Privacy Policy
Welcome to iROO International Pte. Ltd.'s Data Privacy and Personal Data Protection Policy (“Privacy Policy”).
iROO International Pte. Ltd. (“Company”, “we”, “us”) cares deeply about the privacy of its guests and members, and is fully committed to protect their personal information and use it properly in compliance with data protection laws. This policy describes how we may collect and use personal information, and the rights and choices available to our Guests and Members regarding such information.
We strongly urge you to read this policy and make sure you fully understand it, before you access or use any of our services.
Capitalized terms which are not defined herein shall have the meaning ascribed to them in the Terms of Services.
1. What information do we collect?
1.1 Personal Data
“Customer” (“Guest” or “Member”) means an individual who (a) has contacted us through any means to find out more about any goods or services we provide, or (b) may, or has, entered into a contract with us for the supply of any goods or services by us; and
“Personal Data” means data, whether true or not, about a customer who can be identified: (a) from that data; or (b) from that data and other information to which we have or are likely to have access.
Depending on the nature of your interaction with us, some examples of personal data which we may collect from you include name, residential address, email address, telephone number, gender, date of birth and financial information.
1.2 Guest and Member Information
The data the Company collects from our Guest and Member will be stored and processed by the Company's personnel, third party service providers and law enforcement/legal requests. These persons may also be engaged in order to provide the Services to the User, including but not limited to:
- feedback, ratings and compliments;
- transaction information (such as payment method and distance travelled);
- information about how the User interacted with the website (such as features used and content viewed); and
- device information (such as hardware model and serial number, IP address, file names and versions and advertising identifiers, or any information that may provide an indication of the website).
1.3 Users-of-users' Information
The Company may collect, store and process certain Non-personal and Personal Information of Users-of-Users (“Users-of-Users Information”), solely on our Users’ behalf and at their direction. For example, each of our Users is able to import their e-mail contacts from third party services like Gmail, or otherwise collect and manage contacts via their User Website. Such contacts are then stored with the Company, on the User's behalf.
For such purposes, the Company serves and shall be considered as a “Processor” and not as the “Controller” of such Users-of-Users Information. The Users controlling and operating such User Websites shall be considered as the “Controllers” of such Users-of-Users Information, and are responsible for complying with all laws and regulations that may apply to the collection and control of such Users-of-Users Information, including all privacy and data protection laws of all relevant jurisdictions.
You are responsible for the security, integrity and authorised usage of your Users-of-Users’ Personal Information, and for obtaining consents, permissions and providing any fair processing notices required for the collection and usage of such information.
If you are a visitor, user or customer of any of our Users, please read the following: the Company has no direct relationship with the individual Users-of-Users whose Personal Information it processes. If you are a visitor, user or customer of any of our Users, and would like to make any requests or queries regarding your Personal Information, please contact such User(s) directly. For example, if you wish to access, correct, amend, or delete inaccurate information processed by the Company on behalf of its Users, please direct your query to the relevant User (who is the “Controller” of such data). Unless otherwise instructed by our User, we will retain their Users-of-Users’ Personal Information.
1.4 Collection, Use and Disclosure of Personal Data
We generally do not collect your personal data unless (a) it is provided to us voluntarily by you directly or via a third party who has been duly authorised by you to disclose your personal data to us (your “authorised representative”) after (i) you (or your authorised representative) have been notified of the purposes for which the data is collected, and (ii) you (or your authorised representative) have provided written consent to the collection and usage of your personal data for those purposes, or (b) collection and use of personal data without consent is permitted or required by the PDPA or other laws. We shall seek your consent before collecting any additional personal data and before using your personal data for a purpose which has not been notified to you (except where permitted or authorised by law).
We may collect and use your personal data for any or all of the following purposes:
- performing obligations in the course of or in connection with our provision of the goods and/or services requested by you;
- verifying your identity;
- responding to, handling, and processing queries, requests, applications, complaints, and feedback from you;
- managing your relationship with us;
- processing payment or credit transactions;
- complying with any applicable laws, regulations, codes of practice, guidelines, or rules, or to assist in law enforcement and investigations conducted by any governmental and/or regulatory authority;
- any other purposes for which you have provided the information;
- transmitting to any unaffiliated third parties including our third party service providers and agents, and relevant governmental and/or regulatory authorities, whether in Singapore or abroad, for the aforementioned purposes; and
- any other incidental business purposes related to or in connection with the above.
We may disclose your personal data:
- where such disclosure is required for performing obligations in the course of or in connection with our provision of the goods and services requested by you; or
- to third party service providers, agents and other organisations we have engaged to perform any of the functions with reference to the above mentioned purposes.
1.5 Do Not Call (DNC) Provisions
The DNC provisions in the PDPA came into effect in 2014. The Company will not send you any marketing messages or make any marketing calls if you have registered your Singapore telephone number with the respective DNC registries, unless we are allowed to do so under DNC provisions, or other applicable laws and regulations. Do also note that if you have given us consent to send you marketing messages to your Singapore telephone number, we may continue to do so until you withdraw your consent.
1.6 Withdrawal of Consent
Should you wish to cease of receiving our marketing messages, you may do so in the following ways:
- To unsubscribe from our electronic mailing list, follow the unsubscribe instructions in our emails or other electronic marketing materials; or
- If you have an online subscription or membership account with us, you may access your account(s) with us to change your settings; or
- For any other queries regarding our handling of your personal data, you may contact our Data Protection Officer at [email protected]
The consent that you provide for the collection, use and disclosure of your personal data will remain valid until such time it is being withdrawn by you in writing. You may withdraw consent and request us to stop collecting, using and/or disclosing your personal data for any or all of the purposes listed above by submitting your request in writing or via email to our Data Protection Officer at the contact details provided above.
Upon receipt of your written request to withdraw your consent, we may require reasonable time (depending on the complexity of the request and its impact on our relationship with you) for your request to be processed and for us to notify you of the consequences of us acceding to the same, including any legal consequences which may affect your rights and liabilities to us. In general, we shall seek to process your request within ten (10) business days of receiving it.
Whilst we respect your decision to withdraw your consent, please note that depending on the nature and scope of your request, we may not be in a position to continue providing our goods or services to you and we shall, in such circumstances, notify you before completing the processing of your request. Should you decide to cancel your withdrawal of consent, please inform us in writing.
Please note that withdrawing consent does not affect our right to continue to collect, use and disclose personal data where such collection, use and disclose without consent is permitted or required under applicable laws.
1.7 Access to and Correction of Personal Data
If you wish to make (a) an access request for access to a copy of the personal data which we hold about you or information about the ways in which we use or disclose your personal data, or (b) a correction request to correct or update any of your personal data which we hold about you, you may submit your request in writing or via email to our Data Protection Officer at the contact details provided below.
Please note that a reasonable fee may be charged for an access request. If so, we will inform you of the fee before processing your request.
We will respond to your request as soon as reasonably possible. In general, our response will be within thirty (30) business days. Should we not be able to respond to your request within thirty (30) days after receiving your request, we will inform you in writing within thirty (30) days of the time by which we will be able to respond to your request. If we are unable to provide you with any personal data or to make a correction requested by you, we shall generally inform you of the reasons why we are unable to do so (except where we are not required to do so under the PDPA).
1.8 Protection of Personal Data
To safeguard your personal data from unauthorised access, collection, use, disclosure, copying, modification, disposal or similar risks, we have introduced appropriate administrative, physical and technical measures such as minimised collection of personal data, authentication and access controls (such as good password practices, need-to-basis for data disclosure, etc.), data anonymisation, up-to-date antivirus protection, regular patching of operating system and other software, securely erase storage media in devices before disposal, web security measures against risks, usage of one time password(otp)/2 factor authentication (2fa)/multi-factor authentication (mfa) to secure access, and security review and testing performed regularly.
You should be aware, however, that no method of transmission over the Internet or method of electronic storage is completely secure. While security cannot be guaranteed, we strive to protect the security of your information and are constantly reviewing and enhancing our information security measures.
1.9 Accuracy of Personal Data
We generally rely on personal data provided by you (or your authorised representative). In order to ensure that your personal data is current, complete and accurate, please update us if there are changes to your personal data by informing our Data Protection Officer in writing or via email at the contact details provided below.
1.10 Retention of Personal Data
The Company only retains your Personal Data for as long you maintain your membership with us. Once your Personal Data is no longer necessary for the Company’s purposes, or no longer have a legal or business purpose for retaining the User’s Personal Data, the Company shall take steps to prevent access or use of such Personal Data for any purpose other than compliance with this privacy policy, or for purposes of safety, security, fraud prevention and detection.
1.11 Transfers of Personal Data Outside of Singapore
The Company generally do not transfer your personal data to countries outside of Singapore. However, if we do so, we will obtain your consent for the transfer to be made and we will take steps to ensure that your personal data continues to receive a standard of protection that is at least comparable to that provided under the PDPA.
1.12 Data Protection Officer
If you have any enquiries or feedback on our personal data protection policies and procedures, or if you wish to make any request, you may contact our Data Protection Officer at [email protected]
2. Updates and Interpretation
We may update this Privacy Policy as required by applicable law, and to reflect changes to our practices. We trust that you would periodically review this page for the latest information.
Unless stated otherwise, our most current Privacy Policy applies to all information that we have about you, with respect to our Solutions. Your continued use of our services constitutes your acknowledgement and acceptance of such changes.
Cookies and Identifier Policy
Like most websites, iROO International Pte. Ltd. (together with its affiliated companies worldwide – refer to the Terms of Services of the Terms & Conditions - “the Company”, “we” or “us”) uses cookies for a variety of purposes in order to improve your online experience (each, a “Visitor” or “User” (respectively), or “you”). As your privacy is important to us, the Company would like to inform you about which Cookies are used and why the Company uses them.
1. What information do we collect?
1.1 Functional Cookies:
These Cookies ensure that the website operates properly. They are used to save preferences, detect misuse of the website and to distribute the load on our servers, which keeps our Platform available. Certain services you requested cannot be provided without these Cookies.
Web statistics Cookies: these Cookies are used to determine which parts of our Platform visitors are most interested in. This enables us to make the structure, navigation, and content of our Platform as user-friendly as possible. Specifically, these Cookies are used to (i) keep track of the number of visitors to our Platform; (ii) keep track of the amount of time each user spends on our Platform; (iii) determine the order in which a visitor visits the various pages or parts of our Platform; (iv) assess which parts of the Platform need to be changed; and (v) optimise the Platform. Software from third parties (Google Analytics and Optimizely) may be used for these purposes.
Google Analytics uses "performance Cookies" to analyse how you use the Platform. The information generated by the Cookie about your use of the Platform (including your IP address) will be transmitted to and stored by Google on servers.
1.2 Feedback Cookies:
These Cookies are used to share your ideas, questions, ratings, problems and feedback with the Company via the website.
1.3 Advertising Cookies:
The Company may also enable third-party tracking mechanisms to collect data, such as the User's device ID, over time and across unaffiliated websites or applications for use in interest-based advertising. For example, third parties may use the fact that the User visited the website(s) or application(s) to target online ads for our products and services to you on third party websites or applications. In addition, our third-party advertising partners might use information about the User's use of the website to help target third-party advertisements based on your online behavior in general.
The Company or our third-party service providers also may use collected information to establish connections among related web browsers and devices for targeted advertising, analytics, attribution, and reporting purposes. These third parties may match the User's browsers or devices if the User logs into the same online service on multiple devices or if the User's devices share similar attributes that support an inference that they are used by the same person or household. This means that information about the User’s activity on websites or applications on your current browser or device may be combined with information collected from your other browsers or devices.
1.4 Other Cookies:
This category includes Cookies that are not one of the above Cookie categories, yet assists the Company in improving its user online experience for the User.
2. Updates and interpretation
We may update this Cookies and Identifier Policy as required by applicable law, and to reflect changes to our practices. We trust that you would periodically review this page for the latest information.
Unless stated otherwise, our most current Cookies and Identifier Policy applies to all information that we have about you, with respect to our Solutions. Your continued use of our services constitutes your acknowledgement and acceptance of such changes.