Privacy Policy

The Simple Sum Pte. Ltd. and its affiliates (“we”, “us” or “our”) respect the privacy rights of our users (“you” or “your”) and are strongly committed to protecting your privacy. This Privacy Policy aims to give you information on how we collect, process, use, disclose and retain your personal information through our websites, applications or such other electronic services provided by us, your purchase of or signing up to our products or services (whether online or offline, including newsletters), or when you attend any of our events, courses or programs (collectively our “Services” and each a “Service”). For the purposes of this Privacy Policy, the term “affiliate” with respect to a party hereto shall mean any person or entity that controls, is controlled by, or is under common control with, such party (with “control” meaning the ability to control via board control, equity ownership, contract or otherwise). 

This Privacy Policy is based on the Personal Data Protection Act 2012 of Singapore (as may be amended, supplemented or otherwise modified from time to time, the “PDPA”) and all the associated regulations and guidelines as may from time to time be issued by the Personal Data Protection Commission of Singapore (the “PDPC”).  

Notwithstanding the above, we will take steps to comply with all applicable laws with regards to data privacy, including where local laws are more stringent than this policy. For the purposes of this Privacy Policy, the term “applicable laws” shall mean applicable laws, regulations, codes of practice, guidelines, or rules as may be amended, supplemented or otherwise modified from time to time. If you are a European Union resident, please also refer to our General Data Protection Regulation Privacy Statement, which can be found here. 

Please review this Privacy Policy in its entirety carefully before using our website, or otherwise providing us with any of your personal information. This Privacy Policy applies in conjunction with any other policies, notices, contractual clauses and consent clauses that apply in relation to the collection, use and disclosure of your personal information by us. Specifically, this Policy supplements but does not supersede nor replace any other consents which you may have previously provided to us nor does it affect any rights that we may have at law in connection with the collection, use, disclosure and/or retention of your personal information.  

Consent 

We will notify you of the purpose for collection, processing, usage or disclosure of your personal information before we collect, process, use or disclose such personal information respectively, including through the use of this Privacy Policy. By using and continuing to use this website, you consent to the collection, processing, usage and disclosure of your personal data for the purposes set out in this Privacy Policy. 

Under certain circumstances, we may deem that you have provided consent when you voluntarily provide your personal information for specific relevant purposes. For example, when you provide your name and contact information for the creation of an account, it is deemed that you have provided consent in relation to the creation of a profile linked to such account. 

We may also rely on exceptions to the need for consent under certain circumstances such as the following: 

  • Such personal information is publicly available; 
  • Such personal information is required for debt recovery from you or another person to us; 
  • Such personal data is disclosed to us or otherwise obtained directly or indirectly from a public agency; and 
  • Such personal data is disclosed to us as part of another person’s or entity’s contractual obligations or otherwise by contractual necessity. 

Information We Collect 

We may collect and process certain types of personal information. “Personal information” is data that relates to you and can (on its own or in combination with other information) identify you as an individual, whether true or not. It does not include data that has been aggregated or made anonymous whereby you can no longer be identified using means reasonably available to us.  

Personal information includes, among other things, personal information that you voluntarily provide on this website, which may include your:  

  • Verification information: name; address; e-mail address(es); telephone number(s); date of birth; gender; race; nationality; and passport number;  
  • Contact information: residential, mailing or billing address(es); e-mail address(es); and telephone number(s);  
  • Payment information: credit or debit card numbers; and bank account, billing or other financial information;  
  • Professional, academic or employment and information: company name; title; team; and other status and records; 
  • Information relating to your use of the Services both offline and online (where relevant, through cookies, pixels, web server logs, web beacons or other similar technologies – For more information, our Cookie and Other Digital Markers Policy can be found here): internet protocol address of your device; geo-location data; time, date or frequency of use; and preferences in relation to use; 
  • Biometric information: photographs; and other audio-visual information and recordings; and 
  • Social Media Information: social media and other instant messenger usernames; screen names; passwords and other profile and contact information relating to such social media and instant messenger, 

and any other types of information that you choose to upload, communicate or otherwise provide to us or that we may collect about you through our provision of any Services or your transactions with us in general, which may include any inquiries or feedback which we receive from you. 

In addition, we may also collect personal information provided by other organisations such as your employer, company or third-party sources (including other entities we believe you have authorised to provide such personal information for and on your behalf, such as business partners, unaffiliated third-party social media companies, data brokers and analysts (via data analytics tools or otherwise), or other information providers, or other commercially and publicly available and legitimate sources as permissible by applicable law). We set out the privacy policies of certain relevant third-party websites for your reference – Kindly familiarise yourself with these and ensure that you are comfortable with them: 

We also may collect information about you that is not personal information, which may include anonymised or aggregated information, intellectual property or other company information shared with us, from your use of the Services or otherwise. Where necessary, we may combine this information with personal information or other information that we receive from or about you to provide the Services you require in the manner set out below, which combination of such information possibly could be used to identify you personally. 

How We Collect, Use and Process Your Personal Information 

We may collect, use and/or process your personal information for the following purposes: 

  • providing you with our online or offline Services; 
  • carrying out your instructions or responding to your enquiries, requests for information submitted by your or on your behalf; 
  • checking or verifying your identity and/or suitability as a client for certain Services; 
  • administering and managing our relationship with you; 
  • for any promotion, business development, marketing or other communications, including that relating to newsletters or promotional material which may consist of texts, photographs, videos, or such other audio-visual content; 
  • for any logistical or administrative purposes in connection with any of our Services, including informing you or any updates or changes to any Service; 
  • contacting or corresponding with you through various means including voice calls, text messages, email, or post to administer and manage your relationship with us, including the processing of and attending or responding to any feedback, opinions or comments; 
  • processing payment, billing, invoicing or other credit-related actions; 
  • complying with applicable law or in response to a subpoena, court order, government request, or other legal process for or in connection with litigation, arbitration, mediation, adjudication, government, or internal investigations, or other legal or administrative proceeding; 
  • protecting, enforcing and/or complying with our contractual, legal rights and/or obligations, as applicable; 
  • operating and maintaining our systems and carrying out our business operations or internal protocols and policies properly including to ensure the safety and security of our users, representatives and all relevant persons in both physical and online environment, including the prevention of fraud, abuse, or other illegal or prohibited activities; and 
  • for any other incidental or ancillary purposes related to or in connection with the above, including audit requirements and carrying out market-related, evaluative, or similar research and analysis to review, develop, improve or enhance our Services. 

Disclosure of Personal Information and Other Information 

We may disclose your information, including personal information: 

  • to our affiliated or related group companies, where they are directly or indirectly involved in the provision of Services; 
  • to any entity to whom we assign, novate or otherwise transfer or may assign, novate or otherwise transfer our rights and obligations in connection with the Services, whether in relation to a merger, acquisition or sale of all or a portion of our assets or otherwise; 
  • where swift disclosure is required to respond to an emergency threatening the life, safety or health of you or any other persons; 
  • where applicable laws or regulations require such disclosure, such as producing relevant documents or information for the compliance with a subpoena, court order, government request, or other legal process, whether in connection with litigation, arbitration, mediation, adjudication, government, or internal investigations, or other legal or administrative proceeding; 
  • where such disclosure is required for performing obligations in the course of or in connection with our provision of the Services you require; 
  • to third-party service providers, agents, professional advisors and other organisations we have engaged to perform any of the functions listed in the section above for us, including (a) referring websites and applications, (b) social media services where accessed through our website or applications, (c) payment, workspace management and other backend related systems, as well as their respective representatives; and 
  • where you have created an account and have publicly disclosed any personal information through your profile, member networks, chat rooms or other groups available to other account holders. 

Please review the privacy policies of any website or application that referred you to our websites or applications, or which you are accessing from our websites or application as we are unable to place limitations on their use of personal information.  

Accuracy and Security of Personal Information 

Where personal information is submitted by you on behalf of another person or concerns another person other than yourself, you represent and warrant to us that all the necessary consents procured in accordance with applicable law, for such purposes stated in the relevant sections of this Privacy Policy have been obtained from the relevant person(s) and that you have retained proof of these consents, such proof to be provided to us upon our request. 

Where we have an ongoing relationship with you, it is crucial that you update us of any changes or updates to your personal information. As such, we may from time to time do data verification exercises for you to provide us with any such updates. 

We strive to protect the security of your information and are constantly reviewing and enhancing our information security measures. We take reasonable effort to implement appropriate administrative, technical, personnel, and physical measures (a) to safeguard personal information against loss, theft, unauthorised use, copying, disclosure, or modification; and (b) to ensure the integrity of the personal information, as encapsulated in our internal data protection rules and PDPA compliance policies. For example, we have the Azure Web Application Firewall set up in place and use the HTTPS protocol throughout our websites and web applications to provide centralised protection from common vulnerabilities and exploits in general, as well as to specifically ensure that our user communications with the servers are encrypted so that personal information are unlikely to be hijacked by third parties without authorisation. You should be aware, however, that no method of transmission over the Internet or method of electronic storage is 100% secure, in particular the transmission of data over open or public networks. Therefore, we recommend against transmitting any confidential or sensitive data over open or public networks. 

In the unlikely event that we suffer a data breach in relation to personal information, we will assess whether the data breach is notifiable, and will attempt to notify the affected persons and/or the PDPC where it is assessed to be notifiable. To be clear, a data breach does not trigger any obligation to notify affected persons and/or the PDPC. For this purpose, a “data breach” in relation to personal information means (a) the unauthorised access, collection, use, disclosure, copying, modification or disposal of personal information; or (b) the loss of any storage medium or device on which personal information is stored in circumstances where the unauthorised access, collection, use, disclosure, copying, modification or disposal of the personal information is likely to occur. 

Retention of Data 

Any personal information in our possession or under control will be destroyed and/or anonymised when: 

  • the purpose for which the personal information was collected is no longer served by the retention of such personal information, including to address any complaints, as well as develop or improve our Services in line with feedback; and 
  • the retention is no longer necessary for any audit, legal, regulatory, or business purposes, including the maintenance of business records in accordance with record retention requirements under applicable law or for business analysis purposes, as well as make or defend against any legal claims. 

Transfer of Personal Information to Other Countries 

Some of the uses and disclosures mentioned in this Privacy Policy may involve the transfer and processing of your personal information, as data in transit or otherwise to and in various countries around the world that may have different levels of privacy protection than your country. By submitting your personal information, you consent to such transfers and processing. We take reasonable steps to ensure that appropriate levels of protection necessary to maintain the security and integrity of your personal information are in place and that any transferred data is processed only in accordance with the PDPA, the GDPR and any other applicable law. Specifically, we have or will have in place appropriate contractual and/or commercial agreements or arrangements to ensure that while under certain circumstances your personal information may be disclosed or transferred to countries which do not have requirements of data protection that is comparable to that under the PDPA, parties will abide by the requirements under applicable law. Where it is necessary for relevant third parties to further disclose personal data onward to other third parties, we will endeavour to ensure that these parties also abide by the PDPA or such applicable law. 

Access, Correction and Withdrawal 

The consent that you provide for the collection, use, disclosure and retention of all or any parts your personal information will remain valid until such time it is being withdrawn by you in writing.  

You may request to access and/or correct the personal information currently in our possession or withdraw your consent for the collection, use, disclosure and/or retention of your personal information in our possession or under our control at any time by contacting us at [email protected]. Where appropriate, such request may be referred to the relevant data protection officer. To the extent possible, we may take steps to verify your identity before granting access or making any changes to your personal information to protect your privacy. 

For a request to access personal information, we will process your request within a reasonable amount of time from when the request is made. 

For a request to correct or update personal information, we will process your request as soon as practicable after the request has been made. Such correction or update may involve necessary verification, which may include sending the corrected or updated personal information to other organisations to which the personal information was disclosed within a year before the date the correction or update was made (unless that other organisation does not need the corrected personal information for any legal or business purpose), or if you so consent, only to specific organisations to which the personal information was disclosed by us within a year before the date the correction or update was made. 

While we will, in most instances, provide a copy of the requested information or make the requested correction or update, where we are unable to provide you with any records of personal information or to make a correction or update requested, we shall, where required under applicable law or otherwise appropriate, inform you of the reasons why we are unable to do so. Please note that depending on the request that is being made, we will only need to provide you with access to the personal information contained in the documents requested, and not to the entire documents themselves. In those cases, it may be appropriate for us to simply provide you with confirmation of the personal information that we have on record, if the record of your personal information forms a negligible part of the document. 

We may also charge a reasonable fee for the handling and processing of your requests to access, correct and/or update your personal information. You will be notified in advance of such costs. 

For a request to withdraw your consent to the processing of personal information, we will process your request within a reasonable amount of time from when the request is made. Our ability to provide Services to you after such withdrawal may be affected. We will notify you of any impact before processing your request. 

Telemarketing Policy 

If you have registered your Singapore telephone number with any or all of the Singapore Do Not Call (“DNC“) registers (being the No Voice Call Register, the No Text Message Register and the No Fax Message Register), we will not send you promotional and marketing messages via SMS, fax, calls and other means, to the extent the respective Register(s) is/are applicable. However, if you have previously consented to our sending you such calls or messages to your Singapore telephone or facsimile number(s), we will continue to do so until you withdraw such consent in writing, regardless of your DNC nominations (prior or subsequent to such consent). 

Also, if you currently have an existing, ongoing relationship with us, depending on the nature of that relationship, we may continue to send you promotional or marketing messages via SMS, fax, calls or any means, about Services which are related to that ongoing relationship notwithstanding your registration with the DNC Registry, unless you opt-out of receiving such messages by requesting for withdrawal in writing. 

Your Account  

Where applicable, you may be required to create an account to use our site and/or the Services. If you choose, or you are provided with, a user identification code, password or any other piece of information as part of our security procedures, you must treat such information as confidential. You must not disclose it to any third party.  

If you have created an account (as defined in our Terms of Service [Insert: Link to Terms of Service]) in connection with any of our Services, we may also send you communications relating to the administration and management of your account. You will not be able to opt out of receiving such communications unless you close such account. 

Questions or Feedback 

If you have any questions about this Privacy Policy or any other queries in relation to how we manage, protect and/or process your personal information, please contact us at [email protected]. Where appropriate, such request may be referred to the relevant data protection officer.  

Updates 

This Privacy Policy may be updated from time to time without any prior notice. As changes to this Privacy Policy take effect when they are posted on this website, you may determine if any such revision has taken place by referring to the date on which this Privacy Policy was last updated and should visit this website periodically note any changes. Your continued use of any Service, including without limitation this website, constitutes your acknowledgement and acceptance of such changes. 

Last Updated 10 April 2023