Regular automated backup of Personal Data with defined Recovery Time Objectives (RTO) and Recovery Point Objectives (RPO).
Disaster recovery procedures tested at least annually.
定期自动备份个人数据,并设定恢复时间目标(RTO)和恢复点目标(RPO)。
至少每年测试一次灾难恢复程序。
4. Monitoring and Testing / 监控与测试
Continuous security monitoring and logging of access to systems containing Personal Data.
Annual or bi-annual penetration testing and vulnerability assessments by a qualified independent third party.
Prompt remediation of critical and high-severity vulnerabilities identified.
对包含个人数据的系统进行持续安全监控和访问日志记录。
由合格独立第三方进行年度或半年度 渗透测试 和 漏洞评估。
对发现的关键和高危漏洞及时进行修复。
5. Personnel Security / 人员安全
All personnel with access to Personal Data shall sign confidentiality agreements.
Annual data protection and information security awareness training.
所有可访问个人数据的人员应签署保密协议。
年度数据保护及信息安全意识培训。
6. Incident Management / 事件管理
Documented incident response plan with defined escalation paths and responsibilities.
制定包含明确升级路径和职责的文件化事件响应计划。
7. Supplier and Sub-processor Security / 供应商与次级处理者安全
Processor shall ensure that cloud infrastructure providers and other material Sub-processors maintain security measures materially no less protective than those described herein.
乙方应确保云基础设施提供商及其他重要次级处理者维持的保护措施在实质上不低于本附件所述标准。
ANNEX C / 附件 C
LIST OF AUTHORISED SUB-PROCESSORS / 授权次级处理者名单
| Name / 名称 | Location / 所在地 | Function / 职能 |
|---|---|---|
| [AWS / Amazon Web Services] | [Singapore / Japan / etc.] | Cloud infrastructure and data storage 云基础设施及数据存储 |
| [Alibaba Cloud / 阿里云] | [China / Singapore] | Cloud infrastructure and data storage (if applicable) 云基础设施及数据存储(如适用) |
| [Airwallex / 空中云汇] | [Singapore / Hong Kong / Australia / etc.] | Cross-border B2B payment processing and foreign exchange settlement 跨境 B2B 支付处理及外汇结算 |
| [LianLian Pay / 连连支付] | [China / Singapore / etc.] | Cross-border B2B payment processing and foreign exchange settlement 跨境 B2B 支付处理及外汇结算 |
| [WorldFirst / 万里汇] | [Singapore / Hong Kong / UK / etc.] | Cross-border B2B payment processing and foreign exchange settlement 跨境 B2B 支付处理及外汇结算 |
| [Inbound DMCs / 入境地接社] | China, Japan, Korea, etc. | Fulfilment of travel services (hotels, transport, guides, activities) 履行旅游服务(酒店、交通、导游、活动) |
Processor may update this list in accordance with Article 5.3.
乙方可根据第 5.3 条更新本清单。
ANNEX D / 附件 D
EU STANDARD CONTRACTUAL CLAUSES (MODULE TWO) / 欧盟标准合同条款(模块二)
The Parties agree that the Standard Contractual Clauses for the transfer of personal data to third countries pursuant to Regulation (EU) 2016/679, as adopted by the European Commission Implementing Decision (EU) 2021/914 of 4 June 2021 ("EU SCCs"), shall apply to transfers of Personal Data from the EEA and Switzerland to Processor in a third country.
双方同意,欧盟委员会 2021 年 6 月 4 日第 (EU) 2021/914 号实施决定所附 《根据法规 (EU) 2016/679 向第三国传输个人数据的标准合同条款》("欧盟 SCCs")适用于将个人数据从 EEA 和瑞士传输至位于第三国的乙方。
The following parameters are completed for the purposes of the EU SCCs:
就欧盟 SCCs 而言,以下参数填写如下:
| Parameter / 参数 | Entry / 填写内容 |
|---|---|
| Module Two selected / 选择模块二 | Yes / 是 (Controller to Processor / 控制者到处理者) |
| Data Exporter / 数据出口方 | Controller (the Outbound Travel Agency) / 甲方(出境旅行社) |
| Data Importer / 数据进口方 | Processor (Tour Matrix AI Pte. Ltd.) / 乙方(Tour Matrix AI Pte. Ltd.) |
| Data Subjects / 数据主体 | As per Annex A / 如附件 A 所述 |
| Categories of data / 数据类别 | As per Annex A / 如附件 A 所述 |
| Sensitive data / 敏感数据 | Health data (dietary restrictions, allergies, accessibility needs) where necessary for travel fulfilment / 健康数据(饮食限制、过敏信息、无障碍需求),仅在履行旅游服务所必需时 |
| Processing operations / 处理操作 | Storage, transmission, matching with DMCs, communication / 存储、传输、与地接社匹配、沟通 |
| Purpose / 目的 | As per Annex A / 如附件 A 所述 |
| Retention period / 保留期限 | As per Annex A / 如附件 A 所述 |
| Sub-processor authorisation / 次级处理者授权 | As per Annex C and Article 5 / 如附件 C 及第 5 条所述 |
| Competent supervisory authority / 主管监管机构 | [e.g., ICO / CNIL / BfDI etc.] / [例如:英国信息专员办公室 (ICO);或法国 CNIL、德国 BfDI 等] |
| Governing law for Clause 17 / 第 17 条适用法律 | The laws of [Ireland / Germany / etc.] / [爱尔兰 / 德国 / 等] 的法律 |
The full text of the EU SCCs is deemed incorporated herein by reference. In the event of any conflict between the EU SCCs and this Agreement, the EU SCCs shall prevail to the extent of the transfer governed by them.
欧盟 SCCs 的完整文本通过引用视为并入本协议。如欧盟 SCCs 与本协议存在冲突,就受其管辖的传输而言,以欧盟 SCCs 为准。
ANNEX E / 附件 E
UK ADDENDUM TO THE EU SCCs / 欧盟 SCCs 的英国附录
The Parties agree that the UK Addendum to the EU Commission Standard Contractual Clauses, issued by the UK Information Commissioner's Office and effective 21 March 2022, shall apply to transfers of Personal Data from the United Kingdom to Processor in a third country.
双方同意,英国信息专员办公室发布并于 2022 年 3 月 21 日生效的 《欧盟委员会标准合同条款的英国附录》 适用于将个人数据从英国传输至位于第三国的乙方。
The UK Addendum is deemed incorporated into this Agreement as if set out in full herein. The information required by Table 1 of the UK Addendum is as follows:
英国附录视为并入本协议,如同其全文载列于此。英国附录表 1 要求的信息如下:
Exporter / 出口方: Controller (Outbound Travel Agency) / 甲方(出境旅行社)
Importer / 进口方: Processor (Tour Matrix AI Pte. Ltd.) / 乙方(Tour Matrix AI Pte. Ltd.)
Addendum version / 附录版本: [Version B1.0, dated 21 March 2022]
The "Approved EU SCCs" / "经批准的欧盟 SCCs": The EU SCCs as set out in Annex D, with Module Two selected.
Optional clauses / 可选条款: None / 无 (or specify if any)
Table 2 (Selected SCCs, Modules and Selected Clauses) and Table 3 (Appendix Information) are completed by reference to Annex A, Annex B, Annex C, and Annex D of this Agreement.
表 2(所选 SCCs、模块及所选条款)及表 3(附录信息)通过引用本协议的附件 A、B、C 及 D 完成。
ANNEX F / 附件 F
CROSS-BORDER TRANSFER MATRIX / 跨境传输法律基础矩阵
| Origin / 数据来源地 | Destination / 数据接收地 | Transferring Party / 传输方 | Receiving Party / 接收方 | Legal Mechanism / 法律机制 |
|---|---|---|---|---|
| EEA / 欧洲经济区 | Singapore / 新加坡 | Controller / 甲方 | Processor / 乙方 | EU SCCs (Module 2) – Annex D 欧盟 SCCs(模块二) – 附件 D |
| United Kingdom / 英国 | Singapore / 新加坡 | Controller / 甲方 | Processor / 乙方 | UK Addendum to EU SCCs – Annex E 欧盟 SCCs 的英国附录 – 附件 E |
| Switzerland / 瑞士 | Singapore / 新加坡 | Controller / 甲方 | Processor / 乙方 | EU SCCs (Module 2) + Swiss FADP requirements 欧盟 SCCs(模块二) + 瑞士 FADP 要求 |
| Singapore / 新加坡 | Singapore / 新加坡 | Controller / 甲方 | Processor / 乙方 | Singapore PDPA + this DPA 新加坡 PDPA + 本 DPA |
| Australia / 澳大利亚 | Singapore / 新加坡 | Controller / 甲方 | Processor / 乙方 | APP 8 + this DPA APP 8 + 本 DPA |
| USA / Canada / 美国 / 加拿大 | Singapore / 新加坡 | Controller / 甲方 | Processor / 乙方 | CCPA/CPRA/PIPEDA service provider contract + this DPA CCPA/CPRA/PIPEDA 服务提供商合同 + 本 DPA |
| Any origin / 任何来源地 | China / 中国 | Processor / 乙方 | DMC (Sub-processor) / 地接社(次级处理者) | PIPL standard contract / security assessment / certification + SCCs Clause 8.7 safeguards PIPL 标准合同 / 安全评估 / 认证 + SCCs 第 8.7 条保障 |
| Any origin / 任何来源地 | Japan / 日本 | Processor / 乙方 | DMC (Sub-processor) / 地接社(次级处理者) | APPI equivalent protection contract APPI 同等保护合同 |
| Any origin / 任何来源地 | Korea / 韩国 | Processor / 乙方 | DMC (Sub-processor) / 地接社(次级处理者) | PIPA safeguards / consent + contractual commitments PIPA 保障措施 / 同意 + 合同承诺 |
| China / 中国 | Singapore / 新加坡 | Controller / 甲方 (if collecting in China) / 甲方(如在中国境内收集) | Processor / 乙方 | PIPL Art. 38 (security assessment / certification / standard contract / consent) PIPL 第 38 条(安全评估 / 认证 / 标准合同 / 同意) |