Privacy Policy for One2Go

1. Introduction

Welcome to One2Go, a flexible short-term accommodation booking platform serving customers across Saudi Arabia, the Gulf Cooperation Council (GCC) countries, and internationally. We are committed to protecting your privacy and ensuring the security of your personal information in accordance with applicable laws in each jurisdiction where we operate.

This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application and website (collectively, the "Platform"). This policy applies to all users regardless of their location, with specific provisions for users in Saudi Arabia, GCC countries, the European Union, and other jurisdictions.

By accessing or using One2Go, you agree to the terms of this Privacy Policy. If you do not agree with our policies and practices, please do not use our Platform.

1.1 Jurisdictional Scope

One2Go operates across multiple jurisdictions and complies with:

• Saudi Arabia: Personal Data Protection Law (PDPL), National Cyber Security Authority (NCA) regulations, and E-Commerce Law
• GCC Countries: UAE Data Protection Law, Qatar Data Privacy Law, Bahrain Personal Data Protection Law, Kuwait Data Protection Law, and Oman Data Protection Law
• European Union: General Data Protection Regulation (GDPR) for EU residents
• International: Applicable data protection laws in countries where our services are accessed

2. Information We Collect

2.1 Personal Information You Provide

When you use One2Go, we may collect:

• Account Information: Name, email address, phone number, password, and profile picture
• Identity Verification: Government-issued ID, date of birth (for vendors)
• Payment Information: Credit/debit card details, billing address, payment transaction history
• Booking Information: Check-in/check-out dates, number of guests, room preferences, special requests
• Communication Data: Messages through our chat system
• Business Information (Vendors): Business name, license, tax ID, property details, pricing, amenities

2.2 Information Collected Automatically

• Device information (IP, device type, OS, browser)
• Usage data (pages viewed, features used, search queries)
• Location data (approximate or precise with permission)
• Cookies and tracking technologies

2.3 Information from Third Parties

We may receive information from payment processors, identity verification services, social media (if linked), and business partners.

3. How We Use Your Information

We use your information for: Service Delivery— bookings, payments, support; Platform Improvement—analytics, new features, personalization; Security & Fraud Prevention—verification, incident detection; Marketing & Communications—confirmations, offers (with consent), notifications; Legal Compliance—taxes, regulations, authorities.

4. How We Share Your Information

We may share information with vendors and guests for bookings; service providers (payment processors, cloud hosting, analytics, support); for legal reasons; in connection with business transfers; and with your explicit consent.

5. Data Retention

We retain your information as long as necessary to provide services, comply with legal obligations, resolve disputes, and maintain records. When no longer needed, we securely delete or anonymize it.

6. Your Rights and Choices

Depending on your location, you may have rights to: access and portability; correction; deletion/erasure; opt-out of marketing and cookies; restriction and objection; and jurisdiction-specific rights (e.g. GDPR, CCPA/CPRA, PDPL).

How to Exercise Your Rights

• Email: privacy@one2go.com (or regional addresses in Section 14)
• Account Settings: access controls in your account
• Support Center: contact customer support
• Written request to our mailing address

We respond within timeframes required by law (e.g. 30 days Saudi/GCC, 1 month EU, 45 days California). We may verify your identity before processing requests.

7. Data Security

We implement encryption, secure authentication, access controls, regular security assessments, NCA compliance, and employee training. No internet transmission is 100% secure; we cannot guarantee absolute security.

8. International Data Transfers

Your information may be transferred to Saudi Arabia, GCC countries, and other jurisdictions where we or our service providers operate. We use Standard Contractual Clauses, adequacy decisions, encryption, and vendor agreements to protect your data.

9. Children's Privacy

The Platform is not intended for minors (under 18 in Saudi/GCC, under 16 in EU, or age of majority elsewhere). We do not knowingly collect children's data. If you believe we have, contact privacy@one2go.com.

10. Third-Party Links and Services

We may link to third-party sites. We are not responsible for their privacy practices. Please review their policies before sharing personal information.

11. Cookies and Tracking

We use essential, performance, functionality, and marketing cookies. You can control cookies through your browser settings; disabling some may affect Platform functionality.

12. Updates to This Policy

We may update this Privacy Policy. We will notify you of material changes by posting the updated policy, email (for significant changes), or a prominent notice. Continued use after changes constitutes acceptance.

13. Regional and International Compliance

One2Go complies with Saudi PDPL and NCA regulations, GCC data protection laws (UAE, Qatar, Bahrain, Kuwait, Oman), EU/UK GDPR, and other applicable laws (e.g. CCPA, PIPEDA, Privacy Act Australia).

14. Contact Us

For questions about this Privacy Policy or our data practices:

• Email: privacy@one2go.com
• Support: support@one2go.com
• Data Protection Officer: dpo@one2go.com

Regional contacts: Saudi Arabia — privacy.sa@one2go.com; UAE — privacy.ae@one2go.com; Qatar — privacy.qa@one2go.com; Bahrain — privacy.bh@one2go.com; Kuwait — privacy.kw@one2go.com; Oman — privacy.om@one2go.com; EU — privacy.eu@one2go.com.

Visit our Contact page →

15–20. Additional Sections

Full details on vendor-specific practices, guest booking information, data protection officer, California/other U.S. state rights, UK/Canada/Australia rights, automated decision-making, data breach notification, and consent/legal basis are available in our complete policy document. For any of these topics, please contact us at privacy@one2go.com or dpo@one2go.com.