Your Privacy is Very Important to Us!

Accordingly, Treasure Cloud Pte. Ltd. (“we”, “us”, or “our”) has developed this Privacy Policy (“Policy”) in order for you to understand how we collect, use, communicate and disclose and make use of personal information.

This Policy applies to the treasure.cloud (the “Website”) and governs data collection, processing and usage in compliance with the Personal Data Protection Act 2012 (No. 26 of 2012) of Singapore (“PDPA”). By using the Website, you consent to the data practices described in this Policy.

This Policy sets out the basis which we may collect, use, disclose or otherwise process your personal data in accordance with the PDPA. This Policy applies to personal data in our possession or under our control, including personal data in the possession of organisations which we have engaged to collect, use, disclose or process personal data for our purposes.

Personal Data

1. As used in this Policy: “You” means an individual who is visiting and/or using our Website; and “personal data” means data, whether true or not, about you which can be identified: (a) from that data; or (b) from that data and other information to which we have or are likely to have access.

2. Other terms used in this Policy shall have the meanings given to them in the PDPA (where the context so permits).

Collection, Use and Disclosure of Personal Data

1. We generally do not collect your personal data unless (a) it is provided to us voluntarily by you directly or via a third party who has been duly authorised by you to disclose your personal data to us (your “authorised representative”) after (i) you (or your authorised representative) have been notified of the purposes for which the data is collected, and (ii) you (or your authorised representative) have provided written consent to the collection and usage of your personal data for those purposes, or (b) collection and use of personal data without consent is permitted or required by the PDPA or other laws. We shall seek your consent before collecting any additional personal data and before using your personal data for a purpose which has not been notified to you (except where permitted or authorised by law).

2. We may collect and use your personal data for any or all of the following purposes:
   1. in order to display this Website to you and ensure stability and security;
   2. verifying your identity;
   3. responding to, handling, and processing queries, requests, applications, complaints, and feedback from you;
   4. managing your relationship with us;
   5. processing payment or credit transactions;
   6. sending your marketing information about our goods or services;
   7. complying with any applicable laws, regulations, codes of practice, guidelines, or rules, or to assist in law enforcement and investigations conducted by any governmental and/or regulatory authority;
   8. any other purposes for which you have provided the information;
   9. transmitting to any unaffiliated third parties including our third party service providers and agents, and relevant governmental and/or regulatory authorities, whether in Singapore or abroad, for the aforementioned purposes; and
   10. any other incidental business purposes related to or in connection with the above.

3. We may disclose your personal data: (a) where such disclosure is required for performing obligations in the course of or in connection with our provision of the goods or services requested by you; or (b) to third party service providers, agents and other organisations we have engaged to perform any of the functions listed in clause 5 above for us.

4. The purposes listed in the above clauses may continue to apply even in situations where your relationship with us (for example, pursuant to a contract) has been terminated or altered in any way, for a reasonable period thereafter (including, where applicable, a period to enable us to enforce our rights under any contract with you).

Further Functions and Service of This Website

1. Alongside the purely informational use of this Website, we offer a number of different services which you may use if they are of interest to you. For this purpose, you will normally have to supply some additional personal data which we will use to provide the respective service and to which the aforementioned principles of data processing apply.

2. We use external service providers for some parts of the processing of your data. These providers have been carefully selected and engaged by us, are bound to instructions and are monitored regularly.

3. Furthermore, we may provide your personal data to third parties if participation in promotions, contract conclusions or similar services of Treasure Cloud are offered in conjunction with associates. You will receive detailed information on this when you supply your personal data, or in the service description below.

Withdrawing Your Consent

1. The consent that you provide for the collection, use and disclosure of your personal data will remain valid until such time it is being withdrawn by you in writing. You may withdraw consent and request us to stop using and/or disclosing your personal data for any or all of the purposes listed above by submitting your request in writing or via email to our Data Protection Officer at the contact details provided below.

2. Upon receipt of your written request to withdraw your consent, we may require reasonable time (depending on the complexity of the request and its impact on our relationship with you) for your request to be processed and for us to notify you of the consequences of us acceding to the same, including any legal consequences which may affect your rights and liabilities to us. In general, we shall seek to process your request within ten (10) business days of receiving it.

3. Whilst we respect your decision to withdraw your consent, please note that depending on the nature and scope of your request, we may not be in a position to continue providing our goods or services to you and we shall, in such circumstances, notify you before completing the processing of your request. Should you decide to cancel your withdrawal of consent, please inform us in writing in the manner described in clause 8 above.

4. We will respond to your request as soon as reasonably possible. Should we not be able to respond to your request within thirty (30) days after receiving your request, we will inform you in writing within thirty (30) days of the time by which we will be able to respond to your request. If we are unable to provide you with any personal data or to make a correction requested by you, we shall generally inform you of the reasons why we are unable to do so (except where we are not required to do so under the PDPA).

Access to and Correction of Personal Data

1. If you wish to make (a) an access request for access to a copy of the personal data which we hold about you or information about the ways in which we use or disclose your personal data, or (b) a correction request to correct or update any of your personal data which we hold about you, you may submit your request in writing or via email to our Data Protection Officer at the contact details provided below.

2. Please note that a reasonable fee may be charged for an access request. If so, we will inform you of the fee before processing your request.

3. We will respond to your request as soon as reasonably possible. Should we not be able to respond to your request within thirty (30) days after receiving your request, we will inform you in writing within thirty (30) days of the time by which we will be able to respond to your request. If we are unable to provide you with any personal data or to make a correction requested by you, we shall generally inform you of the reasons why we are unable to do so (except where we are not required to do so under the PDPA).

Protection of Personal Data

1. To safeguard your personal data from unauthorised access, collection, use, disclosure, copying, modification, disposal or similar risks, we have introduced appropriate administrative, physical and technical measures such as up-to-date antivirus protection, encryption and the use of privacy filters to secure all storage and transmission of personal data by us, and disclosing personal data both internally and to our authorised third party service providers and agents only on a need-to-know basis.

2. You should be aware, however, that no method of transmission over the Internet or method of electronic storage is completely secure. While security cannot be guaranteed, we strive to protect the security of your information and are constantly reviewing and enhancing our information security measures.

Accuracy of Personal Data

1. We generally rely on personal data provided by you (or your authorised representative). In order to ensure that your personal data is current, complete and accurate, please update us if there are changes to your personal data by informing our Data Protection Officer in writing or via email at the contact details provided below.

Retention of Personal Data

1. We may retain your personal data for as long as it is necessary to fulfil the purpose for which it was collected, or as required or permitted by applicable laws.

2. We will cease to retain your personal data, or remove the means by which the data can be associated with you, as soon as it is reasonable to assume that such retention no longer serves the purpose for which the personal data was collected, and is no longer necessary for legal or business purposes.

Transfers of Personal Data Outside of Singapore

1. We may transfer your personal data to countries outside of Singapore. If we do so, we will take steps to ensure that your personal data continues to receive a standard of protection that is at least comparable to that provided under the PDPA.

Cookies

1. In addition to the aforementioned data, cookies are stored on your computer when you use this Website. Cookies are small text files which are stored on your hard drive and allocated to the browser used by you and through which the agency which sets the cookie (in this case Treasure Cloud) is provided with particular pieces of information. Cookies cannot execute applications or transfer viruses to your computer. Their purpose is to make the online service generally more user-friendly and effective.

2. Use of cookies: This Website uses the following types of cookies, the scope and functioning of which are explained below:

Use of Google Analytics

1. This Website uses Google Analytics, a web analysis service of Google Inc. (“Google”). Google Analytics cookies to allow the Website operator to analyse how users use the site. The information generated by the cookie about your use of this Website is usually transferred to a Google server in the USA and stored there. However, if IP anonymisation is activated on this Website, Google will reduce your IP address within Member States of the European Union or in other states party to the Agreement on the European Economic Area beforehand. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there. On our behalf, Google will use this information to evaluate your use of the Website, to compile reports on Website activity and to provide the Website operator with other services related to Website and internet use.

2. The IP address transmitted by your browser in the context of Google Analytics is not merged with other Google data.

3. You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this Website. You can also prevent Google from collecting the data generated by the cookie and relating to your use of the Website (including your IP address) and from processing this data by Google by downloading and installing the Browser Add-on: http://tools.google.com/dlpage/gaoptout?hl=en.

4. This Website uses Google Analytics with the extension “anonymizeIp()”. This means that IP addresses are processed further in a shortened version, which excludes the possibility of attribution to a particular individual. If the data collected about you is attributable to your person, this attribution is therefore immediately excluded and the personal data therefore immediately deleted.

5. We use Google Analytics in order to be able to analyse use of and continually improve this Website. The statistics gained enable us to improve our services and design them in a manner which is of more interest to you as the user. For the exceptional cases in which personal data is transferred to the USA, Google has committed itself to the EU-US Privacy Shield https://www.privacyshield.gov/EU-US-Framework

6. Details of the third-party provider: Google Dublin, Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland, Fax: +353 (1) 436 7.
   1. Terms of Use: https://www.google.com/analytics/terms/gb.html
   2. General information on data protection: http://www.google.com/intl/en/analytics/learn/privacy.html
   3. Privacy statement: http://www.google.de/intl/en/policies/privacy

Registration and Use of Treasure.cloud

1. If you would like to register and use Treasure.cloud, you must provide your email address. There is no obligation to provide your real name. The website may be used under a pseudonym.

2. When you register and use the service, Treasure Cloud stores the data required for contract performance, including details of the email address. In order to prevent the unauthorised access of third parties to your personal data, the connection is encrypted by TLS technology.

3. Furthermore, the data necessary for the encryption, especially the public and private key, will be stored inside Anqlave Data Vault that is managed by us (the private key in encrypted form and cannot be decrypted and exported at any time). The aforementioned data will exclusively be used to enable continuity of the service.

Data Protection Officer

1. You may contact our Data Protection Officer if you have any enquiries or feedback on our personal data protection policies and procedures, or if you wish to make any request, in the following manner:

Effect of Notice and Changes to Notice

1. This Policy applies in conjunction with any other notices, contractual clauses and consent clauses that apply in relation to the collection, use and disclosure of your personal data by us.

2. We may revise this Policy from time to time without any prior notice. You may determine if any such revision has taken place by referring to the date on which this Policy was last updated. Your use of this Website constitutes your acknowledgement and acceptance of such changes.