Privacy Policy

Privacy & Cookie Policy

Effective Date: 1st July 2023

This Privacy Policy applies to Personal Data (as defined below) collected by Exocap Pte. Ltd. (“Exocap” “we” or “us“) through www.exocap.sg and any other website, application or digital service on or to which this Privacy Policy is linked or referenced (collectively, the “Services“), and is drafted in compliance with the Singapore Personal Data Protection Act 2012 (“PDPA”).

This Privacy Policy also applies to our data collection practices conducted offline. Unless we notify you otherwise, this Privacy Policy does not apply to any third-party website or service that you may access through the Services.

This Privacy Policy is incorporated into and made part of our Terms of Service, which are either published on our website or available upon request at info@exocap.sg.

Please read this Privacy Policy and our Terms of Service carefully. When you submit or provide Personal Data to us, you consent to the collection, use and disclosure of your Personal Data as described in this Privacy Policy.

If you do not agree with any part of this Privacy Policy or our Terms of Service, please do not use our website or services and do not provide us with your personal information.

Changes to this privacy policy

The Effective Date of this Privacy Policy is set forth at the top of this webpage. We might review our practices regarding the collection and use of your Personal Data and we may amend this Privacy Policy as appropriate. The amended Privacy Policy supersedes all previous versions. Your continued use of the Services after the Effective Date constitutes your acceptance of the amended Privacy Policy.

Personal information collection

In this Privacy Policy, “Personal Data” means data, whether true or not, about an individual who can be identified (a) from that data; or (b) from that data and other information to which the organisation has or is likely to have access.

The Personal Information we collect about you depends on your interactions and engagement with us. We may collect the following types of Personal Data:

  • Direct Identifiers such as your name, postal address, email address, phone numbers, birthdate, and unique personal identifiers. For certain forms of service we may require government-issued identification information (such as your national identification number, visa and passport information).
  • Personal Records such as your signature, financial account information and insurance policy numbers (particularly if we are assisting you in a financial matter), payment card information (for example, if you make payments to us directly), and any background information provided by you or collected by us as part of our business analysis, client onboarding, regulatory compliance checks and other related processes. We may also collect your location data (should you visit our office) including records of building and suite access and parking card use, and footage from workplace security cameras that indicate your location.
  • Protected Characteristics such as your age, marital status, gender, and (where necessary to fulfil our legal obligations or to provide you with a requested service) medical information and disability information.
  • Commercial Information such as records of personal property, and products or services purchased or obtained.
  • Internet Usage Information such as records of your use of our website, mobile applications or other online services. This may include your online identifiers, account names and passwords, IP address, details of your device, operating system and browser, and other information as described in this policy.
  • Geolocation Data such as information collected through your use of our mobile applications, including (i) the location of the mobile device or tablet derived from GPS or WiFi use and (ii) other information made available by a user or others that indicates the current or prior location of the user, such as geotag information in photographs. If you do not want us to collect such data from your device, please delete the App or disable the location setting on your device or tablet. Disabling the location setting may affect your ability to access and use our mobile applications.
  • Client Information including information provided to or made available to us by or on behalf of you, as well as information generated by us in the course of providing our services to you.

Collection, use and disclosure of personal information

We collect, use and disclose Personal Data for all lawful purposes in the operation and conduct of our business.

How We May Collect Personal Data

Directly From You: We may collect Personal Data through your use of the Services (such as when you register with us, participate in surveys and questionnaires or subscribe to newsletters and blog updates), when you provide us Personal Data in the course of us providing you services and when you otherwise provide Personal Data to us both online and offline. We also may collect the Personal Data that you publish or display on public areas of the Services, such as one of Exocap’s blogs, or if you submit personal information to our alumni website (collectively, “User Contributions“). Your User Contributions are made publicly available at your own risk. We do not control the actions of third parties that access your User Contributions.

Through Social Media: Certain Services may link to social media platforms and plug-ins, such as Facebook and Twitter (collectively, “Social Media”). When accessing the Services through a Social Media account, we may (depending on the applicable user privacy settings) automatically receive Personal Data from that Social Media platform. We may collect and use this Personal Data for the purposes described in this Privacy Policy or as described at the time the information is collected.

From Third Parties: We may collect Personal Data about you from third parties where such information is required for us to fulfil our legal obligations or to provide you with a requested service.

Through Gathering Service Usage Data, including for our Website and Apps: When you use the Services, including Apps, we and our vendors may collect the Internet Usage Information that is collected by most browsers or automatically through your device. When you download and use an App, we and our vendors may track and collect App data, including when you accessed our servers and what information has been downloaded via the App. We also collect Usage Data through our use of Data Collection Technology. For more information about how we use Data Collection Technology, including cookies, please review the section below on Cookies and Other Data Collection Technology. Where Usage Data includes Personal Data, or is combined with Personal Data, it will be treated as Personal Data itself – as described in the sections above.

How We May Use Personal Data

We may use Personal Data for the purposes described at the time of its collection or as described in this Privacy Policy. For example, we may use your Personal Data:

  • To carry out any applicable contractual obligations that we have to you or third parties;
  • To verify your identity;
  • To process payments that you make to us;
  • To confirm registrations, respond to your inquiries or fulfill your requests – such as to register you for a seminar or to email you materials you requested;
  • To send you information, such as legal updates and event announcements, that we think may interest you;
  • To enable you to provide us with further information;
  • If you contact us through the Services or through other methods both online and offline, to keep a record of your contact information and correspondence to use when responding to you;
  • To notify you about important information regarding changes to our terms, conditions and policies;
  • To analyse use of the Services to help us detect problems, identify usage trends and improve user experience;
  • To protect against fraudulent or illegal activity; and
  • To update our records of your details, including contact and marketing details, where we identify that they are inaccurate or incomplete.
How We May Disclose Personal Data

We may disclose your Personal Data for the following reasons and to the following categories of third parties:

  • With your consent. We may disclose your Personal Data to any party for whom your consent has been provided.
  • To our affiliated entities. We may disclose your Personal Data within our corporate family for the purposes described in this Privacy Policy and as required by law. For a list of our affiliated entities, please contact us.
  • To our vendors. We may disclose your Personal Data to third-party vendors that support our operations such as internet service providers, data analytics providers, external consultants, advertising networks, operating systems and platforms, and vendors that facilitate registering and hosting webcast and live events.
  • In relation to a corporate transaction. We may disclose and transfer your Personal Data if we are involved in a merger, sale, acquisition, divestiture, restructuring, reorganization, dissolution, bankruptcy or other change of ownership or control (whether in whole or in part), including negotiation and diligence of such transaction.
  • As we believe to be necessary and appropriate. We may also disclose your Personal Data: (i) as permitted by law; (ii) if we determine that the disclosure of specific information is necessary to comply with the request of a law enforcement or regulatory agency or other legal process; (iii) to protect the legitimate rights, privacy, property, interests or safety of our company or our affiliated entities, customers, business partners, employees or the general public; (iv) to pursue available remedies or limit damages; (v) to enforce our Terms of Service; and (vi) to respond to an emergency.

Cookies and other data collection technology

We refer to cookies, web beacons (also known as pixel tags and clear GIFs) and other similar technology as “Data Collection Technology.”

A cookie is a small text file that is sent to or accessed from your web browser or your computer’s hard drive. A cookie typically contains the name of the domain (internet location) from which the cookie originated, the “lifetime” of the cookie (when it expires), and a randomly generated unique identifier. A cookie may also contain information about your computer, such as user settings, browsing history and activities conducted while using the Services.

A web beacon (also called a pixel tag or clear GIF) is a piece of computer code that enables us to monitor user activity and website traffic.

How We Use Data Collection Technology: Data Collection Technology helps us improve your experience of the Services. In particular, we use analytics cookies to compile statistics about the use of the Services, help us analyse technical and navigational information about the Services and detect and prevent fraud. We also may use Data Collection Technology to collect information from the computer or device that you use to access the Services, such as your operating system type, browser type, domain and other system settings, as well as the language your system uses and the country and time zone in which your computer or device is located.

Additionally, we use analytics services, such as Google Analytics and Google Tag Manager, which use Data Collection Technology to analyze your use of our Website. For more information on Google’s privacy practices for Google Analytics, please visit https://support.google.com/analytics/answer/6004245. You may prevent Google Analytics from recognizing you on our Website by deleting or disabling the relevant cookies.

Your rights with respect to your personal data

You have several rights accorded to you under the law in respect of your Personal Data that we collect, use or disclose.

Withdrawal of Consent to the Continued Collection, Use and Disclosure of Personal Data: You may at any time withdraw any consent given, in respect of the collection, use or disclosure of your Personal Data by us, for any purpose. However, if you withdraw any consent that has been given, depending on the nature of your request, we may not be able to perform the actions necessary to achieve the purposes set out above or you may not be able to use or take full advantage of the Services. Please also note that even after you have chosen to withdraw your consent we may be able to continue to continue to process your Personal Data, in some limited circumstances, to the extent that such collection, use and disclosure without consent is authorised or required under applicable laws

Access and Correction of Personal Data: You may request access to your Personal Data that is in our possession or control, and information about the ways in which your Personal Data has or may have been used or disclosed within a year before the date of your request. You may also request that we correct an error or omission in your Personal Data that is in our possession or control. The request must be in writing and sent to our Data Protection Officer at the contact details provided below. You may be required to complete a Personal Data Access/Correction Request form. We may charge a reasonable fee for the processing of any access request from you. We will respond to your requests within 30 days.

Please note that we may not be able to provide you with access or correction of your Personal Data where we are not required to and/or are prohibited from doing so under law.

We must ensure that your Personal Data is accurate and up to date. Therefore, please ensure that the Personal Data you (or your authorised representative) provide to us is accurate and complete. You are responsible for informing us of changes to your Personal Data, or in the event you believe that the Personal Data we have about you is inaccurate, incomplete, misleading, or out of date. Please update us if there are changes to your Personal Data by informing our Data Protection Officer in writing at the contact details provided below.

Our Data Protection Officer’s email address is: info@exocap.sg (attn.: Data Protection Officer).

Retention of personal data

We will keep your Personal Data for as long as necessary to fulfil the purposes we collected it for, for any other legal or business purposes (including any legal, accounting or reporting requirements), or as required or permitted by applicable laws. To determine the appropriate retention period for Personal Data, we consider the amount, nature, and sensitivity of Personal Data, the potential risk of harm from unauthorised use or disclosure of your Personal Data, the purposes for which we process your Personal Data, whether we can achieve those purposes through other means, and all applicable legal requirements.

Links to other websites and services

The Services may include links to third-party websites and services that we do not operate, such as social media plug-ins. If you visit a third-party website or service via a link on the Services, you are subject to that third party’s privacy practices and policies. This Privacy Policy does not apply to any Personal Data that you provide to third-party websites or services. A link to a third-party website or service does not mean that we endorse that third party or the quality or accuracy of the information presented on its website or service.

Notice to international visitors

Your use of the Services may involve the collection, processing, and transfer of information to or from countries outside of your country of residence, which may have different data protection rules than those of your country. Where any cross-border transfer of Personal Data occurs, we will comply with the requirements for such cross-border transfers of Personal Data under the PDPA.

GDPR

Where the EU General Data Protection Regulation (“GDPR”) applies – including situations where you are (i) located in the European Economic Area (“EEA“) and we provide you with individual services or monitor your use of our website or mobile applications, or (ii) an Exocap entity processing your Personal Data is located in the EEA, the following provisions are relevant to you:

  • The controller of your personal data is Exocap Pte. Ltd.
  • The legal basis for processing are Article 6 1(b) of GDPR, whereby we may process your data in order to organise events and Article 6 1(f) of GDPR, whereby we may process your data in order to contact you regarding the request submitted by Exocap’s website contact form, and for our marketing purposes.
  • The recipients of your data may include entities which process personal data on our behalf as long as it is necessary to provide services to us and only to the extent corresponding to that purpose (e.g. Google, Microsoft).
  • Your personal data will be processed for a period of time as follows: a) in case of data processing for the purpose of our legitimate interests – until such legitimate interest exists; b) in case of data processing on for the performance of a contract – for the time necessary to establish, exercise or defence of potential legal claims. We may transfer your data to the USA under Privacy Shield Agreement (Google) and similar standard contractual clauses.
  • You have the right to request access to your data, rectification, removal or limitation of processing, as well as the right to object to processing and the right to transfer your personal data.
  • We use cookies and similar technologies to improve your browsing experience on our website, to provide personalised content, to analyse our website traffic, to understand where our visitors are coming from.
  • By browsing our website, you consent to our use of cookies.

Security

We take reasonable precautions intended to help protect the Personal Data that we collect and store, in accordance with the requirements under the PDPA; however, no system or online transmission of data is completely secure. We cannot guarantee the security of information transmitted to or through the Services. Any transmission is at your own risk. Please use security measures to protect your Personal Data.

Share this post: