Privacy Policy

1.Overview

1.1

We, Penguin Securities Holdings Pte. Ltd., Penguin Securities Pte. Ltd., and Penguin Securities Trading (collectively referred to as the “Group”, and references herein to “we”, “us” and “our” are to the Group), are committed to ensuring the safety and security of personal data.

1.2

The purpose of this Privacy Policy (“Privacy Policy”) is to inform you as to how we manage, collect, use and disclose personal data. In Singapore, such activities are subject to the Personal Data Protection Act 2012 of Singapore (the “PDPA”). We conduct our business in compliance with the PDPA and have implemented various measures to ensure that any personal data we collect, use and/or disclose remains safe and secure.

1.3

Subject to paragraph 1.4 below, your continued access and use of the Group’s website (“Website”) and any associated software [or mobile application] provided by the Group and the products, content, applications and/or services provided in connection thereto (collectively, the “Services”) (collectively, the “Platform”) shall constitute your agreement to our collection, use and/or disclosure of your Personal Data in accordance with this Privacy Policy and the applicable laws.

1.4

If you are a Minor, your parent or legal guardian’s consent shall be required to consent to our collection, use and/or disclosure of your Personal Data.

2.Personal Data

In this Privacy Policy, “Personal Data” refers to any data, whether true or not, about an individual who can be identified from that data, or from that data and other information to which we have or are likely to have access, including data in our records as may be updated from time to time.

3.Collection of Personal Data

3.1

The Personal Data that we may collect may include an individual’s name, email address, phone number, date of birth, residential address, personal identification number, information from the individual’s device or equipment used to access and/or use the Platform (including network activity and IP address) and any other Personal Data necessary for us to provide our services, including access and use of the Platform and/or Services.

3.2

Typically, we will collect Personal Data from users of the Platform (collectively, the “Users” and each a “User”), business contacts, business partners, companies that we may invest in or any other third parties that we work with or from publicly available sources.

4.Use of Personal Data

4.1

We may use and/or disclose Personal Data for:

  • (a)

    providing our products and/or services;

  • (b)

    data analytics;

  • (c)

    internal audits and research;

  • (d)

    security and risk management;

  • (e)

    legal, regulatory and other compliance requirements (including providing assistance to law enforcement, judicial, regulatory or other government agencies and statutory bodies);

  • (f)

    for marketing and advertising, and in this regard, to send you by various modes of communication marketing and promotional information and materials relating to products and/or services (including, without limitation, products and/or services of third parties) that we may be marketing or promoting, whether such products or services exist now or are created in the future;

  • (g)

    handling any reports or complaints received by us against a User;

  • (h)

    other work and business related requirements; and

  • (i)

    any other purposes which we notify you of at the time of obtaining your consent,

(collectively, the “Purposes” and each, a “Purpose”).

4.2

We will not use Personal Data for purposes which we are not permitted to or required under the applicable personal data protection law and regulations.

4.3

Notwithstanding the above, we may collect, use and/or disclose any Personal Data without your consent provided that such collection, use and/or disclosure is in accordance with any applicable laws, including but not limited to the PDPA.

5.Disclosure of Personal Data

5.1

We may share and disclose Personal Data with:

  • (a)

    our partners in connection with the provision of services to our customers;

  • (b)

    partners, licensors, vendors, agents, contractors or third party service providers who provide services to us including but not limited to insurance, consultancy, courier services, telecommunications, IT, payment, printing, billing, payroll processing, technical services, training, market research, call centre, security or other such services to us;

  • (c)

    a complainant;

  • (d)

    in the event of an actual or prospective business asset transaction (such as any merger, acquisition or asset sale), any business partner, investor, assignee, or transferee for the purposes of facilitating such a transaction; and/or

  • (e)

    any relevant government regulators, statutory boards or authorities or law enforcement agencies as required by any laws, rules, guidelines and regulations or schemes imposed by any government to bodies and authorities.

5.2

Personal Data is disclosed to the above only for the Purposes or otherwise in accordance with the applicable personal data protection laws.

5.3

In exceptional circumstances, we may also be required to disclose Personal Data where, amongst others, there are grounds to believe that disclosure is necessary to prevent a threat to life or health, or for law enforcement purposes.

5.4

In some cases, we shall encrypt, anonymize, and aggregate the information before sharing it. Anonymizing means stripping the information of personally identifiable features. Aggregating means presenting the information in groups or segments e.g. age groups.

5.5

We will also ensure that overseas organisations we work with observe strict confidentiality and data protection obligations, and shall ensure that any personal data transferred overseas will be made in accordance with the PDPA.

6.Accuracy and Updating of Personal Data

6.1

We will strive to keep your Personal Data accurate. You will be given the ability to review and update your Personal Data that we have in our possession.

6.2

You should ensure that all Personal Data submitted to us is complete, accurate, true and correct. Further, when you provide us with any Personal Data relating to a third party (including your spouse, children, parents and/or employees), you represent and warrant to us that you have obtained the consent of the third party to provide us with their Personal Data unless otherwise provided in the PDPA.

6.3

If there is any Personal Data relating to you that you are unable to update and which you wish to make corrections to, you may contact our Data Protection Officer (whose contact is set out below) and we will be happy to help you as best as we can.

7.Access to Personal Data and Respecting Individual’s Consent

7.1

If you wish to access the Personal Data that we have relating to you, inquire about the way in which Personal Data relating to you has been used or disclosed by us in the past year, or wish to withdraw your consent to our use of such Personal Data, you may contact our Data Protection Officer (whose contact is set out below) and we will seek to attend to your request as best as we reasonably can. Please note that:

  • (a)

    in order for us to provide any personal data we will need to verify your identity and may request further information about your request;

  • (b)

    we may refuse access to your Personal Data if it would affect the privacy rights of other persons or if it breaches any confidentiality that attaches to that information;

  • (c)

    we may also refuse your request where we are legally permitted to do so and give you such reasons;

  • (d)

    you should be aware that we may take a reasonable time to process your application for access as we may need to retrieve information from storage and review the information in order to determine what information may be provided; and

  • (e)

    we may have to charge you a reasonable administrative fee for retrieving Personal Data relating to you.

7.2

For the avoidance of doubt, if we refuse to grant you access to your Personal Data, we shall preserve a complete and accurate copy of the Personal Data for a period of 30 days after the date which we notify you of our refusal to do so.

8.Security of Personal Data

8.1

Safeguarding and respecting the confidentiality of Personal Data is important to us. We will use our best efforts to protect Personal Data.

8.2

The Personal Data provided to us are stored on secure servers. We also have security measures in place to protect against unauthorized access, loss, misuse and alteration of Personal Data under our possession and/or control. However, to the extent permissible under the applicable laws, we will not be held liable or responsible for any loss, misuse or alteration of Personal Data that may be caused by third parties.

9.Retention of Personal Data

9.1

We will only retain Personal Data for only as long as:

  • (a)

    the retention of the Personal Data continues to serve any Purpose; and

  • (b)

    there is a business or legal need.

9.2

In the event that retention of Personal Data is no longer necessary for any business or legal purposes or when the purpose for which the Personal Data was collected is no longer being served by the retention of the Personal Data, we will remove, destroy or anonymise the Personal Data.

10.Transfer of Personal Data Outside Singapore

10.1

Your Personal Data may be transferred to, stored or processed outside of Singapore.

10.2

We will only transfer your information overseas in accordance with the PDPA and will ensure that overseas organisations we work with observe strict confidentiality and are subject to data protection obligations.

10.3

In particular, we will ensure that the overseas organisations we transfer your Personal Data to will provide a standard of protection comparable to the protection under the PDPA.

11.Breach of Personal Data

In the event of a data breach of your Personal Data (“Breach”), we will promptly conduct an assessment of whether the Breach is notifiable to the Personal Data Protection Commission (“PDPC”) in accordance with the PDPA. If the Breach is notifiable to the PDPC, we will also notify you of the occurrence of the Breach in accordance with the PDPA.

12.Disclosure of personal information policy and procedure of making a complaint

12.1

If you believe that we have breached this Privacy Policy, or any other applicable privacy or data protection laws or regulations which may apply to us, you should make a complaint to us in the first instance. You should address your complaint in writing to our Data Protection Officer (whose contact is set out below), and you should include as much detail as you can about the Personal Data affected, and the circumstances that you believe amount to a breach of this Privacy Policy or the PDPA.

12.2

If you have any questions about our Privacy Policy or concerns about our commitment to your privacy, please feel free to email or write to the Data Protection Officer (whose contact details are set out below).

13.How to contact us

Please feel free to contact our Data Protection Officer at data_protection@penguinsecurities.sg.

14.Changes to the Privacy Policy

We reserve the right to modify and update this Privacy Policy at any time to ensure it is consistent with industry trends and/or any changes in legal or regulatory requirements.

15.Governing Law

This Privacy Policy shall be governed in all respects by the laws of Singapore.

Disclaimer

This website and its contents have not been reviewed by the Monetary Authority of Singapore. The information on this website pertains to Penguin Securities Pte. Ltd. only and does not pertain to Penguin Securities Holding Pte. Ltd. or any other related corporation of Penguin Securities Pte. Ltd., including but not limited to Penguin Securities Trading Pte. Ltd.. Penguin Securities Pte. Ltd. is not currently regulated by the Monetary Authority of Singapore for undertaking any regulated activity, and is currently applying to the Monetary Authority of Singapore to obtain a capital markets services licence under the Securities and Futures Act 2001 to undertake the regulated activity of “dealing in capital markets products”. It is also applying to the Monetary Authority of Singapore to obtain a major payment institution licence under the Payment Services Act 2019 for providing “digital payment token services”. For this reason, Penguin Securities Pte. Ltd. does not currently provide any services to any person, whether in Singapore or outside of Singapore, and the information on this website is for informational purposes only.