ASNIREZ Logo

Privacy Policy

Effective Date: June 1, 2025  |  Last Updated: June 1, 2025

1. Introduction

Asni Rez (“Company,” “we,” “us,” or “our”) is committed to protecting the privacy and security of your personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard information when you use our platform and related services.

Asni Rez is a B2B travel technology company registered as ASNI REZ Services, operating from Kuala Lumpur, Malaysia, under the parent entity ASNI LTD UK. We operate the brands Asni Tours, Asni API, and Travel Yamu.

Our multi-tenant travel platform enables tour operators, OTAs, and experience brands to build, run, and scale their businesses. Our services include:

  • AI Website Builder — AI-powered travel website generation with page creation, hero sliders, product blocks, and SEO-ready content
  • Booking API Platform — connects tour and activity suppliers with online distribution channels including Viator, TripAdvisor Experiences, and other travel marketplaces
  • Tour Booking Engine — curated tours, multi-day packages, and add-ons in a seamless booking experience
  • Guest Messaging Tool — unified inbox for WhatsApp, Facebook, and email conversations
  • Yamu.Pro — link shortening, tracking, and campaign analytics

This policy applies to all data processed through asnirez.com, asniapi.com, travelyamu.com, yamu.pro, and any related platforms or APIs operated by us.

2. Data We Collect

We collect the following categories of data:

Business Contact Information

  • Name, email address, and phone number of supplier contacts
  • Company name and business registration details

Booking Transaction Data

  • Traveler names
  • Travel dates
  • Tour and activity details
  • Booking reference numbers

Technical Data

  • IP addresses
  • Server logs and API request logs
  • Browser type and device information (when accessing web interfaces)

3. How We Use Data

We use the data we collect for the following purposes:

  • Processing and fulfilling tour and activity bookings
  • Sending transactional email notifications (booking confirmations, cancellations, amendments)
  • Platform operations and service maintenance
  • Fraud prevention and security monitoring
  • Compliance with legal obligations

4. Email Communications

We send transactional emails only. These are triggered by booking activity on our platform and include booking confirmations, cancellations, and amendment notifications.

Our emails are processed and delivered via Mailgun (a Sinch company) through our sending domain asniapi.com.

We do not send marketing emails, newsletters, or promotional communications. We do not purchase, rent, or acquire email lists from any third party. All recipients are business partners with whom we have an existing commercial relationship.

5. Data Sharing

We share data only with parties necessary for our service operations:

  • Relevant booking parties — tour/activity suppliers and distribution partners (e.g., Viator, TripAdvisor Experiences) to fulfill bookings
  • Email delivery provider — Mailgun (Sinch) for transactional email delivery
  • Hosting provider — DigitalOcean for infrastructure and data storage

We never sell, rent, or trade your personal data to third parties for marketing or any other purpose.

6. Data Retention

We retain your data for as long as your business relationship with us exists, plus any additional period required by applicable laws and regulations (e.g., tax, accounting, or legal requirements). When data is no longer needed, it is securely deleted or anonymized.

7. Data Security

We implement appropriate technical and organizational measures to protect your data, including:

  • Encryption of data in transit (TLS/SSL) and at rest
  • Access controls and role-based permissions
  • Secure API protocols and authentication mechanisms
  • Regular security reviews and monitoring

8. Your Rights (GDPR)

If you are located in the European Economic Area (EEA) or the United Kingdom, you have the following rights under the General Data Protection Regulation (GDPR):

  • Right to Access — request a copy of your personal data
  • Right to Rectification — request correction of inaccurate data
  • Right to Erasure — request deletion of your personal data
  • Right to Restrict Processing — request limitation of how we process your data
  • Right to Data Portability — request your data in a machine-readable format
  • Right to Object — object to processing based on legitimate interests

To exercise any of these rights, please contact us at support@asnirez.com. We will respond to your request within 30 days.

9. Cookies

As primarily an API-based service, our platform uses minimal or no cookies. Where cookies are used on our web interfaces, they are limited to essential functionality such as session management. We do not use advertising or third-party tracking cookies.

10. Third-Party Services

Our platform integrates with the following third-party services:

  • Mailgun (Sinch) — transactional email delivery
  • DigitalOcean — cloud hosting and infrastructure
  • Viator / TripAdvisor Experiences — distribution partner integration

Each third-party service operates under its own privacy policy. We encourage you to review their policies for information on how they handle data.

11. Children's Privacy

Our service is a B2B platform directed at businesses and their authorized representatives. It is not directed at individuals under the age of 18. We do not knowingly collect personal data from children. If we become aware that we have collected data from a minor, we will take steps to delete such information promptly.

12. Changes to This Policy

We may update this Privacy Policy from time to time. When we make changes, we will update the “Last Updated” date at the top of this page. For material changes, we will notify affected partners via email or through our platform. We encourage you to review this policy periodically.

13. Contact for Data Inquiries

For any questions, concerns, or requests regarding your personal data or this Privacy Policy, please contact us: