We may collect your personal data when you:

• Provide us personal data
• Use our products or services
• Contact us with a question or request for assistance
• Visit our websites and applications (through the use of cookies and other technologies)
• Provide us with products and/or services.

Where you give us personal data about other individuals, you confirm that you are authorised to disclose and consent, on their behalf, to the processing of such personal data for the purposes described below, or other purposes for which your consent has been sought and obtained.

Here are the types of personal data we collect about you and process (or have a service provider process on our behalf) may include:

• Communication and Correspondence
• Personal Contact Information
• Personal Details
• Online Activity

We use and otherwise process the personal data we have collected about you for one or more of the following purposes:

General

• Billing, payment processing and other credit-related activities
• Carry out our obligations arising from any contracts entered into between you and us
• Comply with or fulfil legal obligations and regulatory requirements
• Conduct risk assessment, or analyse risk and business results
• Customer care and account management
• Enhance or improve our applications, products or services
• Fulfil requests, orders and delivery of products and services
• Internal purposes for accounting, audting and booking
• Internal purposes for auditing, data analysis and research
• Investigate complaints, claims and disputes
• Market and provide products or services
• Process applications and registrations for our services or memberships
• Process contract renewals and upgrades
• Respond to queries and feedback, and provide customer service and support
• Update records in our database

Marketing

• Conduct market research and analysis
• Conduct needs analysis and requirements

Legal & regulatory requirements

• Meet legal, regulatory and other requirements including providing assistance to law enforcement, judicial and other government agencies

We may disclose some of the personal data we have collected about you to the following parties or organisations outside Celes Solutions Pte Ltd:

• Business partners and vendors we work with to deliver goods and/or services you purchase or which we purchase
• Regulatory authorities, law enforcement agencies, government agencies and other government organisations, as required by local laws and regulations
• Financial institutions for purposes of our business relationship

Obtaining Consent

If we collect personal data directly from you, we will ordinarily first notify you of the purposes for which we are collecting it and obtain your express consent to us collecting, using and disclosing it for those purposes. However, when you voluntarily provide personal data to us for a purpose and it is reasonable that you do so we may rely on you being deemed to have consented to us collecting, using and disclosing your personal data for that purpose.

Under certain circumstances, we may collect, use and/or disclose personal data about you without your consent for example, so that we can comply with our statutory obligations or where personal data is publicly available.

Third-Party Consent

If you have a one-on-one meeting with us or do a transaction with us on behalf of another individual, you must first obtain consent from that individual in order for us to collect, use or disclose his/her personal data.

Withdrawal of Consent

If you have given us consent to collect, use, disclose and otherwise process personal data about you, you may withdraw that consent at any time. You should give us reasonable advance notice of your withdrawal of consent. We will notify you of the likely consequences of your withdrawal of consent, e.g. without your personal contact information we may not be able to inform you of future updates or that the quality of our service may be impacted.

Your request for withdrawal of consent can take the form of an email or letter to us.

You may ask us in writing to tell you what personal data we hold about you and how we have, or may have, used or disclosed it within a year before the date of your request. We will respond to your request as soon as reasonably possible and, in any event, we will respond to you within 30 days after receiving your request. We may charge a fee for processing your request, but we will let you know the amount of the fee before you incur it.

You may also ask us to correct an error or omission in the personal data we hold about you. Unless we are satisfied on reasonable grounds that a correction should not be made, we will correct the personal data as soon as practicable.

When you make any such request, we may need to verify your identity – for example, by checking your identity card number or other legal identification document.

We make reasonable security arrangements to protect personal data about you that is in our possession or under our control to prevent unauthorised access, collection, use, disclosure, copying, modification, disposal or similar risks. All our employees will take reasonable and appropriate measures to maintain the confidentiality and integrity of your personal data, and will only share your data with authorised persons on a ‘need to know’ basis.

Entities that provide services to us to process personal data on our behalf will be bound by contracts with us that that require them to provide sufficient guarantees in respect of the technical and organisational security measures governing the processing to be carried out and to take reasonable steps ensure compliance with those measures.

We may retain your personal data for as long as it is necessary to fulfil the purpose for which it was collected, or as required or permitted by applicable laws.

Where required to do so by law, we will disclose personal data about you to the relevant authorities or to law enforcement agencies.

We may update our Data Protection Policy from time to time. We will notify you of any changes by posting the policy on this page. Please revisit this page periodically for any changes. Changes to this Policy are effective when they are posted on this page.

If you have any questions about our collection, use, and/or disclosure of personal data about you; feedback regarding this Policy, or any complaint you have relating to how we collect, use, disclose and store personal data about you, you may contact our Data Protection Officer(s) at dpo@celes.sg.