Legal

PRIVACY POLICY

 

Last modified: 21 September 2019

 

Please read through this privacy policy (“Privacy Policy”) carefully as it explains to you how Piston Vault Pte. Ltd. (UEN No. 201828687E), a company duly incorporated in Singapore (“Piston Vault”, “we”, “us”, “our” as the context permits), collects, uses, discloses, retains and otherwise processes Personal Data.

 

Personal Data” means data, whether true or not, about a person who can be identified: (a) from that data; or (b) from that data and other information to which we have or are likely to have access. However, Personal Data does not include information that has been made anonymous or aggregated so that it can no longer be used to identify a specific person, whether in combination with other information or otherwise.

 

By accessing, visiting, browsing and/or using the Website and/or the Service, you consent to us collecting, using, disclosing, storing and processing your Personal Data as described in this Privacy Policy. If you do not agree with any of its terms, you should immediately discontinue use of the Website and/or Service.

 

In this Privacy Policy, “include” (and its derivatives, such as “including” and “includes”) means to include without limitation and every occurrence of this term shall be construed as defined aforesaid, whether or not capitalised. Unless otherwise defined, capitalised terms used in this Privacy Policy have the same meanings given to them in our Terms of Service [hyperlink to Terms of Service].

 

  1. INFORMATION WE COLLECT

You acknowledge and agree that we (or service providers acting on our behalf) may collect certain information from you and any devices you use, including your Personal Data, whenever you access and/or use the Website and/or Service, or interact with us. We may also require you to provide us or our service providers with your Personal Data in order for us to provide our services to you, and/or in order for our service providers to provide their services to us.

 

We generally do not collect your Personal Data unless:

  • it is provided to us voluntarily by you directly or via a third party who has been duly authorised by you to disclose your Personal Data to us (your “authorised representative”), you (or your authorised representative) have been notified of the purposes for which it is collected and you (or your authorised representative) have provided your consent to its collection and usage for such purposes (by virtue of this Privacy Policy or a separate consent process);
  • it is provided to us voluntarily by you for a purpose, and it is reasonable in the circumstances that you are deemed to have consented to our collection, use and disclosure of that Personal Data for that purpose; or
  • collection and use of Personal Data without consent is permitted or required by applicable laws.

 

Personal Data which we (or service providers acting on our behalf) collect include the following:

 

Account Information. We use customer registration, authentication and identity management services provided by the following service provider. When you register for an Account with us, they will collect and store your usernames and passwords, full name, gender, email address, residential address, country of residence, contact number, date of birth , job title, business name, business type, business website and business VAT/GST This information is used to register your Account, to set up your user profile and to allow you to access and/or use the Service using your username and password. Your Personal Data will be stored and/or processed in the location(s) below in compliance with applicable laws, including the EU General Data Protection Regulation (“GDPR”). For more information, please refer to their terms of service and/or privacy policy.

Service provider: Auth0, Inc.

Place of storage and/or processing: European Union, United States of America

Terms of Service: https://cdn.auth0.com/blog/website/legal/files/Auth0-SS-TOS.pdf

 

Payment Information. We use subscription and payment management and processing services by the following service provider. When you register for a Trial, purchase a Subscription Plan and/or otherwise make payments using their service, they will collect and store your name on your credit/debit card(s), card number(s), card expiry date(s), CVV code, residential address, billing address, email address, records of transactions made – This information is used to process payments by credit card, debit card, PayPal account or other approved methods, to facilitate billing, to prevent, detect and investigate fraud or other prohibited activities, to facilitate dispute resolution such as chargebacks or refunds, to send you invoices and for other purposes associated with the acceptance of credit and debit cards, PayPal accounts or other approved payment methods. Your personal data will be stored and/or processed in the location(s) below in compliance with applicable laws, including the GDPR. For more information, please refer to their terms of service and/or privacy policy.

 

Service provider: Chargebee, Inc.

Place of storage and/or processing: European Union, United States of America

Privacy policy: https://www.chargebee.com/privacy/; https://www.chargebee.com/docs/eu-gdpr.html.

 

Communications. If you send us personal correspondence, contact us or communicate with us in any way (e.g. by sending us emails, messages or mail and/or by making phone calls to us), we may collect and maintain records of such communications.

 

We also use a customer support platform provided by the following service provider. If you correspond with, contact or communicate with us through our customer support platform, the service provider will collect, maintain records of and disclose to us such communications. Your Personal Data will be stored and/or processed in the location(s) below in compliance with applicable laws, including the GDPR. For more information, please refer to their terms of service and/or privacy policy.

 

Service provider: Zendesk, Inc.

Place of storage and/or processing: European Economic Area, United States of America

Terms of service: https://www.zendesk.com/company/customers-partners/master-subscription-agreement/

 

Information relating to your communications will be used by us and/or our service provider to respond to, process and handle your queries, requests, feedback and Submissions and to generally administer and manage our relationship with you.

 

You acknowledge that links to the terms of service and/or privacy policies of our service providers are provided herein for your convenience only and may not be current or updated. You agree to refer to the respective websites of these service providers for up-to-date information on how they collect, use, disclose, retain and otherwise process your Personal Data.

               

  1. HOW WE USE AND SHARE INFORMATION
    • How we use your Personal Data. Apart from the purposes described in Section 1 above, we may generally use your Personal Data for the following purposes:
  • performing obligations in the course of or in connection with our provision of the services requested by you;
  • providing you with personalised services and/or to customise your user experience of the Website and/or Service;
  • verifying your identity;
  • responding to, handling, and processing queries, requests, applications, complaints, feedback and Submissions from you;
  • generally administering and/or managing your relationship with us;
  • processing payment or credit transactions;
  • maintaining records of your instructions and our interactions with you;
  • internal reporting and analysis related to our business operations;
  • sending you information on any updates or changes to the Website and/or Service (including notifying you of any planned or unscheduled downtime) and/or Subscription Plans;
  • sending you information on any updates or changes to our Terms, Policies and/or other legal or administrative information;
  • sending you updates and publications (including our newsletters), or advertising, marketing and promotional communications (including updates on our Promotions), where you have requested or consented to be on our mailing list or to receive such communications respectively;
  • any other purposes for which you have provided the information;
  • any other incidental business and/or administrative purposes related to or in connection with the above; and/or
  • such as we believe to be necessary and/or appropriate to:
    • comply with applicable laws, regulations, guidelines and/or codes of conduct (or any request or direction of any public, government or regulatory authorities, including those outside your country of residence);
    • comply with legal process (including assisting in law enforcement and investigations conducted by any governmental and/or regulatory authority);
    • protect the rights, privacy, safety property and/or operations of any person (including us and any person accessing and/or using the Website and/or Service);
    • protect the safety or integrity of the Website and/or Service (including to help prevent spam, abuse, or malicious actors on the Website and/or Service);
    • prevent, detect, mitigate and investigate potentially illegal acts, fraud and/or security breaches and to assess and manage risk, including to alert you if fraudulent activities have been detected on your Account(s);
    • enforce terms and conditions applicable to the Website and/or Service; and/or
    • allow us to pursue available remedies or limit the damages we may sustain,
  • transmitting to any unaffiliated third parties including our third party service providers, agents and other organisations we have engaged, and relevant governmental and/or regulatory authorities, whether in Singapore or abroad, for the aforementioned purposes.

 

  • Sharing of Personal Data with third parties. Apart from the service providers identified in Section 1 above, we may share your Personal Data in the ordinary course of our business with other third parties to use on our behalf for purposes that are consistent with this Privacy Policy (including any of the purposes set out in Clause 1 above). Such third parties include:
  • if you are an End-User, your Company and other End-Users linked to your Company’s Account;
  • our related companies such as our subsidiaries and holding company (if any);
  • our lawyers, auditors and professional advisors;
  • service providers who provide services to us (including marketing, email delivery services, analytics and search engine providers, website hosting, web design, maintenance, database hosting, data analysis, IT services, payment processing, customer service, infrastructure provision, logistics, storage, auditing services and other similar services), or to which we may outsource one or more aspects of our business;
  • third parties in the event of any reorganisation, merger, sale, joint venture, assignment, transfer or other disposition of all or any portion of our business, assets or stock (including in connection with any liquidation or similar proceedings, and/or to an acquirer of our business or assets or any part thereof); and
  • our partners and investors or potential partners and investors and other parties with a view to a potential business partnership, collaboration, join venture or otherwise in furtherance of our business.

 

We will only share your Personal Data with such third parties to the extent that this is necessary for us to perform our services for you and/or for them to perform their services for us.

 

  1. ADDITIONAL INFORMATION WE RECEIVE ABOUT YOU
    • Cookies

We may collect data by way of “cookies” when you access and/or use the Website and/or Service. A cookie is a small data file that is stored on your computer or mobile device. We use cookies to help us improve the quality of access to and/or use of the Website and/or Service, and to provide a more tailored and user-friendly service to our visitors and users. For example, we use cookies to:

  • store user preferences and track user trends (such as how people access and/or use the Website and/or Service and their access and/or usage preferences);
  • obtain information on how and when pages in the Website and/or Service are accessed and/or used and by how many people;
  • help you complete tasks on the Website and/or Service without having to re‑enter information when browsing from one page to another or when accessing and/or using the Website and/or Service later (e.g. to enable you to enter your Login Codes or billing information less frequently and to help us retrieve your configuration settings between uses from our servers); and
  • make the advertisements and content you see more relevant to you.

 

You can choose to accept or decline cookies. Most web browsers and devices automatically accept cookies, but you can usually modify your browser or device settings to decline cookies, delete installed cookies or to notify you when you receive a cookie. Doing so will limit the functionality we can provide you when you access and/or use the Website and/or Service. You can also opt-out of or withdraw your consent to our use of cookies by following the instructions on our Website.

 

For more information on the types of cookies we use, and the type of information they collect, please refer to our Cookie Policy.

 

  • Non-Personal Data

When you access and/or use the Website and/or Service, we may collect, use, disclose, retain and otherwise process (or our systems may automatically collect, use, disclose, retain and process) directly or through third party services and applications:

  • log data, including your unique user device number, the IP address of your computer or device, information about your computer or mobile internet browser type and version, computer or device operating system, the dates and times of your access to and/or use of the Website and/or Service, the number and frequency of visitors to the Website, the URL that you just came from and the URL you next go to (whether these URLs are on the Website and/or Service or not);
  • session and usage data about your access to and/or use of the Website and/or Service, including connection and service-related data such as information relating to the connection request, server communication and data sharing, network measurements, quality of service and date, time and location of usage; and/or
  • aggregate information about the access to and/or use of the Website and/or Service (which may contain log data and session and usage data) in respect of a group or category of services or users but which contains no personally identifiable information about the users,

(collectively “Non-Personal Data”).

 

For the avoidance of doubt, “Non-Personal Data” is information that does not identify you or any other individual and does not include Personal Data.

 

We may use Non-Personal Data for any purpose, including:

  • for our own internal business purposes;
  • to measure traffic patterns;
  • for the purpose of system administration;
  • to enable us to analyse, research and track access to and/or usage of the Website and/or Service (including conducting internal research on user demographics, interests, behaviour and trends among users);
  • to provide, improve and modify the Website and/or Service;
  • to improve our algorithms, measure Website and/or Service access and/or usage, publish summaries online or offline, develop new features such as recognising popular activity routes, areas and places; and/or
  • for promotion and marketing purposes.

 

  1. WITHDRAWING CONSENT

The consent you provide for the collection, use and disclosure of your Personal Data will remain valid until it is withdrawn by you in writing. You may withdraw your consent and request that we stop collecting, using, disclosing, retaining and otherwise processing your Personal Data for any or all of the purposes listed above by submitting a request in writing to our Data Protection Officer at the contact details provided below.

 

Whilst we respect your decision to withdraw your consent, please note that depending on the nature and scope of your request, we may not be in a position to continue to provide access to and/or use of the Website and/or Service to you if you withdraw your consent to us collecting, using, disclosing, retaining or otherwise processing your Personal Data for certain purposes. In such circumstances, we will notify you before completing the processing of your request. Should you decide to cancel your withdrawal of consent, please inform our Data Protection Officer in writing at the contact details provided below.

 

Upon receipt of your written request to withdraw your consent, we may require reasonable time (depending on the complexity of the request and its impact on our relationship with you) for your request to be processed and for us to notify you of the consequences of us acceding to the same, including any legal consequences which may affect your rights and liabilities to us. In general, we shall seek to process your request within fourteen (14) business days of receiving it. Should we not be able to respond to your request within thirty (30) days after receiving your request, we will inform you in writing within thirty (30) days of the time by which we will be able to respond to your request. If we are unable to accede to your request, we shall generally inform you of the reasons why we are unable to do so (except where we are not required to do so under applicable laws).

 

Notwithstanding that you may have withdrawn consent, you acknowledge we may continue to collect, use, disclose, retain or otherwise process your Personal Data where such collection, use, disclosure, retention or processing is permitted or required under applicable laws.

 

  1. YOUR RIGHTS

You may exercise the following rights, subject to limits, conditions and exceptions under applicable laws. For further information on each of those rights, including the circumstances in which they apply and the limits, conditions and exceptions applicable to the exercise of such rights, please contact our Data Protection Officer.

  • Right to access to Personal Data. You have the right to access your Personal Data. You may access and download most of your Personal Data through the Account(s) you have with us. To request for a copy of your Personal Data that is not available on your Account(s), or for information about the ways in which we use or disclose your Personal Data, you may write to our Data Protection Officer.
  • Right to rectification and addition to Personal Data. You can correct, delete or modify most of the Personal Data using the tools and settings under your Account(s).
  • Right to erasure. You have the right to request for the prompt erasure of your Personal Data if:
    • it is no longer necessary in relation to the purposes for which it was collected or otherwise processed;
    • you withdraw your consent to the processing of Personal Data and there is no other legal ground for the processing;
    • you object to the processing of your Personal Data and/or there are no overriding legitimate grounds for the processing;
    • your Personal Data has been processed unlawfully;
    • your Personal Data has to be erased for compliance with legal obligations under applicable laws;

subject to certain conditions under applicable laws.

  • Right to restrict processing. You have the right to request that we restrict the processing of your Personal Data in certain situations (e.g. if you contest the accuracy of the Personal Data).
  • Right to portability of Personal Data. You have the right to obtain your Personal Data in a structured, commonly used, and machine-readable format and the right to provide such data to another controller, provided that processing is carried out by automated means and based on the performance of an agreement between us or on your consent. Please note that under your Account(s), you can download a copy of some of your Personal Data.
  • Automated individual decision making. You have the right not to be subject to a decision based solely on automated processing (including profiling) that produces legal effects concerning you or similarly significantly affects you.
  • Right to file complaint with supervisory authority. You have the right to file a complaint with the relevant supervisory authority, i.e. the Office for Personal Data Protection in the European Union.
  • Right to object. You have the right to object at any time to the processing of your Personal Data for direct marketing purposes and in certain other situations to our continued processing of your Personal Data. You can opt out of receiving or unsubscribe from any SMS, email or other marketing communications from us by using the unsubscribe facility that is provided with such SMS, email or other communication, or by writing in to our Data Protection Officer with your request. Please note that if you do opt out of receiving marketing-related communications from us, we may still send you important legal or administrative messages, and that you cannot opt out of receiving such messages.

 

If you would like to exercise any of the above rights, please:

  • inform our Data Protection Officer in writing at the contact details provided below; and
  • provide our Data Protection Officer with enough information to identify you (e.g. your full name, email address, residential address, contact number, address and customer reference number);
  • provide our Data Protection officer with proof of your identity (e.g. a copy of your driving licence, passport or recent utility or credit card bill); and
  • let our Data Protection Officer know what right you want to exercise and the information to which your request relates.

 

We will respond to your request as soon as reasonably possible. In general, we shall seek to process your request within fourteen (14) business days of receiving it. Should we not be able to respond to your request within thirty (30) days after receiving your request, we will inform you in writing within thirty (30) days of the time by which we will be able to respond to your request. If we are unable to provide you with any Personal Data or to make a correction requested by you, we shall generally inform you of the reasons why we are unable to do so (except where we are not required to do so under applicable laws).

 

Please note that a reasonable fee may be charged for requests that you make in connection with the above rights, where permitted under applicable laws. If so, we will inform you of the fee before processing your request.

 

  1. SECURITY

We use commercially reasonable security measures to protect your Personal Data from unauthorised access, collection, use, disclosure, copying, modification, disposal or similar risks. We limit access to your personal information to those who have a genuine business need to access it. Those processing your information will do so only in an authorised manner and are subject to a duty of confidentiality.

 

  1. ACCURACY

We generally rely on Personal Data provided by you (or your authorised representative). In order to ensure that your Personal Data is current, complete and accurate, please update us if there are changes to your Personal Data by informing our Data Protection Officer or contacting us at the contact details provided below.

 

  1. RETENTION OF YOUR PERSONAL DATA

We will retain your Personal Data (including Personal Data from closed Accounts) for as long as is necessary to fulfil the purpose(s) for which it was collected, as required or permitted by applicable laws (including to satisfy legal, regulatory, accounting or other regulatory requirements) or as we deem necessary and relevant to protect our legitimate interests.

 

When it is reasonable for us to assume that retention of your Personal Data no longer serves the purpose for which the Personal Data was collected, and is no longer necessary for legal, regulatory, accounting or business purposes, we will cease to retain your Personal Data, or remove the means by which the Personal Data can be associated with you.

 

We may use any aggregated data derived from or incorporating your Personal Data after you terminate your Account(s), but not in a manner that would identify you personally unless permitted by law.

 

  1. WHERE YOUR INFORMATION IS HELD
    • Your Personal Data may be stored at our offices and those of our group companies, third party agencies, service providers, representatives and agents as described above. Some of these third parties may be based outside your country of residence.
    • Cross-border transfers. To deliver services to you, it is sometimes necessary for us to transfer your Personal Data out of your country of residence e.g.:
      • to our offices outside your country of residence;
      • to our service providers located outside your country of residence;
      • if you are based outside the country where we are located; and/or
      • where there is an international dimension to the services we are providing to you.
    • Where we transfer your Personal Data to countries outside of your country of residence, we will do so in accordance with applicable laws, including (where transfers are made outside of Singapore), to take steps to ensure that your Personal Data continues to receive a standard of protection that is at least comparable to that provided under the Singapore Personal Data Protection Act 2012 (No. 26 of 2012).
    • You acknowledge and specifically consent to your Personal Data being transferred to and stored in our offices in Singapore and the United States of America, and the locations where our service providers store and process your Personal Data, as identified under Section 1

 

  1. MINIMUM AGE

We do not knowingly collect or solicit Personal Data from those below the Minimum Age, or knowingly allow such persons to register for an Account with us. The Service is not intended for use by persons under the Minimum Age. If you are under the Minimum Age, please do not attempt to register for an Account and/or use the Service, or provide us with any of your Personal Data.

 

  1. CHANGES TO THE PRIVACY POLICY
    • This Privacy Policy applies in conjunction with any other notices, contractual clauses and consent clauses that apply in relation to the collection, use and disclosure of your Personal Data by us.
    • We may revise this Privacy Policy from time to time in the exercise of our sole discretion without any prior notice to you (save where required by applicable laws). If we make a change to this Privacy Policy that we consider is material, we will endeavour to notify you by:
    • posting the revised Privacy Policy on the Website;
    • displaying the new terms on-screen when you next access and/or use the Service;
    • sending you notice in accordance with the Terms; and/or
    • any combination of the foregoing.
    • Notwithstanding the foregoing, you agree that you are responsible for periodically reviewing this Privacy Policy for any changes and keeping yourself informed of the most up-to-date version of this Privacy Policy. You may determine if any such revision to this Privacy Policy has taken place by referring to the date on which this Privacy Policy was last updated.
    • If you do not agree to any revision to this Privacy Policy, you are to stop accessing and/or using the Website and/or Service immediately. Your continued use of the Website and/or Service after a change has been made will constitute your assent to and acceptance of the revised Privacy Policy.

 

  1. CONTACTING US

 

Details of the data controller are as follows:

Data Controller: Piston Vault Pte. Ltd.

Address (in Singapore):  55 Mohamed Sultan Road, 01-04 Sultan Link, 238995, Singapore

 

If you have any questions or wish to contact us about any matter relating to this Privacy Policy, please write to our Data Protection Officer at the contact details below:

Data Protection Officer: Federico Lo Conte

Address: 55 Mohamed Sultan Road, 01-04 Sultan Link, 238995, Singapore

E-mail: administration@pistonvault.com

 

Notwithstanding that you may have opted out of communications, or your Account(s) with us have been terminated, and/or you have removed your billing information from your Account(s), you acknowledge that certain Personal Data may be retained by us for the purpose of complying with relevant laws.  

 

This Privacy Policy shall be subject to, governed by and construed in accordance with Singapore law.

 

Effective date: 21 September 2019

 

Last updated: 21 September 2019