This policy sets out the basis on which Brdgepay Pte Ltd of 231 Mountbatten Road Block D #01-02 Singapore 397999 (Unique Entity Number 201625099R) (“Brdgx“), and other organisations related to Brdgx, including our subsidiaries, holding company and subsidiaries of our holding company (collectively, the “Brdgx Group”) collects personal data from you and how we process such data.
In this policy, “we”, “us” or “our” refers to Brdgx, or any organisation within the Brdgx Group, as appropriate. Although this policy is in common use by the Brdgx Group, except where applicable laws provide otherwise, each organisation is only responsible to you in relation to its own collection and use of your personal data.
This policy sets out the manner in which we collect, use, disclose and process your personal data when you:-
- access or use our website www.brdgx.com (our “Site”) and mobile applications, including the Brdgx App (collectively, such websites and applications are treated as “Applications”) and services; and/or
- provide us with your personal data, regardless of the medium through which such personal data is provided.
We collect personal data that is relevant to our business relationship with you. We may collect your personal data directly or indirectly through various means, including the following:
a ) Information you give us – information that you provide us (which may include your name, address, email address, telephone number, credit card information and other personal description) by filling in forms on our Applications or using our services, or by corresponding with us (by phone, email or otherwise), for example:
- when you report any problem to us;
- when you use certain features on our Applications;
- when you request any support from us; or
- when you complete any survey or questionnaire we send you.
b ) Information we collect about you – information automatically collected when you visit our Applications, for example:
- technical information, including the Internet protocol (IP) address used to connect your computer to the Internet and your log-in information, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform; and
- information about your visit, including the full Uniform Resource Locators (URLs), clickstream to, through and from our site (including date and time), products you viewed or searched for, page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), methods used to browse away from the page, and any phone number used to call our customer service number.
Depending on your relationship with us, we may also collect personal data from third party sources, such as:-
- our business partners, sub-contractors in technical, payment and delivery services, advertising networks, analytics providers, search information providers, or credit reference agencies;
- from your family members or friends who provide your personal data to us on your behalf; and/or
- from public agencies or other public sources.
In certain circumstances, you may also provide us with personal data of persons other than yourself (such as your family members). If you do so, you are responsible for informing him/her of the specific purposes for which we are collecting his/her personal data and to ensure that he/she has provided valid consent for your provision of his/her personal data to us.
You are responsible for ensuring that all personal data that you provide is true, accurate and complete, and to inform us of any changes to your personal data.
Your provision of personal data to us is voluntary and you have the right to withdraw your consent for us to use your personal data at any time by contacting us. However, if you do so, it may not be possible for us to fulfil the purposes for which we require the personal data, including providing products or services which you require from us.
If you are a child, minor or not of legal age, you are not permitted to use our Applications and/or services. Please do not provide any personal data to us. If you are a parent or guardian of a minor and you have reason to believe your child or ward has provided us with their personal data, please contact us to request for erasure of their personal data.
We collect, use, disclose and process your personal data where:-
- you have given us consent;
- necessary to comply with our legal or regulatory obligations, e.g. anti-money laundering and “know your customer” checks or disclosure to law enforcement; and/or
- necessary to perform a contract or transaction you have entered into with us, or provide a service that you have requested or require from us.
We collect, use, disclose and process your personal data for purposes connected or relevant to our business, or to manage your relationship with us, such as:-
- carrying out such transactions or taking steps as may be directed by you;
- facilitating your use of our Applications and services, and providing, improving and developing our services;
- authenticating, operating and maintaining your user accounts;
- researching, designing and launching new features or products;
- presenting content and information in our Applications in the most effective manner for you and for the device you use;
- providing you with alerts, updates, materials or information about our services or other types of information that you requested or signed up to;
- administrative purposes, e.g. accounting, risk management and record keeping, business research, data, planning and statistical analysis, and staff training;
- security purposes, e.g. protecting our Applications from unauthorised access or usage and to monitor for security threats;
- using data analytics and related technologies on data, to enable us to deliver relevant content and information to you, and to improve our Applications, services and offerings;
- managing and engaging third parties or data processors that provide services to us, e.g. IT services, data analytics, messaging marketing, and other professional services;
- complying with laws and regulations applicable to us in or outside of Singapore;
- responding or taking part in legal proceedings, including seeking professional advice;communicating with you and responding to your questions or requests;
- to support our legitimate business interests (listed below); and
- other reasonable purposes related or incidental to the above.
Our legitimate business interests include:-
- managing our business and relationship with our customers and/or users;
- providing services to our customers and/or users;
- understanding and responding to inquiries and feedback from our customers and/or users;
- understanding how our customers and/or users use our Applications and services;
- identifying what our customers and/or users want and improving our Applications, services and offerings;
- enforcing obligations owed to us; and
- sharing data in connection with acquisitions and transfers of our business.
If you have provided us with your consent, we may use your personal data in direct marketing (i.e. offering or advertising products or services by sending the relevant information directly to you). We require your consent specifically for this purpose and you may opt out any time. For the purpose of this clause:
- the personal data that may be used in direct marketing are those that you provide to us;
- the type of services or products that may be offered or advertised will be our products or services, seminars, conferences or events, and those of our affiliates or business partners;
- the relevant information may be sent to you by email, in-app message, or sms;
- you may opt out any time by emailing us at email@example.com. We will cease to send you marketing information without charge.
We may also collect, use, disclose and process your personal data for other purposes, without your knowledge or consent, where this is required or permitted by law.
When using your personal data to contact you for the above purposes, we may contact you via pop-up notifications on our Applications, e-mail (including EDMs), SMS, telephone or any other means. We will not contact you for marketing purposes unless with your consent, or we are exempted by applicable law from having to obtain consent.
In connection with the purposes as described in Clause 2 above, you agree we may provide information to:
- any member of our group, which means our subsidiaries, our ultimate holding company and its subsidiaries, as defined in Section 5 of the Companies Act (Chapter 50);
- personnel, agents, advisers, auditors, contractors, financial institutions, and service providers in connection with our operations or services (for example staff engaged in the fulfilment of your order, the processing of your payment and the provision of support services);
- our overseas offices, affiliates, business partners and counterparts (on a need-to-know basis only);
- persons under a duty of confidentiality to us;
- persons to whom we are required to make disclosure under applicable laws and regulations in or outside of Singapore; or
- actual or proposed transferees of our operations (or a substantial part thereof) in or outside of Singapore.
When disclosing personal data to third parties, we will (where appropriate and permissible) enter into contracts with these third parties to protect your personal data in a manner that is consistent with all applicable laws and/or ensure that they only process your personal data in accordance with our instructions.
- We use persistent cookies and session cookies. A persistent cookie stays in your browser and will be read by us when you return to our Site or a partner site that uses our services. Session cookies only last for as long as the session (usually the current visit to a website or a browser session).
- We use the following cookies in connection with the purposes set out in Clause 2 above:
- Strictly necessary cookies – These are cookies that are required for the operation of our Site. They include, for example, cookies that enable you to log into secure areas of our website, use a shopping cart or make use of e-billing services.
- Analytical/performance cookies – They allow us to recognise and count the number of visitors and to see how visitors move around our Site when they are using it. This helps us to improve the way our Site works, for example, by ensuring that users are finding what they are looking for easily.
- Functionality cookies – These are used to recognise you when you return to our Site. This enables us to personalise our content for you, greet you by name and remember your preferences (for example, your choice of language or region).
- Targeting cookies – These cookies record your visit to our Site, the pages you have visited and the links you have followed. We will use this information to make our Site and the information displayed on it more relevant to your interests.
- You can block cookies by activating the setting on your browser that allows you to refuse the setting of all or some cookies. However, if you do so, you may not be able to access all or parts of our Site.
- We may use third-party web services on our Site. The service providers that administer these services use technologies such as cookies (which are likely to be analytical/performance cookies or targeting cookies), web server logs and web beacons to help us analyse how visitors use our Site and make the information displayed on it more relevant to your interests. The information collected through these means (including IP addresses) is disclosed to these service providers. These analytics services may use the data collected to contextualise and personalise the marketing materials of their own advertising network.
Our Applications or our communication with you may from time to time contain links to third-party websites over which we have no control. If you follow a link to any of these websites, please note that they have their own practices and policies. We encourage you to read the privacy policies or statements of these websites understand your rights. We accept no responsibility or liability for any practices of third-party websites.
- All information you provide to us is stored on our secure servers.
- Any payment transactions will be encrypted using TLS/SSL technology.
- Where we have given you (or where you have chosen) a password that enables you to access certain parts of the Applications, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.
- We restrict access to personal information to our employees, service providers and contractors on a strictly need-to-know basis and ensure that those persons are subject to contractual confidentiality obligations.
- Unauthorised access. While we take reasonable precautions to safeguard your personal data in our possession or under our control, we cannot be held responsible for unauthorised or unintended access that is beyond our control, such as hacking or cybercrimes.
- Vulnerabilities. We review our information collection, storage and processing practices from time to time to guard against unauthorised access, processing or use. Please note, however, the transmission of information via the Internet is not completely secure. Although we will use reasonable security arrangements to protect your personal data, we cannot guarantee that our Applications are invulnerable to security breaches, nor do we make any warranty, guarantee, or representation that your use of our Applications is safe and protected from viruses, worms, Trojan horses, and other vulnerabilities. We also do not guarantee the security of data that you choose to send us electronically. Sending such data is entirely at your own risk.
- Period of retention. We only retain personal data for so long as we need the personal data to fulfil the purposes we collected it for, and to satisfy our business and/or legal purposes, including audit, accounting or reporting requirements. How long we keep your personal data depends on the nature of the data, e.g. we keep personal data for at least the duration of the limitation period for bringing claims if the personal data may be required to commence or defend legal proceedings. Some information may also be retained for longer, e.g. where we are required to do so by law.
- Anonymised data. In some circumstances we may anonymise your personal data so that it can no longer be associated with you, in which case we are entitled to retain and use such data without restriction.
While we take reasonable precautions to safeguard your personal data in our possession or under our control, we cannot be held responsible for unauthorised or unintended access that is beyond our control, such as hacking or cybercrimes.
We review our information collection, storage and processing practices from time to time to guard against unauthorised access, processing or use. Please note, however, the transmission of information via the Internet is not completely secure. Although we will use reasonable security arrangements to protect your personal data, we cannot guarantee that our Applications are invulnerable to security breaches, nor do we make any warranty, guarantee, or representation that your use of our Applications is safe and protected from viruses, worms, Trojan horses, and other vulnerabilities. We also do not guarantee the security of data that you choose to send us electronically. Sending such data is entirely at your own risk.
We only retain personal data for so long as we need the personal data to fulfil the purposes we collected it for, and to satisfy our business and/or legal purposes, including audit, accounting or reporting requirements. How long we keep your personal data depends on the nature of the data, e.g. we keep personal data for at least the duration of the limitation period for bringing claims if the personal data may be required to commence or defend legal proceedings. Some information may also be retained for longer, e.g. where we are required to do so by law.
In some circumstances we may anonymise your personal data so that it can no longer be associated with you, in which case we are entitled to retain and use such data without restriction.
In connection with the purposes as set out in Clause 2 above:-
- the data that we collect from you may be transferred to, and stored at, a destination outside Singapore; and
- the data may also be processed by persons referred to in Clause 3 above who operate outside Singapore.
- By submitting your personal data you agree to this transfer, storing or processing of data outside Singapore. Where we transfer your personal data across jurisdictions, we will require recipients of the personal data to protect the personal data in accordance with this policy and applicable laws. For example, we may enter into contracts (or impose binding rules) with recipients to protect your personal data in a manner that is consistent with applicable laws. You may obtain details of these safeguards by contacting us.
You have the right to:
- check whether we hold personal data about you;
- access any personal data we hold about you; and
- require us to correct any inaccuracy or error in any personal data we hold about you.
- Any request under Clause 8.1 may be subject to a small administrative fee to meet our cost in processing your request.
We may be permitted under applicable laws to refuse a request, for example, we may refuse (a) a request for erasure where the personal data is required for in connection with claims; or (b) an objection request and continue processing your personal data based on compelling legitimate grounds for the processing.
If you are of the opinion that we have not complied with this Policy or we have infringed applicable data protection laws, we encourage you to contact us so that we can resolve your concerns.