Last revised: 12 May 2023
INTRODUCTION AND SCOPE
THIS POLICY DESCRIBES THE PRIVACY PRACTICES OF HANDSHAKES REGARDING THE PROCESSING OF PERSONAL DATA OF OUR OFFICERS, EMPLOYEES AND CUSTOMERS (TO THE EXTENT APPLICABLE). THIS POLICY APPLIES GLOBALLY TO ALL OUR SERVICES AND PLATFORMS. BY USING OUR SERVICES OR PLATFORMS, YOU ARE DEEMED TO HAVE PROVIDED YOUR CONSENT FOR YOUR PERSONAL DATA TO BE PROCESSED ACCORDING TO THIS POLICY. THIS POLICY IS AVAILABLE THROUGH OUR WEBSITE AT THE FOLLOWING LINK: https://www.handshakes.com.sg/privacy-policy/.
WE RESERVE THE RIGHT TO REVISE THIS POLICY FROM TIME TO TIME TO REFLECT CHANGES IN OUR BUSINESS, SERVICES, PLATFORMS, PRACTICES AND POLICIES, AND / OR ANY APPLICABLE DATA PROTECTION LAWS, WITHOUT CONSULTING OR PRE-INFORMING YOU. IF WE DO MAKE SUCH REVISIONS, WE WILL REFLECT THE LATEST REVISED POLICY ON THIS PAGE AND INDICATE THE DATE ON WHICH THE POLICY WAS LAST REVISED. WE ENCOURAGE YOU TO REVIEW THIS POLICY PERIODICALLY, ESPECIALLY BEFORE YOU PROVIDE ANY PERSONAL DATA TO US. YOUR CONTINUED USE OF OUR SERVICES OR PLATFORMS AFTER ANY REVISIONS TO THIS POLICY ARE MADE CONSTITUTES YOUR ACCEPTANCE OF THE REVISED POLICY.
For the purposes of the Policy, the following definitions shall apply unless the context requires otherwise:
- Affiliates” shall mean any legal entity directly or indirectly controlling or controlled by us. For the purposes of this definition, “control”, means the power to direct or cause the direction of management or policies, whether through ownership of voting securities, contract or otherwise.
- “Customer” shall mean our clients, users, suppliers, partners, and any other parties who we have contracted or interacted with through our Services or Platforms.
- “Data Protection Laws” shall mean in relation to any Personal Data that we Process, the Personal Data Protection Act 2012, Singapore, together with all implementing laws and any other applicable data protection, privacy laws or privacy regulations in the relevant jurisdiction.
- “Personal Data” shall mean any information through which you can be identified directly or indirectly.
- “Personal Data Breach” shall mean a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to Personal Data.
- “Platforms” shall mean all our events, programs, and digital platforms, including our websites, apps, and social media.
- “Process” or any of its derivatives shall mean any operation or set of operations which is carried out on Personal Data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
- “Services” shall mean all information products, data, services and / or software technologies owned by and / or associated with us or the ‘Handshakes’ brand.
- “we”, “us”, “our” or any of its derivatives shall mean DC Frontiers Pte. Ltd. and / or its Affiliates, wherever applicable.
- “you”, “your”, “yours” or any of its derivatives shall mean the person to which this Policy applies.
- DATA THAT WE COLLECT
When you interact with us through the Services or Platforms, we may collect Personal Data from you or from other sources. This Personal Data may be information that you directly provide to us, such as personal information you provide when you use the Services or Platforms, or information that is passively or automatically collected from you, such as anonymous information collected from your browser or device. The categories of other sources from which we collect Personal Data include our Affiliates, partners, vendors, data brokers and public sources. The Personal Data that we collect consists of amongst others, personal identifiers, commercial information, Internet / other electronic network activity information, geolocation data, professional or employment-related information, characteristics of protected classifications, and inferences drawn from this information. More specifically, the data we may collect includes, amongst others:
- Identifiers, such as name, email address, postal address, phone number and other similar contact data.
- User credentials, such as username, password, password hints and similar security information used to create an account and authenticate users of our Services.
- Classifications and demographic data, such as age, gender, country and language preference.
- Payment data, such as credit card / billing information and address.
- Device data, such as type of device, operating system and other software installed on the device, device settings, IP address, device identifiers and error reports.
- Internet or other electronic network activity information, such as the programs and features you access, content you engage with, and the timing, frequency and duration of your interactions through the Services.
- Location data, such as IP addresses received from your device.
- Commercial information, such as products or services purchased, obtained or considered or other purchasing or consuming histories or tendencies.
- Information about your interests and preferences, including inferences drawn from your activity or other data.
- Third party integrations. If you connect your use of our Services or Platforms through a third-party service (e.g. social media platforms), the third party may share certain information obtained from you with us.
- Communications, such as from the communications you send to us, service requests / inquiries, product reviews and other feedback regarding the Services.
- Other third-party data, consisting of the categories above, collected from third-party sources outside of the Services, such as data from our Affiliates, partners or vendors, data brokers or public sources.
- HOW WE USE DATA
We use the Personal Data that we collect for amongst others, the following purposes:
Operating our business. We use the Personal Data that we collect to operate our business, including providing, tailoring, and improving our Services and Platforms. Specifically:
- To create and maintain accounts, as well as to process your registration for our Services and Platforms.
- To fulfil any functions or transactions that you request.
- To deliver location-based Services and comply with territorial restrictions.
- To diagnose and fix problems with our Services and Platforms and providing other customer support services.
- To enhance and personalise Customer experiences and better understand Customer preferences in respect to our Services and Platforms.
- To allow you to participate in interactive features, should you choose to do so.
- For analytical purposes to better understand our Customers and how they use and interact with our Services and Platforms.
- To allow us to continuously develop, expand and improve our Services and Platforms.
- To build predictive models, which allow us to tailor our Services and Platforms based on our existing data, as well as our marketing and advertising efforts.
Communicating with you. We use the Personal Data that we collect to communicate and interact with you, including responding to your requests or inquiries. Specifically:
- To follow-up and respond to your requests, questions or concerns.
- To provide information about your account, your use of our Services or Platforms or other functions or transactions that you request.
- To deliver news, updates, and other types of communications, according to your subscriptions, alerts and other preferences.
Marketing and advertising. We use the Personal Data that we collect for marketing and advertising purposes, on behalf of ourselves, as well as our partners and other parties who advertise on or via our Services and Platforms. Specifically:
- To send you promotional messages and deliver advertisements about our Services or other
products, programs or events that may be of interest to you. These may be offered by us, on our behalf, or by other third parties with whom we have a relationship. The promotional messages and advertisements that you see may be determined by Personal Data that we receive about you, such as your demographic data, location data, usage data, interests and preferences.
- To conduct internal and market research, identify usage trends, and determine the effectiveness of marketing and advertising campaigns.
Security, compliance and enforcement. We use the Personal Data that we collect for security, legal, regulatory, compliance and enforcement purposes. Specifically:
- To protect the safety and security of you, our Customers, Services and Platforms.
- To detect and prevent abuse, fraud or other unlawful or unauthorised activities.
- To resolve disputes and comply with our legal and regulatory obligations.
- To enforce our agreements, including our policies and terms that govern your use of our Services and Platforms.
We may also use your Personal Data in any other manner as disclosed at the time of collection, or when we have otherwise obtained your consent. Please note that this Policy is not intended to place any limits on what we do with aggregated, pseudonymised or anonymised data. We may also merge, co-mingle, or otherwise combine Personal Data about you with other data, in furtherance of the above.
- HOW WE SHARE DATA
The Personal Data that we collect may be shared by us for amongst others, the following purposes:
To operate our Services and Platforms. We sometimes engage or partner with other third-party providers or licensors to operate our Services and Platforms and perform certain functions on our behalf. We may provide these third parties access to your Personal Data as needed for them to perform these functions in a manner consistent with this Policy. For more information about who these third parties are, and how they use your data, please see the “Third Party Providers and Sub-Processors” section of this Policy below. We also share Personal Data with our third-party partners and suppliers as part of marketing and advertising in respect to our Services. These third parties may set their own cookies or similar web technologies to collect information about users’ online activities over time and across websites. For more information about how these third parties use your data and how you can manage these technologies, please see the “Cookies and Similar Technologies” section of this Policy below.
Within Handshakes. We share Personal Data amongst our Affiliates to provide and improve our Services and Platforms, to build predictive models in respect to our Customers, to send promotional messages and advertisements about products and services that may be of interest to you, and for other purposes consistent with this Policy.
As part of a change in business structure. In the event of a sale, merger, acquisition, reorganisation or similar event, or in contemplation of such an event (e.g., due diligence), your Personal Data may be amongst the transferred assets.
When necessary under certain circumstances. We may disclose your Personal Data when we believe that disclosure is necessary to:
- Comply with applicable law or respond to valid legal process.
- Protect the safety and security of you, our Customers, Services and Platforms.
- Prevent fraud, abuse or other unlawful or unauthorised activities.
- Protect the rights or property of us or third parties, including enforcing the terms of our agreements.
We may also share your Personal Data for any other purpose as disclosed at the time of collection, or when we have otherwise obtained your consent. Please note that this Policy is not intended to limit our ability to share or disclose aggregated, pseudonymised or anonymised data.
- YOUR CHOICES AND RIGHTS
You have many choices on how we Process Personal Data that you provide to us.
Compliance with Data Protection Laws. We will cooperate with your reasonable requests to enable you to comply with your obligations or to exercise any of your rights under Data Protection Laws. We will also assist you with your compliance with any assessment, enquiry, notice or investigation as required under Data Protection Laws. Provided that in each case, you shall reimburse us in full for all costs (including for internal resources and any third-party costs / expenses) reasonably incurred by us in performing our obligations under this section.
Revision, deletion or return of Personal Data. At your choice and request, revise, delete or return your Personal Data in our possession unless: (i) Data Protection Laws; (ii) any other laws, rules, regulations, orders, requirements, or guidelines that applies to our Services or Platforms; or (iii) any competent court, professional, regulatory, government or supervisory body / authority, requires our retention of such Personal Data (or any portion thereof).
Other choices. You may withdraw your consent provided under this Policy (or any portions thereof) or request for access, edit or remove your Personal Data in our possession at any time by using any of the methods described in the “How to Contact Us” section of this Policy below. You can also choose not to share certain location data by adjusting the settings on your device. You can also choose to limit the data that third-party services connected to our Services or Platforms (e.g., social media platforms) share with us by using the options provided to you by the applicable third-party service; or disconnect your use of the Services from such third-party services at any time by using the options provided to you by the applicable third-party service, although this will not delete the Personal Data we may have previously collected while you were connected. Please note, however, that if you withdraw your consent over any portions of this Policy or choose not to provide certain Personal Data that is necessary for the performance of our Services or Platforms, or any features thereof, we reserve the right to restrict or discontinue your use of our Services or Platforms.
- THIRD-PARTY PROVIDERS AND LICENSORS
We may engage certain third-party providers or licensors to provide and operate part of our Services or Platforms, that may collect, use, or access your Personal Data as needed for them to perform these functions. Details of these third parties are available upon your request. These third parties are only authorised by us to use your Personal Data as permitted under this Policy, or as disclosed to you at the time your Personal Data is collected. Please note, however, that these third parties may supplement Personal Data collected or received in connection with our Services or Platforms with data they collect or receive through other websites, platforms and services, in accordance with the policies and disclosures posted on those websites, platforms and services. Our Services and Platforms may also contain links to, or integrations with, other websites, platforms or services that are not operated or controlled by us (each a “Third-Party Site,” and collectively, the “Third-Party Sites”). Please note that this Policy does not apply to those Third-Party Sites. For more information on if and how those Third-Party Sites collect, use and share your Personal Data, we suggest that you contact the operators of those Third-Party Sites directly.
- COOKIES AND SIMILAR TECHNOLOGIES
- Cookies, which are small text files that are unique to your device or browser. They can either be session-based (i.e. lasting only while your browser is open and automatically deleted when you close your browser) or persistent (i.e. lasting until you delete them or they expire).
- Locally stored objects (“LSOs”) also commonly called “Flash cookies,” are stored on your device or browser to provide Services that use Adobe Flash technology.
- Web beacons or clear GIFs, which are are small pieces of code placed on a Service or Platform to collect data about users of that Service or Platform.
- Software development kits (“SDKs”), which are bits of computer code used by app developers to enable or enhance various features of an app. For example, an app developer may include an SDK within an app that enables advertisements to be shown, data to be collected, and related services or analytics to be performed in connection with the app.
We may use Tracking Technologies for the following purposes:
- For sign-in / authentication. When you sign into your account to use our Services or Platforms, we use Tracking Technologies to store your sign-in information. This allows our Services and Platforms to remember your user preferences and give you a more tailored experience based on those preferences. It also allows you to use our Services or Platforms without having to sign-in on each page or each time you return.
- We use Tracking Technologies to help detect fraud and abuse of our Services and Platforms, including attempts to access our Services and Platforms without authorisation.
- We use Tracking Technologies to gather usage and performance data about our Services and Platforms, including counting the number of unique visitors.
- We use Tracking Technologies to track how many users have seen or clicked on an advertisement. This allows us to learn which advertising campaigns are most effective and also to help limit the number of times a user is shown the same advertisement.
- We use Tracking Technologies to collect information about your interests so that we can deliver advertising that is most relevant to your interests.
- We use Tracking Technologies to collect information about how you use the Services so that we can tailor your experience based on what is most relevant to your interests.
- In some cases, we may work with third parties to synchronise our unique, anonymous identifiers (such as those associated with Tracking Technologies) with the third party’s own identifiers. This enables us to better achieve each of the purposes described above.
You also have options to manage Tracking Technologies and opt-out of interest-based advertising. Most web browsers give you the ability to manage Tracking Technologies used on a website, including blocking or deleting them. Please note that if you choose to block Tracking Technologies, you may not be able to use certain features that depend on those Tracking Technologies (such as keeping you signed in or remembering your preferences). If you choose to delete Tracking Technologies, any settings and preferences that were associated with those Tracking Technologies will also be deleted and may need to be reset. Please also note that opting out of interest-based advertising does not mean you will stop seeing, or see fewer, advertisements. It does, however, mean that the advertisements you do see will not be interest-based and may be less relevant to your interests.
We, at Handshakes take matters of security very seriously. We take a number of steps to protect your Personal Data from unauthorised access, use or disclosure and will implement appropriate technical and organisational measures to ensure a level of security of the Personal Data appropriate to the risk required pursuant to applicable Data Protection Laws. These steps and measures take into account the sensitivity of the Personal Data we Process, the risks that are presented by Processing, as well as the current state of technology. This includes, for example, storing your Personal Data on systems that have limited access and are maintained in controlled facilities. It is however important to remember that no system can be guaranteed to be 100% secure. We therefore recommend that you help us keep your Personal Data safe by taking reasonable steps such as keeping your passwords private and not disclosing sensitive Personal Data in places that can be accessed publicly.
- INCIDENT MANAGEMENT
We will notify you without undue delay after becoming aware of a Personal Data Breach and provide you with sufficient information to meet any obligations required under Data Protection Laws. Upon your request, we will co-operate with you and take such reasonable steps to assist in the investigation, mitigation, and remediation of each Personal Data Breach (“Remediation Measures”). If and to the extent costs are incurred by us in respect to such Remediation Measures, you shall reimburse us in full for all costs (including for internal resources and any third-party costs / expenses) reasonably incurred by us if you had caused or contributed to the Personal Data Breach in question. In all other scenarios, reasonable costs for Remediation Measures shall be mutually agreed between us in advance. Such Remediation Measures shall: (i) start without undue delay, (ii) be completed within a reasonable period after becoming aware of a Personal Data Breach, and (iii) be carried out within the regular business hours of the local office where the Remediation Measures are required to be taken.
- TRANSFER AND RETENTION OF DATA
Personal Data collected by us may be Processed in the region in which it was collected and / or in any other region where we maintain major operations. We currently maintain offices in Singapore, Malaysia, Vietnam, Taiwan and Australia. By providing us with your Personal Data in connection with our Services and Platforms, you acknowledge and agree that such Personal Data may be transferred from your current location to our offices and servers within our Affiliates and our authorised third-party providers or licensors. We will take all reasonable steps to ensure that the Personal Data we collect is Processed in accordance with this Policy regardless of where the Personal Data is located. We will also take all reasonable steps to ensure the safety of any cross-border transfer of Personal Data by implementing additional safeguards if required or as otherwise permitted by Data Protection Laws. We retain such Personal Data for as long as necessary to provide or fulfil any functions or transactions requested in respect to our Services and Platforms, or for other necessary purposes such as complying with our legal obligations, resolving disputes, and enforcing our agreements. Because these factors vary for different types of Personal Data, actual retention periods may vary.
- HOW TO CONTACT US
Although we strive to make this Policy as comprehensive as possible, we know you may still have questions or concerns about how we Process your Personal Data. If you have any questions, concerns or complaints regarding our data privacy practices, you may contact us via any of the following methods:
By writing to our headquarters (attention: Privacy Office) at:
190 Middle Road, #20-08 Fortune Centre, Singapore 188979
By sending us an email to: