Personal Data Protection Policy

Version: 22.1.20 (a)

This privacy policy has been developed and implemented within Techsembly Ltd. (The Company) to comply with the provisions of the Personal Data Protection of Singapore Act 2012 (the “PDPA”) and this policy describes the types of personal data we may collect, how we may use this information, and with whom we may share it. This policy also describes the measures we take to protect the security of the information.
This privacy policy forms the basis for all data protection & confidentiality clauses in The Company s employment contracts and sub-contractor agreements. Thus all employees, sub-contractors of The Company are bound by this policy. This policy will also form the basis for data protection and confidentiality obligations of the Company to its Customers through appropriate clauses in the relevant Customer contracts.
We at, Techsembly understand that your privacy is very important and are highly committed in respecting, protecting and managing your personal information, compliant and in accordance with both Singaporean Law PDPA Act2012 and the regulatory federal body that governs the Act, the Personal Data Protection Commission. pdpc.

Techsembly is also implementing the gold standard of ISMS the ISO 27001 (on-going and in review). As used in this Privacy Policy, personal information is listed in the data points listed below as well as other personal information that may be supplied by you or collected about you as required by us. We hope that this Policy helps you to understand how we handle and use any personal data after collection.
By using Techsembly and any of its subsidiaries sites, you are agreeing to be bound by this Policy in respect of your Personal Data collected, used and disclosed via the Sites. You acknowledge and agree (on your own behalf and duly authorised on behalf of any third party whose details you supply) that you have been informed of the purpose of the collection, use and disclosure of Personal Information, that you agree that it is reasonable.
You expressly consent to the use, collection and (where required) disclosure of your Personal Data for any of the below mentioned purposes.
“Personal Data and Personal Information (P.D.) in this policy means data that can identify an individual.

  • The Company owns and operates a Software as a Service (SaaS) e-commerce solutions technology platform called Techsembly . In essence, the company curates local products from local brands and suppliers for local audiences which result in increased marketplace relevancy for the Company s clients.
  • Consent in collection of data. We generally do not collect your personal data unless (a) it is provided to us voluntarily by you directly or through deemed consent in the use of our website or via a third party who has been duly authorised by you to disclose your personal data to us (your authorised representative”) after (i) you (or your authorised representative) have been notified of the purposes for which the data is collected, and (ii) you (or your authorised representative) have provided written consent to the collection and usage of your personal data for those purposes, or (b) collection and use of personal data without consent is permitted or required by the PDPA or other laws. We shall seek your consent before collecting any additional personal data and before using your personal data for a purpose which has not been notified to you (except where permitted or authorised by law).

• Collection of personal information

The Company will collect the following information or related information to enable correct functioning of the software product:
  • Customers ( Company clients )
  • Customer Type
    • Customer Id ( NRIC/FIN No. necessary to accurately establish or verify the identity of the individual to a high degree of fidelity)
  • Name (First Name & Last Name)
  • Postal & Billing address.
  • Gender
  • Date Of Birth
  • Location
  • Industry
  • Company Position
    • Partners
  • Unique Identifier Code (SKU)
  • Industry Classification
  • Partner Name
  • Reference Number (optional)
  • Address and Postal code
  • Alert or Priority Type
  • Company or employee email address.
  • Company telephone, Telefax & Mobile Numbers.
  • Balance of payments
  • Photo, image or Company logo

• Ways in which the Company will collect personal data.

  • The Company will exclusively collect this data through the use of the Company s tech platform, from its customers, investors and partners. The Customer will provide the necessary permission or with respect to age, seek necessary express permissions from the Designated Guardians for the use of the software. The Customer will provide evidence of the same to the Company from time to time. If the Company learns that the Customer is not in possession of such express, relevant and current permissions or falsifying such data, then the Company will take steps to immediately delete this information from the software, which will in effect the functioning of the automated technologies or interactions.
  • As you use our site, we may automatically collect Technical Data about your equipment, browsing actions and usage patterns. We collect this data by using cookies, server logs and similar technologies. We may also receive Technical Data about you if you visit other websites that use our cookies ( please see below paragraph entitled cookies”)
  • Customers are deemed to have issued consent for the collection of their personal data by means of the very use of or navigation of our website, as described in the points above.

• Purposes for the collection.

  • The exclusive purpose of collecting this information is for the functioning (developing, implementing, hosting, operating and maintaining) of the digital e-commerce platform software to provide it as a service to the Customer and Partners.

• Disclosure of your personal data to third parties.

  • The Company will not voluntarily disclose this information to any 3rd Party which is not bound to the Company by the Personal Data protection and Confidentiality clauses through appropriate 3rd party agreements (sub-contractor agreement).

• 3rd Party Hosting

The Company may (upon request from its Customer) host the software application at 3rd Party cloud hosting vendors such as Amazon. In such an instance the standard agreements with such vendors will govern all data protection and confidentiality aspects. The choice of such a vendor will be made in association with the Customer and/or will be expressly communicated to the Customer prior to the collection and deployment of any personal data. By agreeing to the choice of 3rd Party hosting the Customer accepts all liabilities and indemnifies the Company from any data violations or infringements.

• Location-based services

The Techsembly software will use location-based services of the devices from time to time.. This location data is collected from only those devices that the Customer has authorized for use in conjunction with partnerships and or customer based. The Company may extend the functionality of the software for other location-based functionality. This will be done exclusively through express permissions, as stated in clause 3 of this document.

• Protection of Personal data

The Company will take the security of all personal data in its possession very seriously. The Company will employ appropriate technology and physical security arrangements and maintain safeguards to protect against the accidental or unauthorized access, collection, use and disclosure, copying and modification, disposal and deletion and other similar risks to personal data.

• Integrity and retention of personal information

The Company will retain all relevant personal data only for the period necessary to fulfil its contractual obligations to its Customer for the service of the software unless a longer retention period is required by Law. I

• Our companywide practices and commitment to your privacy

To ensure total security of all personal data, the Company will communicate this privacy and security policy to all its employees and sub-contractors and strictly enforce it through valid legal agreements. The Company will appoint a designated Data Protection officer to ensure implementation and compliance of this policy.

• Withdrawing your consent.

  • The consent that you provide for the collection, use and disclosure of your personal data will remain valid until such time it is being withdrawn by you in writing. You may withdraw consent and request us to stop collecting, using and/or disclosing your personal data for any or all of the purposes listed above by submitting your request in writing or via email to our Data Protection Officer at the contact details provided below.
  • Upon receipt of your written request to withdraw your consent, we may require reasonable time (depending on the complexity of the request and its impact on our relationship with you) for your request to be processed and for us to notify you of the consequences of us acceding to the same, including any legal consequences which may affect your rights and liabilities to us. In general, we shall seek to process your request within thirty (30) business days of receiving it.
  • Whilst we respect your decision to withdraw your consent, please note that depending on the nature and scope of your request, we may not be in a position to continue providing our goods or services to you and we shall, in such circumstances, notify you before completing the processing of your request. Should you decide to cancel your withdrawal of consent, please inform us in writing in the manner described in clause 8 above.
  • Please note that withdrawing consent does not affect our right to continue to collect, use and disclose personal data where such collection, use and disclose without consent is permitted or required under applicable laws.

• Access and Correction of Personal Data.

  • If you wish to know about your personal data in our possession or under our control, or how your personal data has been used or to whom it has disclosed, you may write in to us by filing our Access Request Form (available at your request).
  • We shall charge a standard fee of $10 for each Access Request. However, if much effort and time are required to retrieve the personal data, we shall charge a higher fee of approximately $ 50.00 for each request. We can charge an incremental fee for photocopying or courier costs if more copies are requested.
  • This fee shall cover all our actual costs incurred. Examples: photocopying, locating, retrieving, shipping, transport, time spent in preparing the disclosure. It should reflect our time and efforts taken to retrieve the personal data.
  • We shall provide the personal data requested within 30 days after receiving the Access Request. If we cannot respond within 30 days, we shall inform the Applicant (in writing) when we can do so.
  • There may be some circumstances, as outlined under the 5th Schedule and Section 21 of the PDPA that exempts the company from having to accede to an Access Request.
  • If you wish to correct any personal data in our possession or under our control, you may edit the information within the software or failing that, write in to us by filling in a Correction Request Form (available at your request).
  • We shall forward the corrected personal data to every organisation we have sent the personal data to 1 year before the receipt of the Correction Request.
  • We shall correct the personal data requested, where practical, within 30 days.
  • We do not charge any fees for correcting or deleting personal data.
  • There may be some circumstances, as outlined under the 6th Schedule and Section 22 of the PDPA that exempts the Company from having to accede to Correction of Personal Data.
  • • Protection of personal Data.

    • To safeguard your personal data from unauthorised access, collection, use, disclosure, copying, modification, disposal or similar risks, we have introduced appropriate administrative, physical and technical measures such as up-to-date antivirus protection, encryption, use of privacy filters, and disclosing personal data both internally and to our authorised third party service providers and agents only on a need-to-know basis.
    • You should be aware, however, that no method of transmission over the Internet or method of electronic storage is completely secure. While security cannot be guaranteed, we strive to protect the security of your information and are constantly reviewing and enhancing our information security measures.

    • Retention of Personal Data

    • We may retain your personal data for as long as it is necessary to fulfil the purpose for which it was collected, or as required or permitted by applicable laws.
    • We will cease to retain your personal data, or remove the means by which the data can be associated with you, as soon as it is reasonable to assume that such retention no longer serves the purpose for which the personal data was collected, and is no longer necessary for legal or business purposes.

    • Transfers of personal data outside of Singapore

    • We generally do not transfer your personal data to countries outside of Singapore. However, if we do so, we will obtain your consent for the transfer to be made and we will take steps to ensure that your personal data continues to receive a standard of protection that is at least comparable to that provided under the PDPA.

    • Cookies

    • A cookie is a text file placed on your computer to collect standard internet log information and visitor behaviour information. This information is used to track visitor use of our website and to compile statistical reports on website activity.
    • For more information about cookies, visit www.aboutcookies.org or www.allaboutcookies.org.
    • You can set your browser not to accept cookies and the above websites tell you how to remove cookies from your browser. If you do not accept our cookies or remove them from your browser, some our website s features may not function.

    • Data Protection Officer ( DPO )

    The contact details of the Company s DPO Mr. Sohail Qureshi
    Data Protection Officer
    120 Lower Delta Road, #14-13
    Cendex Centre, Singapore 169208

    Correct as of: 22nd January 2020.
    Next review date: 30 June 2020