Privacy Policy

Last update: Jan/2020

Your Privacy is Important to Us

In this Policy, “we”, “us”, “our” or “Epsilo” means BuffaloTechnology Pte. Ltd. and/or its affiliates and related companies (as the case may be), and “you”, “your” or“yours” means the persons to whom this Policy applies`.The security of your personal data is important to us. Epsilo has in place safeguards to protect the personal data stored with us. This Policy describes how we may collect, use, disclose, process and manage your personal data which is subject to the Personal Data Protection Act (No. 26 of 2012) ofSingapore ("PDPA"). By interacting with us and/or engaging our services, using our website or submitting information to us, you agree and consent to us collecting, using and disclosing your personal data in the manner set forth in this Policy. This Policy supplements but does not supersede nor replace any other consents you may have previously provided to us in respect of your personal data, and your consents herein are additional to any rights which we may have at law to collect, use or disclose your personal data.

What Personal Data We Collect

Personal data is data that can be used to identify a natural person but excludes “business contact information” as defined in the PDPA.If you provide us with any personal data relating to a third party, by submitting such personal data to us, you also represent to us and must ensure that you have notified the third party of the terms of this Policy and obtained his/her consent thereto. As a parent or legal guardian, please do not allow minors under your care to submit personal data to us. In the event that such personal data of a minor is disclosed to us, you hereby consent to the processing of the minor’s personal data and accept and agree to be bound by this Policy and take responsibility for his or her actions.Some examples of personal data that we may collect are:
(a)        personal particulars (e.g. name, contact details, residential address, date of birth and/or identity card/passport details);
(b)        banking information (e.g. credit card details and banking transactions);
(c)        transaction information (such as payment method, locations and distance travelled); and/or
(d)        personal opinions made known to us (e.g. feedback or responses to surveys.

Usage of Your Personal Data

We may use your personal data for our core business purposes, such as:
(a)        providing our services;
(b)        creating, administering and updating your account;
(c)        responding to, processing and handling your queries, feedback, suggestions, etc;
(d)        verifying your identity, processing payments as well as managing our administrative, business operations (including the processing, storage, monitoring and backup of data) and complying with internal policies and procedures;
(e)        communicating with you, including providing you with updates on changes to products and services (whether made available by us or through us) including any additions, expansions, suspensions and replacements of or to such products and services and their terms and conditions;
(f)         complying with all applicable laws, regulations, rules, directives, orders, instructions and requests from any authorities, including regulatory, governmental, tax and law enforcement authorities or other authorities;
(g)        financial reporting, regulatory reporting, management reporting, risk management, audit and record keeping purposes;
(h)        enforcing obligations owed to us;
(i)         seeking professional advice, including legal advice; and/or
(j)         any other purpose relating to any of the above.In your interactions with us, we may also have specifically notified you of other purposes for which we collect, use or disclose your personal data. If so, we will collect, use and disclose your personal data for these additional purposes as well, unless we have specifically notified you otherwise.

Use of Personal Data for Marketing Purposes

We may use your personal data to offer you products or services, including special offers or entitlements that may be of interest to you or for which you may be eligible. Such marketing messages may be sent to you in various modes including but not limited to electronic mail, short message service, telephone calls and other mobile messaging services. In doing so, we will comply with the PDPA and other applicable data protection and privacy laws.If we have an ongoing relationship with you and you have not indicated to us that you do not wish to receive telemarketing messages sent to your Singapore telephone number, we may send you telemarketing messages to yourSingapore telephone number related to the subject of our ongoing relationship via short message service and other mobile messaging services (other than a voice or video call).You may at any time request that we stop contacting you for marketing purposes via selected or all modes.To find out more on how you can change the way we use your personal data for marketing purposes, or to request that we stop contacting you for marketing purposes, please contact us (please see the “How to contact us”section below).Nothing in this section shall vary or supersede the terms and conditions that govern our relationship with you.

Disclosure and Sharing of Personal Data

We may from time to time and in compliance with all applicable laws on data privacy, disclose your personal data to any personnel of Epsilo or to third parties, whether located in Singapore or elsewhere, in order to carry out the purposes set out above. Please be assured that when we disclose your personal data to such parties, we require them to ensure that any personal data disclosed to them are kept confidential and secure. We wish to emphasise that we do not sell personal data to any third parties and we shall remain fully compliant of any duty or obligation of confidentiality imposed on us under the applicable agreement(s) and/or terms and conditions that govern our relationship with you or any applicable law. We may transfer, store, process and/or deal with your personal data outside Singapore. In doing so, we will comply with the PDPA and other applicable data protection and privacy laws.

Cookies and Related Technologies

Our website use cookies. A cookie is an element of data placed on your computer or mobile device when you visit a website or use a mobile application. We use cookies in some parts of our website to store user preferences and record session information. Cookies collect information about users and their visit to the website or use of the mobile application, such as their Internet protocol (IP) address, how they arrived at the website (for example, through a search engine or a link from another website) and how they navigate within the website or mobile application. We use your IP address to help diagnose problems with our server, and to administer our website. From your IP address, we may identify the general geographic area from which you are accessing our website; however, we will not be able to pinpoint the exact geographic location from which you are accessing our website. We use cookies and other technologies to facilitate your internet sessions, offer you products and/or services according to your preferred settings, track use of our websites, and to compile statistics about activities carried out on our websites. A pixel tag, also known as a web beacon, is an invisible tag placed on certain pages of our website but not on your computer. Pixel tags are usually used in conjunction with cookies and are used to monitor the behaviour of users visiting the website.You may set up your web browser to block cookies which will in turn disable the pixel tags from monitoring your website visit. You may also remove cookies stored from your computer or mobile device. However, if you do block cookies and pixel tags, you may not be able to use certain features and functions of our website.

Other Websites

Our website may contain links to other websites and resources which are not maintained by us. We have no control over and do not take any responsibility for these third-party websites and their personal data handling practices, and you are encouraged to review the personal data policies of such websites.

Retention of Personal Data

Your personal data is retained as long as the purpose for which it was collected remains and until it is no longer necessary for any other legal or business purposes.

Access, Correction and Withdrawal

You may request access or make corrections to or withdraw your consent to any use of your personal data held by us. If you withdraw your consent to any or all use of your personal data, depending on the nature of your request, we may not be in a position to continue to provide our services to you.Please contact us for details on how you may request access, correction to or withdrawal of your personal data.

How to Contact Us

To contact us on any aspect of this Policy or your personal data or to provide any feedback that you may have, please get in touch with ourData Protection Officer as follows:Email: support@epsilo.io

Amendments and Updates of Epsilo Privacy Policy

We may amend this Policy from time to time to ensure that this Policy is consistent with any developments to the way we use your personal data or any changes to the laws and regulations applicable to us. We will make available the updated policy on our website (https://epsilo.io). All communications, transactions and dealings with us shall be subject to the latest version of this Policy in force at the time.We may from time to time update this Policy. Updates will be posted on our website. By continuing to interact with us, subject to applicable law, you agree to be bound by the prevailing terms of the policy as so updated from time to time. Without prejudice to the foregoing, by accessing and using our website in any way, you represent and warrant that you have read, understand and consent to the collection, use and disclosure of your personal data as set out above.