We take our responsibilities under the personal data protection laws, including Singapore Personal Data Protection Act 2012, seriously. We also recognise the importance of the personal data you have entrusted to us and believe that it is our responsibility to properly manage, protect and process your personal data.
If you, at any time, have any queries on this policy or any other queries in relation to how we may manage, protect and/or process your personal data, please do not hesitate to contact our Data Protection Officer (the “DPO”) at the contact details below.
In addition, our Website and our Platform may, from time to time, contain links to and from the websites of our partner networks, advertisers, affiliates or other third parties. If you follow a link to any of these third-party sites, please note that these sites are not owned, operated or controlled by us. They are governed by their own privacy policies. Hence, we do not accept any responsibility or liability arising from your access or use of these third-party sites, including but not limited to those relating to their processing of your personal data. You acknowledge and accept that you access and provide your personal data to these third party sites at your own risk.
2. Personal data we collect
We may collect and process the following types of information from you:
a) Contact Information
When you establish any contact with us, e.g., making an enquiry on our Website, emailing our representative, or registering your interest with us, etc., we may collect your name and contact information, including your email address and your contact number, to respond to you. We will also use your contact information to further communicate with you for purposes related to the provision of our services to you as our client (including prospective client).
b) Client Information
In addition to Contact Information, we collect and process personal data about our clients, including but not limited to the following:
Personal and financial information about you which you provide to us during your onboarding as our client, including but not limited to your national identification number, passport number, age, date of birth, gender, marital status, occupation, nationality, residency, residential address, income, assets, wealth;
Personal and financial information about your family members which you provide to us during your onboarding as our client, including but not limited to their national identification number, passport number, age, date of birth, gender, marital status, occupation, nationality, residency, residential address, income, assets, wealth;
Internal notes, records and information about you through your interactions with us as our client;
Information about you, which is available publicly, e.g., online or social media;
Information about you obtained from third parties including banks, credit agencies, regulatory bodies, or other client(s) through whom you were referred to us; and
Information about you which you have otherwise provided to us or collected by us through your communications with us, including but not limited to record of our communication with you.
c) Other Information
To better serve you, we collect and process other information related to you, including:
Information from cookies when you visit our website; and
Information from activity logs when you use our Website and/or our Platform
Please refer to our Cookies Policy below for further information on how we process information collected by Cookies. You may select your Cookies and/or privacy preferences when interacting with our Website and/or our Platform.
Types of Cookies used by our Website and our Platform include the following:
Functionality Cookies – they allow you to access features that are fundamental to a service, e.g. choice of language, information relating to your session including content and product optimization, preferences etc.;
Security Cookies – they are used to authenticate users to ensure that only the actual owner of an account can access that account; and
Analytics Cookies – they help to collect data and allows services to understand how you interact with a particular service.
You have the ability to accept or decline cookies by modifying the setting in your browser. If you would like to do this, please see the help menu of your browser. However, you may not be able to use all the interactive features of our Website if cookies are disabled.
4. How we use your personal data
Generally, we may use, record, systemize, store, update, modify, retrieve, share, disclose, delete or otherwise process your personal data for the following purposes, using manual or automated means for the following purposes:
to contact you through the contact information provided by you in order to provide you with the information that you request from us through email, text messages, notifications, alerts and other communications to you;
to check or verify your identity and/or evaluate your financial needs and provide recommendations of suitable financial products and services to you which may be offered by us to you or by third-party partners to you through our Website and/or our Platform;
to customize and personalize content, customer and product services to you;
to provide, manage, operate, process and administer our services to you, including services agreed under contract, customer, content, product services, technical support and/or responses to you;
to assess, process, administer, implement and effect your requests in the use of our services, our Website, and/or our Platform;
to send marketing communications and informational newsletters if you have requested, opted-in to or otherwise agreed to receive;
to improve the quality of your experiences and/or our provision of products and services to you, including sending customer surveys and feedback forms to you for completion;
to contact you as may from time to time be necessary in connection with your use of our services, Website, and/or our Platform;
to keep your account information updated to ensure accuracy of information;
to store, host and/or back up (whether for disaster recovery or otherwise) your personal data, whether within or outside the location of collection and/or processing for purposes of providing our services to you and for record-keeping purposes;
to conduct research, analysis and development activities (including but not limited to data analytics, surveys and/or profiling) to improve our Website, our Platform, services and facilities in order to enhance the services we provide to you, where you have consented to be contacted for such purposes;
to comply with legal and regulatory requirements, our company policies and procedures as may be applicable from time to time, including but not limited to responding to legal process, governmental or regulatory bodies, pursuing legal rights and remedies, defending litigation and managing any complaints or claims, investigations, audit and compliance purposes; and/or
any other reasonable purposes related to the above.
Without prejudice to the above, we generally do not collect and process your personal data unless:
a) it is provided to us voluntarily by you directly or via a third party who has been duly authorized by you to disclose your personal data to us;
b) it is necessary for the performance of our services under the contract; or
c) such collection and use of personal data without consent is permitted or required by the PDPA or other laws.
We shall seek your consent before collecting any additional personal data and before using your personal data for a purpose which has not been notified to you (except where permitted or authorized by law).
If you have given us consent to receive marketing and promotional information through electronic mail, our Website and/or our Platform, we may from time to time contact you through the respective channels to provide you with marketing, promotional information and updates about our products and services. We may also seek your consent and notify you separately of the purposes of the collection, use and disclosure of your personal data from time to time with respect to particular products and services. Any consent that you have given for marketing purposes is not affected by termination of providing our products or services to you.
If you have requested for us to contact you via telephone calls, SMS/MMS and/or fax using the telephone number(s) to provide you with information about our products and services that you have provided to us, you hereby consent that we may contact you via telephone calls, SMS/MMS and fax using such telephone number(s) to send you marketing messages regarding these products and services.
6. Disclosure of your personal data
Your personal data may be used, disclosed, maintained, accessed, processed and/or transferred to the following third parties, whether sited in or outside of the location of collection and/or processing, for one or more of the purposes set out above. We may share your personal data with the following:
Within our group of companies, e.g. with our subsidiaries and affiliate companies;
third party service providers which require the processing of your data, for example, third party service providers which have been engaged by us to:
to provide and maintain any IT equipment used to store and access your personal data;
to host and maintain our Website and/or our Platform; or
otherwise in connection with the provision of certain services provided to you on or via our Website and/or our Platform;
our auditors and legal advisors;
public and governmental/regulatory authorities, statutory boards, industry associations;
courts and other alternative dispute forums; and/or
any other party to whom you have consented the disclosure of your personal data.
In certain circumstances we may provide third parties (whether or not located in the location of collection and/or processing) with aggregate information about our Website and/or our Platform’s users. This may include information about your device(s), including where available your IP address, operating system and browser type, for system administration and to report aggregate information to our advertisers. This is statistical data about our users’ browsing actions and patterns and does not identify any individual.
We are not responsible for the use (or misuse) of your personal data by any of our partners or third-party service providers.
In the event of merger, acquisition, takeover, bankruptcy, liquidation, transfer of the business or assets, we may disclose, share, transfer your information to the prospective acquiror and/or other relevant third-parties. We will make sure that any such transfer is done in a secure way.
Please rest assured that we never sell or rent your personal data.
7. Transfer of your personal data outside of the location of collection and/or processing
The personal data that we collect from you may be transferred to, used, processed and stored outside of the location of collection and/or processing for one or more of the purposes set out above. By submitting your personal data and/or using our Website and/or our Platform, you agree and consent to such transfer, storing or processing.
We have entered into contractual undertakings to ensure that the personal data which we collect from you and transfer to our service providers (whether or not located in the location of collection and/or processing) is adequately protected.
We will take reasonable steps to maintain appropriate physical, technical and administrative security to help prevent loss, misuse, unauthorized access, disclosure or modification of your personal information.
8. Security of your personal data
We adopt appropriate organizational safeguards and security measures to protect your personal data from being accidentally lost, used or accessed in an unauthorized way, altered or disclosed. Our measures include but are not limited to the following:
a) The entire system and user information storage is deployed in the highly secured AWS data center;
b) Conduct system security audits on a regular basis;
c) Conduct a series of precautionary measures, such as implementing data access control, to make sure that user data is accessible to authorized persons only. Employees who have access to user data have signed non-disclosure agreements to ensure security of user data;
d) Utilize cryptographically strong asymmetric encryption algorithm while transmitting data to ensure data security.
9. Retention of your personal data
Please note that we may continue to retain log files for internal record, analysis and regulatory purposes even after you close your account.
As we rely on your personal data to provide products and services to you, you shall ensure that the information provided by you to us is at all times correct, accurate and complete. You shall update us in a timely manner of all changes to the information provided to us. You may update your personal data via the client manager whom you liaise with, or via email to our Data Protection Officer whose contact details are provided below.
11. Access and correction of your personal data
If you wish to make:
a) an access request for access to a copy of the personal data which we hold about you or information about the ways in which we use or disclose your personal data, or
b) a correction request to correct or update any of your personal data which we hold about you;
you may submit your request via email to our Data Protection Officer at the contact details provided below.
Please note that a reasonable fee may be charged for an access request. If so, we will inform you of the fee before processing your request.
We will respond to your request as soon as reasonably possible. In general, our response will be within thirty (30) business days. Should we not be able to respond to your request within thirty (30) days after receiving your request, we will inform you in writing within thirty (30) days of the time by which we will be able to respond to your request. If we are unable to provide you with any personal data or to make a correction requested by you, we shall generally inform you of the reasons why we are unable to do so (except where we are not required to do so under the appliable personal data protection laws).
12. Your rights
We may amend or update this policy from time to time. If we believe that the changes are material, we will let you know by doing one (or more) of the following:
a) Posting the changes on or through the services;
b) Sending you an email or message about the changes; and/or
c) Posting an update in the version notes on our website and/or application.
We encourage you to check back regularly and review any updates.
14. Data Protection Officer