TRIDENT MATCH PTE. LTD.

PRIVACY POLICY


Effective Date: November 3, 2020



  1. 1.    ABOUT THIS POLICY

    1. 1.1.    This is the Privacy Policy for Trident Match Pte. Ltd. (a company incorporated in Singapore, and operating at 83 Clemenceau Avenue, #02-01, UE Square, Singapore 239920) (“Trident”). In this Privacy Policy, the terms “we”, “us” and “our” refers to Trident. All other terms not defined hereunder shall have the meanings as described in the [insert the link of General Terms of Use].

    1. 1.2.    This Privacy Policy describes how we may collect, use, disclose and process your personal data when you:

      1. 1.2.1.    access or use our websites and applications (including mobile and web-based applications) (collectively, “Applications”), and services; and/or
      2. 1.2.2.    provide us with your personal data.

    1. 1.3.    We will only use your personal data where you have given us your consent or where we have other lawful basis for doing so, and in the manner set out in this Privacy Policy.

    1. 1.4.    By providing us with personal data, you acknowledge that our collection, use, disclosure and processing of personal data will be in accordance with this Privacy Policy, including, for the avoidance of doubt, the cross-jurisdictional transfer of your data. DO NOT provide any personal data to us if you do not accept this Privacy Policy.

    1. 1.5.    This Privacy Policy supplements but does not supersede or replace any consents you may have provided to us, or any other agreements or arrangements that you may have with us, or mandatory requirements in applicable laws in respect of your personal data.

    1. 1.6.    Our Applications may contain links to other websites that are not owned or maintained by us. These links are provided only for your convenience. You may also be accessing our Applications through third party websites and/or platforms. This Privacy Policy only applies to our Applications. When visiting these third party websites, their privacy policies apply.

    1. 1.7.    If you have any feedback or issues in relation to your personal data, or about this Privacy Policy, or wish to make a complaint to us, you may contact our Data Protection Officer at:

  2. Email        :     support@trustana.com

  3. This does not affect your statutory rights. For example, if the GDPR applies to you, you may also have a right to lodge a complaint with a European supervisory authority, in particular in the Member State in the European Union where you are habitually resident, where you work or where an alleged infringement of Data Protection law has taken place.

  4. When you contact us, we may require that you submit certain forms or provide certain information, including verification of your identity, before we are able to respond.

    1. 1.8.    Location-specific terms. Depending on the country in which your personal data is being collected, used, disclosed or processed, additional country-specific terms may apply as set out in Schedule A. The terms set out in Schedule A are in addition to the terms set out in this Privacy Policy, and forms part of this Privacy Policy. With respect to conflicting terms between this Privacy Policy and Schedule A, the country-specific terms in Schedule A shall prevail. 

  5. 2.    AMENDMENTS TO THIS PRIVACY POLICY

    1. 2.1.    We may amend this Privacy Policy from time to time without notice to you, in compliance with applicable laws or as we update our data usage and handling processes. The updated policy will supersede earlier versions and will apply to personal data provided to us previously. The updated Privacy Policy will take effect when made available on www.trustana.com. If we make a change that significantly affects your rights or, to the extent we are permitted to do so, significantly changes how or why we use personal data, we will notify you by way of a prominent notice on our website or, if we have your email address, by email.

    1. 2.2.    This Privacy Policy may be available in languages other than English. If there are inconsistencies or conflicts between the English and other language version(s) of this Privacy Policy, the English language version shall prevail.

  6. 3.    WHAT PERSONAL DATA WE COLLECT

    1. 3.1.    What is personal data.  “Personal data” is data that can be used alone or in combination with other information to identify a natural person or reflect the activity of a natural person. Examples of personal data include name, address, contact details, identification numbers, financial information, transactional information based on your activities on our websites, applications and platforms, telephone numbers, email address, images, and any other information of a personal nature.

    1. 3.2.    Voluntary provision of personal data.  We may collect personal data (1) that you voluntarily provide to us; or (2) from third parties; or (3) through your use of our (or our services provider’s) digital technologies and services (Please see Section 4 How We Collect Personal Data for further details). What personal data we collect depends on the purposes for which the personal data is collected and what you have chosen to provide.

  7. When our collection is based on consent, you can choose not to provide us with personal data. You also have the right to withdraw your consent for us to continue collecting, using, disclosing and processing your personal data, by contacting us in accordance with paragraph 1.7. However, if you do so, it may not be possible for us to fulfil the purposes for which we require the personal data, including processing your transactions or providing you with the products and services that you require.

    1. 3.3.    Providing personal data belonging to others.  In certain circumstances, you may also provide us with personal data of persons other than yourself (such as your family members and next-of-kin). If you do so, you represent and warrant that you have brought this Privacy Policy to his/her attention, informed him/her of the purposes for which we are collecting his/her personal data and that he/she has consented to your disclosure of his/her personal data to us for those purposes and accepts this Privacy Policy. You agree to indemnify and hold us harmless from and against any and all claims by such individuals relating to our collection, use and disclosure of such personal data in accordance with the terms of this Privacy Policy.

    1. 3.4.    Accuracy and completeness of personal data.  You are responsible for ensuring that all personal data that you provide to us is true, accurate and complete. You are responsible for informing us of any changes to your personal data.

    1. 3.5.    Minors. Our website and/or services are not intended to be accessed or used by children, minors or persons who are not of legal age. If you are a parent or guardian and you have reason to believe your child or ward has provided us with their personal data without your consent, please contact us. If we find that a child’s personal data has been collected without his/her parents’ or guardian’s prior consent, we will delete relevant data as soon as possible. 

    1. 3.6.    Verifiable Credentials. You acknowledge and consent to the collection, use, disclosure, processing, transfer and storage of your personal data by the third party service providers that facilitate the transactions and activities between you and other users on or through our Applications, for the purposes of generating, creating, providing, storing, processing, facilitating, transferring, transmitting and managing Verifiable Credentials. In these Terms, “Verifiable Credentials” shall refer to tamper-evident data in a machine-readable format (i.e. expressed as structured code) that contains information / pertains to a certain data point about a natural person or legal entity. You acknowledge and consent for us (or our service providers) to disclose your data and information (including Verifiable Credentials) to third parties at your instruction and/or direction. 

  8. 4.    HOW WE COLLECT PERSONAL DATA

    1. 4.1.    Personal data you provide. We collect personal data that is relevant to our relationship with you. We may collect your personal data directly or indirectly through various channels, such as when:

      1. 4.1.1.    you register an account with us through our Applications;
      2. 4.1.2.    you download or use our Applications and services;
      3. 4.1.3.    you authorise us to obtain your personal data from a third party;
      4. 4.1.4.    you enter into agreements with us;
      5. 4.1.5.    you transact with us, contact us or request that we contact you through various communication channels, for example, through social media platforms, messenger platforms, face-to-face meetings, telephone calls, emails, fax and letters;
      6. 4.1.6.    you request to be included in an e-mail or our mailing list;
      7. 4.1.7.    you attend events or functions organised by us;
      8. 4.1.8.    we seek information about you and receive your personal data in connection with your relationship with us; and
      9. 4.1.9.    when you submit your personal data to us for any other reason.

    1. 4.2.    Personal data provided by others. Depending on your relationship with us, we may also collect your personal data from third party sources, for example, from:

      1. 4.2.1.    any third parties whom you have authorised us to obtain your personal data from;
      2. 4.2.2.    entities in which you (or a party connected to you) have an interest;
      3. 4.2.3.    our business partners such as third parties providing services to us; and
      4. 4.2.4.    public agencies or other public sources.

  9. 5.    WHAT WE DO WITH YOUR PERSONAL DATA

    1. 5.1.    What we do. We collect, use, disclose, process or entrust the processing of, share and transfer your personal data where:

      1. 5.1.1.    you have given us consent;
      2. 5.1.2.    necessary to comply with our legal or regulatory obligations, e.g. responding to valid requests from public authorities;
      3. 5.1.3.    necessary to fulfil our obligations in a merger, acquisition or bankruptcy liquidation scenarios where your personal data is involved, provided that we will require the new company or organization to which your personal data is transferred to continue to be bound by this Privacy Policy, otherwise we will require it to seek your consent again; 
      4. 5.1.4.    necessary to support our legitimate business interests, provided that this does not override your interests or rights; and
      5. 5.1.5.    necessary to perform a transaction you have entered into with us, or provide a service that you have requested or require from us.

    1. 5.2.    General purposes.  We collect, use, disclose, process or entrust the processing of, share and transfer your personal data for purposes connected or relevant to our business, and/or to manage your relationship with us. Such purposes would include:

      1. 5.2.1.    carrying out your transactions with us and our business partners, taking steps as may be directed by you, or to provide products and/or services to you;
      2. 5.2.2.    facilitating your use of our Applications, including verifying and establishing your identity, and authenticating, operating and maintaining user accounts;
      3. 5.2.3.    facilitating business asset transactions;
      4. 5.2.4.    communicating with you, and assisting you with your queries, requests, applications, complaints, and feedback;
      5. 5.2.5.    resolving any disputes, investigating any complaint, claim or dispute or any actual or suspected illegal or unlawful conduct;
      6. 5.2.6.    administrative purposes, including finance, IT and HR purposes, quality assurance and staff training, and compliance with internal policies and procedures, including audit, accounting, risk management and record keeping;
      7. 5.2.7.    carrying out research and statistical analysis, including development of new products and services or evaluation and improvement of our existing products and services;
      8. 5.2.8.    security purposes, e.g. protecting our Applications from unauthorised access or usage and to monitor for security threats;
      9. 5.2.9.    compliance with any legal or regulatory obligations, applicable laws, regulations, codes of practices, guidelines, or rules, or to assist in law enforcement and investigations conducted by any governmental and/or regulatory authority;
      10. 5.2.10.    performing data analytics and related technologies on data, to enable us to deliver relevant content and information to you, and to improve our websites and digital platforms;
      11. 5.2.11.    managing and engaging third parties or data processors that provide services to us, e.g. IT services, technological services, delivery services, and other professional services;
      12. 5.2.12.    carrying out our legitimate business interests;
      13. 5.2.13.    such purposes that may be informed to you when your personal data is collected; and/or
      14. 5.2.14.    any other reasonable purposes related to the aforesaid.

  10. Where personal data is used for a new purpose and where required under applicable law, we shall obtain your consent.

    1. 5.3.    Legitimate business interests. We may also collect, use, disclose, process or entrust the processing of, share and transfer your personal data for the following purposes to support our legitimate business interests, provided that this does not override your interests or rights, which include:

      1. 5.3.1.    managing our business and relationship with you, and providing services to our customers;
      2. 5.3.2.    assistance of carrying out corporate restructuring plans;
      3. 5.3.3.    complying with internal policies, and procedures;
      4. 5.3.4.    protecting our rights and interests, and those of our customers;
      5. 5.3.5.    enforcing our terms and conditions, and obligations owed to us, or protecting ourselves from legal liability; and
      6. 5.3.6.    managing our investor and shareholder relations.

    1. 5.4.    Marketing purposes. In order for us to market products, events and services which are of specific interest and relevance to you, we may analyse and rely on your personal data provided to us, or data collected from your interactions with us. However, no marketing, using your personal data in non-aggregated and/or identifiable form would be carried out unless you have provided us with your consent to use your personal data for such marketing purposes. If you do not want us to use your personal data for the purposes of marketing you can withdraw your consent at any time by contacting us in accordance with paragraph 1.7 above.

    1. 5.5.    Use permitted under applicable laws.  We may also collect, use, disclose, process and entrust the processing of, share and transfer your personal data for other purposes, without your knowledge or consent, where this is required or permitted by law. Your personal data may be processed if it is necessary on reasonable request by a law enforcement or regulatory authority, body or agency or in the defence of a legal claim.  We will not delete personal data if relevant to an investigation or a dispute. It will continue to be stored until those issues are fully resolved.

    1. 5.6.    Contacting you.  When we contact or send you information for the above purposes and purposes for which you have consented, we may do so by post, e-mail, SMS, telephone or such other means provided by you. If you do not wish to receive any communication or information from us, or wish to restrict the manner by which we may contact or send you information, you may contact us in accordance with paragraph 1.7 above.

  11. 6.    DISCLOSURE OF PERSONAL DATA

    1. 6.1.    Disclosure to related parties. We may disclose or share your personal data with our related parties in order to provide our services to you, manage our shareholder and investor returns, for management and compliance purposes, and to utilise shared group IT functions.

    1. 6.2.    Disclosure to third parties. We may also disclose your personal data to third parties in connection with purposes described in paragraph 5, including without limitation the following circumstances:

      1. 6.2.1.    disclosing your personal data to third parties who provide services to us (including, but not limited to, data providers, technology providers, insurance providers, and other professional services (including accountants, lawyers and auditors));
      2. 6.2.2.    disclosing your personal data to third parties in order to fulfil such third party products and/or services as may be requested or directed by you;
      3. 6.2.3.    disclosing your personal data to third parties that we conduct marketing and cross promotions with;
      4. 6.2.4.    disclosing your personal data to authorities, governments, law enforcement agencies or public agencies;
      5. 6.2.5.    If we are discussing selling or transferring part or all of our business – the information may be transferred to prospective purchasers under suitable terms as to confidentiality;
      6. 6.2.6.    If we are reorganised or sold, information may be transferred to a buyer who can continue to provide continued relationship with you; and
      7. 6.2.7.    If we are defending a legal claim your information may be transferred as required in connection with defending such claim.

    1. 6.3.    When disclosing personal data to third parties, we will (where appropriate and permissible) enter into contracts with these third parties (including, where appropriate, non-disclosure agreements, and confidentiality clauses in relevant cooperation agreements) to protect your personal data in a manner that is consistent with all applicable laws and/or ensure that they only process your personal data in accordance with our instructions.

    1. 6.4.    We may publicly disclose your personal data only after we obtain your consent, or when we need to comply with applicable laws, regulations or mandatory requirements of government authorities.  

  12. 7.    TRANSFER OF PERSONAL DATA TO OTHER COUNTRIES

    1. 7.1.    Transfers. We may transfer your personal data to different jurisdictions in connection with the purposes described in paragraph 5:

      1. 7.1.1.    from the jurisdiction where it is collected (or where you are located) to any other jurisdictions that we operate in; and
      2. 7.1.2.    to third parties in other jurisdictions.

    1. 7.2.    Safeguards. Where we transfer your personal data across jurisdictions, we will ensure that your personal data is protected in accordance with this policy and applicable laws regardless of the jurisdictions they are transferred to, but in any event to a level that is no less stringent than the jurisdiction from which the personal data is transferred. When we transfer your personal data internationally and where required by applicable law we put in place appropriate safeguards including EU Model Clauses or rely on EU Commission adequacy decisions. You may obtain details of these safeguards by contacting us.

  13. 8.    SECURITY AND RETENTION OF PERSONAL DATA

    1. 8.1.    Unauthorised access.  While we take reasonable precautions to safeguard your personal data in our possession or under our control (including using encryption techniques to protect your personal data), you agree not to hold us liable or responsible for any loss or damage resulting from unauthorised or unintended access that is beyond our control, such as hacking or cybercrimes.

    1. 8.2.    Vulnerabilities.  We do not make any warranty, guarantee, or representation that your use of our systems or applications is safe and protected from malware, and other vulnerabilities. We also do not guarantee the security of data that you choose to send us electronically. Sending such data is entirely at your own risk.

    1. 8.3.    Period of retention.  We retain your personal data only for as long as is necessary to fulfil the purposes we collected it for, and to satisfy our business and/or legal purposes, including data analytics, audit, accounting or reporting purposes. How long we keep your personal data depends on the nature of the data, e.g. we keep personal data for at least the duration of the limitation period for bringing claims if the personal data may be required to commence or defend legal proceedings. Some information may also be retained for longer, e.g. where we are required to do so by law.

    1. 8.4.    Anonymised data.  In some circumstances we may anonymise your personal data so that it can no longer be associated with or identify you and cannot be restored, in which case we are entitled to retain and use such data without restriction.

    1. 8.5.    Personal data security incident.  In the case of a personal data security incident involving you, we shall, where required by applicable laws and regulations, notify you of such information concerning the data breach (including the basic conditions and possible impacts of the security incident, response measures that are already taken or to be taken by us, suggestions for you regarding self-prevention and risk mitigation, our remedial measures for you). We may inform you in such manner that we deem suitable (including email, fax, telephone, push notification and/or a public notice). We will also report the handling of personal data security incidents, where required and in accordance with applicable laws. 

  14. 9.    YOUR RIGHTS

    1. 9.1.    Rights you may enjoy. Depending on the jurisdiction that you are in or where we operate, you may enjoy certain rights under applicable law in relation to our collection, use, disclosure and processing of your personal data. Such rights may include:

      1. 9.1.1.    Access: you may ask us if we hold your personal data and, if we are, you can request access to your personal data. This enables you to receive a copy of and information on the personal data we hold about you.
      2. 9.1.2.    Correction: you may request that any incomplete or inaccurate personal data we hold about you are corrected.
      3. 9.1.3.    Erasure: you may ask us to delete or remove personal data that we hold about you in certain circumstances.
      4. 9.1.4.    Restriction: you may withdraw consent for our use of your personal data, or ask us to suspend the processing of certain of your personal data about you, for example if you want us to establish its accuracy.
      5. 9.1.5.    Portability: you may request the transfer of certain of your personal data to another party under certain conditions.
      6. 9.1.6.    Objection: where we are processing your personal data based on a legitimate interest (or those of a third party) you may object to processing on this ground.
      7. 9.1.7.    Change the scope of consent: you may give or withdraw your consent for our collecting and using of your personal data that are not crucial to run certain business functions of Applications at any time. 
      8. 9.1.8.    De-registration: you may de-register your account at any time unless otherwise provided by applicable laws.
      9. 9.1.9.    Restrict automated decision-making by information system: you may request for our explanation and remedies when decisions which are made solely based on automated decision-making mechanism significantly affecting your legal rights and interest. 

  15. If you wish to exercise any of your rights, you may contact us in accordance with paragraph 1.7. We may require that you submit certain forms or provide certain information to process your request. Where permitted by law, we may also charge you a fee to process your request.

    1. 9.2.    Limitations.  We may be permitted under applicable laws to refuse a request, for example, we may refuse (a) a request for erasure where the personal data is required for in connection with claims; or (b) an objection request and continue processing your personal data based on compelling legitimate grounds for the processing.
  16. SCHEDULE A
  17. LOCATION-SPECIFIC TERMS



  18. 1.    PEOPLE’S REPUBLIC OF CHINA

    1. 1.1.    Applicability of additional terms. The terms set out in this Paragraph 1 shall apply to you if your personal data is collected, used, disclosed, or processed by us in the People’s Republic of China. For the avoidance of doubt, the People’s Republic of China excludes Hong Kong SAR, Macau SAR, and Taiwan Province for purpose hereunder.

    1. 1.2.    What personal data is required for each business function or service made available on the Applications. We need to collect some personal data from you in order to provide following business functions or services to you:

      1. 1.2.1.    Register your account. If you choose to register your account in our website, you should provide or allow us to collect your name, account name and password, email address, identification numbers, phone number, IP address, domicile address and business address. Otherwise, you may not successfully register your account. 
      2. 1.2.2.    Use online shopping service of Applications. If you choose to use online shopping service of the Applications, you should provide or allow us to collect your account name and password, email address, phone number, IP address, domicile address, business address, transaction and consumption records(such as price, category, images, weight, minimum order quantity, production lead time), communications records and content. Otherwise, the foregoing service of the Applications cannot properly run due to lack of your necessary information. You may choose, at your discretion, whether to provide us with or allow us to collect following information: web browsing history, hardware serial number, equipment MAC address, list of software, and unique equipment identifier which are not crucial for our delivery of the foregoing business service to you, but it is important to improve the quality of service, develop new products or services, etc. 
      3. 1.2.3.    Use customer service of Applications. If you choose to use customer service of the Applications, you should provide or allow us to collect your account name and password, email address, phone number, IP address, transaction and consumption records (such as price, category, images, weight, minimum order quantity, production lead time), communications records and content. 

  19. You may access this www.trustana.com from time to time to check new functions that we launch and type of personal data that we may collect from you to run such functions.