Privacy
PERSONAL DATA POLICY

This personal data policy ("Policy") sets out sets out the basis on which VOLOPAY CO PTE. LTD. (UEN:201927210H) ("Company") may collect, use, disclose or otherwise process personal data relating to you in accordance with the Personal Data Protection Act 2012 of Singapore ("PDPA"). This Policy applies to personal data in the possession or under the control of the Company, including any organisation that the Company may engage to collect, use, disclose or process personal data for the purposes of the Company.

Personal Data

1. "personal data" is defined under the PDPA to mean "data, whether true or not, about an individual who can be identified:

(a) from that data; or

(b) from that data and other information to which the organisation has or is likely to have access."

2. "Customer Personal Data" means any personal data which you disclose to the Company.

3. If you are an individual user of the services and/or products of the Company, personal data which we may collect includes your:

(a) name (including any alias used by you);

(b) gender;

(c) date of birth;

(d) nationality;

(e) country of residence;

(f) identification number (including NRIC, FIN and passport number);

(g) tax residency;

(h) proof of identity;

(i) proof of residence;

(j) employment information;

(k) financial information;

(l) transaction information;

(m) proof of source of funds.

4. If you are a corporate user of the services and/or products of the Company, Customer Personal Data which we may collect from your directors, shareholders, beneficial owners, employees and any other individual authorised to act on your behalf (each a "Data Subject") includes such information as listed in paragraph 3 above in relation to each Data Subject.

Collection, Use and Disclosure of Personal Data

5. Customer Personal Data will be collected and used by the Company for any one or more of the following purposes:

(a) to assess and evaluate your eligibility for registering an account and/or sub-account(s) with the Company;

(b) to manage the relationship between you and the Company;

(c) to enable the Company to perform its obligations under or in connection with the provision of services and/or products to you;

(d) to maintain legal and regulatory compliance in the jurisdictions in which the Company operates;

(e) to enforce the terms and conditions of any agreement between you and the Company (including this Policy);

(f) to enable the Company to improve its services and/or products and marketing and customer relationships;

(g) to send you updates on the services and/or products of the Company, benefits, promotions and other such promotional material from time to time at the email address and/or contact number provided by you to the Company;

(h) where required under any applicable laws;

(i) where required under any order of court from a court of competent jurisdiction;

(j) for such purposes to which you have given your consent in writing.

(collectively the "Purposes")

6. Unless otherwise permitted or required under the PDPA or any other applicable laws, the Company generally collects Customer Personal Data in the course of or in connection with the registration of an account and/or sub-account(s) with the Company and only after you have:

(a) been notified of the Purposes; and

(b) provided the Company with your written consent to the collection, use and disclosure of Customer Personal Data for the Purposes.

7. You acknowledge and agree that any Customer Personal Data provided to us (whether electronically or otherwise):

(a) is done knowingly and voluntarily by you;

(b) is complete, true and accurate in all respects; and

(c) does not omit anything that affects or is likely to affect the meaning or significance of such personal data in any respect.

8. In order to ensure that Customer Personal Data is complete, true and accurate in all respects, you acknowledge and agree that it is your sole responsibility to update the Company within reasonable time if there are any changes to such Customer Personal Data by informing the data protection officer of the Company in writing or via email at the contact details provided below.

9. In the event that you provide personal data relating to any individual (whether such an individual is a Data Subject or otherwise), you undertake that you have obtained the consent from such individual concerned for the disclosure such personal data relating to them to the 2 Company and for the Company to collect, use and disclose such personal data for the Purposes.

10. The Company reserves the right to request for proof of notification and consent for the disclosure of personal data by an individual under paragraph 9 above. 11. You agree that the Company may disclose Customer Personal Data to:

(a) any governmental agency or regulatory authority of any jurisdiction properly exercising its powers;

(b) professional advisers of the Company;

(c) parties providing services and/or products to the Company (including information technology services, know-your-client and anti-money laundering compliance services providers);

(d) related corporations of the Company ("related corporation" as defined under the Companies Act (Cap. 50) of Singapore), if any;

(e) entities that the Company is in discussions with for a merger or an acquisition of the Company by such other entities;

(f) entities that acquire the assets of the Company pursuant to any applicable law, including the laws of insolvency in Singapore;

(g) entities pursuant to any order of court from a court of competent jurisdiction.

12. You acknowledge and agree that the Company may continue to use and disclose Customer Personal Data for a reasonable period following the termination of the relationship between you and the Company for any one or more of the following purposes:

(a) to allow the Company to fulfil its outstanding obligations to you under any agreement between you and the Company, if any;

(b) to allow the Company to enforce its rights under any agreement between you and the Company, if any;

(c) for such purposes to which you have given your consent in writing;

(d) where required under any applicable laws;

(e) where required under any order of court from a court of competent jurisdiction.

Information from Third-Party Sources

13. From time to time, the Company may obtain information about you and/or your Data Subject(s) from third-party sources as required or permitted by applicable laws, including from:

(a) public databases;

(b) credit bureaus;

(c) ID verification partners; and

(d) social media platforms.

14. ID verification partners may use a combination of government records and publicly available information about you to verify your identity, including the following information relating to you:

(a) name;

(b) address;

(c) employment information;

(d) public employment profile (where applicable);

(e) credit history; and

(f) status on sanctions lists maintained by public authorities (where applicable).

15. The Company obtains such information from third-party sources to comply with its legal obligations, including applicable anti-money laundering laws and to ensure that the services and/or products of the Company are not used fraudulently or for other illicit activities.

Retention of Customer Personal Data

16. Subject to any applicable laws, the Company may retain Customer Personal Data for as long as it is necessary to fulfil the Purposes or in accordance with paragraph 12 above (as the case may be).

17. The Company shall cease to retain Customer Personal Data or otherwise remove the means by which such Customer Personal Data can be associated with Data Subjects as soon as, in the opinion of the Company, it is reasonable to assume that such retention no longer services the purposes for which the Customer Personal Data was collected and is no longer necessary for the Purposes.

Protection of Customer Personal Data

18. To safeguard Customer Personal Data from unauthorised access, collection, use, disclosure, copying, modification, disposal or similar risks, the Company has introduced appropriate administrative, physical and technical measures (including up-to-date antivirus protection, encryption and use of privacy filters) to secure all storage and transmission of Customer Personal Data by the Company.

19. Any disclosure of Customer Personal Data (whether internally or otherwise) will only be carried out on a need-to-know basis.

20. You acknowledge and agree that no method of transmission over the internet or method of electronic storage is completely secure and the Company makes no representation and/or warranty (whether express or implied) that there will be no unauthorised:

(a) access to the Customer Personal Data;

(b) copying of the Customer Personal Data; and/or

(c) disposal of the Customer Personal Data.

21. You agree that, save for any wilful default or fraud on the part of the Company or its directors, officers, employees, representatives and/or agents (each a "Relevant Person"), no Relevant Person shall be liable to you for any losses, liabilities, damages, costs and/or expenses (including any direct, indirect, incidental, special, consequential or punitive damages or economic loss or any claims for loss of profits or loss of use) arising from or in connection with this Policy.

Access and Correction of Customer Personal Data

22. You may make any one or more of the following requests in writing or via email to our data protection officer at the contact details provided below:

(a) an access request for access to a copy of the Customer Personal Data or information on the ways in which we use or disclose the Customer Personal Data;

(b) a correction request to correct or update any Customer Personal Data.

23. Please note that depending on the request that is being made, the Company may only need to provide you with access to the Customer Personal Data contained in the documents requested, and not to the entire documents themselves, in which case it may be appropriate for the Company to instead provide you with a confirmation of the Customer Personal Data that our organisation has on record if the record of the Customer Personal Data forms a negligible part of the document.

24. Where the Company is unable to comply with any request under paragraph 22 above, the Company shall inform you of the reason(s) for being unable to do so.

Transfer of Customer Personal Data outside of Singapore

25. In the even that the Company and/or its services providers store, transfer or otherwise process Customer Personal Data outside of Singapore, the Company shall take steps to ensure that the Customer Personal Data continues to receive a standard of protection that is at least comparable to that provided under the PDPA.

26. In the event that you provide personal data relating to any individual (whether such an individual is a Data Subject or otherwise), you undertake that you have obtained the consent from such individual concerned for the transfer of personal data relating to such individual outside of Singapore.

27. The Company reserves the right to request for proof of notification and consent for the disclosure of personal data by an individual under paragraph 26 above.

Consent and Withdrawal of Consent

28. In providing any Customer Personal Data, you acknowledge and agree that you have read, understood and agreed to this Policy and consent to the use, disclosure and/or processing of the Customer Personal Data for the Purposes ("Consent").

29. Your Consent shall remain valid until such time as withdrawn by you in writing or, subject to paragraph 12 above, following the termination of the relationship between you and the Company.

30. You may withdraw your Consent (whether in part or in whole) at any time in writing or via email to the data protection officer of the Company at the details below ("Withdrawal Request").

31. Upon receipt of a Withdrawal Request, the Company will inform you of the likely consequences of withdrawing your Consent (whether in part or in whole) and the Company will cease collecting, using or disclosing Customer Personal Data save in accordance with this Policy.

Data Protection Officer

32. You may contact the data protection officer of the Company for any enquiries or feedback or as stated in this Policy as follows:

Name : Rohit Bhageria
Address : 152 Beach Road, #28-00 Gateway East Singapore,189721
Email Address : [email protected]
Telephone Number : +65 8535 4016


Changes to Policy

33. This Policy applies in conjunction with any other notices, contractual clauses, and consent clauses that apply in relation to the collection, use and disclosure of Customer Personal Data by the Company.

34. The Company may revise this Policy from time to time without any prior notice and you acknowledge and agree that it is your sole responsibility to keep up to date with any revisions to this Policy.

35. Your continued use of any service and/or product provided by the Company shall constitute your acknowledgement and acceptance of any revisions to this Policy.