PRIVACY POLICY

Updated as at January 7, 2020

Hodlnaut Pte. Ltd. (“we”, “our”, “us”) collects information about you when you apply for or sign up for an account (“User Account”) on our website (https://www.hodlnaut.com) or any sub-domain (such as app.hodlnaut.com) (collectively, the “Website”), access or use the services offered by us through the Website, or otherwise interact with us (collectively, the “Services”).

We value the information you have provided us or permitted us to collect. We strive to protect your privacy while providing you with the best service and experience we can provide. All such personal information in our possession is valued and is collected, used, disclosed and protected in accordance with the Singapore Personal Data Protection Act 2012 (“PDPA”) and other applicable laws and regulations.

This Privacy Policy applies to all websites on which this Privacy Policy or a link to this Privacy Policy appears, as well as all our activities to the extent that you have been notified that such activities are subject to this Privacy Policy. By carrying out such an activity, you are deemed to agree to the terms of this Privacy Policy. Please review this Privacy Policy carefully prior to carrying out such activities or otherwise providing any personal data.

Hodlnaut Pte. Ltd. is the controller and is responsible for your personal data.

We have appointed a data privacy officer who is responsible for overseeing questions in relation to this privacy notice. If you have any questions about this privacy notice, including any requests to exercise your legal rights, please contact the data privacy officer (the “Data Privacy Officer”) using the contact details set out below:

CONTACT DETAILS

Our full details are as follow:

  1. Full name of legal entity: Hodlnaut Ltd
  2. Email address: privacy@hodlnaut.com
  3. Postal address: 68 Circular Road, #02-01, Singapore 049422

1. PERSONAL INFORMATION AND OTHER DATA WE COLLECT

Personal data as defined in the PDPA refers to data about an individual who can be identified from either that particular data, or from that data and other information which we have or likely have access to. Personal data is collected where reasonably necessary for our functions and activities. Personal data that we may hold includes the following:

Personal data directly provided by you such as:

  1. name, nationality, country of residence, email address, and phone number;
  2. your residential address, including proof of address such as your bank statements or phone bills;
  3. a copy of your national identity card and a recent passport/ driver’s license photograph;
  4. bank account information;
  5. credit-related personal information including bank statements or tax assessments;
  6. gender and date of birth;
  7. location data;
  8. details of an individual's dealings with us, including telephone records, email and online interactions; and
  9. other information as may be provided by you from time to time when you engage in our Services, respond to surveys available on the Services, or communicate with us.

Other forms of personal data we collect automatically through the use of the Services, such as:

  1. information relating to the device you use to connect to our app, including the type of device, its operating system, unique device identifier, IMEI and/or IP address used, Cookies and other web technologies;
  2. information about how you use the Services, such as browser type, operating system, referring/exit pages, the features of the Services you used or browsed and the time spent on those features, search terms, the links on the Services that you clicked on and related data. We use such information to administer the Services and we analyze (and may engage third parties such as Google Analytics to analyze) such information; and
  3. location information derived from your IP address or your mobile device’s GPS coordinates, if you enable location services on your device. We may use location information to improve and personalize the Services for you. If you do not want us to collect location information, you may disable that feature on your mobile device.

We do not knowingly collect or solicit personal information from anyone under the age of 18. If you are under 18, please leave the Website immediately.

2. COLLECTION OF PERSONAL DATA

Wherever possible, we will collect personal data directly from you. We will only collect, use and disclose personal data with your consent, your deemed consent or as may be otherwise permitted under the PDPA or other applicable laws.

In addition to the personal data you provide to us, certain information related to you that is not considered personal data under the PDPA may also be collected.

Any personal data collected by us and stored in our databases is treated as confidential. All information is stored securely and is accessed by authorised personnel only. We implement and maintain appropriate technical, security and organisational measures to protect personal data against unauthorised or unlawful processing and use, and against accidental loss, destruction, damage, theft or disclosure.

We collect personal data from you for the purpose of conducting know-your-client, anti-money laundering and counter-terrorist financing checks as well as the purposes as set out below. If you wish to access the Services provided by us on the Website, we will require you to consent to the collection and use of your personal data as described herein. If you do not agree with the terms set out herein, please do not undertake the following actions. If required by applicable law, we will seek your explicit consent to process personal data collected or volunteered by you. Kindly note that any consent will be entirely voluntary. However, if you do not grant the requested consent to the processing of your personal data, you may not be able to access the Services provided by us on the Website.

In order to carry out the Services, we require persons to create a User Account on the Website. During the registration process for the creation of the User Account, you may be required to provide information including the information set out in section 1 above. This information is used by us to identify the user and to conduct know-your-client, anti-money laundering and counter-terrorist financing checks on the user as well as:

  1. developing and providing products or services (whether made available by us or through us);
  2. to operate, maintain, enhance and provide features of the Website, to provide services and information that you request, to respond to comments and questions, and otherwise to provide support to users;
  3. to understand and analyse the usage trends and preferences of our users, to improve the Website, and to develop new products, services, features, and functionality;
  4. to contact you for administrative or informational purposes, including by providing customer service or sending communications, including changes to our terms, conditions, and policies;
  5. for marketing purposes, such as developing and providing promotional and advertising materials that may be useful, relevant, valuable or otherwise of interest;
  6. to personalize your experiences with the Website by presenting tailored content;
  7. we may aggregate data collected through the Website and may use and disclose it for any purpose, including to potential business partners;
  8. for business purposes, such as audits, security, compliance with applicable laws and regulations, fraud monitoring and prevention; and
  9. to enforce our terms of use or other legal rights.

We will not retain user data longer than is necessary to fulfill the purposes for which it was collected or as required by applicable laws or regulations.

Third party sites and content

The Website may contain links to applications, websites and services that are owned or operated by third parties (each, a “Third-party Service”). Any information that you provide on or to a Third-party Service or that is collected by a Third-party Service is provided directly to the owner or operator of the Third-party Service and is subject to that owner’s or operator’s privacy policy. We are not responsible for the content, privacy or security practices and policies of any Third-party Service. To protect your information, we recommend that you carefully review the privacy policies of all Third-party Services that you access.

IP addresses

An IP or Internet Protocol Address is a unique numerical address assigned to a computer as it logs on to the internet. Your IP address is logged when visiting the Website and may be processed by third-party analytics software we may engage.

Use of cookies

Cookies are small files which require user permission in order to be installed on a computer’s hard drive. Cookies will only start to perform their functions after such permission is granted. By collecting and analyzing data on the user’s browsing patterns, cookies allow web applications to respond to the user as an individual by tailoring a web application’s operations to the user’s specific needs and preferences.

Permission for cookies is granted by default in most web browsers. You can however choose to disable this function in your browser’s settings. This may prevent you from taking full advantage of our website.

We may use traffic log cookies to identify which pages are being used. This use is designed to assist us in gathering data on web page traffic. The gathered data is used only for statistical purposes and is removed from our database shortly after.

Overall, the data collected by the cookies is used for the purpose of improving your browsing experience on the Website. Cookies do not grant us access to your computer or any information about you outside of your browsing activity on the Website.

3. STORAGE AND PROCESSING

Security Precautions

We take reasonable administrative, physical and electronic measures designed to protect the information that we collect from or about you, from unauthorized access, use or disclosure. When you are on a secure page, a lock icon will appear on the bottom of web browsers.

Non-sensitive details (your email address etc.) are sent normally over the Internet, and this can never be guaranteed to be 100% secure. As a result, while we strive to protect your personal information, we cannot guarantee the security of any information you transmit to us, and you do so at your own risk. Once we receive your information, we make our best effort to ensure its security on our systems. Where we have given (or where you have chosen) a password which enables you to access certain parts of the Website, you are responsible for keeping this password confidential. We ask you not to share your password with anyone.

Transmission to External parties

In the course of conducting the Services, we may need to disclose your personal data with external organisations. The reasons for which we may disclose your personal data are set out above. The possible parties we may share your personal data with include our group companies, our affiliates, partners, principals, third party service providers (for purposes of maintaining and improving the Services, performing Services on our behalf including in connection with the payment process, advertising campaigns or other activities in connection with the Services), and in connection with business transactions. If any of our businesses are sold or transferred to another entity, your personal data may be transferred along with the business.

We cooperate with government and law enforcement officials or private parties to enforce and comply with the law. We may disclose any information about you to government or law enforcement officials or private parties as we, in our sole discretion, believe necessary or appropriate: (a) to respond to claims, legal process (including subpoenas); (b) to protect our property, rights and safety and the property, rights and safety of a third party or the public in general; and (c) to stop any activity that we consider illegal, unethical or legally actionable activity.

In addition, we may share aggregated information and non-identifying information with third parties for industry research and analysis, demographic profiling and other similar purposes.

In the event that any of the above parties receiving your personal data are located or are operating outside of Singapore, we will take reasonable steps to ensure that the overseas recipient provides a standard of protection to your personal data so transferred that is comparable to the protection under the PDPA and other regulations, where applicable.

Retention

As far as possible we will retain your personal data for only as long as it is necessary to fulfil the purpose for which it was collected, or as required by the relevant laws.

4. ACCESS, UPDATE, WITHDRAWAL OF CONSENT

If you would like to request a copy of the personal information that we hold about you or update or withdraw your consent for us to collect, use and/or disclose your personal data, please contact the Data Privacy Officer, and they will provide you with the prescribed form for you to fill out and submit to us. Please note that it may take up to 30 business days after receipt of your form for us to process your request.

You can access and modify the information you have provided in your User Account by updating your profile in your User Account. We may not accommodate a request to change information if we believe the change would violate any law or legal requirement or cause the information to be incorrect. If you want us to delete your User Account, please contact us at privacy@hodlnaut.com with your request. 

If you have any other comments or questions about this Privacy Policy, or wish to obtain a form mentioned above, please also contact the Data Privacy Officer.

5. YOUR LEGAL RIGHTS

Under certain circumstances, you have rights under data protections laws in relation to your personal data. These include rights to:

  1. request access to your personal data;
  2. request correction of your personal data;
  3. request erasure of your personal data;
  4. object to processing of your personal data;
  5. request restriction of processing your personal data; and
  6. withdraw consent.

in accordance with section 7 below. If you wish to exercise any of the rights set out above, please contact the Data Privacy Officer.

You will not have to pay a fee to access your personal data (or to exercise any of the other rights above). We may however charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances.

You have the right to make a complaint at any time to Personal Data Protection Commission (the “Authority”) however we would appreciate the chance to deal with your concerns before you approach the Authority, so please contact us in the first instance.

6. RIGHTS TO AMEND THIS PRIVACY POLICY

Any information that we collect via the Services is covered by our Privacy Policy in effect at the time such information is collected. We reserve the right to amend this Privacy Policy at any time. If material changes are made to this Privacy Policy, they will be posted on this page and date stamped. We encourage you to review this page periodically in order for you to stay notified of any changes.

Your continued access to and use of the Website and/or submitting to us carrying out the Services after any changes to this Privacy Policy constitutes your consent to any such changes, to the extent such consent is not otherwise provided.

7. GLOSSARY

You have the right to:

Request access to your personal data (commonly known as a "data subject access request"). This enables you to receive a copy of the personal data we hold about you and to check that we are lawfully processing it.

Request correction of the personal data that we hold about you. This enables you to have any incomplete or inaccurate data we hold about you corrected, though we may need to verify the accuracy of the new data you provide to us.

Request erasure of your personal data. This enables you to ask us to delete or remove personal data where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal data where you have successfully exercised your right to object to processing (see below), where we may have processed your information unlawfully or where we are required to erase your personal data to comply with local law. Note, however, that we may not always be able to comply with your request of erasure for specific legal reasons which will be notified to you, if applicable, at the time of your request.

Object to processing of your personal data where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground as you feel it impacts on your fundamental rights and freedoms. You also have the right to object where we are processing your personal data for direct marketing purposes. In some cases, we may demonstrate that we have compelling legitimate grounds to process your information which override your rights and freedoms.

Request restriction of processing of your personal data. This enables you to ask us to suspend the processing of your personal data in the following scenarios: (a) if you want us to establish the data's accuracy; (b) where our use of the data is unlawful but you do not want us to erase it; (c) where you need us to hold the data even if we no longer require it as you need it to establish, exercise or defend legal claims; or (d) you have objected to our use of your data but we need to verify whether we have overriding legitimate grounds to use it.

Withdraw consent at any time where we are relying on consent to process your personal data. However, this will not affect the lawfulness of any processing carried out before you withdraw your consent. If you withdraw your consent, we may not be able to provide certain products or services to you. We will advise you if this is the case at the time you withdraw your consent.