Privacy Policy for External Parties (English)

1. Introduction

1. This Policy has been prepared in accordance with Singapore’s Personal Data Protection Act 2012 (the “PDPA”) and, where relevant, equivalent data protection laws in other jurisdictions. It sets out the basis which we may collect, use, store, share, disclose, protect, retain or otherwise process personal data of users of our website.
2. This Policy applies to all personal data in our possession or under our control. This includes but is not limited to the personal data of individuals who interact with us (e.g., visitors to our website, persons from who we receive inquiries, persons engaging with us as clients/prospective clients, suppliers, or partners, or job applicants), and to personal data we process in connection with our websites and services.
3. By interacting with us or submitting information to us, you agree and consent to us as well as our employees, agents, and/or representatives collecting, using, disclosing and sharing amongst themselves your personal data, disclosing and processing your personal data in accordance with the provisions of this Policy.

2. Personal Data

1. In this Policy,
   
   1. “Personal data” shall have the meaning set out in PDPA; and
   2. All other terms used in this Policy shall have the meanings given to them in the PDPA unless otherwise stated.
2. Examples of personal data that you may provide to us or that we may collect from you depend on the nature of your interaction with us, but may include: your name, identification number, telephone number, email address, residential address, mailing address, IP address, employment details, and personal data relating to any individuals or entities referred by you in your interactions (whether written or otherwise) with us.

3. Types of Personal Data Collected

1. We will collect and process personal data about you in the following ways:
   
   1. Directly from you:
      1. When you submit any forms, whether on our website or otherwise, in relation to our products and/or services;
      2. When you enter into any agreement or provide any documentation or information in relation to your interactions with us, or when you use any of our services;
      3. When you interact with any of our employees through avenues including but not limited to telephone calls, letters, electronic correspondence, social media platforms and meetings, regardless of whether the interaction originated from you;
      4. When you use our website and/or its subdomains (the “Website”);
      5. When you request that we contact you or request that you be included in any correspondence or mailing list (including subscription to our newsletters or alerts);
      6. When you respond to our request for additional personal data;
      7. When you participate in a promotion, survey, event, or other marketing campaign organised by us;
      8. When you request that marketing materials be sent to you’
      9. When your images are captured by us through CCTV while you are within our premises, or through photographs or videos taken by us or our representatives while attending our events; and
      10. When you submit your personal data to us for any other reason.
   2. From your authorised representatives:
      1. When persons whom you have authorised and persons who have been identified as acting on your behalf provide personal data to us.
   3. Through our Website:
      1. When you use our Website, we may collect personal data such as site areas visited, pages viewed, frequency and duration of visits, Internet Protocol (IP) address, internet device identity or media access control address of your device, information regarding the manufacturer, model or operating system of the device that you use and/or information about the web browser used to access our Website.
      2. Please also see the section on cookies below.
   4. Third Parties or publicly available sources:
      1. When we receive references from business partners and third parties, for example, where you have been referred by them;
      2. When we collect personal data from third parties, including but not limited to, business partners, analytics providers, search information providers, credit reference agencies, third-party marketing companies and publicly available sources.
2. If you provide us with personal data relating to a third party (e.g., your family members, employees etc), you represent and warrant to us that, by submitting such personal data to us, you have obtained the necessary consent of said third party to provide us with their personal data for the purpose for which the personal data was provided to us.

4. Use of Personal Data

1. Generally, we collect and use personal data where necessary for one or more of the following purposes:
   
   1. To facilitate communications and requests, including but not limited to responding to your queries and feedback, contacting you when necessary or appropriate in relation to our interactions or transactions with you;
   2. To verify your identity;
   3. To carry out fraud prevention checks;
   4. To deliver, maintain, manage and administer our services provided to you;
   5. To address legal and compliance matters, including but not limited to address and investigate any complaints, claims or disputes, and due diligence checks as may be required by the relevant laws and regulations;
   6. To provide you with information on products, services and/or opportunities that may be relevant to you or that you may interested in obtaining from us. In the case of marketing communications, we will send you such communications only with your prior consent or where permitted in accordance with the relevant laws and regulations;
   7. To assess and evaluate your suitability for employment in any current or prospective position within the organisation, and to verify the accuracy of any personal data or information provided;
   8. To administer, operate, provide, maintain and protect our business and our Website (including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data, as well as ensuring that unauthorised users do not access the information on our Website);
   9. To comply with any applicable laws, regulations, codes of practice, guidelines or rules, or to assist in law enforcement and investigations conducted by any governmental and/or regulatory authority;
   10. To support business operations and continuous improvement; and
   11. Any other purposes for which you have provided the information, or any other incidental business purposes related to or in connection with the above.
2. The purposes listed above may continue to apply even in situations where your relationship with us (for example, pursuant to a contract) has been terminated or altered in any way, for a reasonable period thereafter (including, where applicable, a period to enable us to enforce our rights under any contract with you).
3. We handle personal data in accordance with applicable laws. Where consent is required under the PDPA, we obtain it; where consent is not required, we process personal data as permitted by law and with appropriate safeguards.

5. Cookies and Similar Technologies

1. We may use cookies or similar technologies to understand your use of our Website usage and improve user experience of our Website. Cookies are pieces of information that a website transfers to the memory or hard drive of a visitor’s computer for record-keeping purposes.
2. You may deny the use of or delete cookies or disable the saving of cookies via browser settings. However, when doing so, you are advised to take the necessary steps within your internet browsers’ security settings to do so.
3. When you use our Website, you may be able to link to other websites that are not related to us. This Policy does not apply to those websites and you are advised to read the privacy policies on such sites.

6. Disclosure of Personal Data to Third Parties

1. We do not disclose personal data without consent, except in the following circumstances:
   
   1. Where the disclosure of such personal data is required for performing obligations during or in connection with the provision of goods and/or services to you;
   2. To companies and/or subsidiaries within our group, and to third party service providers who have been engaged to perform any of the above functions;
   3. Where required to do so by law or regulatory authorities, or in the good faith belief that such disclosure is necessary to:
      
      1. Conform with relevant laws and regulations;
      2. Comply with legal processes served on us or the Website;
      3. Protect and defend our rights or property; and
      4. Respond to an emergency that threatens the life, health or safety of the individual or another individual;
   4. Where we are permitted by law to disclose such information without obtaining consent.

7. Withdrawal of Consent

1. You may at any time withdraw the consent given for the collection, use and disclosure of your personal data by giving to us reasonable notice in writing. All such requests should be submitted to us in writing or via email to the Data Protection Officer at the contact details provided below. For the avoidance of doubt, the consent provided by you for the collection, use and disclosure of your personal data shall remain valid until you withdraw such consent in writing.
2. Upon receipt of your written request to withdraw your consent, we may require time to process such request and for us to notify you of the consequences of withdrawing your consent and all such matters required under the PDPA.
3. Please note that withdrawal of such consent may affect our ability to continue providing you with goods and/or services, and our transactions with you. We will notify you of any such consequences before executing your request.
4. The withdrawal of your consent does not affect our right to continue to collect, use and disclose without consent is permitted or required under applicable laws.

8. Access to and Correction of Personal Data

1. You may submit a written request to our Data Protection Officer to:
   
   1. Access to a copy of your personal data in our possession or control;
   2. Request information about the ways in which your personal data in our possession or control has been or may have been used or disclosed by us within a year before the date of the request; and
   3. Correct an error or omission, and/or update your personal data in our possession or control.
2. We will consider and process all requests under paragraph 8(a) in accordance with the PDPA. In this regard, please note that the PDPA specifies circumstances where we are prohibited from acceding to, or not required to accede to, the requests in paragraphs 8(a)(i) and (ii) above.
3. Please note that we may charge a fee for requests under paragraphs 8(a)(i) and (ii) above. If so, we will inform you of the fee before executing your request.

9. Cross-Border Data Transfers

As a Singapore-based entity using global infrastructure and group support, your personal data may be transferred and stored outside Singapore. We will ensure that transfers of personal data outside Singapore are done in accordance with the requirements prescribed under the PDPA to ensure that the recipient of such personal data is bound by legally enforceable obligations to ensure that the transferred personal data is given a standard of protection that is at least comparable to the protection under the PDPA.

10. Data Security Measures

In order to safeguard your personal data from unauthorised access, use, collection, disclosure and related risks, we have implemented appropriate administrative, physical and technical safeguards.

11. Data Retention

We retain personal data only for as long as necessary for the purposes for which it was collected, or as required or permitted by law. We will cease to retain your personal data or delete or anonymise such data as is appropriate as soon as such retention no longer serves the purpose for which it was collected and/or is no longer required for legal or business purposes.

12. Policy Revisions

We will review this Policy from time to time, and may amend any part of the Policy without prior written notice to you. Amendments will be effective from the time they are published on our Website, and continued use of our Website will constitute acceptance of any such amendments.

13. Contact Us

You may contact us in relation to the matters in this Policy using the contact details below. For all other requests or questions, please contact us via the inquiry form on our website. We aim to respond within a reasonable period.

Contact Details:
Transcosmos Financial Holdings Pte. Ltd.
Address: 10 Anson Road #13-08, International Plaza, Singapore 079903
Email: tcfh-inquiries-ml@trans-fin.com