Privacy Policy


This privacy ("Policy") applies to Grab visa, which operates the website, hereinafter " Grab visa," in connection with personal data provided by any person ("User") who has purchased or intends to purchase any product(s) or service(s) made by Grab visa through any of Grab visa's interface channels, including website, mobile site, and mobile app (collectively referred to herein as "Sales Channels").

About the Privacy Policy:
In this policy, references to "you" or "your" relate to "User." "Grab visa" is referred to when "we," "us," or "our" are used. When you respond to our surveys or give us comments, The terms "website" and "website(s)," as well as "mobile site(s)," are interchangeable (s)


Your right to know how and why information is gathered, utilised, disclosed, transferred, and retained is something we respect. So that you are aware of our policies, we have established this Policy. This policy outlines how we handle your information in accordance with applicable data protection legislation when you use our website or other digital platforms. You should carefully read this policy as well as any other policies we may give when collecting or processing your personal data so that you are completely aware of how and why we are doing so. The purpose of this policy is to enhance the other notices; it is not meant to replace them.


A "Controller" is a person or organisation that decides on their own or with others what uses and how any personal data will likely be processed. In its capacity as the controller, Grab visa issues this notice. An entity that processes personal data on behalf of the Controller is known as a Processor. This entity can be either natural or legal. Grab visa may be the Controller or Processor of your personal data depending on the circumstances.


Any information about a user from which that person may be identified is considered personal data. Personal information when the identity has been deleted is excluded (anonymous data).

Every time you interact with Grab visa, whether directly or indirectly through a third party, personal information may be requested.

For any purpose, we gather, use, and distribute aggregated data, such as statistical or demographic information. Although aggregate data may be derived from personal data about you, it is not legally regarded as personal information because it does not directly or indirectly identify you. For instance, we may combine your Usage Data to determine the proportion of users who visit a particular website feature. However, we recognise aggregated data as personal data that will be used in compliance with this policy if we combine it with your personal data or connect it to it in a way that allows it to directly or indirectly identify you.

With our website, we do not assemble any particular categories of personal information about you (this includes details about your race or ethnicity, religious or philosophical beliefs, political opinions, trade union membership, information about your health and genetic and biometric data). Also, we don't gather any data on criminal offences and convictions.

We gather, utilise, store, and transfer many types of personal information about you. To clarify how we use this kind of data, we've combined the following sorts of personal data together.

The following expressions are used in this Notice:

  • "Contact Data" includes information like your home and workplace addresses, email addresses, and phone numbers;
  • "Identity Info" includes your first and last names, a username or other unique identification, and your position title.
  • Usernames, passwords, and other security-related data that you use in connection with our services are referred to as "website user data."

"Transaction Data: History of your online transactions and purchasing patterns. Details about any other travellers for whom you made reservations using your verified Grab visa account. In this situation, you must certify and represent that each additional traveller for whom a reservation has been made has authorised us to share the information you have given with us with the relevant service provider (s). Your marketing and communication choices are included in the category "Marketing and Communications Data". In order to enhance our marketing services, give you more pertinent information, and raise the calibre of our marketing materials, we also keep track of when you get and read our marketing communications.

"Public Domain or Third Party Data" refers to information that is freely accessible to the public or that is obtained from third parties, such as social media channels. This includes, but is not limited to, personal or non-personal information from your connected social media channels (such as name, email address, friend list, profile pictures, or any other information that may be obtained in accordance with your account settings), which is included in your account information.

"Profile Data" is information that is gradually gathered about you when you visit our site, such as the website that directed you there, the pages you visit, the activities you do, the patterns of pages you visit, and the data you enter on forms;

The term "Technical Data" refers to data gathered when you access our website, mobile site, or mobile app, including your IP address, login details, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform, and other hardware on the devices you are using; The term "Usage Data" describes details about how you use our website.

"Any additional Personal Data" includes copies of your passport, bank statements, originals of the application forms you filled out, photographs, and any other information the relevant embassy may need to process your visa application if you want Grab visa to assist with visa-related services. If you ask Grab visa to provide services linked to foreign currency (forex), then supply passport copies, an A2 form, airline tickets, or any other documentation needed to conduct your forex transaction.


  • We will only obtain any kind of personal information from you if you choose to do so in the following situations:

    a. Direct communication

    • When you submit an inquiry, request a quote, book a reservation, or make a purchase on our "Website" or through our customer service team via email, letter, fax, phone, or in-person visit
    • When you sign up with us, receive our newsletter, participate in one of our contests, giveaways, surveys, or comments, contact us with questions, or sign up for promotions.
    • Each time you interact with us during an event, promotion, or page that is hosted by us on a third-party platform or location, whether it be online or off.
    using cookies on our website.

    b. Cookies and further technologies:

    • o Technical Details about your computer, browsing actions, and trends are provided to us. Cookies, server logs, and other similar technologies are used by us to gather this personal data. Please refer to the cookie policy for more information on the data gathered.
    c. Outsiders or publicly accessible sources:

    We get technical data from analytics companies like Google.


  • "performance of a contract" refers to situations in which we must carry out agreements we are about to or have already made with you as a party, or act upon your request to do so;
  • "legal or regulatory obligation": when we are required to adhere to a legal or regulatory requirement;
  • "Legitimate interests": whenever it is in our best interests, as long as our constitutional rights do not supersede those interests. This could imply, for example, that it is in our best interests to keep an eye on how you are using our website or client portals in order to preserve the security of those platforms. Before we process your personal data for our legitimate interests, we make sure to weigh the potential effects on you (both good and bad) and your rights;
  • "consent": We rely on consent as a legal basis for processing your personal data in relation to sending you direct marketing communications via email or text message.

We don't utilise your personal information for things where the impact on you would be greater than our interests (unless we have your consent or are otherwise required or permitted to by law).


When the law permits us to do so—that is, when we have a legal basis for processing—we will only process—that is, use—your personal data. For the following goals, we typically use the information to build and strengthen our relationship with our users:

When you make a reservation, we might use the Personal Information we have on file to streamline the booking process. This data may include all of the contact information that you previously provided. We may also use the traveller list data that is stored in or connected to your account. This information is supplied to the User at the time of making a booking to enable you to finish your bookings swiftly.

Your Personal Information may also be used by us for other purposes, such as but not restricted to:

  • keep you updated on the transaction status;
  • deliver booking confirmations through SMS, WhatsApp, or any other messaging service;
  • transmit any updates or modifications to your booking(s); and
  • confirm your bookings with the appropriate service providers. Customize the information on our website, mobile site, and mobile app. Request product or service reviews or other changes.
  • contact you on your birthday or anniversary to offer a special gift or offer; validate/authenticate your account and stop any misuse or abuse; send verification message(s) or email(s).
  • deliver to you critical notices and information about the use of our products and services or updates to our terms, conditions, and/or policies.
  • give details about the goods and services that Grab Visa and its affiliates offer. email you trip and/or payment reminders
  • Newsletters that provide industry news on the tourism industry. If you'd prefer not to get these notifications, you may use the unsubscribe feature in the email you receive.

For the reasons listed below, among others, we may disclose your personal information to third parties:

  • When it's essential to handle your booking, inquiry, or participation.
  • To carry out the service provision and/or to conduct any booking, reservation, blocking, or similar user-initiated activity.
  • We may share personal information with businesses that perform functions including credit extending, order fulfilment, product delivery, managing and enhancing customer data, customer care, determining your interest in our goods and services, and customer research or satisfaction surveys. These businesses have a duty to safeguard your information.

Your personal information might be used by us for marketing, promotions, research, and other initiatives.

  • As a registered user, you will receive notifications about our newest offers, promotions, and event updates for products and services. You have the option to unsubscribe if you so desire.
  • Personal data may also be used internally for research, analysis, and auditing.
  • Personal data may also be used to develop and distribute products, services, content, and advertising.
  • Why Grab visa may occasionally run promotions to provide its users the chance to win fantastic vacation and travel-related prizes. Contact details and survey questions may be among the personal information we gather during such an activity. Such information will be used to contact contest winners, and survey data will be used to create promotions and product enhancements.
  • From time to time, Grab visa may introduce referral or reward programmes for travellers, through which users could win prizes unrelated to travel. Your personal information might be used to sign you up for the rewards programme. Each time you win a prize, Grab visa may, depending on the rewards programme, give your personal data to a third party who will be in charge of giving you the prize. Nonetheless, if you so desire, you may opt out of such a reward scheme. For various reasons, such as fraud protection or any other reason, we occasionally may verify customer information while rewarding any user.


Non-personal data is information that will never be used to identify a specific person. We might compile data on client behaviour on our numerous platforms. This compiled data is employed in research, analysis, product monitoring and improvement, as well as several advertising campaigns. Information may be shared in aggregated, non-personal form with third parties to enhance customer experience, products offering or services.


When you visit our website, we use cookies and other technologies to improve your experience. To that end, we have created a cookie policy so that you are aware of our procedures. See the cookie policy here.


Our website provides links to various websites for your convenience. You leave our website and enter another one when you click on one of these links. These third-party websites are not our responsibility. The privacy policies of any other websites you visit should be carefully read because they will be applicable to your visit to other websites.


Organizations that belong to a group:

We may share your Personal Information with our affiliate or associate organisations in a controlled and secure manner in order to enhance personalization and service effectiveness.

Depending on the specifics of the transaction, our customers' information may also be given to the buyer if Grab Visa's assets are bought. Additionally, if we decide to sell, transfer, or assign our company, any portion of it, any of our subsidiaries, or any business units for any reason, including business expansion, development, or restructuring, customer information, including the Personal Information collected here, will be transferred in accordance with this restructuring exercise.

Service Providers and Suppliers: 

Your information will be given to the suppliers that are in charge of carrying out your booking, such as airlines, hotels, bus service providers, car rental agencies, and railroads. You should be aware that when you make a reservation with Grab visa, you give us permission to share your information with the aforementioned service providers and suppliers. It's important to remember that Grab visa does not permit the end service provider to utilise your information for anything other than performing their part of the contract.

Except for sharing such information with our business/alliance partners or vendors who are engaged by us to provide various services and to periodically share promotional and other benefits to our customers based on their booking history with us, Grab visa does not sell or rent individual customer names or other Personal Information of Users to third parties.

Third Party Vendors and Business Partners:

We may also disclose some filtered Personal Information to our corporate affiliates or business partners who may contact the customers to offer specific products or services, which may include complimentary or fee-based goods and services that will improve the customer's travel experience or allow them to take advantage of benefits designed especially for Grab visa customers. These partners include companies that provide travel savings/EMIs, co-branded credit cards, travel insurance, insurance against wallet loss, banking cards, or similar sensitive information, etc. If you decide to use any of these services provided by our business partners, the provider's privacy policy will apply to the services you use.

Your Personal Information may be given to a third party that Grab visa hires to carry out specific duties for it, such as hosting data, processing data, and processing payments.

Based on this information, we might offer suppliers, marketers, affiliates, and other existing and potential business partners non-personal data. This aggregate data may also be used to let these third parties know how many people have seen and clicked on links leading to their websites..

Grab visa occasionally employs a third party to do market research, surveys, etc., and gives this third party information specifically for use in conjunction with these projects. The information (including aggregate cookie and tracking information) we give to these third parties, alliance partners, or contractors is covered by confidentiality agreements, and it may only be used to carry out the specific project in question and in accordance with the law.


Subject to our professional requirements and any business conditions we may have with you, we will disclose your personal information as needed to:

  • any person or organisation to whom we are required to disclose information by a court of competent jurisdiction, a governmental agency, a taxing or other regulatory body, a law enforcement agency, or a similar body;
  • professional advisers or consultants we retain, such as attorneys, bankers, auditors, accountants, and insurers who offer us advice or services in the areas of law, banking, auditing, accounting, or insurance;
  • Companies that offer us system management and information technology services.


Users of Grab visa have the ability to share their experiences through reviews, blog posts, ratings, and general poll questions. Customers can also leave comments, ask questions about a service provided by Grab visa, or respond to queries already posted by other users. Also, Grab visa may use a third party to get in touch with you and ask for comments regarding a recent reservation you made with Grab visa. You can still get emails or notifications (from an app, SMS, WhatsApp, or any other messaging service) asking you to share your review even though participating in the feedback process is entirely voluntary (s). These reviews might be written—with or without pictures—or they could be videos. The written or posted reviews will be viewable on Grab visa and possibly on other travel-related platforms as well.

The following categories of user-generated content could be included in what Grab Visa collects:
• Reviews and ratings for websites and blogs
• Questions and Responses
• Crowdsourced data gathering (poll questions).

Each User who submits reviews, ratings, Q&As, or images is required to have a profile that other Users can access. The amount of travels, ratings, queries and responses, and uploaded photos may all be visible to other users. Each User is required to exercise due diligence and care to ensure that any opinions they express on a social media platform or on the Grab visa website are not offensive or contrary to the law, public policy, morality, caste, creed, colour, sex, race, culture, ethics, customs, traditions, decency, good conscience, or the intellectual property of third parties, among other things. By posting photos, views, images, contents, visuals, audios, experiences, etc. on social media platforms or the Grab visa website, you give Grab visa permission to use, reproduce, copy, upload photos, views, look and feel, images, contents, visuals, audios, experiences, etc. in any way it sees fit, free of charge and without any obligation to you or any other party. With respect to or in connection with the use, reproduction, copying, uploading of pictures, views, look and feel, images, contents, visuals, audios, experiences, etc. contributed, shared, or expressed by you or on your behalf and/or otherwise to any third party, Grab visa hereby disclaims all or any disputes, responsibilities, liabilities, litigations, costs, expenses, compensations, etc.


A list of permissions that are required for the efficient operation of the Grab visa app will appear when the programme has been loaded on your phone. The following are the permissions that Grab visa requires, the data that may be viewed, and its intended use:

• Permissions for Android:

Location: With your consent, we can tell you which branch is the closest to you if you need physical assistance with a travel-related inquiry.

SMS: If you give us permission to view your messages, we can send you messages about "OTP" and information about vacation packages to your cell number.

Phone: In order for you to call our customer contact centres directly from the app, the app needs ability to make phone calls.

Contacts: If you give us access to your contacts, we may offer you many social services like the ability to share vacation packages with your friends, etc.

Photo/ Media/ Files: The libraries in the app make use of these rights to save and cache picture and document data for your convenience and speedier use of the app the next time you browse with us. Every time you use the app, your phone doesn't need to re-download the same image and document data because it is saved locally.

• IOS Permits: Notifications: If you want to receive notifications, we can send you special offers, marketing materials, travel-related information, etc. on your device.


We implement appropriate technical and organisational measures to ensure a level of security appropriate to the risk of processing, including:

a. the pseudonymization and encryption of personal data;

b. the capacity to maintain ongoing confidentiality, integrity, and availability of personal data. We also take into account the costs of implementation as well as the nature, scope, context, and purposes of processing as well as the risk of varying likelihood and severity for the rights and freedoms of natural persons.

We make sure that people who process personal data on a regular basis or who have permanent access to it, as well as those who work on developing technologies for processing personal data, are instructed on their duties and are aware of their rights.

We have put in place the necessary security procedures and certifications to safeguard your personal information and guard against unauthorised access. Users should use our SSL site to protect information transmission while making purchases online.

We demand that any third parties who process your information have in place the same standards of security for your data. Although no system, including ours, is completely impenetrable, we will keep implementing internet security protocols to make sure your data is kept secure with us. By accessing, browsing, transacting on, or storing any data or information on this site, you agree to abide by the most recent version of the privacy notice in force at the time. The terms of use and privacy notice of any social networking or other service you use that maintains your information will apply.


We will only keep your personal information as long as it takes to accomplish the goals for which it was originally acquired. This includes, for instance, the need to carry out legal work, for the formation or defence of legal claims, or to satisfy any legal, regulatory, accounting, or reporting requirements.

In accordance with our document management, retention, and destruction policy, as well as any relevant legal requirements, we shall keep your personal information in our databases. This period may continue after the termination of your connection with us, but only for as long as it takes for us to have enough information to address any issues that may subsequently occur. For instance, we could demand or be compelled to save information so that you can get reimbursed for a trip that you booked but had to postpone. However, we might need to keep some information if we have reason to believe it will help us stop fraud, defend ourselves against responsibility, be able to use available defences, or reduce any damages we may experience.

In rare cases, we may anonymize your personal information (making it impossible to link it back to you) for research or statistical reasons, in which case we may continue to use this data indefinitely without further informing you.


The date of this notice is 16, March, 2023. We retain the right to edit or modify this Policy at any time, and we will send you a notice of any material revisions as soon as possible via email or by posting a clear notice of the change on our website. Periodically reviewing the policy is advised. Your continued use of our website following the posting of any changes to this policy here will be construed as your acceptance of those changes and your agreement to follow and be bound by the revised notice.


You may be entitled to various protections for your personal data under the relevant data protection legislation. We shall respond swiftly and in compliance with any applicable legislation, rule, or regulation relating to the processing of your personal data. It is our policy to respect your rights.

Below are specifics on your rights under the General Data Protection Regulation (GDPR):

  • The right to information on the use of personal data - You have the right to information regarding the use and sharing of your personal data by us. You will receive this explanation in a clear, transparent, understandable, and easily accessible style, and it will be written in simple words;
  • The right to access personal data entitles you to information about how your personal data is being used by us, access to your personal data, and confirmation as to whether we are processing it.
  • The ability to correct incomplete or incorrect personal data - You have the right to have any incomplete or inaccurate personal data corrected. When possible, we shall take reasonable steps to notify any third parties to whom we have exposed the pertinent personal data of the correction;
  • In certain situations, you have the right to request that we remove portions of your personal data that we have on file for you. The right to be forgotten is another name for this. This does not constitute a general right to demand the deletion of all personal data. In compliance with the requirements of any legislation relating to the processing of your personal data, we will carefully consider each request;
  • Right to restrict processing of personal data under certain conditions - Under certain conditions, you have the right to request that your personal data not be processed. This right applies when you contest the accuracy of personal data, when you object to processing, when processing of personal data is unlawful and you request restriction rather than erasure, or when we no longer need the personal data but you need the personal data to establish, exercise, or defend a legal claim;
  • The right to data portability allows you to ask for a copy of your personal information in a frequently used electronic format under certain conditions. This permission only applies to personal data that you have supplied to us (for example by completing a form or providing information through a Website). The right to data portability also applies to information about you that has been amassed by keeping tabs on your actions. The right to data portability only applies if the processing is done with your consent or if it's necessary to handle your personal data in order to fulfil a contract and it's done electronically;
  • You have the right to object to processing carried out by us if (a) we are processing personal data based on legitimate interests or for the performance of a task in the public interest (including profiling), (b) we are using personal data for direct marketing purposes, or (c) we are processing information for scientific or historical research. At the time of data collection, you will be made aware of your right to object, and that right will be specifically mentioned, made clear, and presented apart from any other information; and
  • The right to not be subject to automated decisions that have a legal or other substantial impact on you - You have the right to be exempt from decisions that are based on automated processing where those decisions have a legal or other significant impact on you.

Any of the aforementioned rights may be used by sending an email to

You won't be charged a price to view your personal information (or to exercise any of the other rights). But, if your request is obviously baseless, repeated, or unreasonable, we may charge a reasonable price. In some situations, we may also decline to abide with your request.

Moreover, you can email , if you have any questions, comments, or concerns about this Policy.

In order to verify your identity and establish that you have the right to access your personal data, we might need to ask you for certain information (or to exercise any of your other rights). This is a security safeguard to make sure that personal information is not given to someone who shouldn't have access to it. In order to respond to your request more quickly, we might possibly get in touch with you and ask you for more details.

We make an effort to respond to all valid inquiries within one calendar month. If your request is exceptionally complicated or you have submitted several requests, it may occasionally take us longer than one calendar month to process them. In this scenario, we'll let you know and keep you informed.

• Facebook

This is to let you know that, after getting your permission Grab Visa will only pull and use the bare minimum of information from your Facebook profile, including your name, email address, gender, and profile photo. This information is only used by us to sign up for and log into Grab Visa. Grab Visa will not access any of your Facebook-related activity.

deleting information from Facebook accounts If you want to have this information deleted from our system, send an email to using your registered email address. Your data will be erased by us within 72 hours, and you will receive a confirmation email after it has been done so.

Please take notice that Grab Visa will delete both your user profile and all of your booking information. This information can't be recovered later. Thus, before deleting your profile, please make sure that all of the crucial data has been safeguarded.