Article 1 (Purpose)
Article 2 (Definition)
- “User” means the individual who downloads, accesses and/or uses the Application and/or the Service on his/her smartphone or other devices (hereinafter collectively referred to as the “Device”), regardless of whether he/she is using the Application and/or the Service for himself/herself or on behalf of an organization or entity.
- “Mile” means the reward points given to the User by the Company under the conditions provided herein and displayed on the Application.
- “Content” includes messages, comments, any other form of text, information, visuals that a User publishes, posts, uploads, shares or stores on the Application and/or the Service.
- “Objectionable” includes being objectionable, defamatory, obscene, pornographic, antagonistic, bigotristic, provocative, racist, blasphemy, harassing, threatening, harmful, or unlawful in any way.
Article 4 (User Eligibility)
- A User shall be:
- aged 13 or above, and living in Singapore, who is of sound mind, and not disqualified from contracting by any law to which he is subject; and
- where a User uses the Application and/or the Service on behalf of an organization or entity, an authorized representative of such organization or entity.
By accessing and using the Application and/or the Service, the User represents and warrants that he/she fulfills the qualifications above.
- In order to access and use the Application and/or the Service, an individual shall first download the Application and register for an account with us as a User.
- The Company may suspend, terminate or limit the supply of the Service to a User if the Company finds that the User falls under any of the following categories. In addition, the Company shall not be liable for any damages or disadvantages suffered by the User resulting from the inability to use:
- In the case where the User is under the age of 13;
- In the case where the User has been found out to have committed or being in the process of committing an unethical or unlawful activity, misconduct or violations by using the Application, the Service, other services provided by the Company, or via other transactions with the Company;
- In the case where the User is a person aged 13 or more who has unsound mind when he/she registered as a User on the Application;
- In the case where the User logs in the Application with his/her personal information by using the Application downloaded on other persons’ Device without permission of such other persons or a Device obtained by unauthorized means;
- In the case where the User falls under any of the reasons for the suspension or cancellation of the User's entitlements set forth in Article 16 hereof; or
- In other cases where the Company deems the User’s use of the Application and/or the Service inappropriate.
Article 5 (Management of Device and User Identity)
- The User shall be solely responsible for the management of the Device as well as the User’s ID name and password of the Application (collectively referred to as the " User Identity").
- The User shall not use a username that he/she does not have the right to use. The Company reserves the right to disallow registration of or reclaim a username at its sole and absolute discretion.
- The Company shall not take any responsibility for the damage and/or expenses incurred by the User or any third party as a result of or in connection with the illicit, fraudulent, unauthorized or inadvertent use of the Device and User Identity by any person.
Article 6 (Lending and Transferring User Identity)
The User shall be solely responsible for the security and integrity of his/her User Identity. The User shall not disclose, lend or transfer his/her User Identity to any third parties. The Company shall not be in any way responsible for any damage and/or expenses incurred by the Users or other third parties caused by the User’s breach of this Article. If any damage or expenses occurred to the Company in connection with the User’s breach of this Article, the User shall compensate the Company for the full amount of such damages and expenses.
Article 7 (Protection of User Information)
- Any information about the User provided by the User and/or obtained by the Company related to the Application and the Service (hereinafter referred to as the "User Information") will be collected, retained, used and processed by the Company in accordance with the Company’s Privacy Notice displayed in the “Help&Support” feature on the Application (hereinafter referred to as the “Privacy Notice”) and the applicable laws and regulations of Singapore.
- The Company shall set up a mechanism to receive, facilitate and settle the User’s claims, requests or complaints related to his/her User Information. The User, in such case, agrees to cooperate with the Company, including by providing to the Company all the information and documents as may be reasonably requested by the Company.
- If the User is determined by the Company’s record system that he/she has not used the Application consecutively for twelve (12) months, the Company will be entitled to delete the User Information from its server or system to the extent permitted by law.
Article 8 (Change in User Information)
- The User is entitled to access to his/her own User Information according to the Privacy Notice. It is the User’s sole responsibility to maintain true, accurate, current and complete User Information.
- The User shall immediately notify the Company in writing if there is any change in his/her User Information. Upon the receipt of the User’s written notification, the Company shall confirm and update the User Information.
- In the case where the User Information including contact information is not supplied by the User to the Company, or the User Information is incorrect, outdated or incomplete, the Company may not be able to deliver notification or optimised user experience services to the User. In such a case, the Company shall not be liable for any disadvantage, loss or damage suffered by the User as a result of or in connection with such failure of the Company due to the User’s failure to supply true, accurate, current and complete User Information to the Company.
Article 9 (Company’s Notification)
- Notices from the Company to the User will be provided by postings on the Application or the Company’s website (https://www.muji.com/sg/) (hereinafter referred to as the “Website”) or by other means deemed appropriate by the Company, except as otherwise provided herein.
- In case the notice referred to in the preceding paragraph is provided by posting on the Application or the Website, the notice is deemed to be received by the User when the notice is posted on the Application or the Website.
Article 10 (Miles)
- In cases where the User checks in at the Company’s stores by using the Application, or purchases the Company’s products at the stores, or in other cases as clearly displayed in the Application, the Company may grant a certain number of Miles to the User subject to the conditions set forth by the Company and displayed in the Application.
- Miles are not exchangeable for cash. However, the Company may grant a benefit to the User according to the numbers of Miles under the conditions set forth separately in the Application or the Website from time to time.
- The User cannot share, combine, give, rent, transfer, assign or otherwise commercially exploit any accumulated Miles to other Users or any third party.
- If the User has more than one (1) account with us, the User shall not be entitled to combination of the Miles from all his/her accounts.
Article 11 (Expiration of Miles)
All Miles will expire after the period which the Company set forth separately on the Application or the Website.
Article 12 (Miles Invalidated or Cancelled)
In the event where any of the following cases occurs, the Miles shall be invalidated or cancelled, in whole or in part, automatically or by the Company at its sole and absolute discretion. In such cases, the Company shall neither provide any compensation nor be responsible in any other ways for invalidated or cancelled Miles.
- In the case where any of the categories set forth in Article 4 clause 3 hereof applies;
- In the case where the Company has verified that the information supplied by the User to the Company contains any untrue, incorrect or unlawful content;
- In the case where the User earned Miles by any inappropriate or unlawful means;
- In the case where the User’s account is deleted;
- In the case where the User Information is deleted in accordance with Article 7 clause 3 hereof; or
- In other cases where the Company, at its sole and absolute discretion, deems it appropriate to cancel or invalidate the Miles granted to the User.
Article 13 (Taxes and Expenses)
The User is responsible for any taxes and incidental expenses if they are incurred as a result of earning Miles according to the applicable laws or regulations of Singapore.
Article 14 (Prohibited Acts)
- The following acts are prohibited by the Company whenever the User uses the Application and/or the Service:
- Acts of using the Application and/or the Service for any unlawful or profiting-making purposes;
- Acts that infringe or may infringe the intellectual property rights including any trademark right, copyright or patent right etc. or any other rights of the Company, our business partners or any third party;
- Acts that infringe or may infringe the property, privacy or portrait rights of the Company or any third party;
- Acts that discriminate or defame a third party or damage any reputation or credibility of any party;
- Acts that lead to or may lead to crimes such as fraud or threat;
- Acts of creating, transmitting or displaying any Objectionable Content;
- Acts of establishing any pyramid scheme or inducing any person to join such a scheme or promoting any pseudo multi-level marketing;
- Acts of altering or deleting information of the Company or any third party accessible by the Application and/or the Service;
- Acts of pretending a real or fictitious third party;
- Acts of transmitting or otherwise making available harmful computer programs, codes, virus, worm etc. that will or may undermine the security, availability or proper working of the Application and/or the security;
- Acts of holding or promoting any pre-election activity, election campaign or similar activity and acts that violate the laws and regulations on election;
- Acts of sending an e-mail for advertisement, promotion or marketing, etc. to a third party without permission, or an e-mail having or at risk of having an aversion, and acts of requesting a third party to forward a chain letter or accepting such request to forward the same;
- Unauthorized access to any Application or Device of any third party or the hardware, software and systems used by us to operate, provide and maintain our Application and/or Service (including but not limited to any communication system, computer system, other devices, and software prepared by the Company to provide Services) or acts that prevent or likely prevent any use or operation of the same;
- Acts of acquiring any information related to any third party without his/her consent or by deceptive means;
- Acts that encourage any act which falls under any of the above items (including where the prohibited act is performed by a third party).
- In the event that the User commits or attempts to commit any of the above-mentioned prohibited acts, the Company shall have the right to terminate the User’s account, reclaim usernames, limit or suspend the User’s access and/or use of the Application and/or the Service or take any other actions that the Company may deem necessary or appropriate, at its sole and absolute discretion, with or without notice to the User.
- The User shall indemnify and release the Company and our subsidiaries, affiliates, officers, employees, agents, representatives and successors from any damage or loss that the Company, other Users or any third party may suffer as a result or in connection with such prohibited acts of the User.
Article 15 (Termination of Use)
- The User may at any time terminate his/her use of the Application and the Service by deleting his/her account with us. Upon such termination, all Miles and all rights or entitlements provided to the User in relation to the Application and/or the Service shall become invalid and no longer usable by the User. However, this termination of use may be temporarily suspended or refused by the Company in case where the Application is upgraded to include online payment function while the User has not paid his/her invoices claimed through the Application.
- By terminating the use of the Application and the Service, the User shall be deemed to have waived and given up any of his/her right to claim for any entitlements, unused rewards and/or compensation whatsoever against the Company.
- The User acknowledges that even after the User deletes his/her account with us:
- any Content that he/she has made public may remain available and viewable on the Application and/or the Service; and
- it may not be possible to completely delete his/her content from the Company’s records or backups of the Application and/or the Service.
Article 16 (Suspension and Cancellation of Entitlements)
- The Company reserves the right to suspend or cancel the User’s entitlements at any time without prior notice or demand for any of the following reasons:
- When it is found that the User falls under any of the categories set forth in Article 4 clause 3 hereof;
- When the User uses the entitlement unlawfully or allowed it to be used unlawfully;
- When the User alters the information provided by the Company without our prior written consent;
- When the User uses the Application and/or the Service for unlawful purpose or allows other Users or third parties to use the Application and/or the Service unlawfully;
- When there is a misconduct or suspected misconduct by the User, or when it is necessary to prevent any misconduct by a third party;
- When the User was filed for attachment, provisional attachment, provisional disposition, disposition for failure to pay any debt, compulsory execution, bankruptcy, or civil rehabilitation proceedings; or
- in other cases where the Company deems the person inappropriate as a User.
- In case the User cannot use the Application or the Service due to the suspension or cancellation of the User’s entitlements based on the preceding clause, the Company shall not be in any way responsible for and shall have no obligation to disclose the reason for such suspension or cancellation to the User. In addition, losses, damages and expenses (if any) incurred by the Company or third parties caused by any action taken by the User as stipulated in the preceding clause shall be fully compensated by the User.
- If there are any doubts regarding the User's Miles acquisition and other use of the Application and/or the Service, temporary suspension of the User's entitlements and usage restrictions on the Application and/and the Service may be placed by the Company at its sole and absolute discretion until the suspicion is cleared.
Article 17 (Change of the Application or the Service)
The Company may change, in whole or in part, the functions, features and design of the Application, operation rules of the Application and/or the Services, or the content of the Application and/or the Service from time to time at its sole and absolute discretion without prior notice to the User. The Company shall not be in any way responsible for any disadvantage or damage suffered by the User resulting from such changes.
Article 18 (Temporary Suspension, Cancellation or Termination of the Application or the Service)
- The Company may temporarily suspend or terminate the operation of the Application and/or the Service or part or all of the Website without prior notice to the User for any of the following reasons:
- When performing maintenance, inspection, repair, change or upgrade of the feature or system of the Application and/or the Service regularly or urgently;
- When it is not possible or would be unreasonably burdensome to provide the Application and/or the Service due to a force majeure event such as fire, blackout, natural disaster such as earthquake, eruption, flood, or tsunami or war, disturbance, riot, conflict or change of laws, labor dispute, lockout, government restraint etc.;
- When the Application and/or the Service cannot be operated due to failure, breakdown, destruction or sabotage of the system of the Application and/or the Service (including falsification of data and source code) or the network failure etc.; or
- Other cases where it is determined by the Company that the Company requires temporary suspension, cancellation or termination of the Application and/or the Service.
- The Company may terminate all or a part of the functions of Application and/or the Service at its sole and absolute discretion.
- The Company shall not be in any way responsible for any disadvantage or damage suffered by the User or other third parties resulting from the interruption, suspension, cancellation or termination of the Application or the Service under this Article.
Article 19 (Disclaimer)
- The Company shall not be liable for any loss or damage suffered by the User arising out of the access and/or use of the Application and/or the Service, and the Company shall have no obligation to compensate for such damage. The Application and the Service are offered and provided to the User on an “as-is” and “as available” basis without any express or implied warranty of any kind from the Company.
- The Application may contain links or connections to third party websites, plug-ins or services that are not owned or controlled by the Company. The Company has no control over, and assumes no responsibility for, the content, accuracy, security, privacy policies, or practices of or opinions expressed in any third-party websites. The User’s access and use of third-party websites, plug-ins or services is at his/her own risk. The User agrees that the Company shall not be responsible or liable for any loss or damage of any sort incurred as a result of or in connection with his/her use of any third-party website, plug-in or service.
Article 20 (Intellectual Property)
Article 21 (Monitoring of Unauthorized Use)
The Company has the right to monitor usages and accesses by the User to prevent any unlawful or unauthorized use of the Application or the Service. The Company will not monitor the usage and access of the User for any purpose other than the one stated in this Article.
Article 23 (Governing Law)
Article 24 (Dispute Resolution)
Article 25 (Language)
Article 26 (Effectiveness)
Article 27 (General)
LAST UPDATED: August 1, 2021
1.Important information and who we are
Purpose of this privacy notice
This privacy notice aims to give you information on how we collect and process your personal data through your use of the Application, including any data you may provide through this Application when you register to the Application or use the Application in accordance with the Personal Data Protection Act 2012 of Singapore (No. 26 of 2012, as amended from time to time) and the relevant guidelines (collectively, the “PDPA”).
This Application is not intended for those who are under the age of thirteen (13) and we do not knowingly collect data relating to them. If we become aware that we have collected personal information from a child under the age of thirteen (13), then we will delete that information from our records.
It is important that you read this privacy notice together with any other notice we may provide on specific occasions when we are collecting or processing personal data about you so that you are fully aware of how and why we are using your data. This privacy notice supplements the other notices and is not intended to override them.
Who is responsible
This privacy notice is issued by MUJI (SINGAPORE) PTE. LTD. so when we mention "Muji", "we", "us" or "our" in this privacy notice, we are referring to MUJI (SINGAPORE) PTE. LTD. is responsible for processing your data.
Data Protection Officer (the “DPO”)
We have appointed an internal data protection officer (DPO) who is responsible for overseeing questions in relation to this privacy notice. If you have any questions about this privacy notice, including any requests to exercise your legal rights, please contact the DPO using the details set out below.
Contact details of the DPO
Email address: email@example.com
Postal address: 60 Albert Street, #15-03 to 06, OG Albert Complex, Singapore 189969
Changes to the privacy notice and request to inform us of changes
We will keep this privacy notice up to date and will notify you of any significant changes to the notice. Any notification in regards to changes to this privacy notice will be displayed on Application for 30 days following the change.
It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your relationship with us.
This Application may include links to third-party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements. When you leave the Application and visit these websites, we encourage you to read the privacy notice of every website you visit.
2.The data we collect about you
Personal data means data, whether true or not, about an individual who can be identified either from that data or from that data and other information to which the organisation has or is likely to have access. It does not include data where the identity has been completely and irrevocably removed (anonymous data).
We may collect, use, store and transfer different kinds of personal data about you which we have grouped together as follows:
- Identity Data includes account ID (unique device identifier) for this Application, profile photo, username (nickname) or similar identifier, date of birth and gender.
- Contact Data includes your name, email address, telephone number and/or postal address, which you provide us with when you make inquiries to us about the Application.
- Transaction Data includes your likes, purchase, MUJI mile, location, shop check-in history, awarded coupons and information which you enter into the application form on the Application when you apply for the event which we conduct, such as your name, e-mail address, phone number, number of the participant, and the event summary.
- Technical Data includes internet protocol (IP) address, your account login data, Application log, device and browser type and version, time zone setting and location, connected account information (Facebook, Apple and Google), browser plug-in types and versions, operating system and platform and other technology on the devices you use to access this Application.
- Account Profile Data includes your Identity Data and password, purchases or orders made by you, your interests, preferences, feedback and survey responses.
- Usage Data includes information about how you use the Application and our services.
- Marketing and Communications Data includes your preferences in receiving marketing communications like reminding and campaign notifications from us.
We also collect and use aggregated data such as statistical or demographic data. Aggregated data may be derived from your personal data but is not considered personal data in the meaning of the PDPA, as you can’t be identified from such aggregated data, even if combined with any other information we are likely to have access to. For example, we may aggregate your Usage Data to calculate the percentage of users accessing a specific app feature. However, if we combine or connect aggregated data with your personal data so that it can directly or indirectly identify you, we treat the combined data as personal data which will be used in accordance with this privacy notice.
We do not collect your NRIC (National Registration Identification Card) number, FIN (Foreign Identification Number), and passport number unless permitted by the PDPA or any other applicable laws or regulations. We also do not collect any sensitive personal data about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic and biometric data). Nor do we collect any information about criminal convictions and offences.
While we do not ask you to provide any sensitive personal data described above, we may also process such data (as well as other categories of personal data), depending on what data you provide when communicating with us when using the Application, or otherwise.
If you fail to provide personal data
Where we need to collect personal data by law, or where we need personal data so that we can enter into or perform a contract with you to provide our services and you fail to provide that data when requested, we may not be able to perform the contract we have or are trying to enter into with you (for example, to provide you with our service). In this case, we may have to cancel a service you have ordered with us but we will notify you if this is the case at the time.
3.How is your personal data collected?
We use different methods to collect data from and about you including through:
- Direct interactions. You may give us your Identity Data, Contact Data, Transaction Data, Usage Data, and Marketing and Communications Data by interacting with the Application, by filling in forms, or by corresponding with us. This includes personal data you provide when you:
- create an account on our Application;
- mark up items or articles as your favourite;
- check in at our shops;
- show your ID barcode and/or coupons at our shops;
- connect SNS accounts with your ID;
- set your preference in receiving marketing communications from us; or
- give us some feedback or a make an inquiry with us via email, our live chat, to our call centres or provided in our retail stores. We may also ask you for information when you report a problem with the Application.
We may also receive your information from another organisation that you have consented for them to share your data.
- Automated technologies or interactions. As you interact with the Application, we may automatically collect Technical Data and Usage Data about your equipment, browsing actions and patterns. We collect these personal data by using application logic, server logs and other similar technologies.
In most cases, we use automated decision making in ways which won't have a significant effect on you as an individual (such as our general analysis of data to gain insights into behaviours and characteristics of our customers).
- Third parties or publicly available sources. We may receive personal data about you from various third parties. With regards to Technical Data and Usage Data, we may receive it from analytics providers such as Adobe Analytics.
4.How we use your personal data and your consent
Purposes for which we will use your personal data and the legal bases we rely on
We have set out below a description of all the ways we plan to use your personal data, and the legal bases we rely on to do so.
- To register you as a new user of the Application, based on your consent;
- To manage your user account which includes helping you restore your user account by referring to connected account information, based on your consent;
- To provide you with our services which include delivering articles, product catalogues and favorable shopping offers, offering shopping coupons, checking in at our shops, locating near-by shops, managing your MUJI mile, and sending reminding when you become a customer such as purchase and delivery of our products, based on your consent;
- To administer and protect our business and this Application (including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data), based on our legitimate business interest, i.e., ensuring proper functions of the Application and providing better services to you;
- To deliver relevant content and advertisements to you and measure or understand the effectiveness of the advertising we serve to you, based on your consent;
- To use data analytics to improve our Application, products/services, marketing, customer relationships and experiences, based on our legitimate business interest, i.e., improving the quality of services we provide to you on the Application; and
- To make suggestions and recommendations to you about goods or services that may be of interest to you, based on your consent.
A legal basis is a reason or circumstance prescribed by law where we are allowed to process your personal data.
We rely on your consent as the legal basis for some purposes of our processing of your personal data as described above. When you install the Application, we ask you to give us consent to such processing of your personal data. You can either give us such consent or refuse it. If you don’t give us such consent, we may not be able to provide you with part or all of the services on the Application.
Once you have read this privacy notice and start using the Application, when you voluntarily provide us with your personal data, including by filling in forms, marking up your favourite articles, checking in at our shops, presenting your account ID barcode or coupons at our shops, etc., then we deem that you have given us your consent to our processing the provided personal data for the relevant purpose(s).
You can opt out of certain categories of our processing your personal data at any time, by setting your preferences on the Application, including toggling on/off receiving campaign offer or reminding. You can withdraw your consent at any time by contacting our DPO, whose contact details are shown above. If you withdraw your consent, we may not be able to continue providing you with part or all of the services on the Application.
We will only share your personal data with any company for marketing purposes upon your prior explicit consent.
We will not sell, distribute or lease your personal data to third parties unless we have your permission or are required by law to do so.
Change of purpose
We will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If you wish to get an explanation as to how the processing for the new purpose is compatible with the original purpose, please contact our DPO.
If we need to use your personal data for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.
Please note, that we may process your personal data without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.
5.Disclosures of your personal data
We may have to share your personal data with the parties set out below for the purposes set out in paragraph 4 above.
- Internal Third Parties: Other companies in the Muji Group including Ryohin Keikaku Co., Ltd. (Japan) (https://ryohin-keikaku.jp/eng/corporate/company.html), which process your personal data either on their own behalf or on our behalf in providing us with IT, system administration, business process outsourcing or other services as contractors.
- External Third Parties:
- Service providers who provide us with IT, system administration, business process outsourcing or other services as contractors.
- Professional advisers who process your personal data either on their own behalf or on our behalf in providing us with professional services, including lawyers, bankers, auditors and insurers.
- The regulators and other authorities who require reporting of processing activities in certain circumstances.
- Third parties to whom we may choose to sell, transfer, or merge parts of our business or our assets. Alternatively, we may seek to acquire other businesses or merge with them. If a change happens to our business, then the new owners may use your personal data in the same way as set out in this privacy notice.
We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.
Your personal data will be stored and processed at servers from external providers in Japan, where Ryohin Keikaku Co., Ltd., one of our group company engages external cloud IT resources and provides us with the infrastructure for the Application.
Ryohin Keikaku Co., Ltd. and its contractors in Japan are subject to various data protection obligations prescribed by the Act on the Protection of Personal Information of Japan (the “APPI”) and committed themselves to respecting your privacy and protecting your personal data in accordance with the APPI and the PDPA. The European Commission have decided pursuant to Article 45 of the General Data Protection Regulation of the European Union (the “GDPR”) that Japan, with the APPI and its enforcement, ensures an adequate level of personal data protection in the light of GDPR, which prescribes as stringent data protection obligations as the PDPA.
With these facts we are sure that we can provide a standard of protection to your personal data transferred that is comparable to the protection under the PDPA.
When you install the Application, we ask you to give us your consent to the transfer of your personal data to Japan as described above. You can either give us your consent or refuse it. If you don’t give us such consent, we are not able to provide you with the services on the Application. You can withdraw your consent at any time by contacting our DPO, whose contact details are shown above. If you withdraw your consent, we are not able to continue providing you with the services on the Application.
We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorized way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions, and they are subject to obligation of confidentiality.
In the event that we have credible grounds to believe that an incident of personal data breach has occurred, we will take reasonable and expeditious steps in accordance with the PDPA.
In this regard, “personal data breach” means (i) unauthorised access, collection, use, disclosure, copying, modification or disposal of personal data; or (ii) any loss of any storage medium or device on which personal data is stored in circumstances where the unauthorised access, collection, use, disclosure, copying, modification or disposal of the personal data is likely to occur.
We will retain your personal data for as long as it is necessary to fulfil the purposes outlined in this Privacy Notice, unless a longer retention period is required or permitted by law. During such retention period, we will review your personal data on a regular basis to keep it updated and to make sure that it is not retained for longer than necessary for the outlined purposes.
In some circumstances we may anonymize your personal data for example by aggregation with other data (so that it can no longer be associated with you) for research or statistical purposes or business planning in which case we may use this information indefinitely without further notice to you.
9.Your legal rights
Under certain circumstances, you have the following rights under the PDPA in relation to your personal data. For more information about such circumstances and how you can exercise your rights, contact our DPO:
Right to access
You have the right to obtain from us:
- personal data about you in our possession or under our control; and
- information about how such personal data may have been used or disclosed by us within a year before the date of your request.
We are not required by the PDPA to provide you with information in respect of certain categories of personal data or request, including among others:
- personal data which is subject to legal privilege;
- personal data which would reveal our trade secret;
- personal data which could reveal personal data about another individual; and
- any request that would unreasonably interfere with our operations because of its repetitious or systematic nature; or
- any request where the burden or expense of providing access in response to the request would be unreasonable to us or disproportionate to your interests.
We may charge you a reasonable fee to process your access request.
Right to correction
You have the right to requesting us to correct an error or omission in the personal data about you that is in our possession or under our control.
Right to withdraw consent
You can withdraw your consent at any time where we are relying on consent to process your personal data. However, this will not affect the lawfulness of any processing carried out before you withdraw your consent. If you withdraw your consent, we may not be able to provide part or all of the services on the Application to you. We will advise you if this is the case at the time you withdraw your consent.
What we may need from you
We may need to request specific information from you to help us confirm your identity before we respond to any requests. This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.
Time limit to respond
We try to respond to all requests within 30 days. Occasionally it may take us longer if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.
LAST UPDATED: August 1, 2021