隐私政策

DATA PROTECTION NOTICE FOR CUSTOMERS

This Data Protection Notice (“Notice”) contained herein forms part of the Terms and Conditions governing the use of the website (the “Website”) operated by Shermay's Provision Shop Pte Ltd (“SPS”, “we”, “us”, or “our”). Please refer to the Terms and Conditions.

We may collect, use, disclose or otherwise process the Personal Data of our customers (as defined hereinafter) in accordance with the Personal Data Protection Act 2012 (“PDPA”). This Notice applies to Personal Data in our possession or under our control, including Personal Data in the possession of organisations which we have engaged to collect, use, disclose or process Personal Data for our purposes.

By using the Website and/or submitting any information to us, you agree and consent to us collecting, using and processing your Personal Data, and disclosing such Personal Data to our authorised service providers and relevant third parties in the manner set forth in this Notice and/or as may be allowed under the PDPA.

PERSONAL DATA

1. As used in this Notice, the following definitions are used:

“customer”

means an individual who:

(a) has contacted us through any means to find out more about any goods or services we provide; or

(b) may, or has, entered into a contract with us for the supply of any goods or services by us; and

“personal data”

means any data or information about you from which you can be identified either:

(a) from that data; or

(b) from that data and other information to which we have or are likely to have access.

Examples of personal data include but are not limited to the following:

(a) your personal particulars (for example: name, address, date of birth, NRIC);

(b) tax, insurance, and employment details;

(d) details of interactions with us on platforms such as the Website or related mobile applications;

(e) information obtained from mobile device with your consent (e.g., location information); and

(f) your payment related information such as your bank account or credit/debit card information and your credit history

2. Other terms used in this Notice shall have the meanings given to them in the PDPA (where the context so permits).

GENERAL

3. This Notice may be modified at any time at our sole discretion, and such modifications shall be effective immediately upon posting of the modified Notice on the Website. You undertake to periodically review the Notice, and your continued use of the Website and/or the services provided thereunder shall amount to an acceptance of the modified Notice.

4. This Notice supplements but does not supersede nor replace any other consents you may have previously provided to us nor does it affect any rights which we may have at law in connection with the collection, use or disclosure of your personal data.

COLLECTION, USE AND DISCLOSURE OF PERSONAL DATA

5. We generally do not collect your Personal Data unless (a) it is provided to us voluntarily by you directly or via a third party who has been duly authorised by you to disclose your Personal Data to us (your “authorised representative”) after (i) you (or your authorised representative) have been notified of the purposes for which the data is collected, and (ii) you (or your authorised representative) have provided written consent to the collection and usage of your Personal Data for those purposes, or (b) collection and use of Personal Data without consent is permitted or required by the PDPA or other laws. We shall seek your consent before collecting any additional Personal Data and before using your Personal Data for a purpose which has not been notified to you (except where permitted or authorised by law).

6. We may collect your Personal Data in several ways, including but not limited to instances when you:

(a) Contact us for questions, concerns, assistance or queries;

(b) Register for an account with us on the Website;

(d) Participate in a competition, lucky draw or survey

7. We may use your personal data for any of the following purposes including but not limited to:

(a) performing obligations in the course of or in connection with our provision of the goods and/or services requested by you;

(b) verifying your identity;

(d) processing payment or credit transactions;

(e) informing you of any relevant information pertaining to our business and/or pertaining to any services you have signed up for or which may affect you;

(f) conducting market research;

(g) facilitating security and risk management (examples include informing you of service and security issues, conducting checks against money laundering or terrorism financing);

(h) facilitating business asset transactions; and

(i) complying with any applicable laws, regulations, codes of practice, guidelines, or rules, or to assist in law enforcement and investigations conducted by any governmental and/or regulatory authority

8. While you generally use the Website anonymously, we may use cookies and/or other related technologies to collect your personal data. A cookie is a small text file which is placed on your computer and/or mobile device when you visit the Application. Cookies store information about you and your use of the Application. Information that cookies store includes but is not limited to your Internet protocol (IP) address or your usage pattern within the Website.

9. Should you wish to disable cookies, you can do so in the settings of your various devices.

10. We will take every reasonable step to ensure that your personal data is protected against unauthorised disclosures. Nonetheless, do note that we may disclose your Personal Data where such disclosure is reasonably required for performing obligations in the course of and/or in connection with our provision of the goods and services requested by you.

11. Subject to the provisions of any applicable law that we required to comply with, your personal data may be shared with parties such as but not limited to:

(a) business partners and/or vendors (including agents, contractors or third-party service providers) that we work with to deliver services and/functions that are available to you on the Website;

(b) financial institutions for purposes such as facilitating payments;

(d) any potential and/or actual business partner, investor, assignee or transferee to facilitate business asset transactions;

(e) our professional advisors including but not limited to auditors or lawyers;

(f) relevant government regulators or authority or law enforcement agency to comply with any court order, laws or rules and regulations imposed by any governmental authority; and

(g) any other party that you authorise us to disclose your personal data to.

12. We may disclose personal data to our professional advisors (including legal advisors) for establishing, exercising or defending our legal rights or as otherwise authorised or required by law. Further, we may disclose Personal Data, as is necessary, to investigate suspected unlawful activities including but not limited to fraud, intellectual property infringement or privacy.

RELIANCE ON THE LEGITIMATE INTERESTS EXCEPTION

13. In compliance with the PDPA, we may collect, use or disclose your Personal Data without your consent for the legitimate interests of SPS or another person.

14. In relying on the legitimate interests exception of the PDPA, SPS will do the following:

(a) Define the purpose of the collection, use and/or disclosure;

(b) Identify the benefits of said collection, use and/or disclosure;

(d) Determine whether the legitimate interests outweigh any adverse effect.

15. Otherwise, SPS aims to follow the PDPC’s Assessment Checklist for Legitimate Interests Exception (last dated 1 February 2021) in assessing whether it may rely on the legitimate interests exception.

16. In line with the legitimate interests’ exception, we may collect, use or disclose your Personal Data for the following purposes:

(a) Detection and prevention of misuse of services; and

(b) Collection and use of Personal Data on company-issued devices to prevent data loss.

17. The purposes listed in the above clause may continue to apply even in situations where your relationship with us (for example, pursuant to a contract) has been terminated or altered in any way, for a reasonable period thereafter

WITHDRAWING YOUR CONSENT

18. The consent that you provide for the collection, use and disclosure of your Personal Data will remain valid until such time it is being withdrawn by you in writing. You may withdraw consent and request us to stop collecting, using and/or disclosing your Personal Data for any or all of the purposes listed above by submitting your request via email to our Data Protection Officer at the contact details provided below.

19. Upon receipt of your written request to withdraw your consent, we may require reasonable time (depending on the complexity of the request and its impact on our relationship with you) for your request to be processed and for us to notify you of the consequences of us acceding to the same, including any legal consequences which may affect your rights and liabilities to us. In general, we shall seek to process your request within three (3) business days of receiving it.

20. Whilst we respect your decision to withdraw your consent, please note that depending on the nature and scope of your request, we may not be in a position to continue providing our goods or services to you and we shall, in such circumstances, notify you before completing the processing of your request. Should you decide to cancel your withdrawal of consent, please inform us in writing in the manner described in clause 18 above.

21. We reserve the right to verify your identity before proceeding to process any request made by you. In this regard, you agree to furnish us with any necessary information, documents or references before we process any request in respect of your personal data.

22. If your personal data has been provided to us by a third-party, you should contact such party directly to make any queries, feedback, and access and correction requests to us on your behalf.

23. Please note that withdrawing consent does not affect our right to continue to collect, use and disclose Personal Data where such collection, use and disclose without consent is permitted or required under applicable laws.

ACCESS TO AND CORRECTION OF PERSONAL DATA

24. Customers can create accounts on the Website. In doing so, customers undertake to provide accurate, complete and updated registration information.

25. SPS encourages customers to periodically review their account and to update their Personal Data with accurate and current information. Customers may directly update their Personal Data (e.g., name, address, phone number) online through their accounts.

26. Nonetheless, if you wish to make (a) an access request for access to a copy of the Personal Data which we hold about you or information about the ways in which we use or disclose your Personal Data, or (b) a correction request to correct or update any of your Personal Data which we hold about you, you may submit your request via email to our Data Protection Officer at the contact details provided below.

27. Please note that a reasonable fee may be charged for an access request. If so, we will inform you of the fee before processing your request.

28. We will respond to your request as soon as reasonably possible. In general, our response will be within three (3) business days. Should we not be able to respond to your request within thirty (30) days after receiving your request, we will inform you via email within thirty (30) days of the time by which we will be able to respond to your request. If we are unable to provide you with any Personal Data or to make a correction requested by you, we shall generally inform you of the reasons why we are unable to do so (except where we are not required to do so under the PDPA).

PROTECTION OF PERSONAL DATA

29. To safeguard your Personal Data from unauthorised access, collection, use, disclosure, copying, modification, disposal or similar risks, we have introduced appropriate administrative, physical and technical measures such as minimised collection of Personal Data, authentication and access controls (such as good password practices, etc.), up-to-date antivirus protection, and regular patching of operating system and other software.

30. We strive to protect the security of your information. However, no method of transmission over the Internet or method of electronic storage is completely secure. Therefore, we are unable to accept responsibility for, warrant or guarantee the security of information that you may send to or receive from us over the Internet or through other electronic means. As such, to the fullest possible extent allowed by law, SPS disclaims any and all responsibility or liability for any claims, damage, or loss connected to the loss of or unauthorised use of Personal Data.

ACCURACY OF PERSONAL DATA

31. We generally rely on Personal Data provided by you (or your authorised representative). In order to ensure that your Personal Data is current, complete and accurate, please update us if there are changes to your Personal Data by informing our Data Protection Officer via email at the contact details provided below.

RETENTION OF PERSONAL DATA

32. We may retain your Personal Data for as long as it is necessary to fulfil the purpose for which it was collected, or as required or permitted by applicable laws.

33. We will cease to retain your Personal Data, or remove the means by which the data can be associated with you, as soon as it is reasonable to assume that such retention no longer serves the purpose for which the Personal Data was collected, and is no longer necessary for legal or business purposes.

TRANSFERS OF PERSONAL DATA OUTSIDE OF SINGAPORE

34. We generally do not transfer your Personal Data to countries outside of Singapore. However, if we do so, we will obtain your consent for the transfer to be made and we will take steps to ensure that your Personal Data continues to receive a standard of protection that is at least comparable to that provided under the PDPA.

DATA PROTECTION OFFICER

35. You may contact our Data Protection Officer if you have any enquiries or feedback on our Personal Data protection policies and procedures, or if you wish to make any request, in the following manner:

TO: The Data Protection Officer

EMAIL: info@shermay.com

GOVERNING LAW & DISPUTE RESOLUTION

36. The Terms and Conditions shall be governed and construed in accordance with laws of the Republic of Singapore and the Parties hereby submit to the non-exclusive jurisdiction of the Singapore Courts.

37. Where any dispute arises out of or in connection with the Notice, and/or your use of the Website (the “Dispute”), you agree that the parties shall endeavour to use best efforts to amicably resolve said Dispute using mutual consultation, communications or negotiations.

38. If such mutual consultation, communications or negotiations are unable to resolve the Dispute, any such Dispute must be submitted for mediation at the Singapore Mediation Centre (“SMC”) in accordance with SMC’s Mediation Procedure in force for the time being. Either party may submit a request to mediate to SMC upon which the other party will be bound to participate in the mediation within forty-five (45) days thereof. Unless otherwise agreed by the parties, the Mediator will be appointed by SMC. The mediation will take place in Singapore in the English language and the parties agree to be bound by any settlement agreement reached.

Last updated : 29/07/2022

商品已加入购物车