PRIVACY & COOKIES POLICY
Last
Updated: 15/06/2023
We take your privacy seriously and
are committed to providing a safe online experience. We believe in being
transparent about our practices, which is why we have provided this Privacy
& Cookies Policy (“Policy”) to explain how we collect, use and
disclose your Personal Data (described below), and how you have control over
your Personal Data.
All abbreviations or definitions
used in our Terms of Service are adopted herein.
1. This
Policy
1.1
This Policy describes how your
information, including Personal Data, will be collected, used and shared in
connection with your use of our Site and/or Services, our legal basis for doing
so as well as your rights and choices regarding the information you provide to
us. This Policy is intended to meet the requirements of the Personal Data
Protection Act of Singapore (“PDPA”).
1.2
We reserve the right to update this
Policy from time to time. You should periodically visit this page to review the
current terms of this Policy so that you are aware of any updated terms to
which you are bound. If we do so, we will either notify you via e-mail or post
the changes to this Policy on this page and update the “Last Updated” date at
the top of this Policy as the effective date of change. However, any changes
will not apply retrospectively.
1.3
By using, or continuing to use, our
Site and/or Services, you agree that you have read and understood this Policy,
and you consent to our use of your information in accordance with this Policy.
1.4
If you have any questions about this
Policy or our practices, please contact at [email protected]
2. Your Rights
2.1
You have the following rights under
this Policy to:
a.
Request access to your Personal Data. This
enables you to receive a copy of the Personal Data we hold about you.
b.
Request correction of the Personal Data
that we hold about you. This enables you to have any
incomplete or inaccurate information we hold about you corrected.
c.
Request erasure of your Personal Data. This
enables you to ask us to delete or remove Personal Data where there is no good
reason for us continuing to process it.
d.
Withdraw consent. This
enable you to withdraw your consent given to us to process your Personal Data.
If you withdraw your consent, we may not be able to provide you with access to
the certain specific functionalities of our Site and/or Services. We will
advise you if this is the case at the time you withdraw your consent.
3. How to
exercise your rights
3.1
If you wish to exercise the rights
under paragraph 2 above, please:
i.
address your request in writing to the DPO Contact;
ii.
provide us with sufficient information, or we may request
for further information, for us to verify your identity as our security
measures to ensure that Personal Data is not disclosed to any person who has no
right to receive it; and
iii.
specify the right which you wish to exercise and identify
the relevant Personal Data for this purpose.
3.2
We will endeavor to respond to all
legitimate requests within thirty (30) days unless your request is particularly
complex or you have made multiple requests. Typically, you will not have to pay
a fee to access your Personal Data (or to exercise any of the other rights).
However, if your request is clearly unfounded, repetitive or excessive, we may
charge a reasonable administrative fee or refuse to comply with your request in
these circumstances.
4. Types of
Data that we collect
4.1
Personal
Data that you provide directly to us. When you use our Site and/or Services, your
Personal Data may be collected by us through your voluntary submission (e.g.
when you contact us or when you sign up for an account with us).
“Personal Data” means data
that may enable us to identify you personally, including data about a person
who can be identified (i) from that data, or (ii) from that data and other
information to which we have or are likely to have access.
4.2
Personal
data from third party sources. We may also collect certain of your Personal Data
from third party sources, for example, from credit reporting agencies, social
media sites, our affiliates, analytics providers, advertisers, data brokers,
and identity verification and compliance service providers.
4.3
Non-Identifiable
or Aggregated Data. When
you interact with us through our Site, we may receive and store certain
personally non-identifiable information. Such information, which is collected
passively using various technologies, which cannot presently be used to specifically
identify you. We may store such information itself or such information may be
included in databases owned and maintained by our affiliates, agents or service
providers. We may use such information and pool it with other information to
track, for example, the total number of visitors to the Site, the number of
visitors to each page of the Site, the domain names of our visitors' Internet
service providers, and how users use and interact with our Services. Also, in an ongoing effort to better understand and serve users of our Services, we
often conduct research on our customer demographics, interests and behavior
based on Personal Data and other information provided to us. This research may
be compiled and analyzed on an aggregate basis. We may share such
non-identifiable and aggregate data with our affiliates, agents and business
partners, but this type of non-identifiable and aggregate information does not
identify you personally. We may also disclose aggregated user statistics in
order to describe our Services to current and prospective business partners,
and to other third parties for other lawful purposes. However, if we combine or
connect such non-identifiable or aggregated data with your Personal Data so that
it can directly or indirectly identify you, we treat the combined data as
Personal Data which will be used in accordance with this Privacy.
5. Consent
and Withdrawal
5.1
By interacting with us using your
Personal Data, or voluntarily submitting your Personal Data to us when using
the Site and/or Services, you agree and consent to providing your Personal Data
and the manner in which your Personal Data will be handled as set forth in this
Policy.
5.2
You may, by notice in writing to us,
withdraw your consent to providing your Personal Data to us. We shall endeavor
to cease processing your Personal Data, destroy or delete the information, or
remove the means by which the data can be associated with you within thirty
(30) days from the receipt of the said notice, unless its retention is required
to satisfy legal, regulatory, accounting or other business requirements or to
protect our interests.
5.3
You may decline to provide us with
your Personal Data. If you choose not to provide any Personal Data whenever required
by us, this may limit your ability to use certain features of the Site and/or
Services, or we might not be able to adequately deliver our Services to you.
6. How we
use your Personal Data
6.1
Our primary objective in collecting
and using your Personal Data is to provide, facilitate, personalize, and/or
improve our Site and/or Services. Below are the more detailed examples of
relevant purposes for which we may use your Personal Data:
a.
Providing, updating, and maintaining the Site and/or
Services, business and client databases, including to facilitate and fulfil our
transactions with you, including to process payment transactions;
b.
Conducting research and development, including performing
market, demographic or trend analysis/survey for research and marketing
purposes, and for data aggregation and analytics;
c.
Communicating with users about our Services, including interact with you via social media platforms, and to improve or personalise
your online experience with us;
d.
Providing customer support, including contacting you
regarding any complaints, feedback, queries or requests;
e.
Enhancing security, including to facilitate
investigations into any suspicious or illegal activity on the Site or relating
to the use of our Services;
f.
Communicating with you for the purposes of marketing,
promoting and driving engagement in respect of our Services and third-party
products and services which may be of interest to you based on your
interactions with us. Such communication may be in the form of postal mails,
emails, text messages, social media channels, newsletters, brochures or other
printed or digital communication;
g.
Complying with applicable law, legal process and
regulations and protecting legitimate business interests;
h.
internal administrative and management purposes;
i.
any purposes exempted under the applicable laws;
j.
any other purposes reasonably relate to the aforesaid.
6.2
If we intend to use, handle or
process any Personal Data in any manner that is not consistent with this
Policy, you will be notified in accordance with paragraph 1.2 above.
7. Use of
Cookies and Similar Technologies
7.1
Cookies
In order to improve our Services, we
may collect data by way of “cookies”. A cookie is a small text file containing
small amounts of information which are automatically downloaded into your
computer (or other electronic device) when you access to the Site. Cookies help
us to measure the number of visits, average time spent, page views and other
statistics relating to your access to the Site. This information allows us to better
administer the Site, and provide a more tailored and user-friendly service to
users. Cookies also enable you to use or access certain features or services of
the Site. Each time you visit the Site from the same computer or device, the
cookie will be retrieved from your computer or device, enabling the Site to
recognise your computer or device as having previously visited the Site and
thereby increase the functionality of the Site on your computer or device.
Therefore, generally, we use cookies to:
a.
recognise your browser as a previous visitor and save any
preferences that may have been set during your last visit to the Site;
b.
obtain information about your preferences, online
movements and use of the Internet;
c.
track website analytics and carry out research and
statistical analysis to help improve our content, products and services and to
help us better understand our visitors’ or customers’ requirements and
interests;
d.
customise and target our marketing and advertising
campaigns and those of our partners more effectively by providing personalised
interest-based advertisements;
e.
measure and research the effectiveness of our interactive
online content, features, advertisements, and other communications;
f.
make your online experience more efficient and enjoyable.
The information we obtain from our
use of cookies will not usually contain your Personal Data. Although we may
obtain information about your computer or other electronic device such as your
IP address, your browser and/or other internet log information, this will not
usually identify you personally.
In most cases, we will obtain your
consent in order to use cookies on the Site. The exception is where the cookies
are strictly necessary in order for us to operate the Site and/or to provide
you with a service you have requested. Most web browsers and devices can be set
to notify you when you receive a cookie or to prevent cookies from being sent.
If you use these features, you may limit the functionality we can provide you
when you visit the Site. You are free to block, delete, or disable the cookies
if your device permits so. You can manage your cookies and your cookie
preferences in your browser or device settings.
7.2
Third-Party
Cookies
Third-party cookies are set by
third-party sites separate from the Site. We work with third-party service
providers who are authorised to place third-party cookies and may also set
cookies on the Site. These third-party service providers are responsible for
the cookies they set on the Site. If you want further information, please visit
the website of the relevant third party. If you would like to opt-out of all
other types of technologies we employ on the Site, you may do so by changing
your browser settings to block, delete or disable these technologies as your
browser or device permits.
7.3
Log Files
Log file information is
automatically reported by your browser each time you access a web page. When
you use the Site, our servers automatically record certain information your web
browser sends whenever you visit any website. These server logs may include
information such as your web request, Internet Protocol address, browser type,
referring / exit pages and URLs, number of clicks, domain names, landing pages,
pages viewed, and other such information.
7.4
Clear GIFs
Information (Web Beacons)
When you use the Site, we may employ
clear GIFs (also known as web beacons or tracking pixels) to anonymously track
online usage patterns. No personally identifiable information about you is
collected using these clear GIFs. In addition, we may also use clear GIFs in
HTML-based emails sent to our users to track which emails are opened by
recipients. The information collected is used to enable more accurate reporting
and make the Site better for users.
8. How we
share your information
8.1
We are not in the business of
selling your information. There are, however, certain circumstances in which we
may share your Personal Data with certain third parties without further notice
to you, such as with:
a.
Our Affiliates and Third-Party Partners. Certain
authorised affiliates may access your Personal Data to help us develop,
maintain and provide our Services and help manage our customer relationships
(including providing customer support, customer liaison, delivery service,
etc). We may also share your Personal Data with our business partners whom we
collaborate in providing our Services, in which case these third parties are
prohibited from using your Personal Data for purposes not relevant to their
engagement or services.
b.
Our Service Providers. Our
service providers provide us support for our Services, including, for example,
website and application development, hosting, maintenance, security, backup,
storage, virtual infrastructure, payment processing, analysis, identity
verification, background and compliance reviews, banking services, delivery
services and other services for us, which may require them to access or use
Personal Data about you. These third parties are prohibited from using your
Personal Data for purposes not relevant to their engagement or services.
c.
Our Professional Advisors. Our
lawyers, accountants, bankers, auditors and insurers may need to review your
Personal Data to provide consultancy, compliance, banking, legal, insurance,
accounting and similar services. These third parties are prohibited from using
your Personal Data for purposes not relevant to their engagement or services.
d.
Governmental Authorities or Agencies. We
may disclose your Personal Data to governmental authorities or agencies if we
believe it is reasonably necessary to comply with a law, regulation, order,
subpoena, rule of a self-regulatory organization or audit or to protect the
safety of any person, to address fraud, security or technical issues, or to
protect our legal rights, interests and the interests of others, such as, for
example, in connection with the acquisition, merger or sale of securities or a
business (e.g. due diligence). We will not share your Personal Data with
non-governmental entities, except where such entities have been duly authorised
to carry out specific governmental activities.
8.2
As we develop our business, we might
sell or buy businesses or assets. In the event of a corporate sale, merger,
reorganization, dissolution or similar event, Personal Data may be part of the
transferred assets.
8.3
We may also share non-Personal Data
(such as anonymous usage data, referring/exit pages and URLs, platform types,
number of clicks, etc.) with interested third parties to help them understand
the usage patterns for certain Services or conduct independent research based
on such anonymous usage data.
8.4
If you request that we remove your
Personal Data in exercise of your rights, we will convey that request to any
third-party with whom we have shared your data. We are not, however,
responsible for revising or removing your Personal Data obtained by any third
party who has previously been provided your information by us in accordance
with this Policy or any third party to whom you have provided such information
(whether by sharing your login and password, or otherwise).
8.5
Recipients of your Personal Data may
be located outside Singapore. You agree that we may transfer your Personal Data
to our affiliates, subsidiaries and/or other authorised third parties located
outside of Singapore, as long as the Personal Data is handled in accordance
with this Policy and all applicable laws.
9. Period of
retention
Personal Data provided by you will
be retained and stored as long as the purpose for which the data was required
continues, unless you request that we remove your Personal Data in exercise of
your rights. Thereafter, we will destroy or delete the information, or remove
the means by which the data can be associated with you, unless its retention is
required to satisfy legal, regulatory, accounting or other business requirements
or to protect our interests. We will however periodically review the data we
hold, and erase or anonymise it when we no longer need it.
10.
Information About Others
If you give us information on behalf
of someone else, you warrant that you have obtained the authorisation from that
person to provide such Personal Data on his/her behalf and that other person
has agreed that you can act on his or her behalf and (i) give consent on his or
her behalf to the processing of his or her Personal Data in accordance with
this Policy; (ii) receive on his or her behalf any data protection notices; and
(iii) give consent to the use and transfer of his or her Personal Data abroad
in accordance with this Policy. You agree to indemnify and hold harmless Sevamall Tech Pte. Ltd. and our shareholders, directors, officers, employees, agents,
contractors or affiliates from any claim that such authority did not exist.
11. Security
11.1
We use industry-standard physical,
managerial, and technical safeguards to preserve the integrity and security of
your Personal Data from loss, misuse, and unauthorised access or collection,
disclosure, alteration, or destruction. We limit access to your Personal Data
to those employees who have a business need to have such access. All such
people are subject to a contractual duty of confidentiality. We cannot,
however, ensure or warrant the security of any information you transmit to us
or guarantee that your information through our Services may not be accessed,
disclosed, altered, or destroyed by a breach of any of our physical,
managerial, or technical safeguards.
11.2
While we will use all reasonable
efforts to safeguard Personal Data, you acknowledge that the use of the
Internet is not entirely secure and for this reason we cannot guarantee the
security or integrity of any Personal Data that are transferred from you or to
you via the Internet.
12.
Monitoring and Checking
12.1
We may monitor and record communications
with you (such as telephone conversations and emails) for the purpose of
quality assurance, training, fraud prevention and compliance.
12.2
For the prevention of fraud and
money laundering, we may search the files of credit reference from fraud prevention
agencies (who will record the search). If you provide false or inaccurate
information and we suspect fraud, we may disclose information about how your
interaction with the Site and/or Services to such agencies and if the situation
warrants it, we may have to report to law enforcement authorities.
12.3
We may preserve the content of any
email or "Contact Us" or other electronic message that we receive.
Any Personal Data contained in those messages will only be used or disclosed in
the manners set out in this Policy.
The message content may be monitored
by our service providers or employees for purposes, including but not limited
to, compliance, auditing and maintenance or where email abuse is suspected.
13.
Exclusions
13.1
This Policy applies to all users of
the Site and/or Services only. While you may encounter links on the Site to
other websites, such as those relating to our third party partners, advertisers
and other parties whom we collaborate with (“Third Party Platforms”),
this Policy does not apply to the activities of such Third Party Platforms that
may collect your Personal Data when you access or use such third party’s
services. The privacy practices of those third parties are not covered by this
Policy. The links from the Site do not imply that we endorse or have reviewed
the policies of such Third Party Platforms. We suggest you to contact those
platforms directly for information on their terms and conditions or policies.
13.2
This Policy shall not apply to any
unsolicited information you provide to us through the Site or any other means.
This includes, but not limited to, information posted to any public areas of
the Site, such as message boards, any ideas or feedback, and other unsolicited
submissions (collectively, “Unsolicited Information”). All Unsolicited
Information shall be deemed to be non-confidential and we shall be free to
reproduce, use, disclose, distribute and exploit such Unsolicited Information
without limitation or attribution.
14.
Governing Law and Dispute Resolution
Irrespective of the country from
which you access or use the Site and/or Services, to the extent permitted by
law, this Policy shall be governed in accordance with the laws of Singapore
without regard to choice or conflicts of law principles, and you hereby agree to
submit to the exclusive jurisdiction of the courts of Singapore to resolve any
claims or disputes which may arise in connection with this Policy.