PRIVACY STATEMENT & CONSENT
Last Modified: May 25th, 2020
End User Consent Regarding Personal Data Privacy and Protection
1. By using the software application and services licensed by AFS Technologies and its family of companies (“we”, “our”, “us”) (“Application”), you, the “User”, irrevocably and unconditionally agree to the terms and conditions in relation to the collection, use and disclosure of your Personal Data (as defined below) (“T&Cs”). Please read the T&Cs carefully to confirm your acknowledgement and acceptance.
2. Collection of Personal Data
2.1 We may collect your Personal Data through your use of the Application. In addition, we may collect Personal Data relating to you when you:
(a) register for our services and/or submit any forms (including feedback) relating to our products and services to us online or otherwise;
(b) sign up for our alerts or newsletters;
(c) contact us with enquiries or requests for business expansion or assistance; and/or
(d) are referred to us by business partners or third parties.
2.2 For the purposes of these T&Cs, “Personal Data” refers to any data, whether true or not, about an individual (including, but not limited to, the User) who can be identified from that data, or from that data and other information to which we have or are likely to have access, including data in our records as may be updated from time to time. This may include data such as (a) your name, (b) your National Registration Identity Card (NRIC) information, Foreign Identification Number (FIN) or passport number (as the case may be), (c) your phone number, (d) your date of birth, (e) your residential address, (f) your email address, (g) your screen, logs and operation history of the Application, (h) information which you enter into the Application, (i) your location from time to time derived from the Application and (j) any other Personal Data necessary for our Purposes (as defined in paragraph 4 below).
3. Disclosure of Personal Data
3.1 Your Personal Data may be disclosed by us to (a) partners, licensors, vendors, agents, contractors or third-party service providers who provide operational services for and on behalf of us (b) accounting firms, (b) banks, (c) external advisers (e.g. auditors, lawyers), delivery services, mailing houses, freight and courier services, (d) government authorities and departments, statutory boards, and law enforcement agencies as required by any applicable laws, rules, guidelines and regulations or schemes imposed by any government to bodies and authorities and (e) such persons or organisations necessary for the Purposes (as defined in paragraph 4 below).
3.2 In the event of an actual or prospective business asset transaction (such as any merger, acquisition or asset sale), we may share and disclose your Personal Data with or to any business partner, investor, assignee, or transferee for the purposes of facilitating such a transaction.
3.3 In exceptional circumstances, we may also be required to disclose Personal Data, where there are grounds to believe that disclosure is necessary to prevent a threat to life or health, or for law enforcement purposes.
3.4 In some cases, we shall encrypt, anonymize, and aggregate Personal Data before sharing or disclosing it. Anonymizing means stripping the information of personally identifiable features. Aggregating means presenting the information in groups or segments (e.g. age groups).
4. Use of Personal Data and Purposes
4.1 We may collect, use and disclose your Personal Data for the following purposes:
(a) verifying your identity for access to our application;
(b) fulfil your requests for, and enable your use of, our features, products and services;
(c) evaluation of the effectiveness of the Application and improvement of or other enhancements to the Application;
(d) conclusion and performance of any contracts with our business partners, and the management of a contract;
(e) communicate with you, to respond to your questions or comments, to provide you with updates and news and we may use your information to provide you with personalized content and information;
(f) operations related requirements (including, but not limited to, security and risk management, internal audits and regulatory compliance);
(g) measurement and analysis of the usage condition, examination and handling of errors and malfunctions, and statistics and analysis aimed at the development of new services;
(h) profiling, including, but not limited to, performance of individual and group studies, surveys, analysis and statistical and/or market research;
(i) marketing and sales, including, but not limited to, sending and/or contacting the User (by post, telephone, email and any other form of electronic communication or digital means including social network platforms and other instant messaging applications) regarding information and promotions, newsletters, advertising, catalogues and invitations to events, related to the our products and services; and/or
(j) we may use the information that we collect to improve the AFS family of product offerings, services, as well as our websites and features.
(collectively, the “Purposes”).
5. In Singapore, the collection, use and disclosure of Personal Data are subject to the Personal Data Protection Act (No. 26 of 2012) (the “PDPA”). We conduct our business in compliance with the PDPA, in particular:
5.1 Transfer of Personal Data outside of Singapore
5.1.1 We may access or transfer your Personal Data outside of Singapore (including in the United States of America, Slovakia, Australia, United Kingdom, the People’s Republic of China, Canada or elsewhere) for the Purposes. We will ensure that any of your Personal Data transferred outside of Singapore shall be protected to a standard comparable to the protection under the Personal Data Protection Act of Singapore (No. 26 of 2012) (“PDPA”), and that organisations we work with outside of Singapore in respect of such Personal Data are bound by legally enforceable obligations to provide the transferred Personal Data a standard of protection that is at least comparable to the protection under the PDPA.
5.1.2 We have ensured that the receiving organisation of any transferred Personal Data will be legally bound to give a standard of protection to the transferred Personal Data that is at least comparable to the protection under the PDPA in the following manner:
(a) data transfer agreements between us and the receiving organization in which, amongst others, the receiving organization is legally bound to give a standard of protection to the transferred Personal Data that is at least comparable to the protection under the PDPA
5.2 Withdrawal of User Consent
The User may withdraw consent to the collection, use and/or disclosure of his/her Personal Data by giving us reasonable notice. The User should be aware that the withdrawal of such consent, may result, amongst others, in the User being unable to continue using the Application or any other services offered by us.
The User’s request for withdrawal of consent can take the form of an email or letter to the Data Protection Officer at:
AFS Technologies Inc.
Attn: Chief Technology Officer
5201 W Kennedy, Suite 200
Tampa FL 33609
By Email: privacy@AFSI.com
5.3 Accuracy and Updating of Personal Data
We will strive to keep Personal Data accurate and complete. You warrant and undertake to us that all your Personal Data submitted to us is accurate, true and correct.
Further, when you provide us with any Personal Data relating to a third party, you represent to us that you have obtained the consent of the relevant third party to provide us with their Personal Data unless otherwise provided in the PDPA.
You may request us to correct an error or omission in your Personal Data that we have in our possession or under our control. If there is any Personal Data relating to you that you are unable to correct or update but wish to do so, you may contact our Data Protection Officer (whose contact details are set out below) and we will take appropriate steps to correct or update such Personal Data.
5.4 Security of Personal Data
Safeguarding and respecting the confidentiality of Personal Data is important to us. We will use all reasonable efforts to protect Personal Data to prevent unauthorised access, collection, use, disclosure, copying, modification, disposal or similar risks.
The Personal Data provided to us are stored on secure servers. We also have security measures in place to protect against unauthorized access, collection, use, disclosure, copying, modification, disposal or similar risks of Personal Data under our control. However, please note that we will not be held liable or responsible for any loss, misuse or alteration of Personal Data that may be caused by third parties.
5.5 Access to Personal Data and Respecting Individual’s Consent
If you wish to access the Personal Data that we have relating to you, inquire about the way in which Personal Data relating to you has been used or disclosed by us in the past year, or wish to withdraw your consent to our use of such Personal Data, you may contact our Data Protection Officer (whose contact is set out below) and we will attend to your request as best as we reasonably can. Please note that:
(a) in order for us to provide any Personal Data, we will need to verify your identity and may request further information about your request;
(b) we may refuse access to your Personal Data if it would affect the privacy rights of other persons or if it breaches any confidentiality that attaches to that information;
(c) we may also refuse your request where we are legally permitted to do so and give you such reasons;
(d) you should be aware that we may take a reasonable time to process your application for access as we may need to retrieve Personal Data from storage and review the information in order to determine what information may be provided; and
(e) we may have to charge you a reasonable administrative fee for retrieving Personal Data relating to you.
5.6 Retention of Personal Data
We will only retain Personal Data for only as long as there is a business or legal purpose.
In the event that retention of Personal Data is no longer necessary for any business or legal purposes or when the purpose for which the Personal Data was collected is no longer being served by the retention of the Personal Data, we will remove, destroy or anonymise the Personal Data.
5.7 Breaches of T&Cs
If you believe that we have not complied with these T&Cs, or any other applicable privacy or data protection laws or regulations which may apply to us, you should make a complaint to us in the first instance. You should address your complaint in writing to our Data Protection Officer (whose contact details are set out below), and you should include as much detail as you can about the Personal Data affected, and the circumstances that you believe amount to a breach of these T&Cs or the applicable privacy or data protection law or regulation.
If you have any questions about these T&Cs or concerns about our commitment to your privacy, please feel free to email or write to the Data Protection Officer (whose contact is set out below).
6. How to contact us
Please feel free to contact our Data Protection Officer at privacy@AFSI.com.
7. Changes to these T&Cs
We reserve the right to modify and update these T&Cs at any time to ensure it is consistent with industry trends and/or any changes in legal or regulatory requirements.
8. Governing Law
This Data Protection Policy shall be governed in all respects by the laws of Singapore.